[libvirt] [PATCH v4 0/7] Add support for LUKS encrypted devices
John Ferlan
jferlan at redhat.com
Mon Jul 11 18:07:51 UTC 2016
According to Dan's post commit response:
http://www.redhat.com/archives/libvir-list/2016-July/msg00088.html
to the v3 series:
http://www.redhat.com/archives/libvir-list/2016-June/msg01935.html
using a 'passphrase' usage is not desired, rather a 'volume' usage
model should be used for LUKS.
So patches 1 & 2 make those alterations to already pushed docs and tests
Patch 3 then repurposes the 'passphrase' usage to a 'tls' usage type.
I posted with this series since it removed the 'passphrase' usage and
thus flushed out any errors in subsequent patches. I could hold off and
repost it with the TLS changes that will also need to be made...
Patches 4-7 were reviewed previously and had been given what I took
as provisional ACK's; however, I reposted the changes after the most
recent review "just in case". Fortunately (I guess) I didn't push
them along with the other changes. In any case, there are once again
posted here - the primary difference between what's posted in this
series vs. what was posted previously is the change to use a "volume"
secret plus a tweak to the qemuxml2argvtest to fix some issues found
while making the change.
John Ferlan (7):
tests: Adjust LUKS tests to use 'volume' secret type
docs: Update docs to reflect LUKS secret changes
Repurpose the 'passphrase' secret to 'tls'
storage: Add support to create a luks volume
qemu: Add secinfo for hotplug virtio disk
qemu: Alter the qemuDomainGetSecretAESAlias to add new arg
qemu: Add luks support for domain disk
docs/aclpolkit.html.in | 2 +-
docs/formatsecret.html.in | 81 +++++---
docs/formatstorage.html.in | 16 ++
docs/formatstorageencryption.html.in | 29 ++-
docs/schemas/secret.rng | 6 +-
include/libvirt/libvirt-secret.h | 2 +-
src/access/viraccessdriverpolkit.c | 2 +-
src/conf/secret_conf.c | 12 +-
src/conf/virsecretobj.c | 2 +-
src/libvirt_private.syms | 1 +
src/qemu/qemu_alias.c | 10 +-
src/qemu/qemu_alias.h | 3 +-
src/qemu/qemu_command.c | 9 +
src/qemu/qemu_domain.c | 40 +++-
src/qemu/qemu_hotplug.c | 126 +++++++++++-
src/storage/storage_backend.c | 218 +++++++++++++++++++--
src/storage/storage_backend.h | 3 +-
src/util/virqemu.c | 23 +++
src/util/virqemu.h | 6 +
.../qemuxml2argv-luks-disk-cipher.xml | 45 -----
.../qemuxml2argvdata/qemuxml2argv-luks-disks.args | 36 ++++
tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml | 2 +-
tests/qemuxml2argvtest.c | 24 ++-
.../qemuxml2xmlout-luks-disk-cipher.xml | 1 -
tests/qemuxml2xmltest.c | 1 -
tests/secretxml2xmlin/usage-passphrase.xml | 7 -
tests/secretxml2xmlin/usage-tls.xml | 7 +
tests/secretxml2xmltest.c | 2 +-
tests/storagevolxml2argvtest.c | 3 +-
tests/storagevolxml2xmlin/vol-luks-cipher.xml | 2 +-
tests/storagevolxml2xmlin/vol-luks.xml | 2 +-
tests/storagevolxml2xmlout/vol-luks-cipher.xml | 2 +-
tests/storagevolxml2xmlout/vol-luks.xml | 2 +-
33 files changed, 577 insertions(+), 150 deletions(-)
delete mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args
delete mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml
delete mode 100644 tests/secretxml2xmlin/usage-passphrase.xml
create mode 100644 tests/secretxml2xmlin/usage-tls.xml
--
2.5.5
More information about the libvir-list
mailing list