[PATCH v3 00/10] Add support for LUKS encrypted devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



v2: http://www.redhat.com/archives/libvir-list/2016-June/msg01691.html

Changes since v2 (all as a result of code review)

Patch 1: New as a result of review comment regarding virSecretDefFormatUsage

Patch 2: Change "id" to "name", fixed the html.in, remove whitespice,
         generated patch 1 due to virSecretDefFormatUsage comment

Patch 3: Altered the html.in, don't believe the review comment for
         wrong type in qemuProcessGetVolumeQcowPassphrase is right,
         also modified the testdata output file to follow suggestion
         for changes made in patch 5 & 6

Patch 4: Was essentially ACK'd, but requires previous patches. Took care
         of the testdata output file.

Patch 5: Adjusted html.in, modified virStorageEncryptionInfoDef to have
         both cipher_* and ivgen_* params in it - affected other places
         (and fixed those), 

Patch 6: Essentially ACK'd (the chmod was removed)

Patch 7: NEW - going to need this for hot unplug...

Patch 8: Adjusted per review of this series and the other 3 patch series
         for rbd disk hot plug/unplug

Patch 9: NEW - Need to generate a different alias for LUKS

Patch 10: Mostly unchanged except to utilze the luks specific alias
          generation... also moved the unplug to right place.



John Ferlan (10):
  conf: No need to check for usage fields during Format
  conf: Add new secret type "passphrase"
  util: Add 'usage' for encryption
  encryption: Add luks parsing for storageencryption
  encryption: Add <cipher> and <ivgen> to encryption
  storage: Add support to create a luks volume
  qemu: Introduce helper qemuDomainSecretDiskCapable
  qemu: Add secinfo for hotplug virtio disk
  qemu: Alter the qemuDomainGetSecretAESAlias to add new arg
  qemu: Add luks support for domain disk

 docs/aclpolkit.html.in                             |   4 +
 docs/formatsecret.html.in                          |  62 ++++-
 docs/formatstorageencryption.html.in               | 115 ++++++++-
 docs/schemas/secret.rng                            |  10 +
 docs/schemas/storagecommon.rng                     |  57 ++++-
 include/libvirt/libvirt-secret.h                   |   3 +-
 src/access/viraccessdriverpolkit.c                 |  13 ++
 src/conf/domain_conf.c                             |  11 +
 src/conf/secret_conf.c                             |  36 ++-
 src/conf/secret_conf.h                             |   1 +
 src/conf/virsecretobj.c                            |   5 +
 src/libvirt_private.syms                           |   1 +
 src/qemu/qemu_alias.c                              |  10 +-
 src/qemu/qemu_alias.h                              |   3 +-
 src/qemu/qemu_command.c                            |   9 +
 src/qemu/qemu_domain.c                             |  58 +++--
 src/qemu/qemu_domain.h                             |   3 +
 src/qemu/qemu_hotplug.c                            | 123 +++++++++-
 src/qemu/qemu_process.c                            |  19 +-
 src/storage/storage_backend.c                      | 260 +++++++++++++++++++--
 src/storage/storage_backend.h                      |   3 +-
 src/storage/storage_backend_fs.c                   |  10 +-
 src/storage/storage_backend_gluster.c              |   2 +
 src/util/virqemu.c                                 |  23 ++
 src/util/virqemu.h                                 |   6 +
 src/util/virstorageencryption.c                    | 166 +++++++++++--
 src/util/virstorageencryption.h                    |  18 +-
 .../qemuxml2argv-encrypted-disk-usage.args         |  24 ++
 .../qemuxml2argv-encrypted-disk-usage.xml          |  36 +++
 .../qemuxml2argv-luks-disk-cipher.args             |  36 +++
 .../qemuxml2argv-luks-disk-cipher.xml              |  45 ++++
 .../qemuxml2argvdata/qemuxml2argv-luks-disks.args  |  36 +++
 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml |  45 ++++
 tests/qemuxml2argvtest.c                           |  12 +-
 .../qemuxml2xmlout-encrypted-disk-usage.xml        |   1 +
 .../qemuxml2xmlout-luks-disk-cipher.xml            |   1 +
 .../qemuxml2xmlout-luks-disks.xml                  |   1 +
 tests/qemuxml2xmltest.c                            |   3 +
 tests/secretxml2xmlin/usage-passphrase.xml         |   7 +
 tests/secretxml2xmltest.c                          |   1 +
 tests/storagevolxml2argvtest.c                     |   3 +-
 tests/storagevolxml2xmlin/vol-luks-cipher.xml      |  23 ++
 tests/storagevolxml2xmlin/vol-luks.xml             |  21 ++
 tests/storagevolxml2xmlout/vol-luks-cipher.xml     |  23 ++
 tests/storagevolxml2xmlout/vol-luks.xml            |  21 ++
 tests/storagevolxml2xmltest.c                      |   2 +
 46 files changed, 1267 insertions(+), 105 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml
 create mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-encrypted-disk-usage.xml
 create mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml
 create mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
 create mode 100644 tests/secretxml2xmlin/usage-passphrase.xml
 create mode 100644 tests/storagevolxml2xmlin/vol-luks-cipher.xml
 create mode 100644 tests/storagevolxml2xmlin/vol-luks.xml
 create mode 100644 tests/storagevolxml2xmlout/vol-luks-cipher.xml
 create mode 100644 tests/storagevolxml2xmlout/vol-luks.xml

-- 
2.5.5

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]