[PATCH v1 4/7] qemu: add multi-secret support in qemuBlockStorageSourceAttachData

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This commit changes the qemuBlockStorageSourceAttachData struct
to support multiple secrets (instead of a single one before this commit).
This will useful for storage encryption requiring more than a single secret.

Signed-off-by: Or Ozeri <oro@xxxxxxxxxx>
---
 src/qemu/qemu_block.c    | 35 ++++++++++++++++++++++++++---------
 src/qemu/qemu_block.h    |  5 +++--
 src/qemu/qemu_blockjob.c |  6 ++++++
 src/qemu/qemu_command.c  | 21 +++++++++++++++++----
 4 files changed, 52 insertions(+), 15 deletions(-)

diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 5e700eff99..2e3e0f6572 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -1310,6 +1310,7 @@ qemuBlockStorageSourceGetBlockdevStorageSliceProps(virStorageSource *src)
 void
 qemuBlockStorageSourceAttachDataFree(qemuBlockStorageSourceAttachData *data)
 {
+    size_t i;
     if (!data)
         return;
 
@@ -1319,12 +1320,16 @@ qemuBlockStorageSourceAttachDataFree(qemuBlockStorageSourceAttachData *data)
     virJSONValueFree(data->prmgrProps);
     virJSONValueFree(data->authsecretProps);
     virJSONValueFree(data->httpcookiesecretProps);
-    virJSONValueFree(data->encryptsecretProps);
+    for (i = 0; i < data->encryptsecretCount; ++i) {
+        virJSONValueFree(data->encryptsecretProps[i]);
+        g_free(data->encryptsecretAlias[i]);
+    }
     virJSONValueFree(data->tlsProps);
     virJSONValueFree(data->tlsKeySecretProps);
     g_free(data->tlsAlias);
     g_free(data->tlsKeySecretAlias);
     g_free(data->authsecretAlias);
+    g_free(data->encryptsecretProps);
     g_free(data->encryptsecretAlias);
     g_free(data->httpcookiesecretAlias);
     g_free(data->driveCmd);
@@ -1435,10 +1440,12 @@ static int
 qemuBlockStorageSourceAttachApplyFormatDeps(qemuMonitor *mon,
                                             qemuBlockStorageSourceAttachData *data)
 {
-    if (data->encryptsecretProps &&
-        qemuMonitorAddObject(mon, &data->encryptsecretProps,
-                             &data->encryptsecretAlias) < 0)
-        return -1;
+    size_t i;
+    for (i = 0; i < data->encryptsecretCount; ++i) {
+        if (qemuMonitorAddObject(mon, &data->encryptsecretProps[i],
+                                 &data->encryptsecretAlias[i]) < 0)
+            return -1;
+    }
 
     return 0;
 }
@@ -1524,6 +1531,7 @@ qemuBlockStorageSourceAttachRollback(qemuMonitor *mon,
                                      qemuBlockStorageSourceAttachData *data)
 {
     virErrorPtr orig_err;
+    size_t i;
 
     virErrorPreserveLast(&orig_err);
 
@@ -1549,8 +1557,10 @@ qemuBlockStorageSourceAttachRollback(qemuMonitor *mon,
     if (data->authsecretAlias)
         ignore_value(qemuMonitorDelObject(mon, data->authsecretAlias, false));
 
-    if (data->encryptsecretAlias)
-        ignore_value(qemuMonitorDelObject(mon, data->encryptsecretAlias, false));
+    for (i = 0; i < data->encryptsecretCount; ++i) {
+        if (data->encryptsecretAlias[i])
+            ignore_value(qemuMonitorDelObject(mon, data->encryptsecretAlias[i], false));
+    }
 
     if (data->httpcookiesecretAlias)
         ignore_value(qemuMonitorDelObject(mon, data->httpcookiesecretAlias, false));
@@ -1605,8 +1615,15 @@ qemuBlockStorageSourceDetachPrepare(virStorageSource *src)
         if (srcpriv->secinfo)
             data->authsecretAlias = g_strdup(srcpriv->secinfo->alias);
 
