<font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><span style="font-size: 12.8px;">Thanks for reviewing all of my patches!</span><div style="font-size: 12.8px;">I'm fine with you making any of the changes you suggested.</div><div style="font-size: 12.8px;"><br></div><div style="font-size: 12.8px;">So the only change I need to make is "<span style="font-size: 12.8px;">specify what's happening </span><span style="font-size: 12.8px;">in </span><span style="font-size: 12.8px;">the storage driver"?</span></div><div style="font-size: 12.8px;"><span style="font-size: 12.8px;">Can you elaborate what do you mean by that?</span></div><div style="font-size: 12.8px;"><br></div><div style="font-size: 12.8px;">I can add something like:</div><div style="font-size: 12.8px;">For librbd engine, the encryption happens inside the librbd storage driver, so block read/write requests coming in from the hypervisor (qemu) are plaintext,</div><div style="font-size: 12.8px;">but encrypted by the storage driver before being persisted.</div><div style="font-size: 12.8px;"><br></div><div style="font-size: 12.8px;">Is this the kind of thing you were thinking about?</div><div style="font-size: 12.8px;"><br></div><div><font color="#990099">-----"Peter Krempa" <<a href="mailto:pkrempa@redhat.com" target="_blank" rel="noopener noreferrer">pkrempa@redhat.com</a>> wrote: -----</font></div><br><br>>To: "Or Ozeri" <<a href="mailto:oro@il.ibm.com" target="_blank" rel="noopener noreferrer">oro@il.ibm.com</a>><br>>From: "Peter Krempa" <<a href="mailto:pkrempa@redhat.com" target="_blank" rel="noopener noreferrer">pkrempa@redhat.com</a>><br>>Date: 10/21/2021 02:16PM<br>>Cc: <a href="mailto:libvir-list@redhat.com" target="_blank" rel="noopener noreferrer">libvir-list@redhat.com</a>, <a href="mailto:idryomov@gmail.com" target="_blank" rel="noopener noreferrer">idryomov@gmail.com</a>,<br>><a href="mailto:to.my.trociny@gmail.com" target="_blank" rel="noopener noreferrer">to.my.trociny@gmail.com</a>, <a href="mailto:dannyh@il.ibm.com" target="_blank" rel="noopener noreferrer">dannyh@il.ibm.com</a><br>>Subject: [EXTERNAL] Re: [PATCH v4 4/5] qemu: add librbd encryption<br>>engine<br>><br>>On Thu, Oct 07, 2021 at 14:21:20 -0500, Or Ozeri wrote:<br>>> rbd encryption is new in qemu 6.1.0.<br>>> This commit adds a new encryption engine property which<br>>> allows the user to use this new encryption engine.<br>>> <br>>> Signed-off-by: Or Ozeri <<a href="mailto:oro@il.ibm.com" target="_blank" rel="noopener noreferrer">oro@il.ibm.com</a>><br>>> ---<br>>>  docs/formatstorageencryption.html.in          |  7 +-<br>>>  docs/schemas/storagecommon.rng                |  1 +<br>>>  src/conf/storage_encryption_conf.c            |  2 +-<br>>>  src/conf/storage_encryption_conf.h            |  1 +<br>>>  src/qemu/qemu_block.c                         | 26 +++++++<br>>>  src/qemu/qemu_domain.c                        | 34 +++++++++<br>>>  ...sk-network-rbd-encryption.x86_64-6.0.0.err |  1 +<br>>>  ...-network-rbd-encryption.x86_64-latest.args | 45 ++++++++++++<br>>>  .../disk-network-rbd-encryption.xml           | 63<br>>+++++++++++++++++<br>>>  tests/qemuxml2argvtest.c                      |  2 +<br>>>  ...k-network-rbd-encryption.x86_64-latest.xml | 70<br>>+++++++++++++++++++<br>>>  tests/qemuxml2xmltest.c                       |  1 +<br>>>  12 files changed, 251 insertions(+), 2 deletions(-)<br>>>  create mode 100644<br>>tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-6.0.0.err<br>>>  create mode 100644<br>>tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-latest.args<br>>>  create mode 100644<br>>tests/qemuxml2argvdata/disk-network-rbd-encryption.xml<br>>>  create mode 100644<br>>tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-latest.xm<br>>l<br>>> <br>>> diff --git a/docs/formatstorageencryption.html.in<br>>b/docs/formatstorageencryption.html.in<br>>> index 178fcd0d7c..02ee8f8ca3 100644<br>>> --- a/docs/formatstorageencryption.html.in<br>>> +++ b/docs/formatstorageencryption.html.in<br>>> @@ -27,7 +27,12 @@<br>>>        The <code>encryption</code> tag supports an optional<br>><code>engine</code><br>>>        tag, which allows selecting which component actually handles<br>>>        the encryption. Currently defined values of<br>><code>engine</code> are<br>>> -      <code>qemu</code>.