qemu: monitor: Add 'tls-creds' parameter to 'nbd-server-start' command

To allow encryption of the non-shared storage migration NBD connection
we will need to instantiated the NBD server with the TLS env.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 1a857329ec6311834a74dc2cd6a1bf689ee82db5..a54263f39c30fcf4f64c24c5271ffb5804f9c4ce 100644 (file)
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -411,7 +411,7 @@ qemuMigrationDstStartNBDServer(virQEMUDriverPtr driver,
             else if (virPortAllocatorAcquire(driver->migrationPorts, &port) < 0)
                 goto exit_monitor;
 
-            if (qemuMonitorNBDServerStart(priv->mon, listenAddr, port) < 0)
+            if (qemuMonitorNBDServerStart(priv->mon, listenAddr, port, NULL) < 0)
                 goto exit_monitor;
         }
 

diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index f642d9a51ab620edf16e6a5e2a952fb76772e861..8c26ee66b32c6784b8a8760042c22b43a6cf8a9c 100644 (file)
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -3999,13 +3999,14 @@ qemuMonitorGetGICCapabilities(qemuMonitorPtr mon,
 int
 qemuMonitorNBDServerStart(qemuMonitorPtr mon,
                           const char *host,
-                          unsigned int port)
+                          unsigned int port,
+                          const char *tls_alias)
 {
-    VIR_DEBUG("host=%s port=%u", host, port);
+    VIR_DEBUG("host=%s port=%u tls_alias=%s", host, port, NULLSTR(tls_alias));
 
     QEMU_CHECK_MONITOR_JSON(mon);
 
-    return qemuMonitorJSONNBDServerStart(mon, host, port);
+    return qemuMonitorJSONNBDServerStart(mon, host, port, tls_alias);
 }
 
 

diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
index d6b68b44ca01652567d87912ec1b3bbb4e76df45..a93844f77b7cae7dce84dd1b920ef6448f8e7b6a 100644 (file)
--- a/src/qemu/qemu_monitor.h
+++ b/src/qemu/qemu_monitor.h
@@ -1052,7 +1052,8 @@ char *qemuMonitorGetTargetArch(qemuMonitorPtr mon);
 
 int qemuMonitorNBDServerStart(qemuMonitorPtr mon,
                               const char *host,
-                              unsigned int port);
+                              unsigned int port,
+                              const char *tls_alias);
 int qemuMonitorNBDServerAdd(qemuMonitorPtr mon,
                             const char *deviceID,
                             bool writable);

diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 24d37eb41dc1c56b3dccfb39d60428eb9bf8a712..05ac8d0a3cdee499098915e6b790f4f14a5358ac 100644 (file)
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -6396,7 +6396,8 @@ qemuMonitorJSONBuildUnixSocketAddress(const char *path)
 int
 qemuMonitorJSONNBDServerStart(qemuMonitorPtr mon,
                               const char *host,
-                              unsigned int port)
+                              unsigned int port,
+                              const char *tls_alias)
 {
     int ret = -1;
     virJSONValuePtr cmd = NULL;
@@ -6412,6 +6413,7 @@ qemuMonitorJSONNBDServerStart(qemuMonitorPtr mon,
 
     if (!(cmd = qemuMonitorJSONMakeCommand("nbd-server-start",
                                            "a:addr", &addr,
+                                           "S:tls-creds", tls_alias,
                                            NULL)))
         goto cleanup;
 

diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h
index 665da27d6db6215d12c5f2908779884f6693c9a7..ed5f29b20a038561408e055badc48e65a598b9d1 100644 (file)
--- a/src/qemu/qemu_monitor_json.h
+++ b/src/qemu/qemu_monitor_json.h
@@ -449,7 +449,8 @@ char *qemuMonitorJSONGetTargetArch(qemuMonitorPtr mon);
 
 int qemuMonitorJSONNBDServerStart(qemuMonitorPtr mon,
                                   const char *host,
-                                  unsigned int port);
+                                  unsigned int port,
+                                  const char *tls_alias);
 int qemuMonitorJSONNBDServerAdd(qemuMonitorPtr mon,
                                 const char *deviceID,
                                 bool writable);

diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c
index f8d39c35abda5cc4103766d8533efc0e48bbcd1c..9a83c9a6080697afb663be17d012a0734c35a5fc 100644 (file)
--- a/tests/qemumonitorjsontest.c
+++ b/tests/qemumonitorjsontest.c
@@ -1350,7 +1350,7 @@ GEN_TEST_FUNC(qemuMonitorJSONBlockCommit, "vdb", "/foo/bar1", "/foo/bar2", NULL,
 GEN_TEST_FUNC(qemuMonitorJSONDrivePivot, "vdb")
 GEN_TEST_FUNC(qemuMonitorJSONScreendump, "/foo/bar")
 GEN_TEST_FUNC(qemuMonitorJSONOpenGraphics, "spice", "spicefd", false)
-GEN_TEST_FUNC(qemuMonitorJSONNBDServerStart, "localhost", 12345)
+GEN_TEST_FUNC(qemuMonitorJSONNBDServerStart, "localhost", 12345, "test-alias")
 GEN_TEST_FUNC(qemuMonitorJSONNBDServerAdd, "vda", true)
 GEN_TEST_FUNC(qemuMonitorJSONDetachCharDev, "serial1")