[PATCH v3 3/5] conf: add luks2 encryption format
Peter Krempa
pkrempa at redhat.com
Thu Oct 7 08:04:21 UTC 2021
On Wed, Oct 06, 2021 at 05:18:44 -0500, Or Ozeri wrote:
> This commit extends libvirt XML configuration to support luks2 encryption format.
> This means that <encryption format="luks2"> becomes valid.
> Actual handler (other than returning "not supported") for this new format will be added in an upcoming commit.
>
> Signed-off-by: Or Ozeri <oro at il.ibm.com>
> ---
> docs/formatstorageencryption.html.in | 2 +-
> docs/schemas/storagecommon.rng | 1 +
> src/conf/storage_encryption_conf.c | 2 +-
> src/conf/storage_encryption_conf.h | 1 +
> src/qemu/qemu_block.c | 1 +
> src/qemu/qemu_domain.c | 3 ++-
> 6 files changed, 7 insertions(+), 3 deletions(-)
> diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
[...]
> index 393d3f44d7..31b6b3566b 100644
> --- a/src/qemu/qemu_block.c
> +++ b/src/qemu/qemu_block.c
> @@ -1328,6 +1328,7 @@ qemuBlockStorageSourceGetCryptoProps(virStorageSource *src,
> break;
>
> case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT:
> + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2:
> case VIR_STORAGE_ENCRYPTION_FORMAT_LAST:
> default:
> virReportEnumRangeError(virStorageEncryptionFormatType,
One more thing. We definitely want code in qemu_validate.c rejecting
LUKS2 as encryption format for qcow2 and all others that don't support
it.
Doing it here is too late as this code is called only when starting the
VM, but not when the XML is defined.
More information about the libvir-list
mailing list