On Mon, Jun 13, 2016 at 20:27:54 -0400, John Ferlan wrote: > Add parse and format of the luks/key secret including tests for > volume XML parsing. > > Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> > --- > docs/formatsecret.html.in | 7 +++- > docs/formatstorageencryption.html.in | 24 +++++++++++- > docs/schemas/storagecommon.rng | 3 ++ > src/qemu/qemu_process.c | 6 +++ > src/storage/storage_backend.c | 3 +- > src/storage/storage_backend_fs.c | 7 +++- > src/storage/storage_backend_gluster.c | 2 + > src/util/virstorageencryption.c | 4 +- > src/util/virstorageencryption.h | 2 + > tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml | 41 ++++++++++++++++++++ > .../qemuxml2xmlout-luks-disks.xml | 45 ++++++++++++++++++++++ > tests/qemuxml2xmltest.c | 1 + > tests/storagevolxml2xmlin/vol-luks.xml | 21 ++++++++++ > tests/storagevolxml2xmlout/vol-luks.xml | 21 ++++++++++ > tests/storagevolxml2xmltest.c | 1 + > 15 files changed, 181 insertions(+), 7 deletions(-) > create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml > create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml > create mode 100644 tests/storagevolxml2xmlin/vol-luks.xml > create mode 100644 tests/storagevolxml2xmlout/vol-luks.xml [] > diff --git a/docs/formatstorageencryption.html.in b/docs/formatstorageencryption.html.in > index 048cc8e..ae2e815 100644 > --- a/docs/formatstorageencryption.html.in > +++ b/docs/formatstorageencryption.html.in > @@ -59,8 +59,20 @@ > the <code>secret</code> element is not present during volume creation, > a secret is automatically generated and attached to the volume. > </p> > + <h3><a name="StorageEncryptionLuks">"luks" format</a></h3> > + <p> > + The <code>luks</code> format is specific to a luks encrypted volume > + and the secret used in order to either encrypt or decrypt the volume. > + A single <code><secret type='key'></code> element is expected. I've explained in some other patch why 'key' is not a desired name. > + The secret may be referenced via either a <code>uuid</code> or > + <code>usage</code> attribute. One of the two must be present. When > + present for volume creation, the secret will be used in order for > + volume encryption. When present for domain usage, the secret will > + be used as the key to decrypt the volume. > + <span class="since">Since 1.3.6</span>. > + </p> > > - <h2><a name="example">Example</a></h2> > + <h2><a name="example">Examples</a></h2> > > <p> > Here is a simple example, specifying use of the <code>qcow</code> format: I'll like to see a updated version. -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list