Re: [Qemu-block] [PATCH 01/67] block: use local path for local headers

On Thu, May 03, 2018 at 10:50:20PM +0300, Michael S. Tsirkin wrote: > When pulling in headers that are in the same directory as C file (as > opposed to one in include/), we should use its relative path, without a > directory. Directory based path works more or less by accident. This commit

Re: [Qemu-block] [Qemu-devel] [PATCH 04/13] qapi: Formalize qcow2 encryption probing

On Wed, May 09, 2018 at 06:55:21PM +0200, Max Reitz wrote: > Currently, you can give no encryption format for a qcow2 file while > still passing a key-secret. That does not conform to the schema, so > this patch changes the schema to allow it. > > Signed-off-by: Max Reitz >

Re: [Qemu-block] [Qemu-devel] [PATCH 05/13] qapi: Formalize qcow encryption probing

On Thu, May 10, 2018 at 09:24:24AM -0500, Eric Blake wrote: > On 05/09/2018 11:55 AM, Max Reitz wrote: > > Currently, you can give no encryption format for a qcow file while still > > passing a key-secret. That does not conform to the schema, so this > > patch changes the schema to allow it. > >

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Mon, May 21, 2018 at 03:29:28PM -0300, Eduardo Habkost wrote: > On Sat, May 19, 2018 at 08:05:06AM +0200, Markus Armbruster wrote: > > Eduardo Habkost writes: > > > > [...] > > > About being more expressive than just a single list of key,value > > > pairs, I don't see any

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Fri, May 18, 2018 at 02:41:33PM -0300, Eduardo Habkost wrote: > On Fri, May 18, 2018 at 06:09:56PM +0100, Daniel P. Berrangé wrote: > > On Fri, May 18, 2018 at 06:30:38PM +0300, Michael S. Tsirkin wrote: > > > Hi! > > > Right now, QEMU supports multiple machine

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Fri, May 18, 2018 at 06:30:38PM +0300, Michael S. Tsirkin wrote: > Hi! > Right now, QEMU supports multiple machine types within > a given architecture. This was the case for many architectures > (like ARM) for a while, somewhat more recently this is the case > for x86 with I440FX and Q35

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Wed, Jun 06, 2018 at 03:45:10PM +0200, Michal Suchánek wrote: > > I think that *if* we want an 'appliance' format that stores a whole VM > in a single file to ease VM distribution then the logical place to look > in qemu is qcow. The reason have been explained at length. I rather disagree.

Re: [Qemu-block] [PATCH v2 04/10] qapi: Formalize qcow2 encryption probing

--- > qapi/block-core.json | 44 > block/qcow2.c| 3 +++ > 2 files changed, 43 insertions(+), 4 deletions(-) Reviewed-by: Daniel P. Berrangé Regards, Daniel -- |: https://berrange.com -o-https://www.flickr.com/p

Re: [Qemu-block] [PATCH v2 05/10] qapi: Formalize qcow encryption probing

changed, 2 insertions(+), 1 deletion(-) Reviewed-by: Daniel P. Berrangé Regards, Daniel -- |: https://berrange.com -o-https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o-https://fstop138.berrange.com :| |: https://entangle-photo.org-o-http

Re: [Qemu-block] [PATCH v2 10/10] iotests: qcow2's encrypt.format is now optional

reasonably fast. > > Signed-off-by: Max Reitz > --- > tests/qemu-iotests/087 | 65 +++--- > tests/qemu-iotests/087.out | 26 ++- > 2 files changed, 64 insertions(+), 27 deletions(-) Reviewed-by: Daniel P. Berrangé Regards, D

Re: [Qemu-block] [Qemu-devel] [PATCH 03/17] iotests: ask qemu for supported formats

On Thu, Jun 07, 2018 at 09:50:41AM +0200, Thomas Huth wrote: > On 07.06.2018 08:57, Markus Armbruster wrote: > > Thomas Huth writes: > > > >> On 05.06.2018 00:40, Eric Blake wrote: > >>> On 06/04/2018 05:34 AM, Thomas Huth wrote: > On 04.06.2018 09:18, Markus Armbruster wrote: > > Roman

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Thu, Jun 07, 2018 at 01:17:24PM +0200, Andrea Bolognani wrote: > On Thu, 2018-06-07 at 11:22 +0100, Daniel P. Berrangé wrote: > > On Thu, Jun 07, 2018 at 12:02:29PM +0200, Andrea Bolognani wrote: > > > While hints might be considered a reasonable fit for qcow2, I think >

Re: [Qemu-block] [Qemu-devel] [PATCH] file-posix: Consolidate the locking error message

On Thu, Jun 07, 2018 at 03:20:24PM +0200, Markus Armbruster wrote: > Daniel P. Berrangé writes: > > > On Fri, Jun 01, 2018 at 05:18:35PM +0800, Fam Zheng wrote: > >> When hot-plugging a block device fails due to image locking errors, > >> users won't see the hel

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Fri, Jun 08, 2018 at 09:21:30AM +0100, Dr. David Alan Gilbert wrote: > * Laszlo Ersek (ler...@redhat.com) wrote: > > On 06/07/18 12:54, Andrea Bolognani wrote: > > > On Thu, 2018-06-07 at 11:36 +0100, Daniel P. Berrangé wrote: > > >> On Thu, Jun 07, 2018 at 11:32:

