[PATCH v5 07/16] conf: Add/Allow parsing the encryption in the disk source

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Since the virStorageEncryptionPtr encryption; is a member of
 _virStorageSource it really should be allowed to be a subelement
of the disk <source> for various disk formats:

   Source{File|Dir|Block|Volume}
   SourceProtocol{RBD|ISCSI|NBD|Gluster|Simple|HTTP}

NB: Simple includes sheepdog, ftp, ftps, tftp

That way we can set up to allow the <encryption> element to be
formatted within the disk source, but we still need to be wary
from whence the element was read - see keep track and when it
comes to format the data, ensure it's written in the correct place.

Modify the qemuxml2argvtest to add a parse failure when there is an
<encryption> as a child of <disk> *and* an <encryption> as a child
of <source>.

The virschematest will read the new test files and validate from a
RNG viewpoint things are fine.

Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx>
---
 docs/formatdomain.html.in                          | 15 +++-
 docs/schemas/domaincommon.rng                      | 30 ++++++++
 src/conf/domain_conf.c                             | 68 ++++++++++++++++--
 src/util/virstoragefile.h                          |  1 +
 .../qemuxml2argv-luks-disks-source-both.xml        | 40 +++++++++++
 .../qemuxml2argv-luks-disks-source.args            | 62 ++++++++++++++++
 .../qemuxml2argv-luks-disks-source.xml             | 81 +++++++++++++++++++++
 tests/qemuxml2argvtest.c                           |  2 +
 .../qemuxml2xmlout-luks-disks-source.xml           | 84 ++++++++++++++++++++++
 .../qemuxml2xmlout-luks-disks.xml                  | 46 +++++++++++-
 tests/qemuxml2xmltest.c                            |  1 +
 11 files changed, 420 insertions(+), 10 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source-both.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.xml
 create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks-source.xml
 mode change 120000 => 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml

diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 74f2090d06..e594d35524 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -2705,6 +2705,14 @@
             attribute matching the key that was specified in the
             secret object.
           </dd>
+          <dd><span class="since">Since libvirt 3.9.0</span>, the
+            <code>encryption</code> can be a sub-element of the
+            <code>source</code> element for encrypted storage sources.
+            If present, specifies how the storage source is encrypted
+            See the
+            <a href="formatstorageencryption.html">Storage Encryption</a>
+            page for more information.
+          </dd>
         </dl>
 
         <p>
@@ -3110,8 +3118,11 @@
         <span class="since">Since 0.8.8</span>
       </dd>
       <dt><code>encryption</code></dt>
-      <dd>If present, specifies how the volume is encrypted.  See
-        the <a href="formatstorageencryption.html">Storage Encryption</a> page
+      <dd>Starting with <span class="since">libvirt 3.9.0</span> the
+        <code>encryption</code> element is preferred to be a sub-element
+        of the <code>source</code> element. If present, specifies how the
+        volume is encrypted using "qcow". See the
+        <a href="formatstorageencryption.html">Storage Encryption</a> page
         for more information.
       </dd>
       <dt><code>readonly</code></dt>
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 895af55da1..b3b08862c3 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -1469,6 +1469,9 @@
         <optional>
           <ref name="storageStartupPolicy"/>
         </optional>
+        <optional>
+          <ref name="encryption"/>
+        </optional>
         <zeroOrMore>
           <ref name='devSeclabel'/>
         </zeroOrMore>
@@ -1490,6 +1493,9 @@
         <optional>
           <ref name="storageStartupPolicy"/>
         </optional>
+        <optional>
+          <ref name="encryption"/>
+        </optional>
         <zeroOrMore>
           <ref name='devSeclabel'/>
         </zeroOrMore>
@@ -1509,6 +1515,9 @@
         <optional>
           <ref name="storageStartupPolicy"/>
         </optional>
+        <optional>
+          <ref name="encryption"/>
+        </optional>
         <empty/>
       </element>
     </optional>
@@ -1581,6 +1590,9 @@
         <optional>
           <ref name="diskAuth"/>
         </optional>
+        <optional>
+          <ref name="encryption"/>
+        </optional>
         <empty/>
       </interleave>
     </element>
@@ -1596,6 +1608,9 @@
       <optional>
         <ref name="diskAuth"/>
       </optional>
+      <optional>
+        <ref name="encryption"/>
+      </optional>
     </element>
   </define>
 