-        if (srcpriv->encinfo)
-            data->encryptsecretAlias = g_strdup(srcpriv->encinfo->alias);
+        if (srcpriv->encinfo) {
+            if (!data->encryptsecretAlias) {
+                data->encryptsecretCount = 1;
+                data->encryptsecretProps = g_new0(virJSONValue *, 1);
+                data->encryptsecretAlias = g_new0(char *, 1);
+            }
+
+            data->encryptsecretAlias[0] = g_strdup(srcpriv->encinfo->alias);
+        }
 
         if (srcpriv->httpcookie)
             data->httpcookiesecretAlias = g_strdup(srcpriv->httpcookie->alias);
diff --git a/src/qemu/qemu_block.h b/src/qemu/qemu_block.h
index 5a61a19da2..530d88d28e 100644
--- a/src/qemu/qemu_block.h
+++ b/src/qemu/qemu_block.h
@@ -89,8 +89,9 @@ struct qemuBlockStorageSourceAttachData {
     virJSONValue *authsecretProps;
     char *authsecretAlias;
 
-    virJSONValue *encryptsecretProps;
-    char *encryptsecretAlias;
+    size_t encryptsecretCount;
+    virJSONValue **encryptsecretProps;
+    char **encryptsecretAlias;
 
     virJSONValue *httpcookiesecretProps;
     char *httpcookiesecretAlias;
diff --git a/src/qemu/qemu_blockjob.c b/src/qemu/qemu_blockjob.c
index a20cf1db62..818e90022c 100644
--- a/src/qemu/qemu_blockjob.c
+++ b/src/qemu/qemu_blockjob.c
@@ -1336,9 +1336,15 @@ qemuBlockJobProcessEventConcludedCreate(virQEMUDriver *driver,
     /* the format node part was not attached yet, so we don't need to detach it */
     backend->formatAttached = false;
     if (job->data.create.storage) {
+        size_t i;
+
         backend->storageAttached = false;
         backend->storageSliceAttached = false;
+        for (i = 0; i < backend->encryptsecretCount; ++i) {
+            VIR_FREE(backend->encryptsecretAlias[i]);
+        }
         VIR_FREE(backend->encryptsecretAlias);
+        VIR_FREE(backend->encryptsecretProps);
     }
 
     if (qemuDomainObjEnterMonitorAsync(vm, asyncJob) < 0)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 4839d45a34..f5dcb46e42 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -2108,15 +2108,21 @@ qemuBuildBlockStorageSourceAttachDataCommandline(virCommand *cmd,
                                                  virQEMUCaps *qemuCaps)
 {
     char *tmp;
+    size_t i;
 
     if (qemuBuildObjectCommandline(cmd, data->prmgrProps, qemuCaps) < 0 ||
         qemuBuildObjectCommandline(cmd, data->authsecretProps, qemuCaps) < 0 ||
-        qemuBuildObjectCommandline(cmd, data->encryptsecretProps, qemuCaps) < 0 ||
         qemuBuildObjectCommandline(cmd, data->httpcookiesecretProps, qemuCaps) < 0 ||
         qemuBuildObjectCommandline(cmd, data->tlsKeySecretProps, qemuCaps) < 0 ||
         qemuBuildObjectCommandline(cmd, data->tlsProps, qemuCaps) < 0)
         return -1;
 
+    for (i = 0; i < data->encryptsecretCount; ++i) {
+        if (qemuBuildObjectCommandline(cmd, data->encryptsecretProps[i], qemuCaps) < 0) {
+            return -1;
+        }
+    }
+
     if (data->driveCmd)
         virCommandAddArgList(cmd, "-drive", data->driveCmd, NULL);
 
@@ -10637,9 +10643,16 @@ qemuBuildStorageSourceAttachPrepareCommon(virStorageSource *src,
             qemuBuildSecretInfoProps(srcpriv->secinfo, &data->authsecretProps) < 0)
             return -1;
 
-        if (srcpriv->encinfo &&
-            qemuBuildSecretInfoProps(srcpriv->encinfo, &data->encryptsecretProps) < 0)
-            return -1;
+        if (srcpriv->encinfo) {
+           if (!data->encryptsecretProps) {
+               data->encryptsecretCount = 1;
+               data->encryptsecretProps = g_new0(virJSONValue *, 1);
+               data->encryptsecretAlias = g_new0(char *, 1);
+           }
+
+           if (qemuBuildSecretInfoProps(srcpriv->encinfo, &data->encryptsecretProps[0]) < 0)
+               return -1;
+        }
 
         if (srcpriv->httpcookie &&
             qemuBuildSecretInfoProps(srcpriv->httpcookie, &data->httpcookiesecretProps) < 0)
-- 
2.25.1
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux