Re: [PATCH v4 0/7] Add support for LUKS encrypted devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 07/11/2016 02:07 PM, John Ferlan wrote:
> According to Dan's post commit response:
> 
> http://www.redhat.com/archives/libvir-list/2016-July/msg00088.html
> 
> to the v3 series:
> 
> http://www.redhat.com/archives/libvir-list/2016-June/msg01935.html
> 
> using a 'passphrase' usage is not desired, rather a 'volume' usage
> model should be used for LUKS.  
> 
> So patches 1 & 2 make those alterations to already pushed docs and tests
> 
> Patch 3 then repurposes the 'passphrase' usage to a 'tls' usage type.
> I posted with this series since it removed the 'passphrase' usage and
> thus flushed out any errors in subsequent patches. I could hold off and
> repost it with the TLS changes that will also need to be made...
> 
> Patches 4-7 were reviewed previously and had been given what I took
> as provisional ACK's; however, I reposted the changes after the most
> recent review "just in case". Fortunately (I guess) I didn't push
> them along with the other changes.  In any case, there are once again
> posted here - the primary difference between what's posted in this
> series vs. what was posted previously is the change to use a "volume"
> secret plus a tweak to the qemuxml2argvtest to fix some issues found
> while making the change.
> 
> John Ferlan (7):
>   tests: Adjust LUKS tests to use 'volume' secret type
>   docs: Update docs to reflect LUKS secret changes
>   Repurpose the 'passphrase' secret to 'tls'
>   storage: Add support to create a luks volume
>   qemu: Add secinfo for hotplug virtio disk
>   qemu: Alter the qemuDomainGetSecretAESAlias to add new arg
>   qemu: Add luks support for domain disk
> 
>  docs/aclpolkit.html.in                             |   2 +-
>  docs/formatsecret.html.in                          |  81 +++++---
>  docs/formatstorage.html.in                         |  16 ++
>  docs/formatstorageencryption.html.in               |  29 ++-
>  docs/schemas/secret.rng                            |   6 +-
>  include/libvirt/libvirt-secret.h                   |   2 +-
>  src/access/viraccessdriverpolkit.c                 |   2 +-
>  src/conf/secret_conf.c                             |  12 +-
>  src/conf/virsecretobj.c                            |   2 +-
>  src/libvirt_private.syms                           |   1 +
>  src/qemu/qemu_alias.c                              |  10 +-
>  src/qemu/qemu_alias.h                              |   3 +-
>  src/qemu/qemu_command.c                            |   9 +
>  src/qemu/qemu_domain.c                             |  40 +++-
>  src/qemu/qemu_hotplug.c                            | 126 +++++++++++-
>  src/storage/storage_backend.c                      | 218 +++++++++++++++++++--
>  src/storage/storage_backend.h                      |   3 +-
>  src/util/virqemu.c                                 |  23 +++
>  src/util/virqemu.h                                 |   6 +
>  .../qemuxml2argv-luks-disk-cipher.xml              |  45 -----
>  .../qemuxml2argvdata/qemuxml2argv-luks-disks.args  |  36 ++++
>  tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml |   2 +-
>  tests/qemuxml2argvtest.c                           |  24 ++-
>  .../qemuxml2xmlout-luks-disk-cipher.xml            |   1 -
>  tests/qemuxml2xmltest.c                            |   1 -
>  tests/secretxml2xmlin/usage-passphrase.xml         |   7 -
>  tests/secretxml2xmlin/usage-tls.xml                |   7 +
>  tests/secretxml2xmltest.c                          |   2 +-
>  tests/storagevolxml2argvtest.c                     |   3 +-
>  tests/storagevolxml2xmlin/vol-luks-cipher.xml      |   2 +-
>  tests/storagevolxml2xmlin/vol-luks.xml             |   2 +-
>  tests/storagevolxml2xmlout/vol-luks-cipher.xml     |   2 +-
>  tests/storagevolxml2xmlout/vol-luks.xml            |   2 +-
>  33 files changed, 577 insertions(+), 150 deletions(-)
>  delete mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args
>  delete mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml
>  delete mode 100644 tests/secretxml2xmlin/usage-passphrase.xml
>  create mode 100644 tests/secretxml2xmlin/usage-tls.xml
> 

Based on the ACK's here and the changes already ACK'd/pushed for
adjusting the hotplug error paths, I've made the appropriate alterations
here as requested in code review and as a result of the hotplug changes
and pushed this.

Again, thanks for the persistence on this.

John

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]