@@ -1609,6 +1624,9 @@
       </attribute>
       <attribute name="name"/>
       <ref name="diskSourceNetworkHost"/>
+      <optional>
+        <ref name="encryption"/>
+      </optional>
     </element>
   </define>
 
@@ -1624,6 +1642,9 @@
       </attribute>
       <attribute name="name"/>
       <ref name="diskSourceNetworkHost"/>
+      <optional>
+        <ref name="encryption"/>
+      </optional>
     </element>
   </define>
 
@@ -1636,6 +1657,9 @@
         <attribute name="name"/>
       </optional>
       <ref name="diskSourceNetworkHost"/>
+      <optional>
+        <ref name="encryption"/>
+      </optional>
     </element>
   </define>
 
@@ -1648,6 +1672,9 @@
       <oneOrMore>
         <ref name="diskSourceNetworkHost"/>
       </oneOrMore>
+      <optional>
+        <ref name="encryption"/>
+      </optional>
     </element>
   </define>
 
@@ -1706,6 +1733,9 @@
         <optional>
           <ref name="storageStartupPolicy"/>
         </optional>
+        <optional>
+          <ref name="encryption"/>
+        </optional>
         <zeroOrMore>
           <ref name='devSeclabel'/>
         </zeroOrMore>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 65223fe85a..c2be9b7155 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8252,6 +8252,29 @@ virDomainDiskSourceAuthParse(xmlNodePtr node,
 }
 
 
+static int
+virDomainDiskSourceEncryptionParse(xmlNodePtr node,
+                                   virStorageEncryptionPtr *encryptionsrc)
+{
+    xmlNodePtr child;
+    virStorageEncryptionPtr encryption = NULL;
+
+    for (child = node->children; child; child = child->next) {
+        if (child->type == XML_ELEMENT_NODE &&
+            virXMLNodeNameEqual(child, "encryption")) {
+
+            if (!(encryption = virStorageEncryptionParseNode(node->doc, child)))
+                return -1;
+
+            *encryptionsrc = encryption;
+            return 0;
+        }
+    }
+
+    return 0;
+}
+
+
 int
 virDomainDiskSourceParse(xmlNodePtr node,
                          xmlXPathContextPtr ctxt,
@@ -8292,6 +8315,9 @@ virDomainDiskSourceParse(xmlNodePtr node,
     if (virDomainDiskSourceAuthParse(node, &src->auth) < 0)
         goto cleanup;
 
+    if (virDomainDiskSourceEncryptionParse(node, &src->encryption) < 0)
+        goto cleanup;
+
     /* People sometimes pass a bogus '' source path when they mean to omit the
      * source element completely (e.g. CDROM without media). This is just a
      * little compatibility check to help those broken apps */
@@ -8943,6 +8969,18 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
             if (def->src->auth)
                 def->src->authDefined = true;
 
+            /* Similarly for <encryption> - it's a child of <source> too
+             * and we cannot find in both places */
+            if (encryption && def->src->encryption) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("an <encryption> definition already found for "
+                                 "the <disk> definition"));
+                goto error;
+            }
+
+            if (def->src->encryption)
+                def->src->encryptionDefined = true;
+
             source = true;
 
