[libvirt] [PATCH 5/6] conf: Move <disk> encryption validation
Peter Krempa
pkrempa at redhat.com
Fri Sep 15 04:06:14 UTC 2017
On Thu, Sep 14, 2017 at 14:03:09 -0400, John Ferlan wrote:
> Rather than checking during XML processing, move the check for
> valid <encryption> into virDomainDiskDefParseValidate.
>
> Signed-off-by: John Ferlan <jferlan at redhat.com>
> ---
> src/conf/domain_conf.c | 29 +++++++++++++++++------------
> 1 file changed, 17 insertions(+), 12 deletions(-)
>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 07bda1a36..09c5bc1ae 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -8605,7 +8605,23 @@ virDomainDiskDefParseValidate(const virDomainDiskDef *def)
> }
> }
>
> - return virDomainDiskSourceDefParseAuthValidate(def->src);
> + if (virDomainDiskSourceDefParseAuthValidate(def->src) < 0)
This is the exact reason why I did not like this style in the patch that
added it.
> + return -1;
> +
> + if (def->src->encryption) {
> + virStorageEncryptionPtr encryption = def->src->encryption;
> +
> + if (encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
> + encryption->encinfo.cipher_name) {
> +
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> + _("supplying the <cipher> for a domain is "
> + "unnecessary"));
Perhaps we can improve the message now. How about:
"supplying <cipher> for domain disk definition is unnecessary" ?
> + return -1;
> + }
ACK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20170915/2447c248/attachment-0001.sig>
More information about the libvir-list
mailing list