[PATCH v2 0/4] Add a domain masterKey secret for qemu,

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

v1: http://www.redhat.com/archives/libvir-list/2016-March/msg01206.html

Patch 1 is already ACK'd. I assume this code won't go into 1.3.3, but
would hopefully be early in 1.3.4 and I didn't want to break up the
capability bits across releases...

Differences to v1

 - Patch 2 is new - it's taking the virUUIDGenerateRandomBytes and making
   it generic since we'll use it in Patch 3 (it already opens/reads from
   /dev/urandom, so I figured it'd be better to share than cut, copy, paste).

 - Patch 3 has changes from review:

   * Less comments in qemuDomainGetMasterKeyFilePath

   * Master key no longer base64 encoded to be written (or read). Instead
     the Write code will open, truncate, and write the secret directly.
     The Read code will read the secret directly

   * The fallback algorithm for key generation uses virGenerateRandomBytes

   * Changed 'masterKey' from "char *" to "uint8_t *" and added the
     masterKeyLen

 - Patch 4 changes in order to tell qemu the format of the file is 'raw'.
   Also affects test .args file


Removed references to encode/decode, adjusted commit messages.

Ran through Coverity checker... happy...

Created a domain that would pass/read the file...  Killed libvirtd, restarted
and read the masterKey file properly. Also ensured the #else of the secret
generation compiled...

John Ferlan (4):
  qemu: Add capability bit for qemu secret object
  util: Introduce virGenerateRandomBytes
  qemu: Create domain master key
  qemu: Introduce qemuBuildMasterKeyCommandLine

 src/libvirt_private.syms                           |   1 +
 src/qemu/qemu_alias.c                              |  17 ++
 src/qemu/qemu_alias.h                              |   3 +
 src/qemu/qemu_capabilities.c                       |   2 +
 src/qemu/qemu_capabilities.h                       |   1 +
 src/qemu/qemu_command.c                            |  68 ++++++
 src/qemu/qemu_domain.c                             | 252 +++++++++++++++++++++
 src/qemu/qemu_domain.h                             |  15 ++
 src/qemu/qemu_process.c                            |  11 +
 src/util/virutil.c                                 |  36 +++
 src/util/virutil.h                                 |   3 +
 src/util/viruuid.c                                 |  30 +--
 tests/qemucapabilitiesdata/caps_2.6.0-1.caps       |   1 +
 tests/qemucapabilitiesdata/caps_2.6.0-1.replies    |   3 +
 .../qemuxml2argvdata/qemuxml2argv-master-key.args  |  23 ++
 tests/qemuxml2argvdata/qemuxml2argv-master-key.xml |  30 +++
 tests/qemuxml2argvtest.c                           |   2 +
 17 files changed, 469 insertions(+), 29 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-master-key.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-master-key.xml

-- 
2.5.5

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]