Re: [Qemu-block] [Qemu-devel] [PATCH 12/18] block-qdict: Clean up qdict_crumple() a bit

On Thu, Jun 14, 2018 at 10:40:58AM +0200, Kevin Wolf wrote: > Am 13.06.2018 um 17:23 hat Markus Armbruster geschrieben: > > Kevin Wolf writes: > > > > > Am 12.06.2018 um 14:58 hat Markus Armbruster geschrieben: > > >> When you mix scalar and non-scalar keys, whether you get an "already > > >>

Re: [Qemu-block] [PATCH 3/6] migration: add support for a "tls-authz" migration parameter

On Fri, Jun 15, 2018 at 06:54:23PM +0100, Dr. David Alan Gilbert wrote: > * Daniel P. Berrangé (berra...@redhat.com) wrote: > > From: "Daniel P. Berrange" > > > > The QEMU instance that runs as the server for the migration data > > transport (ie the targe

Re: [Qemu-block] [Qemu-devel] [PATCH 18/18] rbd: New parameter key-secret

On Tue, Jun 12, 2018 at 02:58:21PM +0200, Markus Armbruster wrote: > Legacy -drive supports "password-secret" parameter that isn't > available with -blockdev / blockdev-add. That's because we backed out > our first try to provide it there due to interface design doubts, in > commit 577d8c9a811,

[Qemu-block] [PATCH 5/6] vnc: allow specifying a custom authorization object name

From: "Daniel P. Berrange" The VNC server has historically had support for ACLs to check both the SASL username and the TLS x509 distinguished name. The VNC server was responsible for creating the initial ACL, and the client app was then responsible for populating it with rules using the HMP

[Qemu-block] [PATCH 6/6] monitor: deprecate acl_show, acl_reset, acl_policy, acl_add, acl_remove

The various ACL related commands are obsolete now that the QAuthZ framework for authorization is fully integrated throughout QEMU network services. Mark it as deprecated with no replacement to be provided. Signed-off-by: Daniel P. Berrangé --- monitor.c | 23 +++ qemu

[Qemu-block] [PATCH 2/6] nbd: allow authorization with nbd-server-start QMP command

From: "Daniel P. Berrange" As with the previous patch to qemu-nbd, the nbd-server-start QMP command also needs to be able to specify authorization when enabling TLS encryption. First the client must create a QAuthZ object instance using the 'object-add' command: { 'execute':

[Qemu-block] [PATCH 3/6] migration: add support for a "tls-authz" migration parameter

From: "Daniel P. Berrange" The QEMU instance that runs as the server for the migration data transport (ie the target QEMU) needs to be able to configure access control so it can prevent unauthorized clients initiating an incoming migration. This adds a new 'tls-authz' migration parameter that is

[Qemu-block] [PATCH 4/6] chardev: add support for authorization for TLS clients

From: "Daniel P. Berrange" Currently any client which can complete the TLS handshake is able to use a chardev server. The server admin can turn on the 'verify-peer' option for the x509 creds to require the client to provide a x509 certificate. This means the client will have to acquire a

[Qemu-block] [PATCH 0/6] Add authorization support to all network services

specific clients, which avoids the need to setup restricted child certificate authorities. In VNC it also allows whitelisting based on SASL user names. Based-on: <20180615154203.11347-1-berra...@redhat.com> Daniel P. Berrangé (6): qemu-nbd: add support for authorization of TLS clients nbd:

Re: [Qemu-block] [PATCH 2/6] nbd: allow authorization with nbd-server-start QMP command

On Tue, Jun 19, 2018 at 03:10:12PM -0500, Eric Blake wrote: > On 06/15/2018 10:50 AM, Daniel P. Berrangé wrote: > > From: "Daniel P. Berrange" > > > > As with the previous patch to qemu-nbd, the nbd-server-start QMP command > > also needs to be able to sp

Re: [Qemu-block] [Qemu-devel] [PATCH] file-posix: Consolidate the locking error message

On Fri, Jun 01, 2018 at 05:18:35PM +0800, Fam Zheng wrote: > When hot-plugging a block device fails due to image locking errors, > users won't see the helpful 'Is another process using the image?' > message in QMP because currently the error hint is not carried over > there. > > Even though

Re: [Qemu-block] [Qemu-devel] [PATCH] file-posix: Consolidate the locking error message

On Fri, Jun 01, 2018 at 09:33:59PM +0800, Fam Zheng wrote: > On Fri, 06/01 13:43, Daniel P. Berrangé wrote: > > On Fri, Jun 01, 2018 at 05:18:35PM +0800, Fam Zheng wrote: > > > When hot-plugging a block device fails due to image locking errors, > > > users won't see the

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Wed, Jun 06, 2018 at 10:36:20AM -0500, Eric Blake wrote: > On 06/06/2018 10:05 AM, Dr. David Alan Gilbert wrote: > > > > If that's the issue, add a UUID to qcow2 files and reference it from the > > > config file. > > > > Is a UUID a small string :-) > > Even better, it's something that you

