[libvirt] [PATCH v4 4/7] storage: Add support to create a luks volume
John Ferlan
jferlan at redhat.com
Fri Jul 15 18:05:56 UTC 2016
On 07/15/2016 03:17 AM, Peter Krempa wrote:
> On Thu, Jul 14, 2016 at 16:55:01 -0400, John Ferlan wrote:
>>
>>
>> [...]
>>
>>>> +
>>>> +void
>>>> +virQEMUBuildLuksOpts(virBufferPtr buf,
>>>> + virStorageEncryptionInfoDefPtr enc,
>>>> + const char *alias)
>>>> +{
>>>> + virBufferAsprintf(buf, "key-secret=%s,", alias);
>>>> +
>>>> + /* If there's any cipher, then add that to the command line */
>>>
>>>> + if (enc->cipher_name) {
>>>> + virBufferEscapeString(buf, "cipher-alg=%s-", enc->cipher_name);
>>>> + virBufferAsprintf(buf, "%u,", enc->cipher_size);
>>>> + if (enc->cipher_mode)
>>>> + virBufferEscapeString(buf, "cipher-mode=%s,",
>>>> enc->cipher_mode);
>>>> + if (enc->cipher_hash)
>>>> + virBufferEscapeString(buf, "hash-alg=%s,",
>>>> enc->cipher_hash);
>>>> + if (enc->ivgen_name)
>>>> + virBufferEscapeString(buf, "ivgen-alg=%s,",
>>>> enc->ivgen_name);
>>>> + if (enc->ivgen_hash)
>>>> + virBufferEscapeString(buf, "ivgen-hash-alg=%s,",
>>>> enc->ivgen_hash);
>>>
>>> s/virBufferEscapeString/qemuBufferEscapeComma/
>>
>> Not sure I understand what this is referencing.... Besides
>
> I'd guess that it doesn't make much sense to escape < to < and > to
> > in code that puts stuff on the command line rather to an XML and
> that it makes more sense to escape a comma in the strings with two
> commas as is usual for qemu command lines.
>
>> qemuBufferEscapeComma is static to qemu_command
>
> Extracting it to src/util/virbuffer.c could help.
>
Since it's QEMU specific I chose to put it in virqemu.c (there's patches
I posted today...)
I have to say, the result is rather ugly...
So these have gone from :
if (enc->cipher_name) {
virBufferAsprintf(buf, "cipher-alg=%s-%u,",
enc->cipher_name, enc->cipher_size);
if (enc->cipher_mode)
virBufferAsprintf(buf, "cipher-mode=%s,", enc->cipher_mode);
if (enc->cipher_hash)
virBufferAsprintf(buf, "hash-alg=%s,", enc->cipher_hash);
if (enc->ivgen_name)
virBufferAsprintf(buf, "ivgen-alg=%s,", enc->ivgen_name);
if (enc->ivgen_hash)
virBufferAsprintf(buf, "ivgen-hash-alg=%s,", enc->ivgen_hash);
}
to (assuming patches I've posted recently are accepted):
if (!enc->cipher_name)
return;
virBufferAddLit(buf, "cipher-alg=");
virQEMUBuildBufferEscapeComma(buf, enc->cipher_name);
virBufferAsprintf(buf, "-%u,", enc->cipher_size);
if (enc->cipher_mode) {
virBufferAddLit(buf, "cipher-mode=");
virQEMUBuildBufferEscapeComma(buf, enc->cipher_mode);
virBufferAddLit(buf, ",");
}
if (enc->cipher_hash) {
virBufferAddLit(buf, "hash-alg=");
virQEMUBuildBufferEscapeComma(buf, enc->cipher_hash);
virBufferAddLit(buf, ",");
}
if (!enc->ivgen_name)
return;
virBufferAddLit(buf, "cipher-name=");
virQEMUBuildBufferEscapeComma(buf, enc->ivgen_name);
virBufferAddLit(buf, ",");
if (enc->ivgen_hash) {
virBufferAddLit(buf, "ivgen-hash-alg=");
virQEMUBuildBufferEscapeComma(buf, enc->ivgen_hash);
virBufferAddLit(buf, ",");
}
All because someone could add a "," to one of those names...
John
More information about the libvir-list
mailing list