<br>>> +      <code>qemu</code> and <code>librbd</code>.<br>>> +      Both <code>qemu</code> and <code>librbd</code> require using<br>>the qemu driver.<br>>> +      The <code>librbd</code> engine requires qemu version >=<br>>6.1.0,<br>>> +      and is only applicable for RBD network disks.<br>>> +      If the engine tag is not specified, the <code>qemu</code><br>>engine will be<br>>> +      used by default (assuming the qemu driver is used).<br>><br>>Okay, this is slightly better but it doesn't specify what's happening<br>>in<br>>the storage driver.<br>><br>>>      </p><br>>>      <p><br>>>        The <code>encryption</code> tag can currently contain a<br>>sequence of<br>><br>>[...]<br>><br>><br>>> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c<br>>> index 354f65c6d5..13869dd79b 100644<br>>> --- a/src/qemu/qemu_domain.c<br>>> +++ b/src/qemu/qemu_domain.c<br>>> @@ -4814,6 +4814,40 @@<br>>qemuDomainValidateStorageSource(virStorageSource *src,<br>>>      if (src->encryption) {<br>>>          switch (src->encryption->engine) {<br>>>              case VIR_STORAGE_ENCRYPTION_ENGINE_QEMU:<br>>> +                switch ((virStorageEncryptionFormatType)<br>>src->encryption->format) {<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS:<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW:<br>>> +                        break;<br>>> +<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT:<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_LAST:<br>>> +                    default:<br>>> +<br>>virReportEnumRangeError(virStorageEncryptionFormatType,<br>>> +<br>>src->encryption->format);<br>>> +                        return -1;<br>><br>>This here is okay, because both are basically impossible.<br>><br>>> +                }<br>>> +<br>>> +                break;<br>>> +            case VIR_STORAGE_ENCRYPTION_ENGINE_LIBRBD:<br>>> +                if (!virQEMUCapsGet(qemuCaps,<br>>QEMU_CAPS_RBD_ENCRYPTION)) {<br>>> +                    virReportError(VIR_ERR_CONFIG_UNSUPPORTED,<br>>"%s",<br>>> +                                   _("librbd encryption is not<br>>supported by this QEMU binary"));<br>>> +                    return -1;<br>>> +                }<br>>> +<br>>> +                switch ((virStorageEncryptionFormatType)<br>>src->encryption->format) {<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS:<br>>> +                        break;<br>>> +<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT:<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW:<br>>> +                    case VIR_STORAGE_ENCRYPTION_FORMAT_LAST:<br>>> +                    default:<br>>> +<br>>virReportEnumRangeError(virStorageEncryptionFormatType,<br>>> +<br>>src->encryption->format);<br>><br>>This creates an error message which is not very informative.<br>>Specifically for VIR_STORAGE_ENCRYPTION_FORMAT_QCOW which is a<br>>legitimate configuration we need a proper error message.<br>><br>>> +                        return -1;<br>>> +                }<br>>> +<br>>>                  break;<br>>>              case VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT:<br>>>              case VIR_STORAGE_ENCRYPTION_ENGINE_LAST:<br>><br>>[...]<br>><br>>The test input files are okay. The output files will need some<br>>tweaking<br>>after recent changes. I think adding the error message is trivial<br>>enough<br>>so that I'll do it before pushing if you are okay with it.<br>><br>>Reviewed-by: Peter Krempa <<a href="mailto:pkrempa@redhat.com" target="_blank" rel="noopener noreferrer">pkrempa@redhat.com</a>><br>><br>></font><BR>
<BR>