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Wed, Jun 06, 2018 at 11:14:32AM -0300, Eduardo Habkost wrote: > On Wed, Jun 06, 2018 at 02:50:10PM +0100, Daniel P. Berrangé wrote: > > On Wed, Jun 06, 2018 at 03:45:10PM +0200, Michal Suchánek wrote: > > > > > > I think that *if* we want an 'appliance' fo

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Wed, Jun 06, 2018 at 03:31:35PM +0100, Dr. David Alan Gilbert wrote: > > Not in this case because it'd still be a flat qcow2 file in a simple tar > > archive. > > > > But you're right if we had a more complex format (like chunks stored in > > a tar file). > > My only problem with using the

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Thu, Jun 07, 2018 at 12:02:29PM +0200, Andrea Bolognani wrote: > On Wed, 2018-06-06 at 17:32 +0100, Daniel P. Berrangé wrote: > > On Wed, Jun 06, 2018 at 10:36:20AM -0500, Eric Blake wrote: > > > But for the new config to be useful, you have to modify at least one tool >

Re: [Qemu-block] [Qemu-devel] storing machine data in qcow images?

On Thu, Jun 07, 2018 at 11:32:18AM +0100, Richard W.M. Jones wrote: > On Thu, Jun 07, 2018 at 12:02:29PM +0200, Andrea Bolognani wrote: > > Something that I haven't seen mentioned in the thread - and this > > looks like as good a point as any to jump in - is that for q35 > > guests using EFI as

Re: [Qemu-block] [PATCH v5] crypto: Implement TLS Pre-Shared Keys (PSK).

On Thu, Jun 28, 2018 at 07:46:24PM +0100, Richard W.M. Jones wrote: > diff --git a/crypto/tlssession.c b/crypto/tlssession.c > index 96a02deb69..50df64e0a9 100644 > --- a/crypto/tlssession.c > +++ b/crypto/tlssession.c > @@ -21,6 +21,7 @@ > #include "qemu/osdep.h" > #include

Re: [Qemu-block] [PATCH v5] crypto: Implement TLS Pre-Shared Keys (PSK).

On Fri, Jun 29, 2018 at 06:40:29PM +0100, Richard W.M. Jones wrote: > On Fri, Jun 29, 2018 at 06:03:43PM +0100, Daniel P. Berrangé wrote: > > On Thu, Jun 28, 2018 at 07:46:24PM +0100, Richard W.M. Jones wrote: > > > diff --git a/crypto/tlssession.c b/crypto/tlssession.c >

Re: [Qemu-block] [PATCH v5] crypto: Implement TLS Pre-Shared Keys (PSK).

On Mon, Jul 02, 2018 at 06:54:41AM -0500, Eric Blake wrote: > On 07/02/2018 02:52 AM, Daniel P. Berrangé wrote: > > > > > > +#define TLS_PRIORITY_ADDITIONAL_ANON "+ANON-DH" > > > > > +#define TLS_PRIORITY_ADDITIONAL_PSK "+ECDHE-PSK:+DHE-PSK:+PS

Re: [Qemu-block] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jun 22, 2018 at 07:54:00PM +0200, Kevin Wolf wrote: > Am 22.06.2018 um 17:40 hat Daniel P. Berrangé geschrieben: > > On Fri, Jun 22, 2018 at 04:25:13PM +0200, Kevin Wolf wrote: > > > This was in fact one release longer than our deprecation policy says. > >

Re: [Qemu-block] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jun 22, 2018 at 04:25:13PM +0200, Kevin Wolf wrote: > Am 22.06.2018 um 15:36 hat Christian Borntraeger geschrieben: > > > > > > On 06/22/2018 02:55 PM, Kevin Wolf wrote: > > > Am 22.06.2018 um 13:38 hat Christian Borntraeger geschrieben: > > >> > > >> On 06/15/2018 04:21 PM, Kevin Wolf

Re: [Qemu-block] [Qemu-devel] [PATCH] usb-storage: Add rerror/werror properties

On Tue, Jun 26, 2018 at 10:48:10AM +0200, Paolo Bonzini wrote: > On 26/06/2018 10:35, Markus Armbruster wrote: > > We also want to deprecate usb-storage, but > > I guess we're still not ready for that (it's a complicated story). > > > > To deprecate -drive without also deprecating usb-storage, we

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jun 22, 2018 at 03:31:46PM +0100, Daniel P. Berrangé wrote: > On Fri, Jun 22, 2018 at 04:25:13PM +0200, Kevin Wolf wrote: > > Am 22.06.2018 um 15:36 hat Christian Borntraeger geschrieben: > > > > > > > > > On 06/22/2018 02:55 PM, Kevin Wolf wrote

Re: [Qemu-block] [Qemu-devel] [libvirt] [PULL 25/26] block: Remove deprecated -drive option serial

On Mon, Jun 25, 2018 at 10:23:03AM +0200, Thomas Huth wrote: > On 25.06.2018 09:16, Peter Krempa wrote: > > On Fri, Jun 22, 2018 at 14:55:02 +0200, Kevin Wolf wrote: > >> Am 22.06.2018 um 13:38 hat Christian Borntraeger geschrieben: > >>> > >>> On 06/15/2018 04:21 PM, Kevin Wolf wrote: > The

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jun 22, 2018 at 03:36:50PM +0200, Christian Borntraeger wrote: > > > On 06/22/2018 02:55 PM, Kevin Wolf wrote: > > Am 22.06.2018 um 13:38 hat Christian Borntraeger geschrieben: > >> > >> On 06/15/2018 04:21 PM, Kevin Wolf wrote: > >>> The -drive option serial was deprecated in QEMU 2.10.

