[PATCH RFC 00/16] Add support for LUKS encrypted devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Patches 1-3 were posted separately:

http://www.redhat.com/archives/libvir-list/2016-June/msg00256.html

But perhaps seeing the final direction will make things more clear as
to why a "real" flag system wasn't used and keeping the current paradigm
of constant value returns still works just fine.

Patches 4-5 were posted separately:

http://www.redhat.com/archives/libvir-list/2016-June/msg00091.html  (4)
http://www.redhat.com/archives/libvir-list/2016-June/msg00094.html  (5)

Although at one point patch 4 had an ACK:

http://www.redhat.com/archives/libvir-list/2016-May/msg02115.html

It wasn't clear if the more recent review rescinded that, so it still
remains "in the list". I understand the concern about adding secret to
cfg.mk checking, but without a better idea of how to handle - I left
things as they were.

Patches 6-16 are all new. Some parts are separable, but rather than continue
piecemeal I just figured going with an RFC will at least 

Patch 6 is only there to "prove" that using the current encryption paradigm
XML still works, although if I've read the tea leaves correctly, the qemu
support isn't working as desired/expected.

Patch 7 adds "usage" as an XML attribute for encryption and the associated
tests with that. I've chosen to "reuse" the <encryption> XML element rather
than inventing something new.  I'm not opposed to something new, but let's
decide up a name quickly...

Patch 8-9 adds the ability for the storage backend to create/recognize a
luks volume

Patches 10-13 adds support for luks encryption in the storage backend.
The new "<secret>" format uses "luks" as the usage type and "<key>" as
the 'name'. If those names cause angst, I'm fine with changing, but just
give a better suggestion!  Adding <cipher> and <ivgen> were a result of
using qemu constructs from qemu commit id '3e308f20'. Since we are parsing
something new, I figure failing in the domain parse code for this new type
was acceptible as opposed to some post processing check.

Patches 14-16 adds support for luks encryption to the domain using
<encryption type='luks'... <secret format='key' usage/uuid='xxx'>>

I've tested using a "good" and "bad" password and got the expected results
for starting a domain.  I did not add 'virsh vol-create-as' support just
yet. I figured that would be less to go back and redo if the names of
elements changes.  I've also run the changes through Coverity with no
new issues detected.

The whole series is a result of the following bz:

https://bugzilla.redhat.com/show_bug.cgi?id=1301021


John Ferlan (16):
  storage: Adjust qemu-img switches check
  storage: Create helper to set backing for CreateQemuImg code
  storage: Create helper to set options for CreateQemuImg code
  storage: Use virSecretGetSecretString
  secret: Move virStorageSecretType to secret_util and rename
  tests: Adjust tests for encrypted storage
  util: Add 'usage' for encryption
  util: Modify the FileTypeInfo for meta data checks
  util: Add 'luks' to the FileTypeInfo
  conf: Add new secret type "luks"
  encryption: Add luks parsing for storageencryption
  encryption: Add <cipher> and <ivgen> to encryption
  storage: Add support to create a luks volume
  qemu: Change protocol parameter for secret setup
  qemu: Remove authdef from secret setup
  qemu: Add luks support for domain disk

