<font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><span style="font-size: 12.8px;">Thanks for reviewing all of my patches!</span><div style="font-size: 12.8px;">I'm fine with you making any of the changes you suggested.</div><div style="font-size: 12.8px;"><br></div><div style="font-size: 12.8px;">So the only change I need to make is "<span style="font-size: 12.8px;">specify what's happening </span><span style="font-size: 12.8px;">in </span><span style="font-size: 12.8px;">the storage driver"?</span></div><div style="font-size: 12.8px;"><span style="font-size: 12.8px;">Can you elaborate what do you mean by that?</span></div><div style="font-size: 12.8px;"><br></div><div style="font-size: 12.8px;">I can add something like:</div><div style="font-size: 12.8px;">For librbd engine, the encryption happens inside the librbd storage driver, so block read/write requests coming in from the hypervisor (qemu) are plaintext,</div><div style="font-size: 12.8px;">but encrypted by the storage driver before being persisted.</div><div style="font-size: 12.8px;"><br></div><div style="font-size: 12.8px;">Is this the kind of thing you were thinking about?</div><div style="font-size: 12.8px;"><br></div><div><font color="#990099">-----"Peter Krempa" <<a href="mailto:pkrempa@redhat.com" target="_blank" rel="noopener noreferrer">pkrempa@redhat.com</a>> wrote: -----</font></div><br><br>>To: "Or Ozeri" <<a href="mailto:oro@il.ibm.com" target="_blank" rel="noopener noreferrer">oro@il.ibm.com</a>><br>>From: "Peter Krempa" <<a href="mailto:pkrempa@redhat.com" target="_blank" rel="noopener noreferrer">pkrempa@redhat.com</a>><br>>Date: 10/21/2021 02:16PM<br>>Cc: <a href="mailto:libvir-list@redhat.com" target="_blank" rel="noopener noreferrer">libvir-list@redhat.com</a>, <a href="mailto:idryomov@gmail.com" target="_blank" rel="noopener noreferrer">idryomov@gmail.com</a>,<br>><a href="mailto:to.my.trociny@gmail.com" target="_blank" rel="noopener noreferrer">to.my.trociny@gmail.com</a>, <a href="mailto:dannyh@il.ibm.com" target="_blank" rel="noopener noreferrer">dannyh@il.ibm.com</a><br>>Subject: [EXTERNAL] Re: [PATCH v4 4/5] qemu: add librbd encryption<br>>engine<br>><br>>On Thu, Oct 07, 2021 at 14:21:20 -0500, Or Ozeri wrote:<br>>> rbd encryption is new in qemu 6.1.0.<br>>> This commit adds a new encryption engine property which<br>>> allows the user to use this new encryption engine.<br>>> <br>>> Signed-off-by: Or Ozeri <<a href="mailto:oro@il.ibm.com" target="_blank" rel="noopener noreferrer">oro@il.ibm.com</a>><br>>> ---<br>>> docs/formatstorageencryption.html.in | 7 +-<br>>> docs/schemas/storagecommon.rng | 1 +<br>>> src/conf/storage_encryption_conf.c | 2 +-<br>>> src/conf/storage_encryption_conf.h | 1 +<br>>> src/qemu/qemu_block.c | 26 +++++++<br>>> src/qemu/qemu_domain.c | 34 +++++++++<br>>> ...sk-network-rbd-encryption.x86_64-6.0.0.err | 1 +<br>>> ...-network-rbd-encryption.x86_64-latest.args | 45 ++++++++++++<br>>> .../disk-network-rbd-encryption.xml | 63<br>>+++++++++++++++++<br>>> tests/qemuxml2argvtest.c | 2 +<br>>> ...k-network-rbd-encryption.x86_64-latest.xml | 70<br>>+++++++++++++++++++<br>>> tests/qemuxml2xmltest.c | 1 +<br>>> 12 files changed, 251 insertions(+), 2 deletions(-)<br>>> create mode 100644<br>>tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-6.0.0.err<br>>> create mode 100644<br>>tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-latest.args<br>>> create mode 100644<br>>tests/qemuxml2argvdata/disk-network-rbd-encryption.xml<br>>> create mode 100644<br>>tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-latest.xm<br>>l<br>>> <br>>> diff --git a/docs/formatstorageencryption.html.in<br>>b/docs/formatstorageencryption.html.in<br>>> index 178fcd0d7c..02ee8f8ca3 100644<br>>> --- a/docs/formatstorageencryption.html.in<br>>> +++ b/docs/formatstorageencryption.html.in<br>>> @@ -27,7 +27,12 @@<br>>> The <code>encryption</code> tag supports an optional<br>><code>engine</code><br>>> tag, which allows selecting which component actually handles<br>>> the encryption. Currently defined values of<br>><code>engine</code> are<br>>> - <code>qemu</code>.