             startupPolicy = virXMLPropString(cur, "startupPolicy");
@@ -9024,11 +9062,18 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
                    virXMLNodeNameEqual(cur, "state")) {
             /* Legacy back-compat. Don't add any more attributes here */
             devaddr = virXMLPropString(cur, "devaddr");
-        } else if (encryption == NULL &&
+        } else if (!encryption &&
                    virXMLNodeNameEqual(cur, "encryption")) {
-            encryption = virStorageEncryptionParseNode(node->doc,
-                                                       cur);
-            if (encryption == NULL)
+            /* If we've already parsed <source> and found an <encryption> child,
+             * then generate an error to avoid ambiguity */
+            if (def->src->encryptionDefined) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                               _("an <encryption> definition already found for "
+                                 "disk source"));
+                goto error;
+            }
+
+            if (!(encryption = virStorageEncryptionParseNode(node->doc, cur)))
                 goto error;
         } else if (!serial &&
                    virXMLNodeNameEqual(cur, "serial")) {
@@ -9246,8 +9291,8 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt,
     target = NULL;
     if (authdef)
         VIR_STEAL_PTR(def->src->auth, authdef);
-    def->src->encryption = encryption;
-    encryption = NULL;
+    if (encryption)
+        VIR_STEAL_PTR(def->src->encryption, encryption);
     def->domain_name = domain_name;
     domain_name = NULL;
     def->serial = serial;
@@ -21955,6 +22000,12 @@ virDomainDiskSourceFormatInternal(virBufferPtr buf,
                 goto error;
         }
 
+        /* If we found encryption as a child of <source>, then format it
+         * as we found it. */
+        if (src->encryption && src->encryptionDefined &&
+            virStorageEncryptionFormat(&childBuf, src->encryption) < 0)
+            return -1;
+
         if (virXMLFormatElement(buf, "source", &attrBuf, &childBuf) < 0)
             goto error;
     }
@@ -22283,7 +22334,10 @@ virDomainDiskDefFormat(virBufferPtr buf,
     virBufferEscapeString(buf, "<wwn>%s</wwn>\n", def->wwn);
     virBufferEscapeString(buf, "<vendor>%s</vendor>\n", def->vendor);
     virBufferEscapeString(buf, "<product>%s</product>\n", def->product);
-    if (def->src->encryption &&
+
+    /* If originally found as a child of <disk>, then format thusly;
+     * otherwise, will be formatted as child of <source> */
+    if (def->src->encryption && !def->src->encryptionDefined &&
         virStorageEncryptionFormat(buf, def->src->encryption) < 0)
         return -1;
     virDomainDeviceInfoFormat(buf, &def->info,
diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h
index 5673a3f77d..845a2efc71 100644
--- a/src/util/virstoragefile.h
+++ b/src/util/virstoragefile.h
@@ -241,6 +241,7 @@ struct _virStorageSource {
     virStorageAuthDefPtr auth;
     bool authDefined;
     virStorageEncryptionPtr encryption;
+    bool encryptionDefined;
 
