-----"Or Ozeri" <oro@xxxxxxxxxx> wrote: -----
To: libvir-list@xxxxxxxxxx
From: "Or Ozeri" <oro@xxxxxxxxxx>
Date: 10/07/2021 10:21PM
Cc: to.my.trociny@xxxxxxxxx, dannyh@xxxxxxxxxx, idryomov@xxxxxxxxx, "Or Ozeri" <oro@xxxxxxxxxx>
Subject: [PATCH v4 0/5] Add support for librbd encryption
From: "Or Ozeri" <oro@xxxxxxxxxx>
Date: 10/07/2021 10:21PM
Cc: to.my.trociny@xxxxxxxxx, dannyh@xxxxxxxxxx, idryomov@xxxxxxxxx, "Or Ozeri" <oro@xxxxxxxxxx>
Subject: [PATCH v4 0/5] Add support for librbd encryption
v4:
- added disk post parse to image creation flow in qemublocktest (since more tests failed after adding engine validation)
- removed symlink changes
- added luks2 and engine documentation
- switched to using enum engine instead of int
- added validation for encryption engine and formats
v3: rebased on master
v2: addressed (hopefully) all of Peter's v1 comments (thanks Peter!)
Or Ozeri (5):
qemu: add disk post parse to qemublocktest
qemu: capablities: Detect presence of 'rbd-encryption' as
QEMU_CAPS_RBD_ENCRYPTION
conf: add encryption engine property
qemu: add librbd encryption engine
conf: add luks2 encryption format
docs/formatstorageencryption.html.in | 23 ++++-
docs/schemas/domainbackup.rng | 7 ++
docs/schemas/storagecommon.rng | 9 ++
src/conf/storage_encryption_conf.c | 29 ++++++-
src/conf/storage_encryption_conf.h | 11 +++
src/qemu/qemu_block.c | 33 ++++++++
src/qemu/qemu_capabilities.c | 2 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_domain.c | 61 +++++++++++++-
src/qemu/qemu_domain.h | 3 +
tests/qemublocktest.c | 29 +++----
.../caps_6.1.0.x86_64.xml | 1 +
tests/qemustatusxml2xmldata/upgrade-out.xml | 6 +-
...sk-network-rbd-encryption.x86_64-6.0.0.err | 1 +
...-network-rbd-encryption.x86_64-latest.args | 49 +++++++++++
.../disk-network-rbd-encryption.xml | 75 +++++++++++++++++
tests/qemuxml2argvdata/disk-nvme.xml | 2 +-
.../qemuxml2argvdata/encrypted-disk-usage.xml | 2 +-
tests/qemuxml2argvdata/luks-disks.xml | 4 +-
tests/qemuxml2argvdata/user-aliases.xml | 2 +-
tests/qemuxml2argvtest.c | 2 +
...k-network-rbd-encryption.x86_64-latest.xml | 83 +++++++++++++++++++
.../disk-slices.x86_64-latest.xml | 4 +-
tests/qemuxml2xmloutdata/encrypted-disk.xml | 2 +-
.../luks-disks-source-qcow2.x86_64-latest.xml | 14 ++--
.../qemuxml2xmloutdata/luks-disks-source.xml | 10 +--
tests/qemuxml2xmltest.c | 1 +
27 files changed, 421 insertions(+), 45 deletions(-)
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-6.0.0.err
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption.xml
create mode 100644 tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-latest.xml
--
2.25.1
- added disk post parse to image creation flow in qemublocktest (since more tests failed after adding engine validation)
- removed symlink changes
- added luks2 and engine documentation
- switched to using enum engine instead of int
- added validation for encryption engine and formats
v3: rebased on master
v2: addressed (hopefully) all of Peter's v1 comments (thanks Peter!)
Or Ozeri (5):
qemu: add disk post parse to qemublocktest
qemu: capablities: Detect presence of 'rbd-encryption' as
QEMU_CAPS_RBD_ENCRYPTION
conf: add encryption engine property
qemu: add librbd encryption engine
conf: add luks2 encryption format
docs/formatstorageencryption.html.in | 23 ++++-
docs/schemas/domainbackup.rng | 7 ++
docs/schemas/storagecommon.rng | 9 ++
src/conf/storage_encryption_conf.c | 29 ++++++-
src/conf/storage_encryption_conf.h | 11 +++
src/qemu/qemu_block.c | 33 ++++++++
src/qemu/qemu_capabilities.c | 2 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_domain.c | 61 +++++++++++++-
src/qemu/qemu_domain.h | 3 +
tests/qemublocktest.c | 29 +++----
.../caps_6.1.0.x86_64.xml | 1 +
tests/qemustatusxml2xmldata/upgrade-out.xml | 6 +-
...sk-network-rbd-encryption.x86_64-6.0.0.err | 1 +
...-network-rbd-encryption.x86_64-latest.args | 49 +++++++++++
.../disk-network-rbd-encryption.xml | 75 +++++++++++++++++
tests/qemuxml2argvdata/disk-nvme.xml | 2 +-
.../qemuxml2argvdata/encrypted-disk-usage.xml | 2 +-
tests/qemuxml2argvdata/luks-disks.xml | 4 +-
tests/qemuxml2argvdata/user-aliases.xml | 2 +-
tests/qemuxml2argvtest.c | 2 +
...k-network-rbd-encryption.x86_64-latest.xml | 83 +++++++++++++++++++
.../disk-slices.x86_64-latest.xml | 4 +-
tests/qemuxml2xmloutdata/encrypted-disk.xml | 2 +-
.../luks-disks-source-qcow2.x86_64-latest.xml | 14 ++--
.../qemuxml2xmloutdata/luks-disks-source.xml | 10 +--
tests/qemuxml2xmltest.c | 1 +
27 files changed, 421 insertions(+), 45 deletions(-)
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-6.0.0.err
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption.xml
create mode 100644 tests/qemuxml2xmloutdata/disk-network-rbd-encryption.x86_64-latest.xml
--
2.25.1