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jun 22, 2018 at 04:19:29PM +0200, Markus Armbruster wrote: > Kevin Wolf writes: > > > Am 22.06.2018 um 13:38 hat Christian Borntraeger geschrieben: > >> > >> On 06/15/2018 04:21 PM, Kevin Wolf wrote: > >> > The -drive option serial was deprecated in QEMU 2.10. It's time to > >> > remove

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jun 22, 2018 at 03:25:19PM +0100, Daniel P. Berrangé wrote: > On Fri, Jun 22, 2018 at 04:19:29PM +0200, Markus Armbruster wrote: > > Kevin Wolf writes: > > > > > Am 22.06.2018 um 13:38 hat Christian Borntraeger geschrieben: > > >> > > &

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jun 22, 2018 at 04:25:13PM +0200, Kevin Wolf wrote: > Am 22.06.2018 um 15:36 hat Christian Borntraeger geschrieben: > > > > > > On 06/22/2018 02:55 PM, Kevin Wolf wrote: > > > Am 22.06.2018 um 13:38 hat Christian Borntraeger geschrieben: > > >> > > >> On 06/15/2018 04:21 PM, Kevin Wolf

Re: [Qemu-block] [PATCH 5/6] vnc: allow specifying a custom authorization object name

On Fri, Jun 15, 2018 at 04:51:02PM +0100, Daniel P. Berrangé wrote: > From: "Daniel P. Berrange" > > The VNC server has historically had support for ACLs to check both the > SASL username and the TLS x509 distinguished name. The VNC server was > responsible for

Re: [Qemu-block] [PATCH 1/6] qemu-nbd: add support for authorization of TLS clients

On Tue, Jun 19, 2018 at 03:06:06PM -0500, Eric Blake wrote: > On 06/15/2018 10:50 AM, Daniel P. Berrangé wrote: > > From: "Daniel P. Berrange" > > > > Currently any client which can complete the TLS handshake is able to use > > the NBD server. The serv

Re: [Qemu-block] [PATCH v6] crypto: Implement TLS Pre-Shared Keys (PSK).

ypto-tls-psk-helpers.c | 50 ++ > tests/crypto-tls-psk-helpers.h | 29 > tests/test-crypto-tlssession.c | 185 +--- > 11 files changed, 777 insertions(+), 26 deletions(-) Signed-off-by: Daniel P. Berrangé I'll send a pull request with it shortly Regards, Daniel

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Tue, Jul 03, 2018 at 01:32:29PM +0200, Kevin Wolf wrote: > Am 03.07.2018 um 13:22 hat Daniel P. Berrangé geschrieben: > > On Tue, Jul 03, 2018 at 12:53:44PM +0200, Christian Borntraeger wrote: > > > > > > > > > On 07/02/2018 10:04 AM, Kevin Wolf wrote: >

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Tue, Jul 03, 2018 at 12:53:44PM +0200, Christian Borntraeger wrote: > > > On 07/02/2018 10:04 AM, Kevin Wolf wrote: > > Am 25.06.2018 um 13:45 hat Peter Krempa geschrieben: > >> On Mon, Jun 25, 2018 at 13:41:06 +0200, Kevin Wolf wrote: > >>> Am 25.06.

Re: [Qemu-block] [PATCH v2] qemu-io: fix EOF Ctrl-D handling in qemu-io readline code

ping, does any block maintainer want to queue this one ? On Fri, Dec 08, 2017 at 01:34:16PM +, Daniel P. Berrange wrote: > qemu-io puts the TTY into non-canonical mode, which means no EOF processing is > done and thus getchar() will never return the EOF constant. Instead we have to > query

Re: [Qemu-block] Fwd: [RFC 2/4] qemu-socket: Allow custom socket options in socket_connect

On Wed, Jan 31, 2018 at 11:20:16PM +0800, Zihan Yang wrote: > Hi, Daniel > > >You've added all this extra functionality to pass arbitrary > >options, but then not used it in any of the later patches. > >We've been trying to remove complexity from this code, so > >I'm not in favour of adding new

Re: [Qemu-block] [PATCH] iotests: 205: support only raw format

On Mon, Feb 05, 2018 at 09:40:20AM -0600, Eric Blake wrote: > On 02/05/2018 06:50 AM, Vladimir Sementsov-Ogievskiy wrote: > > The test is about qmp interface to NBD server, so there no reasons > > to run it for various disk formats. Also it actually do not support > > luks format, so, disable all

Re: [Qemu-block] [RFC 2/4] qemu-socket: Allow custom socket options in socket_connect

On Tue, Jan 30, 2018 at 03:13:42AM +0800, Zihan Yang wrote: > Currently, socket_connect doesn't allow custom socket options, > which is inconvenient when the caller wants a different kind of > socket from that the socket_connect provides. This patch allows > custom config in socket_connect by

