[libvirt] [PATCH v2 0/8] Add IV Secret Object support
Michal Privoznik
mprivozn at redhat.com
Thu May 5 04:52:00 UTC 2016
On 02.05.2016 23:51, John Ferlan wrote:
> v1 here (specifically patches 11 & 12)
> http://www.redhat.com/archives/libvir-list/2016-April/msg01077.html
>
> What's new/changed:
>
> Patches 1-3 address comments made by Jan in his review of v1.
>
> Patch 4 is essentially following through on the Patch 3 comment
>
> Patch 5 was part of patch 11, but I split it out for easier review
>
> Patch 6 is the remainder of the former patch 11. Other than using the
> ...SECRET_INFO_TYPE_xxx nomenclature, no other real changes.
>
> Patch 7 was part of patch 12, but I split it out to reduce the amount
> to review. Beyond the aforementioned ...SECRET_INFO_TYPE_xxx changes,
> I removed qemuDomainSecretInfoGetAlias. Initially created to help with
> any hotplug code, but that's not necessary, so remove it for now. It was
> brought up on Jan's comments as well. Create qemuDomainSecretSetup in
> order to address Jan's other comment about a common API
>
> This code could be merged with patch 8, but separating it *and* leaving
> qemuDomainSecretHaveEncrypt essentially brain-dead worked made for a
> shorter pile to look at
>
> Patch 8 is the remainder of patch 12. I investigated extracting the
> iSCSI and RBD code out, but it really just didn't make practice sense.
> I altered qemuBuildSecretIVCommandLine to just access the IV alias directly
> since the callers were adjusted to only try to build the IV object if
> necessary. The qemuBuild{Disk|Hostdev}iSCSICommandLine were renamed to
> qemuBuild{Disk|Hostdev}SecinfoCommandLine and each encapsulated the
> call to qemuBuildSecretIVCommandLine rather than inlining it in each
> of the callers
>
> The qemuDomainSecretHaveEncrypt will not be braindead.
>
> None of the tests changed, so it doesn't seem I messed anything up
> with all the requested adjustments.
>
> John Ferlan (8):
> qemu: Adjust names of qemuDomainSecretInfoType enums
> qemu: Split out the master key create and write
> qemu: Move qemuDomainSecretPrepare to qemuProcessPrepareDomain
> qemu: Move qemuDomainSecretDestroy to qemuProcessLaunch
> qemu: Separate network URI command building code
> qemu: Introduce qemuDomainSecretIV
> qemu: Introduce new Secret IV API's
> qemu: Utilize qemu secret objects for SCSI/RBD auth/secret
>
> configure.ac | 1 +
> src/qemu/qemu_alias.c | 23 ++
> src/qemu/qemu_alias.h | 2 +
> src/qemu/qemu_command.c | 359 +++++++++++++++++++--
> src/qemu/qemu_domain.c | 242 ++++++++++++--
> src/qemu/qemu_domain.h | 34 +-
> src/qemu/qemu_hotplug.c | 6 +-
> src/qemu/qemu_process.c | 23 +-
> ...uxml2argv-disk-drive-network-iscsi-auth-IV.args | 39 +++
> ...muxml2argv-disk-drive-network-iscsi-auth-IV.xml | 43 +++
> ...emuxml2argv-disk-drive-network-rbd-auth-IV.args | 31 ++
> ...qemuxml2argv-disk-drive-network-rbd-auth-IV.xml | 42 +++
> ...emuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args | 41 +++
> ...qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml | 48 +++
> ...xml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args | 43 +++
> ...uxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml | 48 +++
> tests/qemuxml2argvmock.c | 31 +-
> tests/qemuxml2argvtest.c | 19 ++
> 18 files changed, 1009 insertions(+), 66 deletions(-)
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.xml
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.xml
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml
>
Looking good. ACK series, but please see my comment to the last patch
before pushing.
Michal
More information about the libvir-list
mailing list