Re: [PATCH v5 9/9] Add a test case to verify different TLS combinations for a VxHS disk

ashish mittal <ashmit602@xxxxxxxxx> · Wed, 30 Aug 2017 10:32:29 -0700



On Wed, Aug 30, 2017 at 8:22 AM, John Ferlan <jferlan@xxxxxxxxxx> wrote:
>
>
> On 08/29/2017 02:39 AM, Ashish Mittal wrote:
>> Verifies TLS args are auto generated if enabled in qemu.conf
>> Verifies TLS args are not generated if XML specifies tls='no'
>>
>> Signed-off-by: Ashish Mittal <Ashish.Mittal@xxxxxxxxxxx>
>> ---
>>  ...-disk-drive-network-tlsx509-multidisk-vxhs.args | 43 +++++++++++++++++
>>  ...v-disk-drive-network-tlsx509-multidisk-vxhs.xml | 56 ++++++++++++++++++++++
>>  tests/qemuxml2argvtest.c                           |  2 +
>>  3 files changed, 101 insertions(+)
>>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.args
>>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.xml
>>
>> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.args
>> new file mode 100644
>> index 0000000..005ad78
>> --- /dev/null
>> +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.args
>> @@ -0,0 +1,43 @@
>> +LC_ALL=C \
>> +PATH=/bin \
>> +HOME=/home/test \
>> +USER=test \
>> +LOGNAME=test \
>> +QEMU_AUDIO_DRV=none \
>> +/usr/bin/qemu-system-x86_64 \
>> +-name QEMUGuest1 \
>> +-S \
>> +-M pc \
>> +-cpu qemu32 \
>> +-m 214 \
>> +-smp 1,sockets=1,cores=1,threads=1 \
>> +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
>> +-nographic \
>> +-nodefaults \
>> +-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\
>> +server,nowait \
>> +-mon chardev=charmonitor,id=monitor,mode=readline \
>> +-no-acpi \
>> +-boot c \
>> +-usb \
>> +-object tls-creds-x509,id=objvxhs_tls0,dir=/usr/local/etc/pki/qemu,\
>
> dir=/etc/pki/qemu
>
>> +endpoint=client,verify-peer=yes \
>> +-drive file.driver=vxhs,file.tls-creds=objvxhs_tls0,\
>> +file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,\
>> +file.server.host=192.168.0.1,file.server.port=9999,format=raw,if=none,\
>> +id=drive-virtio-disk0,cache=none \
>> +-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
>> +id=virtio-disk0 \
>> +-object tls-creds-x509,id=objvxhs_tls0,dir=/usr/local/etc/pki/qemu,\
>
> dir=/etc/pki/qemu
>
> But this points out a problem - you now have two objects using the same
> id "id=objvxhs_tls0". This would fail a real qemu start...
>
> So here's my suggestion - see that "drive-virtio-disk0" - let's make use
> of that and instead of "objvxhs_tls0" - this would become
> "objvirtio-disk0-tls" - it's generic.
>
> This of course goes back to patch 5 where the alias was first created...
>
>> +endpoint=client,verify-peer=yes \
>> +-drive file.driver=vxhs,file.tls-creds=objvxhs_tls0,\
>> +file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc252,\
>> +file.server.host=192.168.0.2,file.server.port=9999,format=raw,if=none,\
>> +id=drive-virtio-disk1,cache=none \
>> +-device virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk1,\
>> +id=virtio-disk1 \
>> +-drive file.driver=vxhs,file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc253,\
>> +file.server.host=192.168.0.3,file.server.port=9999,format=raw,if=none,\
>> +id=drive-virtio-disk2,cache=none \
>> +-device virtio-blk-pci,bus=pci.0,addr=0x6,drive=drive-virtio-disk2,\
>> +id=virtio-disk2
>
> Need to alter the various outputs to include the file.server.0.type and
> then file.server.0 for host and port
>
>> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.xml
>> new file mode 100644
>> index 0000000..3d28958
>> --- /dev/null
>> +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.xml
>> @@ -0,0 +1,56 @@
>> +<domain type='qemu'>
