[libvirt] [PATCH 1/5] list: Define new API virConnectListAllSecrets
Peter Krempa
pkrempa at redhat.com
Fri Sep 14 09:47:58 UTC 2012
On 09/14/12 10:38, Osier Yang wrote:
> This is to list the secret objects. No flags are supported
This statement isn't accurate as you added filtering flags.
>
> include/libvirt/libvirt.h.in: Declare enum virConnectListAllSecretFlags
> and virConnectListAllSecrets.
> python/generator.py: Skip auto-generating
> src/driver.h: (virDrvConnectListAllSecrets)
> src/libvirt.c: Implement the public API
> src/libvirt_public.syms: Export the symbol to public
> ---
> include/libvirt/libvirt.h.in | 21 +++++++++++++
> python/generator.py | 1 +
> src/driver.h | 5 +++
> src/libvirt.c | 66 ++++++++++++++++++++++++++++++++++++++++++
> src/libvirt_public.syms | 1 +
> 5 files changed, 94 insertions(+), 0 deletions(-)
>
> diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
> index 3d41026..c38ab23 100644
> --- a/include/libvirt/libvirt.h.in
> +++ b/include/libvirt/libvirt.h.in
> @@ -3266,6 +3266,27 @@ int virConnectNumOfSecrets (virConnectPtr conn);
> int virConnectListSecrets (virConnectPtr conn,
> char **uuids,
> int maxuuids);
> +
> +/*
> + * virConnectListAllSecrets:
> + *
> + * Flags used to filter the returned secrets. Flags in each group
> + * are exclusive attributes of a secret.
> + */
> +typedef enum {
> + /* kept in memory, never stored persistently */
> + VIR_CONNECT_LIST_SECRETS_EPHEMERAL = 1 << 0,
> + VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL = 1 << 1,
> +
> + /* not revealed to any caller of libvirt, nor
> + * to any other node */
> + VIR_CONNECT_LIST_SECRETS_PRIVATE = 1 << 2,
> + VIR_CONNECT_LIST_SECRETS_NO_PRIVATE = 1 << 3,
> +} virConnectListAllSecretsFlags;
> +
> +int virConnectListAllSecrets(virConnectPtr conn,
> + virSecretPtr **secrets,
> + unsigned int flags);
> virSecretPtr virSecretLookupByUUID(virConnectPtr conn,
> const unsigned char *uuid);
> virSecretPtr virSecretLookupByUUIDString(virConnectPtr conn,
> diff --git a/python/generator.py b/python/generator.py
> index d3163e4..955c893 100755
> --- a/python/generator.py
> +++ b/python/generator.py
> @@ -466,6 +466,7 @@ skip_function = (
> 'virConnectListAllInterfaces', # overridden in virConnect.py
> 'virConnectListAllNodeDevices', # overridden in virConnect.py
> 'virConnectListAllNWFilters', # overridden in virConnect.py
> + 'virConnectListAllSecrets', # overridden in virConnect.py
>
> 'virStreamRecvAll', # Pure python libvirt-override-virStream.py
> 'virStreamSendAll', # Pure python libvirt-override-virStream.py
> diff --git a/src/driver.h b/src/driver.h
> index 9984a85..3e69dae 100644
> --- a/src/driver.h
> +++ b/src/driver.h
> @@ -1567,6 +1567,10 @@ typedef int
> (*virDrvListSecrets) (virConnectPtr conn,
> char **uuids,
> int maxuuids);
> +typedef int
> + (*virDrvListAllSecrets) (virConnectPtr conn,
> + virSecretPtr **secrets,
> + unsigned int flags);
>
> typedef struct _virSecretDriver virSecretDriver;
> typedef virSecretDriver *virSecretDriverPtr;
> @@ -1588,6 +1592,7 @@ struct _virSecretDriver {
>
> virDrvNumOfSecrets numOfSecrets;
> virDrvListSecrets listSecrets;
> + virDrvListAllSecrets listAllSecrets;
> virDrvSecretLookupByUUID lookupByUUID;
> virDrvSecretLookupByUsage lookupByUsage;
> virDrvSecretDefineXML defineXML;
> diff --git a/src/libvirt.c b/src/libvirt.c
> index cae9bc9..6a9be6d 100644
> --- a/src/libvirt.c
> +++ b/src/libvirt.c
> @@ -14594,6 +14594,72 @@ error:
> }
>
> /**
> + * virConnectListAllSecrets:
> + * @conn: Pointer to the hypervisor connection.
