v3: http://www.redhat.com/archives/libvir-list/2016-June/msg01094.html Yes, I know another long series, but there are some duplicates with the LUKS series: http://www.redhat.com/archives/libvir-list/2016-June/msg01691.html In particular: Patches 1-3 match the LUKS patches 1-3 Patches 4-6 match the LUKS patches 12-14 They are needed for "parts" for this series. Changes since v3: Patches 7-10 are patches 1-4 of the v3 series with perhaps a few adjustments these were reviewed and had partial ACK's see the v3 series cover for details Patches 11->14 are NEW. Patch 11 needs the "passphrase" secret from LUKS in order to allow the addition of a <secret> for a <serial type='tcp'...> to provide the passphrase for the TLS environment. Patch 12 provides the means (like Disk and Hostdev) to store the secinfo required to generate an AES secret Patch 13 adds the secret for the command line startup Patch 14 could be combined w/ 13, but I just kept it a separate way to add the secret for the hotplug (and unplug) John Ferlan (14): qemu: Change protocol parameter for secret setup qemu: Remove authdef from secret setup conf: Add new secret type "passphrase" qemu: Remove type from qemuBuildSecretInfoProps qemu: Make qemuBuildSecretInfoProps global qemu: Add secinfo for hotplug virtio disk conf: Add new default TLS X.509 certificate default directory conf: Introduce chartcp_tls_x509_cert_dir qemu: Add support for TLS X.509 path to TCP chardev backend qemu: Add the ability to hotplug the TLS X.509 environment conf: Add new secret element for tcp chardev qemu: Introduce qemuDomainChardevPrivatePtr qemu: Add a secret object to/for a chardev tcp with secret qemu: Add the ability to hotplug a secret object for TCP chardev TLS docs/aclpolkit.html.in | 4 + docs/formatdomain.html.in | 29 +++ docs/formatsecret.html.in | 57 +++++- docs/schemas/domaincommon.rng | 21 +++ docs/schemas/secret.rng | 10 + include/libvirt/libvirt-secret.h | 3 +- src/access/viraccessdriverpolkit.c | 13 ++ src/conf/domain_conf.c | 62 ++++++- src/conf/domain_conf.h | 8 +- src/conf/secret_conf.c | 26 ++- src/conf/secret_conf.h | 1 + src/conf/virsecretobj.c | 5 + src/libxl/libxl_domain.c | 2 +- src/lxc/lxc_native.c | 2 +- src/qemu/libvirtd_qemu.aug | 11 +- src/qemu/qemu.conf | 83 +++++++-- src/qemu/qemu_command.c | 148 ++++++++++++++- src/qemu/qemu_command.h | 13 ++ src/qemu/qemu_conf.c | 59 +++++- src/qemu/qemu_conf.h | 7 + src/qemu/qemu_domain.c | 202 +++++++++++++++------ src/qemu/qemu_domain.h | 22 +++ src/qemu/qemu_driver.c | 2 +- src/qemu/qemu_hotplug.c | 141 ++++++++++++-- src/qemu/qemu_hotplug.h | 3 +- src/qemu/qemu_monitor_json.c | 9 + src/qemu/qemu_parse_command.c | 4 +- src/qemu/qemu_process.c | 2 +- src/qemu/test_libvirtd_qemu.aug.in | 5 + src/vz/vz_sdk.c | 2 +- src/xenconfig/xen_sxpr.c | 2 +- tests/qemuhotplugtest.c | 2 +- .../qemuxml2argv-serial-tcp-tlsx509-chardev.args | 33 ++++ .../qemuxml2argv-serial-tcp-tlsx509-chardev.xml | 41 +++++ ...xml2argv-serial-tcp-tlsx509-secret-chardev.args | 38 ++++ ...uxml2argv-serial-tcp-tlsx509-secret-chardev.xml | 42 +++++ tests/qemuxml2argvtest.c | 14 ++ .../qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml | 50 +++++ ...ml2xmlout-serial-tcp-tlsx509-secret-chardev.xml | 51 ++++++ tests/qemuxml2xmltest.c | 2 + tests/secretxml2xmlin/usage-passphrase.xml | 7 + tests/secretxml2xmltest.c | 1 + 42 files changed, 1116 insertions(+), 123 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.xml create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-serial-tcp-tlsx509-chardev.xml create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-serial-tcp-tlsx509-secret-chardev.xml create mode 100644 tests/secretxml2xmlin/usage-passphrase.xml -- 2.5.5 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list