>> +  <name>QEMUGuest1</name>
>> +  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
>> +  <memory unit='KiB'>219136</memory>
>> +  <currentMemory unit='KiB'>219136</currentMemory>
>> +  <vcpu placement='static'>1</vcpu>
>> +  <os>
>> +    <type arch='i686' machine='pc'>hvm</type>
>> +    <boot dev='hd'/>
>> +  </os>
>> +  <clock offset='utc'/>
>> +  <on_poweroff>destroy</on_poweroff>
>> +  <on_reboot>restart</on_reboot>
>> +  <on_crash>destroy</on_crash>
>> +  <devices>
>> +    <emulator>/usr/bin/qemu-system-x86_64</emulator>
>> +    <disk type='network' device='disk'>
>> +      <driver name='qemu' type='raw' cache='none'/>
>> +      <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-4e85ed4dc251'>
>> +        <host name='192.168.0.1' port='9999'/>
>> +      </source>
>> +      <backingStore/>
>
> Remove...
>
>> +      <target dev='vda' bus='virtio'/>
>> +      <serial>eb90327c-8302-4725-9e1b-4e85ed4dc251</serial>
>> +      <alias name='virtio-disk0'/>
>
> Remove...
>
>> +      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
>> +    </disk>
>> +    <disk type='network' device='disk'>
>> +      <driver name='qemu' type='raw' cache='none'/>
>> +      <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-4e85ed4dc252'>
>> +        <host name='192.168.0.2' port='9999'/>
>> +      </source>
>> +      <backingStore/>
>
> Remove...
>
>> +      <target dev='vdb' bus='virtio'/>
>> +      <serial>eb90327c-8302-4725-9e1b-4e85ed4dc252</serial>
>> +      <alias name='virtio-disk0'/>
>
> !!!!  Same as other one!!! This is virtio-disk1, but still it's
> unnecessary, so it needs to be removed.
>
>
>> +      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
>> +    </disk>
>> +    <disk type='network' device='disk'>
>> +      <driver name='qemu' type='raw' cache='none'/>
>> +      <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-4e85ed4dc253' tls='no'>
>> +        <host name='192.168.0.3' port='9999'/>
>> +      </source>
>> +      <backingStore/>
>
> Remove
>
>> +      <target dev='vdc' bus='virtio'/>
>> +      <serial>eb90327c-8302-4725-9e1b-4e85ed4dc252</serial>
>> +      <alias name='virtio-disk0'/>
>
> !!  would be virtio-disk2, but remove it.
>
>
> As you can see - I've gone through everything now. While doing so I've
> been making changes to sources and patch order a bit. I'll clean that
> all up and post in a little while.
>
> I need to go through each patch and figure out what I changed in order
> to "call it out"...
>
>
No worries if you don't call them all out. I will diff with previous
version and try to understand the changes. Thanks again!

> John
>
>> +      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
>> +    </disk>
>> +    <controller type='usb' index='0'/>
>> +    <controller type='pci' index='0' model='pci-root'/>
>> +    <input type='mouse' bus='ps2'/>
>> +    <input type='keyboard' bus='ps2'/>
>> +    <memballoon model='none'/>
>> +  </devices>
>> +</domain>
>> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
>> index d9723c4..bc9d3a2 100644
>> --- a/tests/qemuxml2argvtest.c
>> +++ b/tests/qemuxml2argvtest.c
>> @@ -937,6 +937,8 @@ mymain(void)
>>      driver.config->vxhsTLS = 1;
>>      DO_TEST("disk-drive-network-tlsx509-vxhs",
>>              QEMU_CAPS_OBJECT_TLS_CREDS_X509);
>> +    DO_TEST("disk-drive-network-tlsx509-multidisk-vxhs",
>> +            QEMU_CAPS_OBJECT_TLS_CREDS_X509);
>>      driver.config->vxhsTLS = 0;
>>      VIR_FREE(driver.config->vxhsTLSx509certdir);
>>      DO_TEST("disk-drive-no-boot",
>>

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list