[libvirt] [PATCH v2 0/8] Add IV Secret Object support

Michal Privoznik mprivozn at redhat.com
Thu May 5 04:52:00 UTC 2016 

On 02.05.2016 23:51, John Ferlan wrote:
> v1 here (specifically patches 11 & 12)
> http://www.redhat.com/archives/libvir-list/2016-April/msg01077.html
> 
> What's new/changed:
> 
> Patches 1-3 address comments made by Jan in his review of v1.
> 
> Patch 4 is essentially following through on the Patch 3 comment
> 
> Patch 5 was part of patch 11, but I split it out for easier review
> 
> Patch 6 is the remainder of the former patch 11. Other than using the
> ...SECRET_INFO_TYPE_xxx nomenclature, no other real changes.
> 
> Patch 7 was part of patch 12, but I split it out to reduce the amount
> to review.  Beyond the aforementioned ...SECRET_INFO_TYPE_xxx changes,
> I removed qemuDomainSecretInfoGetAlias.  Initially created to help with
> any hotplug code, but that's not necessary, so remove it for now. It was
> brought up on Jan's comments as well. Create qemuDomainSecretSetup in
> order to address Jan's other comment about a common API
> 
> This code could be merged with patch 8, but separating it *and* leaving
> qemuDomainSecretHaveEncrypt essentially brain-dead worked made for a
> shorter pile to look at
> 
> Patch 8 is the remainder of patch 12.  I investigated extracting the
> iSCSI and RBD code out, but it really just didn't make practice sense.
> I altered qemuBuildSecretIVCommandLine to just access the IV alias directly
> since the callers were adjusted to only try to build the IV object if
> necessary. The qemuBuild{Disk|Hostdev}iSCSICommandLine were renamed to
> qemuBuild{Disk|Hostdev}SecinfoCommandLine and each encapsulated the
> call to qemuBuildSecretIVCommandLine rather than inlining it in each
> of the callers
> 
> The qemuDomainSecretHaveEncrypt will not be braindead.
> 
> None of the tests changed, so it doesn't seem I messed anything up
> with all the requested adjustments.
> 
> John Ferlan (8):
>   qemu: Adjust names of qemuDomainSecretInfoType enums
>   qemu: Split out the master key create and write
>   qemu: Move qemuDomainSecretPrepare to qemuProcessPrepareDomain
>   qemu: Move qemuDomainSecretDestroy to qemuProcessLaunch
>   qemu: Separate network URI command building code
>   qemu: Introduce qemuDomainSecretIV
>   qemu: Introduce new Secret IV API's
>   qemu: Utilize qemu secret objects for SCSI/RBD auth/secret
> 
>  configure.ac                                       |   1 +
>  src/qemu/qemu_alias.c                              |  23 ++
>  src/qemu/qemu_alias.h                              |   2 +
>  src/qemu/qemu_command.c                            | 359 +++++++++++++++++++--
>  src/qemu/qemu_domain.c                             | 242 ++++++++++++--
>  src/qemu/qemu_domain.h                             |  34 +-
>  src/qemu/qemu_hotplug.c                            |   6 +-
>  src/qemu/qemu_process.c                            |  23 +-
>  ...uxml2argv-disk-drive-network-iscsi-auth-IV.args |  39 +++
>  ...muxml2argv-disk-drive-network-iscsi-auth-IV.xml |  43 +++
>  ...emuxml2argv-disk-drive-network-rbd-auth-IV.args |  31 ++
>  ...qemuxml2argv-disk-drive-network-rbd-auth-IV.xml |  42 +++
>  ...emuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args |  41 +++
>  ...qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml |  48 +++
>  ...xml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args |  43 +++
>  ...uxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml |  48 +++
>  tests/qemuxml2argvmock.c                           |  31 +-
>  tests/qemuxml2argvtest.c                           |  19 ++
>  18 files changed, 1009 insertions(+), 66 deletions(-)
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-IV.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-IV.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-lsi-iscsi-auth-IV.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-IV.xml
> 

Looking good. ACK series, but please see my comment to the last patch
before pushing.

Michal

More information about the libvir-list mailing list