     virObjectPtr privateData; /* Usable to store hypervisor specific data */
 
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source-both.xml b/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source-both.xml
new file mode 100644
index 0000000000..c4b762a1ed
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source-both.xml
@@ -0,0 +1,40 @@
+<domain type='qemu'>
+  <name>encryptdisk</name>
+  <uuid>496898a6-e6ff-f7c8-5dc2-3cf410945ee9</uuid>
+  <memory unit='KiB'>1048576</memory>
+  <currentMemory unit='KiB'>524288</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-i440fx-2.1'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='/storage/guest_disks/encryptdisk'>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+        </encryption>
+      </source>
+      <target dev='vda' bus='virtio'/>
+      <encryption format='luks'>
+        <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+      </encryption>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+    </disk>
+    <controller type='usb' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pci-root'/>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+    </memballoon>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.args b/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.args
new file mode 100644
index 0000000000..fec46945ce
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.args
@@ -0,0 +1,62 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/home/test \
+USER=test \
+LOGNAME=test \
+QEMU_AUDIO_DRV=none \
+/usr/bin/qemu-system-x86_64 \
+-name encryptdisk \
+-S \
+-object secret,id=masterKey0,format=raw,\
+file=/tmp/lib/domain--1-encryptdisk/master-key.aes \
+-M pc-i440fx-2.1 \
+-m 1024 \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid 496898a6-e6ff-f7c8-5dc2-3cf410945ee9 \
+-nographic \
+-nodefaults \
+-chardev socket,id=charmonitor,\
+path=/tmp/lib/domain--1-encryptdisk/monitor.sock,server,nowait \
+-mon chardev=charmonitor,id=monitor,mode=readline \
+-no-acpi \
+-boot c \
+-usb \
+-object secret,id=virtio-disk0-luks-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive file=/storage/guest_disks/encryptdisk,\
+key-secret=virtio-disk0-luks-secret0,format=luks,if=none,id=drive-virtio-disk0 \
+-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
+id=virtio-disk0 \
+-object secret,id=virtio-disk1-luks-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive file=/storage/guest_disks/encryptdisk2,\
+key-secret=virtio-disk1-luks-secret0,format=luks,if=none,id=drive-virtio-disk1 \
+-device virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk1,\
+id=virtio-disk1 \
+-object secret,id=virtio-disk2-luks-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive file=iscsi://myname:AQCVn5hO6HzFAhAAq0NCv8jtJcIcE+HOBlMQ1A@xxxxxxxxxxx:\
+6000/iqn.1992-01.com.example%3Astorage/1,key-secret=virtio-disk2-luks-secret0,\
+format=luks,if=none,id=drive-virtio-disk2 \
+-device virtio-blk-pci,bus=pci.0,addr=0x6,drive=drive-virtio-disk2,\
+id=virtio-disk2 \
+-object secret,id=virtio-disk3-luks-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive file=iscsi://iscsi.example.com:3260/demo-target/3,\
+key-secret=virtio-disk3-luks-secret0,format=luks,if=none,id=drive-virtio-disk3 \
+-device virtio-blk-pci,bus=pci.0,addr=0x7,drive=drive-virtio-disk3,\
+id=virtio-disk3 \
+-object secret,id=virtio-disk4-luks-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive 'file=rbd:pool/image:auth_supported=none:mon_host=mon1.example.org\:\
+6321\;mon2.example.org\:6322\;mon3.example.org\:6322,\
+key-secret=virtio-disk4-luks-secret0,format=luks,if=none,\
+id=drive-virtio-disk4' \
+-device virtio-blk-pci,bus=pci.0,addr=0x8,drive=drive-virtio-disk4,\
+id=virtio-disk4 \
+-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.xml b/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.xml
new file mode 100644
index 0000000000..293877df9e
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-luks-disks-source.xml
@@ -0,0 +1,81 @@
+<domain type='qemu'>
+  <name>encryptdisk</name>
+  <uuid>496898a6-e6ff-f7c8-5dc2-3cf410945ee9</uuid>
+  <memory unit='KiB'>1048576</memory>
+  <currentMemory unit='KiB'>524288</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-i440fx-2.1'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='/storage/guest_disks/encryptdisk'>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+        </encryption>
+      </source>
+      <target dev='vda' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+    </disk>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='/storage/guest_disks/encryptdisk2'>
+        <encryption format='luks'>
+          <secret type='passphrase' usage='/storage/guest_disks/encryptdisk2'/>
+        </encryption>
+      </source>
+      <target dev='vdb' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
+    </disk>
+    <disk type='network' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source protocol='iscsi' name='iqn.1992-01.com.example:storage/1'>
+        <host name='example.org' port='6000'/>
+        <auth username='myname'>
+          <secret type='iscsi' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80e80'/>
+        </auth>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80f77'/>
+        </encryption>
+      </source>
+      <target dev='vdc' bus='virtio'/>
+    </disk>
+    <disk type='volume' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source pool='pool-iscsi' volume='unit:0:0:3' mode='direct'>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80f80'/>
+        </encryption>
+      </source>
+      <target dev='vdd' bus='virtio'/>
+    </disk>
+    <disk type='network' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source protocol='rbd' name='pool/image'>
+        <host name='mon1.example.org' port='6321'/>
+        <host name='mon2.example.org' port='6322'/>
+        <host name='mon3.example.org' port='6322'/>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80fb0'/>
+        </encryption>
+      </source>
+      <target dev='vde' bus='virtio'/>
+    </disk>
+    <controller type='usb' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pci-root'/>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+    </memballoon>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index a4ff7b80c1..f326bffa16 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1666,10 +1666,12 @@ mymain(void)
     DO_TEST("encrypted-disk-usage", NONE);
 # ifdef HAVE_GNUTLS_CIPHER_ENCRYPT
     DO_TEST("luks-disks", QEMU_CAPS_OBJECT_SECRET);
+    DO_TEST("luks-disks-source", QEMU_CAPS_OBJECT_SECRET);
 # else
     DO_TEST_FAILURE("luks-disks", QEMU_CAPS_OBJECT_SECRET);
 # endif
     DO_TEST_PARSE_ERROR("luks-disk-invalid", NONE);
+    DO_TEST_PARSE_ERROR("luks-disks-source-both", QEMU_CAPS_OBJECT_SECRET);
 
