[libvirt] [PATCH 00/19] Add support for LUKS encrypted devices
John Ferlan
jferlan at redhat.com
Tue Jun 14 00:27:39 UTC 2016
See RFC:
http://www.redhat.com/archives/libvir-list/2016-June/msg00312.html
For: https://bugzilla.redhat.com/show_bug.cgi?id=1301021
Changes since RFC:
1. Address Dan's comment regarding providing secinfo objects for both
secret for RBD as well as secret for LUKS
2. Remove code from secret/secret_util.{h,c} and need for including
"secret/secret_util.h" (as well as cfg.mk change)
3. Change secret usage name from "luks" to "key". The "key" secret type
will be reused for work I have in other local trees (eg. TLS)
4. Reorder the patches a bit. Patches 1-9 are more or less setup
for patches 10-19.
John Ferlan (19):
storage: Adjust qemu-img switches check
storage: Create helper to set backing for CreateQemuImg code
storage: Create helper to set options for CreateQemuImg code
storage: Use virSecretGetSecretString
secret: Move virStorageSecretType and rename
util: Move and rename virStorageAuthDefParseSecret
util: Introduce virSecretFormatSecret
qemu: Change protocol parameter for secret setup
qemu: Remove authdef from secret setup
tests: Adjust tests for encrypted storage
util: Add 'usage' for encryption
util: Modify the FileTypeInfo for meta data checks
util: Add 'luks' to the FileTypeInfo
conf: Add new secret type "key"
encryption: Add luks parsing for storageencryption
encryption: Add <cipher> and <ivgen> to encryption
storage: Add support to create a luks volume
qemu: Add new secret info type
qemu: Add luks support for domain disk
docs/aclpolkit.html.in | 4 +
docs/formatsecret.html.in | 62 ++-
docs/formatstorageencryption.html.in | 115 ++++-
docs/schemas/secret.rng | 10 +
docs/schemas/storagecommon.rng | 58 ++-
include/libvirt/libvirt-secret.h | 3 +-
po/POTFILES.in | 1 +
src/Makefile.am | 2 +
src/access/viraccessdriverpolkit.c | 13 +
src/conf/domain_conf.c | 11 +
src/conf/secret_conf.c | 26 +-
src/conf/secret_conf.h | 3 +-
src/conf/virsecretobj.c | 5 +
src/libvirt_private.syms | 8 +
src/libxl/libxl_conf.c | 2 +-
src/qemu/qemu_command.c | 12 +-
src/qemu/qemu_domain.c | 148 ++++---
src/qemu/qemu_domain.h | 5 +
src/qemu/qemu_process.c | 19 +-
src/secret/secret_util.c | 18 +-
src/secret/secret_util.h | 10 +-
src/storage/storage_backend.c | 480 +++++++++++++++------
src/storage/storage_backend.h | 3 +-
src/storage/storage_backend_fs.c | 10 +-
src/storage/storage_backend_gluster.c | 2 +
src/storage/storage_backend_iscsi.c | 54 +--
src/storage/storage_backend_rbd.c | 49 +--
src/util/virendian.h | 24 ++
src/util/virqemu.c | 23 +
src/util/virqemu.h | 6 +
src/util/virsecret.c | 127 ++++++
src/util/virsecret.h | 56 +++
src/util/virstorageencryption.c | 156 ++++++-
src/util/virstorageencryption.h | 18 +-
src/util/virstoragefile.c | 196 ++++-----
src/util/virstoragefile.h | 18 +-
tests/qemuargv2xmltest.c | 4 +-
.../qemuxml2argv-encrypted-disk-usage.args | 24 ++
.../qemuxml2argv-encrypted-disk-usage.xml | 32 ++
.../qemuxml2argv-encrypted-disk.args | 26 +-
.../qemuxml2argv-encrypted-disk.xml | 4 +-
.../qemuxml2argv-luks-disk-cipher.args | 36 ++
.../qemuxml2argv-luks-disk-cipher.xml | 41 ++
.../qemuxml2argvdata/qemuxml2argv-luks-disks.args | 36 ++
tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml | 41 ++
tests/qemuxml2argvtest.c | 14 +-
.../qemuxml2xmlout-encrypted-disk-usage.xml | 36 ++
.../qemuxml2xmlout-encrypted-disk.xml | 4 +-
.../qemuxml2xmlout-luks-disk-cipher.xml | 45 ++
.../qemuxml2xmlout-luks-disks.xml | 45 ++
tests/qemuxml2xmltest.c | 3 +
tests/secretxml2xmlin/usage-key.xml | 7 +
tests/secretxml2xmltest.c | 1 +
tests/storagevolxml2argvdata/qcow2-flag.argv | 2 -
.../qcow2-nobacking-convert-flag.argv | 2 -
.../qcow2-nobacking-convert-none.argv | 2 -
.../qcow2-nobacking-flag.argv | 1 -
.../qcow2-nobacking-none.argv | 1 -
tests/storagevolxml2argvdata/qcow2-none.argv | 1 -
tests/storagevolxml2argvtest.c | 25 +-
tests/storagevolxml2xmlin/vol-luks-cipher.xml | 23 +
tests/storagevolxml2xmlin/vol-luks.xml | 21 +
tests/storagevolxml2xmlout/vol-luks-cipher.xml | 23 +
tests/storagevolxml2xmlout/vol-luks.xml | 21 +
tests/storagevolxml2xmltest.c | 2 +
tests/virendiantest.c | 18 +
66 files changed, 1792 insertions(+), 506 deletions(-)
create mode 100644 src/util/virsecret.c
create mode 100644 src/util/virsecret.h
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-encrypted-disk-usage.xml
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
create mode 100644 tests/secretxml2xmlin/usage-key.xml
delete mode 100644 tests/storagevolxml2argvdata/qcow2-flag.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-convert-flag.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-convert-none.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-flag.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-none.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-none.argv
create mode 100644 tests/storagevolxml2xmlin/vol-luks-cipher.xml
create mode 100644 tests/storagevolxml2xmlin/vol-luks.xml
create mode 100644 tests/storagevolxml2xmlout/vol-luks-cipher.xml
create mode 100644 tests/storagevolxml2xmlout/vol-luks.xml
--
2.5.5
More information about the libvir-list
mailing list