#
b25b387f |
| 23-Jun-2017 |
Daniel P. Berrange <berrange@redhat.com> |
qcow2: convert QCow2 to use QCryptoBlock for encryption This converts the qcow2 driver to make use of the QCryptoBlock APIs for encrypting image content, using the legacy QCow2 AES s
qcow2: convert QCow2 to use QCryptoBlock for encryption This converts the qcow2 driver to make use of the QCryptoBlock APIs for encrypting image content, using the legacy QCow2 AES scheme. With this change it is now required to use the QCryptoSecret object for providing passwords, instead of the current block password APIs / interactive prompting. $QEMU \ -object secret,id=sec0,file=/home/berrange/encrypted.pw \ -drive file=/home/berrange/encrypted.qcow2,encrypt.key-secret=sec0 The test 087 could be simplified since there is no longer a difference in behaviour when using blockdev_add with encrypted images for the running vs stopped CPU state. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-12-berrange@redhat.com Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
show more ...
|
#
317134bb |
| 05-May-2017 |
Stefan Hajnoczi <stefanha@redhat.com> |
Merge remote-tracking branch 'shorne/tags/pull-or-20170504' into staging Openrisc Features and Fixes for qemu 2.10 # gpg: Signature made Thu 04 May 2017 01:41:45 AM BST # gpg:
Merge remote-tracking branch 'shorne/tags/pull-or-20170504' into staging Openrisc Features and Fixes for qemu 2.10 # gpg: Signature made Thu 04 May 2017 01:41:45 AM BST # gpg: using RSA key 0xC3B31C2D5E6627E4 # gpg: Good signature from "Stafford Horne <shorne@gmail.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: D9C4 7354 AEF8 6C10 3A25 EFF1 C3B3 1C2D 5E66 27E4 * shorne/tags/pull-or-20170504: target/openrisc: Support non-busy idle state using PMR SPR target/openrisc: Remove duplicate features property target/openrisc: Implement full vmstate serialization migration: Add VMSTATE_STRUCT_2DARRAY() target/openrisc: implement shadow registers migration: Add VMSTATE_UINTTL_2DARRAY() target/openrisc: add numcores and coreid support target/openrisc: Fixes for memory debugging target/openrisc: Implement EPH bit target/openrisc: Implement EVBAR register MAINTAINERS: Add myself as openrisc maintainer Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
show more ...
|
#
52e94ea5 |
| 26-Apr-2017 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20170421-v2-tag' into staging Xen 2017/04/21 + fix # gpg: Signature made Tue 25 Apr 2017 19:10:37 BST # gpg:
Merge remote-tracking branch 'remotes/sstabellini/tags/xen-20170421-v2-tag' into staging Xen 2017/04/21 + fix # gpg: Signature made Tue 25 Apr 2017 19:10:37 BST # gpg: using RSA key 0x894F8F4870E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>" # gpg: aka "Stefano Stabellini <sstabellini@kernel.org>" # Primary key fingerprint: D04E 33AB A51F 67BA 07D3 0AEA 894F 8F48 70E1 AE90 * remotes/sstabellini/tags/xen-20170421-v2-tag: (21 commits) move xen-mapcache.c to hw/i386/xen/ move xen-hvm.c to hw/i386/xen/ move xen-common.c to hw/xen/ add xen-9p-backend to MAINTAINERS under Xen xen/9pfs: build and register Xen 9pfs backend xen/9pfs: send responses back to the frontend xen/9pfs: implement in/out_iov_from_pdu and vmarshal/vunmarshal xen/9pfs: receive requests from the frontend xen/9pfs: connect to the frontend xen/9pfs: introduce Xen 9pfs backend 9p: introduce a type for the 9p header xen: import ring.h from xen configure: use pkg-config for obtaining xen version xen: additionally restrict xenforeignmemory operations xen: use libxendevice model to restrict operations xen: use 5 digit xen versions xen: use libxendevicemodel when available configure: detect presence of libxendevicemodel xen: create wrappers for all other uses of xc_hvm_XXX() functions xen: rename xen_modified_memory() to xen_hvm_modified_memory() ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
b8c7193f |
| 25-Apr-2017 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Tue 25 Apr 2017 12:22:03 BST # gpg: using RSA key 0xEF04965B398D62
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging # gpg: Signature made Tue 25 Apr 2017 12:22:03 BST # gpg: using RSA key 0xEF04965B398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: COLO-compare: Optimize tcp compare trace event COLO-compare: Optimize tcp compare for option field slirp: add a fake NC-SI backend aspeed: add a FTGMAC100 nic net/ftgmac100: add a 'aspeed' property net: add FTGMAC100 support hw/net: add MII definitions colo-compare: Fix old packet check bug. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
f4b5b021 |
| 25-Apr-2017 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Mon 24 Apr 2017 20:18:05 BST # gpg: using RSA key 0xBDBE7B27C0DE3057
Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into staging # gpg: Signature made Mon 24 Apr 2017 20:18:05 BST # gpg: using RSA key 0xBDBE7B27C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>" # gpg: aka "Jeffrey Cody <jeff@codyprime.org>" # gpg: aka "Jeffrey Cody <codyprime@gmail.com>" # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: qemu-iotests: _cleanup_qemu must be called on exit block/rbd: Add support for reopen() block/rbd - update variable names to more apt names block: use bdrv_can_set_read_only() during reopen block: introduce bdrv_can_set_read_only() block: code movement block: honor BDRV_O_ALLOW_RDWR when clearing bs->read_only block: do not set BDS read_only if copy_on_read enabled block: add bdrv_set_read_only() helper function qemu-iotests: exclude vxhs from image creation via protocol block/vxhs.c: Add qemu-iotests for new block device type "vxhs" block/vxhs.c: Add support for a new block device type called "vxhs" Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
a98f49f4 |
| 14-Feb-2017 |
Jeff Cody <jcody@redhat.com> |
qemu-iotests: exclude vxhs from image creation via protocol The protocol VXHS does not support image creation. Some tests expect to be able to create images through the protocol. Exclu
qemu-iotests: exclude vxhs from image creation via protocol The protocol VXHS does not support image creation. Some tests expect to be able to create images through the protocol. Exclude VXHS from these tests. Signed-off-by: Jeff Cody <jcody@redhat.com>
show more ...
