On Mon, Mar 21, 2016 at 07:30:44PM -0400, Cole Robinson wrote: > Add support for SPICE listen over unix socket. This has been in qemu > since v2.3. The XML is: > > <spice socket='/path/to/socket'/> > > Which matches support for VNC listen over unix socket. > > https://bugzilla.redhat.com/show_bug.cgi?id=1151761 > --- > docs/schemas/domaincommon.rng | 5 ++++ > src/conf/domain_conf.c | 26 +++++++++++++-------- > src/conf/domain_conf.h | 1 + > src/qemu/qemu_command.c | 4 +++- > src/qemu/qemu_process.c | 3 +++ > src/security/virt-aa-helper.c | 5 ++++ > .../qemuxml2argv-graphics-spice-unix.args | 21 +++++++++++++++++ > .../qemuxml2argv-graphics-spice-unix.xml | 27 ++++++++++++++++++++++ > tests/qemuxml2argvtest.c | 4 ++++ > 9 files changed, 85 insertions(+), 11 deletions(-) > create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.args > create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.xml > > diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng > index da6de40..4d3f951 100644 > --- a/docs/schemas/domaincommon.rng > +++ b/docs/schemas/domaincommon.rng > @@ -2700,6 +2700,11 @@ > </attribute> > </optional> > <optional> > + <attribute name="socket"> > + <ref name="absFilePath"/> > + </attribute> > + </optional> > + <optional> > <attribute name="passwdValidTo"> > <data type="dateTime"/> > </attribute> > diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c > index d5d9ff7..985d8bd 100644 > --- a/src/conf/domain_conf.c > +++ b/src/conf/domain_conf.c > @@ -1249,6 +1249,7 @@ void virDomainGraphicsDefFree(virDomainGraphicsDefPtr def) > break; > > case VIR_DOMAIN_GRAPHICS_TYPE_SPICE: > + VIR_FREE(def->data.spice.socket); > VIR_FREE(def->data.spice.keymap); > virDomainGraphicsAuthDefClear(&def->data.spice.auth); > break; > @@ -10986,6 +10987,7 @@ virDomainGraphicsDefParseXML(xmlNodePtr node, > def->data.spice.tlsPort = 0; > } > > + def->data.spice.socket = virXMLPropString(node, "socket"); > def->data.spice.keymap = virXMLPropString(node, "keymap"); > > if (virDomainGraphicsAuthDefParseXML(node, &def->data.spice.auth, > @@ -21267,19 +21269,23 @@ virDomainGraphicsDefFormat(virBufferPtr buf, > break; > > case VIR_DOMAIN_GRAPHICS_TYPE_SPICE: > - if (def->data.spice.port) > - virBufferAsprintf(buf, " port='%d'", > - def->data.spice.port); > + if (def->data.spice.socket) { > + virBufferEscapeString(buf, " socket='%s'", def->data.spice.socket); > + } else { > + if (def->data.spice.port) > + virBufferAsprintf(buf, " port='%d'", > + def->data.spice.port); > > - if (def->data.spice.tlsPort) > - virBufferAsprintf(buf, " tlsPort='%d'", > - def->data.spice.tlsPort); > + if (def->data.spice.tlsPort) > + virBufferAsprintf(buf, " tlsPort='%d'", > + def->data.spice.tlsPort); > > - virBufferAsprintf(buf, " autoport='%s'", > - def->data.spice.autoport ? "yes" : "no"); > + virBufferAsprintf(buf, " autoport='%s'", > + def->data.spice.autoport ? "yes" : "no"); > > - if (listenAddr) > - virBufferAsprintf(buf, " listen='%s'", listenAddr); > + if (listenAddr) > + virBufferAsprintf(buf, " listen='%s'", listenAddr); > + } > > if (def->data.spice.keymap) > virBufferEscapeString(buf, " keymap='%s'", > diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h > index 83bdd67..884476d 100644 > --- a/src/conf/domain_conf.h > +++ b/src/conf/domain_conf.h > @@ -1578,6 +1578,7 @@ struct _virDomainGraphicsDef { > bool tlsPortReserved; > int mousemode; > char *keymap; > + char *socket; > virDomainGraphicsAuthDef auth; > bool autoport; > int channels[VIR_DOMAIN_GRAPHICS_SPICE_CHANNEL_LAST]; > diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c > index eb02553..8a5baf5 100644 > --- a/src/qemu/qemu_command.c > +++ b/src/qemu/qemu_command.c > @@ -7411,7 +7411,9 @@ qemuBuildGraphicsSPICECommandLine(virQEMUDriverConfigPtr cfg, > /* TODO: Support ACLs later */ > } > > - if (port > 0 || tlsPort > 0) { > + if (graphics->data.spice.socket) { > + virBufferAsprintf(&opt, "unix,addr=%s,", graphics->data.spice.socket); > + } else if (port > 0 || tlsPort > 0) { > switch (virDomainGraphicsListenGetType(graphics, 0)) { > case VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_ADDRESS: > listenAddr = virDomainGraphicsListenGetAddress(graphics, 0); > diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c > index c332747..6cf993b 100644 > --- a/src/qemu/qemu_process.c > +++ b/src/qemu/qemu_process.c > @@ -3759,6 +3759,9 @@ qemuProcessSPICEAllocatePorts(virQEMUDriverPtr driver, > bool needTLSPort = false; > bool needPort = false; > > + if (graphics->data.spice.socket) > + return 0; > + > if (graphics->data.spice.autoport) { > /* check if tlsPort or port need allocation */ > for (i = 0; i < VIR_DOMAIN_GRAPHICS_SPICE_CHANNEL_LAST; i++) { > diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c > index a2d7226..f46742c 100644 > --- a/src/security/virt-aa-helper.c > +++ b/src/security/virt-aa-helper.c > @@ -1064,6 +1064,11 @@ get_files(vahControl * ctl) > ctl->def->graphics[i]->data.vnc.socket && > vah_add_file(&buf, ctl->def->graphics[i]->data.vnc.socket, "rw")) > goto cleanup; > + > + if (ctl->def->graphics[i]->type == VIR_DOMAIN_GRAPHICS_TYPE_SPICE && > + ctl->def->graphics[i]->data.spice.socket && > + vah_add_file(&buf, ctl->def->graphics[i]->data.spice.socket, "rw")) > + goto cleanup; > } > > if (ctl->def->ngraphics == 1 && > diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.args b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.args > new file mode 100644 > index 0000000..b965ea4 > --- /dev/null > +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.args > @@ -0,0 +1,21 @@ > +LC_ALL=C \ > +PATH=/bin \ > +HOME=/home/test \ > +USER=test \ > +LOGNAME=test \ > +QEMU_AUDIO_DRV=spice \ > +/usr/bin/qemu \ > +-name QEMUGuest1 \ > +-S \ > +-M pc \ > +-m 214 \ > +-smp 1 \ > +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ > +-nodefaults \ > +-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \ > +-no-acpi \ > +-boot c \ > +-spice unix,addr=/tmp/spice.socket \ > +-vga qxl \ > +-global qxl-vga.ram_size=67108864 \ > +-global qxl-vga.vram_size=33554432 > diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.xml > new file mode 100644 > index 0000000..6c6be44 > --- /dev/null > +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-unix.xml > @@ -0,0 +1,27 @@ > +<domain type='qemu'> > + <name>QEMUGuest1</name> > + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> > + <memory unit='KiB'>219136</memory> > + <currentMemory unit='KiB'>219136</currentMemory> > + <vcpu placement='static'>1</vcpu> > + <os> > + <type arch='i686' machine='pc'>hvm</type> > + <boot dev='hd'/> > + </os> > + <clock offset='utc'/> > + <on_poweroff>destroy</on_poweroff> > + <on_reboot>restart</on_reboot> > + <on_crash>destroy</on_crash> > + <devices> > + <emulator>/usr/bin/qemu</emulator> > + <controller type='usb' model='none' index='0'/> > + <controller type='pci' index='0' model='pci-root'/> > + <input type='mouse' bus='ps2'/> > + <input type='keyboard' bus='ps2'/> > + <graphics type='spice' socket='/tmp/spice.socket'/> This is an old way to specify listen type. It would be better to add a new <listen type='socket' socket='/tmp/spice.socket'/>. Actually I'm working on this support and I have my patches almost finished but they depends on this patch series: https://www.redhat.com/archives/libvir-list/2016-March/msg00631.html You can see my progress there: https://github.com/Antique/libvirt/tree/spice-unix-socket > + <video> > + <model type='qxl' ram='65536' vram='32768' vgamem='8192' heads='1'/> > + </video> > + <memballoon model='none'/> > + </devices> > +</domain> > diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c > index 4fac77d..76b64bd 100644 > --- a/tests/qemuxml2argvtest.c > +++ b/tests/qemuxml2argvtest.c > @@ -990,6 +990,10 @@ mymain(void) > QEMU_CAPS_DEVICE_QXL_VGA, > QEMU_CAPS_DEVICE_QXL, > QEMU_CAPS_SPICE_FILE_XFER_DISABLE); > + DO_TEST("graphics-spice-unix", > + QEMU_CAPS_VGA_QXL, > + QEMU_CAPS_SPICE, > + QEMU_CAPS_DEVICE_QXL); > > DO_TEST("input-usbmouse", NONE); > DO_TEST("input-usbtablet", NONE); > -- > 2.5.0 > > -- > libvir-list mailing list > libvir-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list