Re: [Qemu-block] [PATCH] iotests: 205: support luks format

On Tue, Feb 06, 2018 at 08:57:38PM +0300, Vladimir Sementsov-Ogievskiy wrote: > 06.02.2018 20:29, Daniel P. Berrangé wrote: > > On Tue, Feb 06, 2018 at 08:16:42PM +0300, Vladimir Sementsov-Ogievskiy > > wrote: > > > Support default luks options in VM.add_drive and in ne

Re: [Qemu-block] [PATCH] iotests: 205: support luks format

On Tue, Feb 06, 2018 at 08:16:42PM +0300, Vladimir Sementsov-Ogievskiy wrote: > Support default luks options in VM.add_drive and in new library > function qemu_img_create. Use it in 205 iotests. > > Signed-off-by: Vladimir Sementsov-Ogievskiy > --- > > instead of >

[Qemu-block] [PATCH] block: include original filename when reporting invalid URIs

ster", "path": "luks.qcow2", "server.0.type": "tcp", "server.0.port": "24007", "volume": "gv0"} Of course the root cause problem still exists, but now we know what actually needs fixing. Signed-off-by: Daniel P.

Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

On Mon, Feb 12, 2018 at 10:58:31AM +0100, Paolo Bonzini wrote: > On 10/02/2018 00:07, John Snow wrote: > >> +/* Early check to avoid creating target */ > >> +if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_MIRROR_SOURCE, errp)) { > >> +return; > >> +} > >> + > >> aio_context =

Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

On Mon, Feb 12, 2018 at 01:42:11PM +0100, Kevin Wolf wrote: > Am 12.02.2018 um 11:02 hat Daniel P. Berrangé geschrieben: > > On Mon, Feb 12, 2018 at 10:58:31AM +0100, Paolo Bonzini wrote: > > > On 10/02/2018 00:07, John Snow wrote: > > > >> +/* Ear

[Qemu-block] [PATCH v3] qemu-io: fix EOF Ctrl-D handling in qemu-io readline code

From: "Daniel P. Berrange" qemu-io puts the TTY into non-canonical mode, which means no EOF processing is done and thus getchar() will never return the EOF constant. Instead we have to query the TTY attributes to determine the configured EOF character (usually Ctrl-D / 0x4),

Re: [Qemu-block] [Qemu-devel] [PATCH v2] qemu-io: fix EOF Ctrl-D handling in qemu-io readline code

Re-ping. On Thu, Jan 25, 2018 at 05:05:01PM +, Daniel P. Berrangé wrote: > ping, does any block maintainer want to queue this one ? > > On Fri, Dec 08, 2017 at 01:34:16PM +, Daniel P. Berrange wrote: > > qemu-io puts the TTY into non-canonical mode, which means no

Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] Add save-snapshot, load-snapshot and delete-snapshot to QAPI

On Tue, Feb 13, 2018 at 11:43:55AM +, Dr. David Alan Gilbert wrote: > * Kevin Wolf (kw...@redhat.com) wrote: > > Am 11.01.2018 um 14:04 hat Daniel P. Berrange geschrieben: > > > On Thu, Jan 11, 2018 at 01:46:38PM +0100, Max Reitz wrote: > > > > On 2018-01-08 14:52, Eric Blake wrote: > > > > >

Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] Add save-snapshot, load-snapshot and delete-snapshot to QAPI

On Tue, Feb 13, 2018 at 02:20:00PM +0100, Kevin Wolf wrote: > Am 13.02.2018 um 12:51 hat Daniel P. Berrangé geschrieben: > > On Tue, Feb 13, 2018 at 11:43:55AM +, Dr. David Alan Gilbert wrote: > > > * Kevin Wolf (kw...@redhat.com) wrote: > > > > Am 11.01.2018 u

Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] Add save-snapshot, load-snapshot and delete-snapshot to QAPI

On Tue, Feb 13, 2018 at 03:43:10PM +0100, Kevin Wolf wrote: > Am 13.02.2018 um 15:30 hat Roman Kagan geschrieben: > > On Tue, Feb 13, 2018 at 11:50:24AM +0100, Kevin Wolf wrote: > > > Am 11.01.2018 um 14:04 hat Daniel P. Berrange geschrieben: > > > > Then you could just use the regular migrate QMP

Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] Add save-snapshot, load-snapshot and delete-snapshot to QAPI

On Tue, Feb 13, 2018 at 04:23:21PM +0100, Kevin Wolf wrote: > Am 13.02.2018 um 15:58 hat Daniel P. Berrangé geschrieben: > > On Tue, Feb 13, 2018 at 03:43:10PM +0100, Kevin Wolf wrote: > > > Am 13.02.2018 um 15:30 hat Roman Kagan geschrieben: > > > > On Tue, Feb 13, 2

Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] Add save-snapshot, load-snapshot and delete-snapshot to QAPI

On Tue, Feb 13, 2018 at 03:45:21PM +0100, Kevin Wolf wrote: > Am 13.02.2018 um 15:36 hat Daniel P. Berrangé geschrieben: > > On Tue, Feb 13, 2018 at 05:30:02PM +0300, Roman Kagan wrote: > > > On Tue, Feb 13, 2018 at 11:50:24AM +0100, Kevin Wolf wrote: > > > > Am 11

Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] Add save-snapshot, load-snapshot and delete-snapshot to QAPI

On Tue, Feb 13, 2018 at 05:30:02PM +0300, Roman Kagan wrote: > On Tue, Feb 13, 2018 at 11:50:24AM +0100, Kevin Wolf wrote: > > Am 11.01.2018 um 14:04 hat Daniel P. Berrange geschrieben: > > > Then you could just use the regular migrate QMP commands for loading > > > and saving snapshots. > > > >

Re: [Qemu-block] [Qemu-devel] Limiting coroutine stack usage

On Thu, Feb 22, 2018 at 01:02:05PM +0100, Peter Lieven wrote: > Am 22.02.2018 um 13:00 schrieb Daniel P. Berrangé: > > On Thu, Feb 22, 2018 at 12:51:58PM +0100, Peter Lieven wrote: > >> Am 22.02.2018 um 12:40 schrieb Daniel P. Berrangé: > >>> On Thu, Feb 22, 2018 a

Re: [Qemu-block] [Qemu-devel] Limiting coroutine stack usage

On Thu, Feb 22, 2018 at 01:06:33PM +0100, Peter Lieven wrote: > Am 22.02.2018 um 13:03 schrieb Daniel P. Berrangé: > > On Thu, Feb 22, 2018 at 01:02:05PM +0100, Peter Lieven wrote: > >> Am 22.02.2018 um 13:00 schrieb Daniel P. Berrangé: > >>> On Thu, Feb 22, 2018 at

Re: [Qemu-block] [Qemu-devel] Limiting coroutine stack usage

On Thu, Feb 22, 2018 at 12:32:04PM +0100, Kevin Wolf wrote: > Am 22.02.2018 um 12:01 hat Peter Lieven geschrieben: > > Am 22.02.2018 um 11:57 schrieb Kevin Wolf: > > > Am 20.02.2018 um 22:54 hat Paolo Bonzini geschrieben: > > >> On 20/02/2018 18:04, Peter Lieven wrote: > > >>> Hi, > > >>> > > >>>

Re: [Qemu-block] [Qemu-devel] Limiting coroutine stack usage

On Thu, Feb 22, 2018 at 12:51:58PM +0100, Peter Lieven wrote: > Am 22.02.2018 um 12:40 schrieb Daniel P. Berrangé: > > On Thu, Feb 22, 2018 at 12:32:04PM +0100, Kevin Wolf wrote: > >> Am 22.02.2018 um 12:01 hat Peter Lieven geschrieben: > >>> Am 22.02.2018 um 11:57

Re: [Qemu-block] [PATCH] block: implement the bdrv_reopen_prepare helper for LUKS driver

Ping, can this be queued in the block tree, since it appears the no-op impl is ok ? On Thu, Jan 18, 2018 at 10:31:43AM +, Daniel P. Berrange wrote: > If the bdrv_reopen_prepare helper isn't provided, the qemu-img commit > command fails to re-open the base layer after committing changes into >

Re: [Qemu-block] [PATCH v2 1/6] qemu-nbd: add support for authorization of TLS clients

On Wed, Jun 20, 2018 at 08:58:40AM -0500, Eric Blake wrote: > On 06/20/2018 07:14 AM, Daniel P. Berrangé wrote: > > From: "Daniel P. Berrange" > > > > Currently any client which can complete the TLS handshake is able to use > > the NBD server. The serv

[Qemu-block] [PATCH v2 1/6] qemu-nbd: add support for authorization of TLS clients

From: "Daniel P. Berrange" Currently any client which can complete the TLS handshake is able to use the NBD server. The server admin can turn on the 'verify-peer' option for the x509 creds to require the client to provide a x509 certificate. This means the client will have to acquire a

[Qemu-block] [PATCH v2 5/6] vnc: allow specifying a custom authorization object name

From: "Daniel P. Berrange" The VNC server has historically had support for ACLs to check both the SASL username and the TLS x509 distinguished name. The VNC server was responsible for creating the initial ACL, and the client app was then responsible for populating it with rules using the HMP

[Qemu-block] [PATCH v2 0/6] Add authorization support to all network services

parameters on services - Fix 2.13 -> 3.0 version tags - Remove redundant conditionals around g_strdup - Fix arg syntax for qemu-nbd s/-/--/ - Remove QAPI (optional) annotation - Fix some outdated usage example Based-on: <20180620103555.1342-1-berra...@redhat.com> Daniel P. Berrangé (6

Re: [Qemu-block] [PATCH v2 2/6] nbd: allow authorization with nbd-server-start QMP command

On Wed, Jun 20, 2018 at 09:05:32AM -0500, Eric Blake wrote: > On 06/20/2018 07:14 AM, Daniel P. Berrangé wrote: > > From: "Daniel P. Berrange" > > I thought you preferred the UTF-8 accent in your Author lines these days? > Or is this because this patch has been sitti

[Qemu-block] [PATCH v2 4/6] chardev: add support for authorization for TLS clients

From: "Daniel P. Berrange" Currently any client which can complete the TLS handshake is able to use a chardev server. The server admin can turn on the 'verify-peer' option for the x509 creds to require the client to provide a x509 certificate. This means the client will have to acquire a