> + * @secrets: Pointer to a variable to store the array containing the secret
> + * objects or NULL if the list is not required (just returns the
> + * number of secrets).
> + * @flags: extra flags; not used yet, so callers should always pass 0
> + *
> + * Collect the list of secrets, and allocate an array to store those
> + * objects.
> + *
> + * Normally, all secrets are returned; however, @flags can be used to
> + * filter the results for a smaller list of targeted secrets. The valid
> + * flags are divided into groups, where each group contains bits that
> + * describe mutually exclusive attributes of a secret, and where all bits
> + * within a group describe all possible secrets.
> + *
> + * The first group of @flags is VIR_CONNECT_LIST_SECRETS_EPHEMERAL(kept in
> + * memory, not persistent) and VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL
> + * (nor ephemeral) to filter the secrets by whether it's ephemeral or not.
I'd rephrase this paragraph a little bit:
The first group of @flags is used to filter the list by storage location
of the secret. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL selects secrets
that are kept only in memory. Flag VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL
selects secrets that are allowed to be kept in persistent storage.
(In any case, it'd be best if Eric would state his opinion on this :) )
> + *
> + * The second group of @flags is VIR_CONNECT_LIST_SECRETS_PRIVATE
> + * (not revealed to any caller of libvirt, nor to any other node)
> + * and VIR_CONNECT_LIST_SECRETS_NO_PRIVATE (not private), to filter
> + * the secrets by whether it's private or not.
This paragraph also contains a lot of redundant information:
The second group of @flags allows filtering secrets by privacy. When
flag VIR_CONNECT_LIST_SECRETS_PRIVATE is specified secrets that are
never revealed to any caller of libvirt nor to any other node are
returned. Flag VIR_CONNECT_LIST_SECRETS_NO_PRIVATE can be used to select
non-private secrets.
> + *
> + * Returns the number of secrets found or -1 and sets @secrets to NULL in case
> + * of error. On success, the array stored into @secrets is guaranteed to
> + * have an extra allocated element set to NULL but not included in the return count,
> + * to make iteration easier. The caller is responsible for calling
> + * virSecretFree() on each array element, then calling free() on @secrets.
> + */
> +int
> +virConnectListAllSecrets(virConnectPtr conn,
> + virSecretPtr **secrets,
> + unsigned int flags)
> +{
> + VIR_DEBUG("conn=%p, secrets=%p, flags=%x", conn, secrets, flags);
> +
> + virResetLastError();
> +
> + if (secrets)
> + *secrets = NULL;
> +
> + if (!VIR_IS_CONNECT(conn)) {
> + virLibConnError(VIR_ERR_INVALID_CONN, __FUNCTION__);
> + virDispatchError(NULL);
> + return -1;
> + }
> +
> + if (conn->secretDriver &&
> + conn->secretDriver->listAllSecrets) {
> + int ret;
> + ret = conn->secretDriver->listAllSecrets(conn, secrets, flags);
> + if (ret < 0)
> + goto error;
> + return ret;
> + }
> +
> + virLibConnError(VIR_ERR_NO_SUPPORT, __FUNCTION__);
> +
> +error:
> + virDispatchError(conn);
> + return -1;
> +}
> +
> +/**
> * virConnectListSecrets:
> * @conn: virConnect connection
> * @uuids: Pointer to an array to store the UUIDs
> diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms
> index a918bc8..828b315 100644
> --- a/src/libvirt_public.syms
> +++ b/src/libvirt_public.syms
> @@ -560,6 +560,7 @@ LIBVIRT_0.10.2 {
> virConnectListAllNetworks;
> virConnectListAllNodeDevices;
> virConnectListAllNWFilters;
> + virConnectListAllSecrets;
> virConnectListAllStoragePools;
> virStoragePoolListAllVolumes;
> } LIBVIRT_0.10.0;
>
Otherwise the code is OK. So ACK if somebody speaks his opinion on the
docs and you fix the commit message.
Peter
More information about the libvir-list
mailing list