|
#
7cfdc02d |
| 26-Sep-2016 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pc: fixes and features beginning of guest error handling for virtio devices amd iommu pc co
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging virtio, pc: fixes and features beginning of guest error handling for virtio devices amd iommu pc compat fixes Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Fri 23 Sep 2016 23:02:09 BST # gpg: using RSA key 0x281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: hw/i386: AMD IOMMU IVRS table hw/i386: Introduce AMD IOMMU hw/i386/trace-events: Add AMD IOMMU trace events hw/pci: Prepare for AMD IOMMU virtio: handle virtqueue_get_head() errors virtio: handle virtqueue_num_heads() errors virtio: handle virtqueue_read_next_desc() errors virtio: use unsigned int for virtqueue_get_avail_bytes() index virtio: handle virtqueue_get_avail_bytes() errors virtio: handle virtqueue_map_desc() errors virtio: migrate vdev->broken flag virtio: stop virtqueue processing if device is broken virtio: fix stray tab character target-i386: turn off CPU.l3-cache only for 2.7 and older machine types pc: clean up COMPAT macro chaining virtio: add check for descriptor's mapped address tests: add /vhost-user/flags-mismatch test tests: add a simple /vhost-user/multiqueue test tests: add /vhost-user/connect-fail test Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
3b71ec85 |
| 23-Sep-2016 |
Peter Maydell <peter.maydell@linaro.org> |
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 23 Sep 2016 12:59:46 BST # gpg: using RS
Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging Block layer patches # gpg: Signature made Fri 23 Sep 2016 12:59:46 BST # gpg: using RSA key 0x7F09B272C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: (33 commits) block: Remove BB interface from blockdev-add/del qemu-iotests/141: Avoid blockdev-add with id block: Avoid printing NULL string in error messages qemu-iotests/139: Avoid blockdev-add with id qemu-iotests/124: Avoid blockdev-add with id qemu-iotests/118: Avoid blockdev-add with id qemu-iotests/117: Avoid blockdev-add with id qemu-iotests/087: Avoid blockdev-add with id qemu-iotests/081: Avoid blockdev-add with id qemu-iotests/071: Avoid blockdev-add with id qemu-iotests/067: Avoid blockdev-add with id qemu-iotests/041: Avoid blockdev-add with id qemu-iotests/118: Test media change with qdev name block: Accept device model name for block_set_io_throttle block: Accept device model name for blockdev-change-medium block: Accept device model name for eject block: Accept device model name for x-blockdev-remove-medium block: Accept device model name for x-blockdev-insert-medium block: Accept device model name for blockdev-open/close-tray qdev-monitor: Add blk_by_qdev_id() ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
show more ...
|
#
bb9f8dd0 |
| 06-Sep-2016 |
Daniel P. Berrange <berrange@redhat.com> |
qcow2: fix encryption during cow of sectors Broken in previous commit: commit aaa4d20b4972bb1a811ce929502e6741835d584e Author: Kevin Wolf <kwolf@redhat.com> Date: We
qcow2: fix encryption during cow of sectors Broken in previous commit: commit aaa4d20b4972bb1a811ce929502e6741835d584e Author: Kevin Wolf <kwolf@redhat.com> Date: Wed Jun 1 15:21:05 2016 +0200 qcow2: Make copy_sectors() byte based The copy_sectors() code was originally using the 'sector' parameter for encryption, which was passed in by the caller from the QCowL2Meta.offset field (aka the guest logical offset). After the change, the code is using 'cluster_offset' which was passed in from QCow2L2Meta.alloc_offset field (aka the host physical offset). This would cause the data to be encrypted using an incorrect initialization vector which will in turn cause later reads to return garbage. Although current qcow2 built-in encryption is blocked from usage in the emulator, one could still hit this if writing to the file via qemu-{img,io,nbd} commands. Cc: qemu-stable@nongnu.org Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
show more ...
|