 cfg.mk                                             |   2 +-
 docs/aclpolkit.html.in                             |   4 +
 docs/formatsecret.html.in                          |  60 ++-
 docs/formatstorageencryption.html.in               | 115 ++++-
 docs/schemas/secret.rng                            |  10 +
 docs/schemas/storagecommon.rng                     |  58 ++-
 include/libvirt/libvirt-secret.h                   |   3 +-
 src/Makefile.am                                    |   1 +
 src/access/viraccessdriverpolkit.c                 |  13 +
 src/conf/domain_conf.c                             |  11 +
 src/conf/secret_conf.c                             |  26 +-
 src/conf/secret_conf.h                             |   3 +-
 src/conf/virsecretobj.c                            |   5 +
 src/libvirt_private.syms                           |   1 +
 src/libxl/libxl_conf.c                             |   2 +-
 src/qemu/qemu_command.c                            |   8 +-
 src/qemu/qemu_domain.c                             | 154 ++++---
 src/qemu/qemu_process.c                            |  18 +-
 src/secret/secret_util.c                           |  18 +-
 src/secret/secret_util.h                           |  22 +-
 src/storage/storage_backend.c                      | 480 +++++++++++++++------
 src/storage/storage_backend.h                      |   3 +-
 src/storage/storage_backend_fs.c                   |  10 +-
 src/storage/storage_backend_gluster.c              |   2 +
 src/storage/storage_backend_iscsi.c                |  55 +--
 src/storage/storage_backend_rbd.c                  |  49 +--
 src/util/virendian.h                               |  24 ++
 src/util/virqemu.c                                 |  23 +
 src/util/virqemu.h                                 |   6 +
 src/util/virstorageencryption.c                    | 166 ++++++-
 src/util/virstorageencryption.h                    |  18 +-
 src/util/virstoragefile.c                          | 125 ++++--
 src/util/virstoragefile.h                          |  18 +-
 tests/qemuargv2xmltest.c                           |   4 +-
 .../qemuxml2argv-encrypted-disk-usage.args         |  24 ++
 .../qemuxml2argv-encrypted-disk-usage.xml          |  32 ++
 .../qemuxml2argv-encrypted-disk.args               |  26 +-
 .../qemuxml2argv-encrypted-disk.xml                |   4 +-
 .../qemuxml2argv-luks-disk-cipher.args             |  36 ++
 .../qemuxml2argv-luks-disk-cipher.xml              |  41 ++
 .../qemuxml2argvdata/qemuxml2argv-luks-disks.args  |  36 ++
 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml |  41 ++
 tests/qemuxml2argvtest.c                           |  14 +-
 .../qemuxml2xmlout-encrypted-disk-usage.xml        |  36 ++
 .../qemuxml2xmlout-encrypted-disk.xml              |   4 +-
 .../qemuxml2xmlout-luks-disk-cipher.xml            |  45 ++
 .../qemuxml2xmlout-luks-disks.xml                  |  45 ++
 tests/qemuxml2xmltest.c                            |   3 +
 tests/secretxml2xmlin/usage-luks.xml               |   7 +
 tests/secretxml2xmltest.c                          |   1 +
 tests/storagevolxml2argvdata/qcow2-flag.argv       |   2 -
 .../qcow2-nobacking-convert-flag.argv              |   2 -
 .../qcow2-nobacking-convert-none.argv              |   2 -
 .../qcow2-nobacking-flag.argv                      |   1 -
 .../qcow2-nobacking-none.argv                      |   1 -
 tests/storagevolxml2argvdata/qcow2-none.argv       |   1 -
 tests/storagevolxml2argvtest.c                     |  25 +-
 tests/storagevolxml2xmlin/vol-luks-cipher.xml      |  23 +
 tests/storagevolxml2xmlin/vol-luks.xml             |  21 +
 tests/storagevolxml2xmlout/vol-luks-cipher.xml     |  23 +
 tests/storagevolxml2xmlout/vol-luks.xml            |  21 +
 tests/storagevolxml2xmltest.c                      |   2 +
 tests/virendiantest.c                              |  18 +
 63 files changed, 1619 insertions(+), 435 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml
 create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-encrypted-disk-usage.xml
 create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml
 create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
 create mode 100644 tests/secretxml2xmlin/usage-luks.xml
 delete mode 100644 tests/storagevolxml2argvdata/qcow2-flag.argv
 delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-convert-flag.argv
 delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-convert-none.argv
 delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-flag.argv
 delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-none.argv
 delete mode 100644 tests/storagevolxml2argvdata/qcow2-none.argv
 create mode 100644 tests/storagevolxml2xmlin/vol-luks-cipher.xml
 create mode 100644 tests/storagevolxml2xmlin/vol-luks.xml
 create mode 100644 tests/storagevolxml2xmlout/vol-luks-cipher.xml
 create mode 100644 tests/storagevolxml2xmlout/vol-luks.xml

-- 
2.5.5

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]