<br>>> + <code>qemu</code> and <code>librbd</code>.<br>>> + Both <code>qemu</code> and <code>librbd</code> require using<br>>the qemu driver.<br>>> + The <code>librbd</code> engine requires qemu version >=<br>>6.1.0,<br>>> + and is only applicable for RBD network disks.<br>>> + If the engine tag is not specified, the <code>qemu</code><br>>engine will be<br>>> + used by default (assuming the qemu driver is used).<br>><br>>Okay, this is slightly better but it doesn't specify what's happening<br>>in<br>>the storage driver.<br>><br>>> </p><br>>> <p><br>>> The <code>encryption</code> tag can currently contain a<br>>sequence of<br>><br>>[...]<br>><br>><br>>> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c<br>>> index 354f65c6d5..13869dd79b 100644<br>>> --- a/src/qemu/qemu_domain.c<br>>> +++ b/src/qemu/qemu_domain.c<br>>> @@ -4814,6 +4814,40 @@<br>>qemuDomainValidateStorageSource(virStorageSource *src,<br>>> if (src->encryption) {<br>>> switch (src->encryption->engine) {<br>>> case VIR_STORAGE_ENCRYPTION_ENGINE_QEMU:<br>>> + switch ((virStorageEncryptionFormatType)<br>>src->encryption->format) {<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS:<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW:<br>>> + break;<br>>> +<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT:<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_LAST:<br>>> + default:<br>>> +<br>>virReportEnumRangeError(virStorageEncryptionFormatType,<br>>> +<br>>src->encryption->format);<br>>> + return -1;<br>><br>>This here is okay, because both are basically impossible.<br>><br>>> + }<br>>> +<br>>> + break;<br>>> + case VIR_STORAGE_ENCRYPTION_ENGINE_LIBRBD:<br>>> + if (!virQEMUCapsGet(qemuCaps,<br>>QEMU_CAPS_RBD_ENCRYPTION)) {<br>>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,<br>>"%s",<br>>> + _("librbd encryption is not<br>>supported by this QEMU binary"));<br>>> + return -1;<br>>> + }<br>>> +<br>>> + switch ((virStorageEncryptionFormatType)<br>>src->encryption->format) {<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS:<br>>> + break;<br>>> +<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT:<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW:<br>>> + case VIR_STORAGE_ENCRYPTION_FORMAT_LAST:<br>>> + default:<br>>> +<br>>virReportEnumRangeError(virStorageEncryptionFormatType,<br>>> +<br>>src->encryption->format);<br>><br>>This creates an error message which is not very informative.<br>>Specifically for VIR_STORAGE_ENCRYPTION_FORMAT_QCOW which is a<br>>legitimate configuration we need a proper error message.<br>><br>>> + return -1;<br>>> + }<br>>> +<br>>> break;<br>>> case VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT:<br>>> case VIR_STORAGE_ENCRYPTION_ENGINE_LAST:<br>><br>>[...]<br>><br>>The test input files are okay. The output files will need some<br>>tweaking<br>>after recent changes. I think adding the error message is trivial<br>>enough<br>>so that I'll do it before pushing if you are okay with it.<br>><br>>Reviewed-by: Peter Krempa <<a href="mailto:pkrempa@redhat.com" target="_blank" rel="noopener noreferrer">pkrempa@redhat.com</a>><br>><br>></font><BR>
<BR>