diff options
Diffstat (limited to 'core')
7 files changed, 76 insertions, 54 deletions
diff --git a/core/modules/evdi/module.build b/core/modules/evdi/module.build index 4202e365..1868506d 100644 --- a/core/modules/evdi/module.build +++ b/core/modules/evdi/module.build @@ -6,11 +6,11 @@ fetch_source() { build() { local dir - cde "${MODULE_WORK_DIR}/src/evdi/module" - make -C "$KERNEL_HEADERS_DIR" M=$(pwd) \ + cde "${MODULE_WORK_DIR}/src/evdi" + make module CONFIG_DRM_EVDI=m KDIR="$KERNEL_HEADERS_DIR" \ || perror "Could not make .ko" dir="${MODULE_BUILD_DIR}/lib/modules/${TARGET_KERNEL_LONG}/kernel/extra" mkdir -p "$dir" - cp evdi.ko "$dir/" \ - || perror "Couldnotopcy" + cp module/evdi.ko "$dir/" \ + || perror "Couldnotopcy evdi.ko" } diff --git a/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm b/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm index 63787309..4d994dbb 100755 --- a/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm +++ b/core/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm @@ -181,6 +181,7 @@ auth_user() { local cret="$(curl \ --silent \ --connect-timeout 5 \ + --retry 3 \ --max-time 15 \ --output "$ret" \ --data "$REQUEST" \ @@ -270,11 +271,19 @@ write_user_data() { if [ "$PAM_TYPE" = "auth" ]; then ##### Browser if [ "$mode" = "browser" ]; then + # Check if suffix is allowed org + if [ -d "/opt/openslx/pam/shibboleth/whitelist" ] \ + && ! grep -Fxqi "$USER_ORGANISATION" /opt/openslx/pam/shibboleth/whitelist/*.suffix; then + echo "Organization '$USER_ORGANISATION' not allowed to log in" + exit 1 + fi + # Validate with server token="${USER_PASSWORD#shib=}" if [ "${#USER_PASSWORD}" -gt 18 ] && [ "${USER_PASSWORD}" != "$token" ]; then nc="$(curl \ --silent \ --connect-timeout 5 \ + --retry 3 \ --max-time 15 \ --data-urlencode "token=${token}" \ "${IDP_QUERY_URL}?action=verify" diff --git a/core/modules/qemu-src/module.conf b/core/modules/qemu-src/module.conf index d05b4fbb..26c72356 100644 --- a/core/modules/qemu-src/module.conf +++ b/core/modules/qemu-src/module.conf @@ -1,7 +1,7 @@ #!/bin/bash REQUIRED_GIT=" - https://gitlab.com/qemu-project/qemu.git||${CONFIG_QEMU_VERSION:-v6.1.0} + https://gitlab.com/qemu-project/qemu.git||${CONFIG_QEMU_VERSION:-v9.1.0} " # copy everything since there is a clean installation done by 'make install' diff --git a/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/App.java b/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/App.java index 6e1efa61..c89872e7 100644 --- a/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/App.java +++ b/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/App.java @@ -7,8 +7,11 @@ import java.util.Arrays; import org.apache.logging.log4j.Level; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import org.apache.logging.log4j.core.LoggerContext; +import org.apache.logging.log4j.core.config.Configuration; import org.apache.logging.log4j.core.config.Configurator; import org.apache.logging.log4j.core.config.DefaultConfiguration; +import org.apache.logging.log4j.core.config.LoggerConfig; import org.openslx.libvirt.domain.Domain; import org.openslx.libvirt.xml.LibvirtXmlDocumentException; import org.openslx.libvirt.xml.LibvirtXmlSerializationException; @@ -98,7 +101,19 @@ public class App } if ( cmdLn.isDebugEnabled() || cmdLn.isDebugDevicePassthroughEnabled() ) { - Configurator.setRootLevel( Level.ALL ); + // Someone please exterminate all Java devs. What's wrong with those fuckheads who come up with this? + // https://stackoverflow.com/a/65151249/2043481 + LoggerContext ctx = (LoggerContext) LogManager.getContext(App.class.getClassLoader(), false); + Configuration config = ctx.getConfiguration(); + LoggerConfig loggerConfig = config.getLoggerConfig(LogManager.ROOT_LOGGER_NAME); + loggerConfig.setLevel(Level.DEBUG); + ctx.updateLoggers(); + } else { + LoggerContext ctx = (LoggerContext) LogManager.getContext(App.class.getClassLoader(), false); + Configuration config = ctx.getConfiguration(); + LoggerConfig loggerConfig = config.getLoggerConfig(LogManager.ROOT_LOGGER_NAME); + loggerConfig.setLevel(Level.INFO); + ctx.updateLoggers(); } // show help if 'help' command line option is set @@ -170,7 +185,7 @@ public class App try { transformationManager.transform(); } catch ( TransformationException e ) { - LOGGER.error( "Failed to finalize VM configuration file: " + e.getLocalizedMessage() ); + LOGGER.error( "Failed to transform VM configuration file", e ); hypervisor.close(); System.exit( 4 ); } diff --git a/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuArchitecture.java b/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuArchitecture.java index 16956ce9..48426ac7 100644 --- a/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuArchitecture.java +++ b/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuArchitecture.java @@ -3,6 +3,8 @@ package