     DO_TEST("memtune", NONE);
     DO_TEST("memtune-unlimited", NONE);
diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks-source.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks-source.xml
new file mode 100644
index 0000000000..1cad3af7a6
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks-source.xml
@@ -0,0 +1,84 @@
+<domain type='qemu'>
+  <name>encryptdisk</name>
+  <uuid>496898a6-e6ff-f7c8-5dc2-3cf410945ee9</uuid>
+  <memory unit='KiB'>1048576</memory>
+  <currentMemory unit='KiB'>524288</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-i440fx-2.1'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='/storage/guest_disks/encryptdisk'>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+        </encryption>
+      </source>
+      <target dev='vda' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+    </disk>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='/storage/guest_disks/encryptdisk2'>
+        <encryption format='luks'>
+          <secret type='passphrase' usage='/storage/guest_disks/encryptdisk2'/>
+        </encryption>
+      </source>
+      <target dev='vdb' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
+    </disk>
+    <disk type='network' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source protocol='iscsi' name='iqn.1992-01.com.example:storage/1'>
+        <host name='example.org' port='6000'/>
+        <auth username='myname'>
+          <secret type='iscsi' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80e80'/>
+        </auth>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80f77'/>
+        </encryption>
+      </source>
+      <target dev='vdc' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
+    </disk>
+    <disk type='volume' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source pool='pool-iscsi' volume='unit:0:0:3' mode='direct'>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80f80'/>
+        </encryption>
+      </source>
+      <target dev='vdd' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
+    </disk>
+    <disk type='network' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source protocol='rbd' name='pool/image'>
+        <host name='mon1.example.org' port='6321'/>
+        <host name='mon2.example.org' port='6322'/>
+        <host name='mon3.example.org' port='6322'/>
+        <encryption format='luks'>
+          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80fb0'/>
+        </encryption>
+      </source>
+      <target dev='vde' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
+    </disk>
+    <controller type='usb' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pci-root'/>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+    </memballoon>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
deleted file mode 120000
index b59dc672fc..0000000000
--- a/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
+++ /dev/null
@@ -1 +0,0 @@
-../qemuxml2argvdata/qemuxml2argv-luks-disks.xml
\ No newline at end of file
diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
new file mode 100644
index 0000000000..c84af442a6
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
@@ -0,0 +1,45 @@
+<domain type='qemu'>
+  <name>encryptdisk</name>
+  <uuid>496898a6-e6ff-f7c8-5dc2-3cf410945ee9</uuid>
+  <memory unit='KiB'>1048576</memory>
+  <currentMemory unit='KiB'>524288</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-i440fx-2.1'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='/storage/guest_disks/encryptdisk'/>
+      <target dev='vda' bus='virtio'/>
+      <encryption format='luks'>
+        <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+      </encryption>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+    </disk>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source file='/storage/guest_disks/encryptdisk2'/>
+      <target dev='vdb' bus='virtio'/>
+      <encryption format='luks'>
+        <secret type='passphrase' usage='/storage/guest_disks/encryptdisk2'/>
+      </encryption>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
+    </disk>
+    <controller type='usb' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pci-root'/>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+    </memballoon>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index c484d8d17c..f2e4244a23 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -580,6 +580,7 @@ mymain(void)
     DO_TEST("encrypted-disk", NONE);
     DO_TEST("encrypted-disk-usage", NONE);
     DO_TEST("luks-disks", NONE);
+    DO_TEST("luks-disks-source", NONE);
     DO_TEST("memtune", NONE);
     DO_TEST("memtune-unlimited", NONE);
     DO_TEST("blkiotune", NONE);
-- 
2.13.6

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux