On Tue, Jul 19, 2016 at 02:27:41PM -0400, John Ferlan wrote: > Resolves a CI test integration failure with a RHEL6/Centos6 environment. > > In order to use a LUKS encrypted device, the design decision was to > generate an encrypted secret based on the master key. However, commit > id 'da86c6c' missed checking for that specifically. > > When qemuDomainSecretSetup was implemented, a design decision was made > to "fall back" to a plain text secret setup if the specific cipher was > not available (e.g. virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)) > as well as the QEMU_CAPS_OBJECT_SECRET. For the luks encryption setup > there is no fall back to the plaintext secret, thus if that gets set > up by qemuDomainSecretSetup, then we need to fail. > > Also, while the qemuxml2argvtest has set the QEMU_CAPS_OBJECT_SECRET > bit, it didn't take into account the second requirement that the > ability to generate the encrypted secret is possible. So modify the > test to not attempt to run the luks-disk if we know we don't have > the encryption algorithm. > > Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> > --- > src/qemu/qemu_domain.c | 7 +++++++ > tests/qemuxml2argvtest.c | 4 ++++ > 2 files changed, 11 insertions(+) ACK Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list