[libvirt] [PATCH v5 0/6] Add AES Secret Object support (for RBD only)
John Ferlan
jferlan at redhat.com
Thu May 19 20:28:59 UTC 2016
This is a combination of two series...
The first 2 patches are a followon to (v1 from yesterday):
http://www.redhat.com/archives/libvir-list/2016-May/msg01396.html
But there really were a offshoot of the original AES/IV Secret changes (v4):
http://www.redhat.com/archives/libvir-list/2016-May/msg01292.html
Hopefully I haven't forgotten anything along the way. There's been numerous
adjustments and changes along the way.
Patch 1 is a combination with adjustments of patches 1&2 from v1. This
should make virRandomBytes available in the virrandommock library
which then is used in later patches.
Patch 2 mostly adjust names, comments, adds #ifdef's for unavailable code
This patch will make use of the virrandommock library instead of
self-populating the enc_alg and iv_buf. Mainly because it's possible,
but also since it's the basis for later patches to utilize the same
virrandommock library.
Patch 3 splits out the existing qemuDomainGenerateRandomKey into a
vircrypto.c API. The vircrypto.c was chosen over virrandom.c
because virrandom.c ends up being included in setuid_rpc_client
and it wasn't overly clear that it was desired to drag in all
of gnutls for just this one mock function.
Patch 4 splits out the qemuDomainSecretSetup as was suggested in one review
Patch 5 is new to handle the ability to have more than one mock library
to preload from a VIRT_TEST_MAIN_PRELOAD macro. As it turns out
the qemuxml2argvtest will need not only the qemuxml2argvmock, but
also the virrandommock libraries. I went with comma separated,
but a "space" separated list is fine with me too.
Patch 6 is the remainder of the v4 of the original series. Splitting it
up with ATTRIBUTE_UNUSED markers just no longer made sense. Lots
of changes here to keep up with the previous patches, but also
to adjust error messages, variable/API names, etc. Also changed
were the secret alias (leading to adjustments in each of the .args
file for the secret alias. Along the way I also had to adjust the
expected encoded ciphertext and iv since the mock algorithm changed
from all 0xff to an increasing sequence starting at 0x00 through
the length of the buffer.
John Ferlan (6):
tests: Add mock for virRandomBytes
util: Introduce encryption APIs
util: Introduce virCryptoGenerateRandom
qemu: Introduce qemuDomainSecretSetup
tests: Allow comma separate list of libs to preload
qemu: Utilize qemu secret objects for RBD auth/secret
configure.ac | 1 +
src/libvirt_private.syms | 3 +
src/qemu/qemu_alias.c | 23 ++
src/qemu/qemu_alias.h | 2 +
src/qemu/qemu_command.c | 117 ++++++++++-
src/qemu/qemu_domain.c | 200 +++++++++++++-----
src/util/vircrypto.c | 233 ++++++++++++++++++++-
src/util/vircrypto.h | 22 +-
tests/Makefile.am | 12 ++
...muxml2argv-disk-drive-network-rbd-auth-AES.args | 31 +++
...emuxml2argv-disk-drive-network-rbd-auth-AES.xml | 42 ++++
tests/qemuxml2argvmock.c | 16 ++
tests/qemuxml2argvtest.c | 5 +-
tests/testutils.c | 12 +-
tests/vircryptotest.c | 100 ++++++++-
tests/virrandommock.c | 39 ++++
tests/virrandomtest.c | 86 ++++++++
17 files changed, 879 insertions(+), 65 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-auth-AES.xml
create mode 100644 tests/virrandommock.c
create mode 100644 tests/virrandomtest.c
--
2.5.5
More information about the libvir-list
mailing list