[Qemu-block] [PATCH v2 3/6] migration: add support for a "tls-authz" migration parameter

From: "Daniel P. Berrange" The QEMU instance that runs as the server for the migration data transport (ie the target QEMU) needs to be able to configure access control so it can prevent unauthorized clients initiating an incoming migration. This adds a new 'tls-authz' migration parameter that is

[Qemu-block] [PATCH v2 6/6] monitor: deprecate acl_show, acl_reset, acl_policy, acl_add, acl_remove

-authz' parameters to the VNC server, and equivalent for other network services. Signed-off-by: Daniel P. Berrangé --- monitor.c | 23 +++ qemu-doc.texi | 8 2 files changed, 31 insertions(+) diff --git a/monitor.c b/monitor.c index 07d14f53f9..cbcfbf912b 100644

[Qemu-block] [PATCH v2 2/6] nbd: allow authorization with nbd-server-start QMP command

From: "Daniel P. Berrange" As with the previous patch to qemu-nbd, the nbd-server-start QMP command also needs to be able to specify authorization when enabling TLS encryption. First the client must create a QAuthZ object instance using the 'object-add' command: { 'execute':

Re: [Qemu-block] [PATCH v2 1/6] qemu-nbd: add support for authorization of TLS clients

On Wed, Jun 20, 2018 at 03:22:53PM +0100, Dr. David Alan Gilbert wrote: > * Daniel P. Berrangé (berra...@redhat.com) wrote: > > From: "Daniel P. Berrange" > > > > Currently any client which can complete the TLS handshake is able to use > > the NBD server. The

Re: [Qemu-block] [PATCH 6/6] monitor: deprecate acl_show, acl_reset, acl_policy, acl_add, acl_remove

On Tue, Jun 19, 2018 at 01:31:40PM +0100, Dr. David Alan Gilbert wrote: > * Daniel P. Berrangé (berra...@redhat.com) wrote: > > The various ACL related commands are obsolete now that the QAuthZ > > framework for authorization is fully integrated throughout QEMU network >

Re: [Qemu-block] [Qemu-devel] [PATCH v3 3/5] qcow2: Introduce an option for sufficient L2 cache for the entire image

On Wed, Jul 25, 2018 at 06:23:45PM +0300, Leonid Bloch wrote: > On 07/25/2018 04:32 PM, Kevin Wolf wrote: > > > Another interesting question is whether 'full' shouldn't keep > > > meaning > > > full throughout the lifetime of the BlockDriverState, i.e. > > > should it > > >

Re: [Qemu-block] [Qemu-devel] [RFC PATCH] rbd: Don't convert keypairs to JSON and back

On Wed, Jul 25, 2018 at 10:56:48AM -0500, Eric Blake wrote: > On 07/25/2018 10:10 AM, Markus Armbruster wrote: > > qemu_rbd_parse_filename() builds a keypairs QList, converts it to JSON, and > > stores the resulting QString in a QDict. > > > > qemu_rbd_co_create_opts() and qemu_rbd_open() get the

[Qemu-block] [PATCH] qemu-img: fix regression copying secrets during convert

d392 Author: Kevin Wolf Date: Thu Jan 11 16:18:08 2018 +0100 qcow2: Use visitor for options in qcow2_create() Exposing the latent bug in qemu-img. This fix simply moves the copying of secrets to before the bdrv_create() call. Signed-off-by: Daniel P. Berrangé

[Qemu-block] [PATCH v2] qemu-img: fix regression copying secrets during convert

d392 Author: Kevin Wolf Date: Thu Jan 11 16:18:08 2018 +0100 qcow2: Use visitor for options in qcow2_create() Exposing the latent bug in qemu-img. This fix simply moves the copying of secrets to before the bdrv_create() call. Signed-off-by: Daniel P. Berrangé

Re: [Qemu-block] [PATCH] qemu-img: fix regression copying secrets during convert

On Tue, Aug 14, 2018 at 01:38:24PM +0200, Kevin Wolf wrote: > Am 14.08.2018 um 11:35 hat Daniel P. Berrangé geschrieben: > > When the convert command is creating an output file that needs > > secrets, we need to ensure those secrets are passed to both the > > blk_new_open and

Re: [Qemu-block] [kubevirt-dev] Re: Converting qcow2 image on the fly to raw format

On Thu, Jul 19, 2018 at 09:50:00PM +0300, Nir Soffer wrote: > On Mon, Jul 16, 2018 at 11:56 AM Daniel P. Berrangé > wrote: > ... > > > Recommendation is to run 'qemu-img info' to extract the metadata and sanity > > check results eg no backing file list, not unre

Re: [Qemu-block] [kubevirt-dev] Re: Converting qcow2 image on the fly to raw format

On Thu, Jul 19, 2018 at 09:39:35PM +0100, Richard W.M. Jones wrote: > I did the original work using AFL to fuzz qemu-img and find > problematic images. From that work Dan & I suggested some fairly low > limits (10 seconds IIRC). See: > > https://bugs.launchpad.net/qemu/+bug/1462944 >

Re: [Qemu-block] [PATCH for-3.1] qemu-iotests: Adapt to moved location of StringIO module in py3

ebug: > output = sys.stdout > verbosity = 2 > sys.argv.remove('-d') > else: > -output = StringIO.StringIO() > +output = StringIO() > > logging.basicConfig(level=(logging.DEBUG if debug else logging.WARN)) Reviewed-by: Daniel