org.openslx.runvirt.plugin.qemu.configuration; import java.util.ArrayList; import java.util.List; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import org.openslx.libvirt.capabilities.Capabilities; import org.openslx.libvirt.capabilities.guest.Guest; import org.openslx.libvirt.capabilities.guest.Machine; @@ -12,7 +14,7 @@ import org.openslx.libvirt.domain.Domain.Type; import org.openslx.runvirt.plugin.qemu.cmdln.CommandLineArgs; import org.openslx.runvirt.plugin.qemu.virtualization.LibvirtHypervisorQemu; import org.openslx.runvirt.virtualization.LibvirtHypervisorException; -import org.openslx.virtualization.configuration.VirtualizationConfigurationQemuUtils; +import org.openslx.util.Util; import org.openslx.virtualization.configuration.transformation.TransformationException; import org.openslx.virtualization.configuration.transformation.TransformationSpecific; @@ -25,6 +27,8 @@ import org.openslx.virtualization.configuration.transformation.TransformationSpe public class TransformationSpecificQemuArchitecture extends TransformationSpecific<Domain, CommandLineArgs, LibvirtHypervisorQemu> { + private static final Logger LOGGER = LogManager.getLogger( TransformationSpecificQemuArchitecture.class ); + /** * Name of the configuration transformation. */ @@ -134,24 +138,15 @@ public class TransformationSpecificQemuArchitecture } /** - * Returns the canonical names of a target machine description of a host system's guest - * capability. - * - * @param guest guest capability of a host system. - * @return canonical names of a target machine description of a host system's guest capability. - * @throws TransformationException failed to return the canonical names of a target machine - * description of a host system's guest capability + * Return all supported machines for given guest. */ - private List<String> getCanonicalNamesFromTargetMachines( Guest guest ) throws TransformationException + private List<String> getTargetMachines( Guest guest ) { final List<Machine> machines = guest.getArchMachines(); final List<String> canonicalNames = new ArrayList<String>(); for ( Machine machine : machines ) { - final String canonicalName = machine.getCanonicalMachine(); - if ( canonicalName != null ) { - canonicalNames.add( canonicalName ); - } + canonicalNames.add( machine.getName() ); } return canonicalNames; @@ -172,67 +167,71 @@ public class TransformationSpecificQemuArchitecture // check if source architecture is supported by one of the hypervisor's guests Guest targetGuest = null; if ( sourceArchitectureName == null ) { - final String errorMsg = new String( "Source architecture is not specified!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "Source architecture is not specified!" ); } else { targetGuest = this.getTargetGuestFromArchName( sourceArchitectureName ); if ( targetGuest == null ) { - final String errorMsg = new String( "Source architecture is not supported by the virtualizer!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "Source architecture '" + sourceArchitectureName + "' " + + "is not supported by the virtualizer!" ); } } // check if source machine is supported by the hypervisor - Machine targetMachine = null; if ( sourceMachine == null ) { - final String errorMsg = new String( "Source machine type is not specified!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "Source machine type is not specified!" ); } else { - // get all possible machine type for supported source architecture - targetMachine = this.getTargetMachineFromGuest( targetGuest, sourceMachine ); + Machine targetMachine = this.getTargetMachineFromGuest( targetGuest, sourceMachine ); - if ( targetMachine == null ) { + if ( targetMachine != null ) { + // Canonicalize, otherwise UEFI firmware cannot be found -.- + String cn = targetMachine.getCanonicalMachine(); + if ( !Util.isEmptyString( cn ) ) { + config.setOsMachine( cn ); + } + } else { // source machine is not directly supported by the hypervisor - // check if up- or downgraded version of the chipset is supported by the hypervisor - List<String> targetMachineCanonicalNames = this.getCanonicalNamesFromTargetMachines( targetGuest ); + LOGGER.info( "Machine '" + sourceMachine + "' not known" ); + // Get best fallback + List<String> supportedMachineNames = this.getTargetMachines( targetGuest ); - // retrieve overwrite chipset name from canonical machine names + // Look for best (=longest) match in supported list String sourceMachineOverwrite = null; - for ( String targetMachineCanonicalName : targetMachineCanonicalNames ) { - final String targetMachineName = VirtualizationConfigurationQemuUtils - .getOsMachineName( targetMachineCanonicalName ); - if ( targetMachineName != null && sourceMachine.contains( targetMachineName ) ) { - sourceMachineOverwrite = targetMachineCanonicalName; - break; + for ( String name : supportedMachineNames ) { + LOGGER.debug( "Does '" + sourceMachine + "' start with (or contain) '" + name + "'?" ); + if ( ( sourceMachine.startsWith( name ) || sourceMachine.contains( "-" + name ) ) + && ( sourceMachineOverwrite == null || sourceMachineOverwrite.length() < name.length() ) ) { + sourceMachineOverwrite = name; } } // if overwrite available, patch the machine type if ( sourceMachineOverwrite != null ) { + targetMachine = this.getTargetMachineFromGuest( targetGuest, sourceMachineOverwrite ); + if (targetMachine != null && !Util.isEmptyString( targetMachine.getCanonicalMachine() ) ) { + sourceMachineOverwrite = targetMachine.getCanonicalMachine(); + } + LOGGER.info( "Overriding unsupported machine '" + sourceMachine + "' with '" + sourceMachineOverwrite + "'" ); config.setOsMachine( sourceMachineOverwrite ); } else { - final String errorMsg = new String( "Source machine type is not supported by the virtualizer!" ); - throw new TransformationException( errorMsg ); + LOGGER.info( "Don't know how to override unsupported machine '" + sourceMachine + "'" ); + throw new TransformationException( "Source machine type is not supported by the virtualizer!" ); } } } // check if source OS type is supported by the hypervisor's architecture if ( sourceOsType == null ) { - final String errorMsg = new String( "OS type is not specified!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "OS type is not specified!" ); } else { if ( !sourceOsType.toString().equals( targetGuest.getOsType().toString() ) ) { - final String errorMsg = new String( "OS type is not supported by the virtualizer!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "OS type is not supported by the virtualizer!" ); } } // check if source domain type is supported by the hypervisor's architecture Type targetDomainType = null; if ( sourceDomainType == null ) { - final String errorMsg = new String( "Source domain type is not specified!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "Source domain type is not specified!" ); } else { final List<org.openslx.libvirt.capabilities.guest.Domain> targetDomains = targetGuest.getArchDomains(); @@ -247,16 +246,14 @@ public class TransformationSpecificQemuArchitecture // check supported domain type if ( targetDomainType == null ) { - final String errorMsg = new String( "Source domain type is not supported by the virtualizer!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "Source domain type is not supported by the virtualizer!" ); } } // patch path of QEMU emulator binary final String archEmulator = targetGuest.getArchEmulator(); if ( archEmulator == null ) { - final String errorMsg = new String( "Emulation of source architecture is not supported by the virtualizer!" ); - throw new TransformationException( errorMsg ); + throw new TransformationException( "Emulation of source architecture is not supported by the virtualizer!" ); } else { config.setDevicesEmulator( targetGuest.getArchEmulator() ); } diff --git a/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuMdevPassthroughIntel.java b/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuMdevPassthroughIntel.java index 303befab..87206714 100644 --- a/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuMdevPassthroughIntel.java +++ b/core/modules/qemu/runvirt-plugin-qemu/src/main/java/org/openslx/runvirt/plugin/qemu/configuration/TransformationSpecificQemuMdevPassthroughIntel.java @@ -11,6 +11,7 @@ import org.openslx.libvirt.domain.device.Video; import org.openslx.runvirt.plugin.qemu.cmdln.CommandLineArgs; import org.openslx.runvirt.plugin.qemu.virtualization.LibvirtHypervisorQemu; import org.openslx.runvirt.virtualization.LibvirtHypervisorException; +import org.openslx.util.Util; import org.openslx.virtualization.configuration.transformation.TransformationException; import org.openslx.virtualization.configuration.transformation.TransformationSpecific; @@ -116,7 +117,7 @@ public class TransformationSpecificQemuMdevPassthroughIntel mdevDevice.setMemoryFramebufferOn( true ); mdevDevice.setSource( mdevDeviceAddress ); - if ( config.getOsLoader() != null && !config.getOsLoader().isEmpty() ) { + if ( !Util.isEmptyString( config.getOsLoader() ) || "efi".equalsIgnoreCase( config.getOsFirmware() ) ) { // set Intel specific rom file for GVT-g if UEFI loader is used config.addGvtg( INTEL_GVT_G_UEFI_ROMFILE ); } else { diff --git a/core/modules/swtpm/module.conf b/core/modules/swtpm/module.conf index 2378ebb4..f5e69dbb 100644 --- a/core/modules/swtpm/module.conf +++ b/core/modules/swtpm/module.conf @@ -1,8 +1,8 @@ #!/bin/bash REQUIRED_GIT=" - https://github.com/stefanberger/libtpms.git||v0.9.0 - https://github.com/stefanberger/swtpm.git||v0.6.1 + https://github.com/stefanberger/libtpms.git||${CONFIG_LIBTPMS_VERSION:-v0.9.0} + https://github.com/stefanberger/swtpm.git||${CONFIG_SWTPM_VERSION:-v0.6.1} " # copy everything since there is a clean installation done by 'make install' |