On 07/11/2016 02:07 PM, John Ferlan wrote: > According to Dan's post commit response: > > http://www.redhat.com/archives/libvir-list/2016-July/msg00088.html > > to the v3 series: > > http://www.redhat.com/archives/libvir-list/2016-June/msg01935.html > > using a 'passphrase' usage is not desired, rather a 'volume' usage > model should be used for LUKS. > > So patches 1 & 2 make those alterations to already pushed docs and tests > > Patch 3 then repurposes the 'passphrase' usage to a 'tls' usage type. > I posted with this series since it removed the 'passphrase' usage and > thus flushed out any errors in subsequent patches. I could hold off and > repost it with the TLS changes that will also need to be made... > > Patches 4-7 were reviewed previously and had been given what I took > as provisional ACK's; however, I reposted the changes after the most > recent review "just in case". Fortunately (I guess) I didn't push > them along with the other changes. In any case, there are once again > posted here - the primary difference between what's posted in this > series vs. what was posted previously is the change to use a "volume" > secret plus a tweak to the qemuxml2argvtest to fix some issues found > while making the change. > > John Ferlan (7): > tests: Adjust LUKS tests to use 'volume' secret type > docs: Update docs to reflect LUKS secret changes > Repurpose the 'passphrase' secret to 'tls' > storage: Add support to create a luks volume > qemu: Add secinfo for hotplug virtio disk > qemu: Alter the qemuDomainGetSecretAESAlias to add new arg > qemu: Add luks support for domain disk > > docs/aclpolkit.html.in | 2 +- > docs/formatsecret.html.in | 81 +++++--- > docs/formatstorage.html.in | 16 ++ > docs/formatstorageencryption.html.in | 29 ++- > docs/schemas/secret.rng | 6 +- > include/libvirt/libvirt-secret.h | 2 +- > src/access/viraccessdriverpolkit.c | 2 +- > src/conf/secret_conf.c | 12 +- > src/conf/virsecretobj.c | 2 +- > src/libvirt_private.syms | 1 + > src/qemu/qemu_alias.c | 10 +- > src/qemu/qemu_alias.h | 3 +- > src/qemu/qemu_command.c | 9 + > src/qemu/qemu_domain.c | 40 +++- > src/qemu/qemu_hotplug.c | 126 +++++++++++- > src/storage/storage_backend.c | 218 +++++++++++++++++++-- > src/storage/storage_backend.h | 3 +- > src/util/virqemu.c | 23 +++ > src/util/virqemu.h | 6 + > .../qemuxml2argv-luks-disk-cipher.xml | 45 ----- > .../qemuxml2argvdata/qemuxml2argv-luks-disks.args | 36 ++++ > tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml | 2 +- > tests/qemuxml2argvtest.c | 24 ++- > .../qemuxml2xmlout-luks-disk-cipher.xml | 1 - > tests/qemuxml2xmltest.c | 1 - > tests/secretxml2xmlin/usage-passphrase.xml | 7 - > tests/secretxml2xmlin/usage-tls.xml | 7 + > tests/secretxml2xmltest.c | 2 +- > tests/storagevolxml2argvtest.c | 3 +- > tests/storagevolxml2xmlin/vol-luks-cipher.xml | 2 +- > tests/storagevolxml2xmlin/vol-luks.xml | 2 +- > tests/storagevolxml2xmlout/vol-luks-cipher.xml | 2 +- > tests/storagevolxml2xmlout/vol-luks.xml | 2 +- > 33 files changed, 577 insertions(+), 150 deletions(-) > delete mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml > create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args > delete mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml > delete mode 100644 tests/secretxml2xmlin/usage-passphrase.xml > create mode 100644 tests/secretxml2xmlin/usage-tls.xml > Based on the ACK's here and the changes already ACK'd/pushed for adjusting the hotplug error paths, I've made the appropriate alterations here as requested in code review and as a result of the hotplug changes and pushed this. Again, thanks for the persistence on this. John -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list