Re: [Qemu-block] qemu-iotests: workaround to avoid Python3 while running tests on Fedora Docker image

On Tue, Jul 17, 2018 at 08:37:58PM -0300, Philippe Mathieu-Daudé wrote: > I noticed this while running "make docker-test-block@fedora": > > $ make docker-test-block@fedora NETWORK=1 > BUILD fedora > RUN test-block in qemu:fedora > Configure options: > --enable-werror

Re: [Qemu-block] [Qemu-devel] [libvirt] [PULL 25/26] block: Remove deprecated -drive option serial

On Thu, Jul 12, 2018 at 05:47:00PM +0200, Thomas Huth wrote: > On 12.07.2018 08:32, Markus Armbruster wrote: > > Daniel P. Berrangé writes: > [...] > >> For libvirt, I think whenever something is proposed for deprecation > >> we could just CC libvir-list, or

Re: [Qemu-block] [kubevirt-dev] Re: Converting qcow2 image on the fly to raw format

On Wed, Jul 11, 2018 at 02:17:18PM +0300, Adam Litke wrote: > Adding some kubevirt developers to the thread. Thanks guys for the > information! I think this could work perfectly for on the fly conversion > of qcow2 images to raw format on our PVCs. FYI if you are intending to accept qcow2

Re: [Qemu-block] [Qemu-devel] [PATCH] qemu-iotests: Use host_device instead of file in 149

On Mon, Jul 23, 2018 at 03:53:45PM +0200, Kevin Wolf wrote: > Am 13.07.2018 um 20:12 hat John Snow geschrieben: > > > > > > On 07/13/2018 03:10 AM, Kevin Wolf wrote: > > > The test case uses block devices with driver=file, which causes the test > > > to fail after commit 230ff73904 added a

Re: [Qemu-block] [Qemu-devel] [libvirt] [PULL 25/26] block: Remove deprecated -drive option serial

On Tue, Jul 10, 2018 at 05:01:22PM +0200, Cornelia Huck wrote: > Who is, in general, testing which libvirt version? I can think of: > - libvirt developers, which will probably run libvirt current git, but > more likely a released QEMU? In general libvirt devs tend to run a mixture of whatever

Re: [Qemu-block] [libvirt] [Qemu-devel] [PULL 25/26] block: Remove deprecated -drive option serial

On Tue, Jul 10, 2018 at 04:09:38PM +0100, Peter Maydell wrote: > On 10 July 2018 at 15:22, Cornelia Huck wrote: > > On Tue, 10 Jul 2018 07:59:15 +0200 > > Markus Armbruster wrote: > > > >> In addition to actively pulling libvirt developers into review of > >> deprecation patches, we should

Re: [Qemu-block] [Qemu-devel] [libvirt] [PULL 25/26] block: Remove deprecated -drive option serial

On Fri, Jul 06, 2018 at 04:56:46PM +0200, Kevin Wolf wrote: > Am 06.07.2018 um 13:11 hat Cornelia Huck geschrieben: > > On Wed, 4 Jul 2018 17:14:02 +0100 > > Peter Maydell wrote: > > > > > On 4 July 2018 at 14:34, Kevin Wolf wrote: > > > > Essentially, what is important to me isn't getting

Re: [Qemu-block] [Qemu-devel] [libvirt] [PULL 25/26] block: Remove deprecated -drive option serial

On Mon, Jul 09, 2018 at 01:08:38PM +0200, Cornelia Huck wrote: > On Mon, 09 Jul 2018 08:33:05 +0200 > Markus Armbruster wrote: > > > Peter Maydell writes: > > > > > On 6 July 2018 at 15:56, Kevin Wolf wrote: > > >> Am 06.07.2018 um 13:11 hat Cornelia Huck geschrieben: > > >>> That way, we

Re: [Qemu-block] [Qemu-devel] [PATCH] block/crypto: Fix memory leak in create error path

0) { > -return ret; > +goto fail; > } > > bs = bdrv_open(filename, NULL, NULL, Reviewed-by: Daniel P. Berrangé Regards, Daniel -- |: https://berrange.com -o-https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o-https

Re: [Qemu-block] [Qemu-devel] [libvirt] [PULL 25/26] block: Remove deprecated -drive option serial

On Wed, Jul 04, 2018 at 03:34:40PM +0200, Kevin Wolf wrote: > Am 04.07.2018 um 15:02 hat Cornelia Huck geschrieben: > > On Tue, 3 Jul 2018 13:32:29 +0200 > > Kevin Wolf wrote: > > > > > > > > Has serial/gemoetry been fixed meanwhile and will it make it into > > > > > > the > > > > > > next

Re: [Qemu-block] [Qemu-devel] [PATCH v4 00/37] x-blockdev-create for protocols and qcow2

On Wed, Mar 07, 2018 at 07:59:09PM +0100, Kevin Wolf wrote: > This series implements a minimal QMP command that allows to create an > image file on the protocol level or an image format on a given block > node. > > Eventually, the interface is going to change to some kind of an async > command

  1   2   3   4   5   6   7   8   9   10   >