v2: - add luks-any commits (including nit fixes) - removed qemu 8.0.0 replies commit - remove tautological if condition in qemuBlockStorageSourceAttachData initialization - add comments on validation of a single secret in qemu encryption engine - fix leak of qemuDomainStorageSourcePrivate->encinfo - remove ctxt->node modification in privatedata xml parsing - add test to modern-in.xml - squash commit #6 - add validation for a single secret in sd card disk Or Ozeri (7): qemu: capabilities: Introduce QEMU_CAPS_RBD_ENCRYPTION_LAYERING capability qemu: add support for multiple secret aliases qemu: add multi-secret support in qemuBlockStorageSourceAttachData qemu: add multi-secret support in _qemuDomainStorageSourcePrivate qemu: add support for librbd layered encryption qemu: capabilities: Introduce QEMU_CAPS_RBD_ENCRYPTION_LUKS_ANY capability qemu: add luks-any encryption support for RBD images docs/formatstorageencryption.rst | 20 ++- src/conf/schemas/storagecommon.rng | 5 +- src/conf/storage_encryption_conf.c | 2 +- src/conf/storage_encryption_conf.h | 1 + src/libvirt_private.syms | 1 + src/qemu/qemu_alias.c | 8 +- src/qemu/qemu_alias.h | 3 +- src/qemu/qemu_block.c | 77 ++++++++--- src/qemu/qemu_block.h | 5 +- src/qemu/qemu_blockjob.c | 6 + src/qemu/qemu_capabilities.c | 4 + src/qemu/qemu_capabilities.h | 2 + src/qemu/qemu_command.c | 29 +++- src/qemu/qemu_domain.c | 130 +++++++++++++++--- src/qemu/qemu_domain.h | 3 +- src/qemu/qemu_hotplug.c | 2 +- src/qemu/qemu_migration_params.c | 2 +- src/qemu/qemu_validate.c | 8 ++ tests/qemublocktest.c | 7 +- .../caps_8.0.0.x86_64.xml | 2 + tests/qemustatusxml2xmldata/modern-in.xml | 14 ++ ...k-rbd-encryption-layering.x86_64-7.2.0.err | 1 + ...rbd-encryption-layering.x86_64-latest.args | 39 ++++++ .../disk-network-rbd-encryption-layering.xml | 41 ++++++ ...k-rbd-encryption-luks-any.x86_64-7.2.0.err | 1 + ...rbd-encryption-luks-any.x86_64-latest.args | 37 +++++ .../disk-network-rbd-encryption-luks-any.xml | 39 ++++++ tests/qemuxml2argvtest.c | 4 + ...-rbd-encryption-layering.x86_64-latest.xml | 46 +++++++ ...-rbd-encryption-luks-any.x86_64-latest.xml | 44 ++++++ tests/qemuxml2xmltest.c | 2 + 31 files changed, 517 insertions(+), 68 deletions(-) create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-layering.x86_64-7.2.0.err create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-layering.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-layering.xml create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-7.2.0.err create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.xml create mode 100644 tests/qemuxml2xmloutdata/disk-network-rbd-encryption-layering.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/disk-network-rbd-encryption-luks-any.x86_64-latest.xml -- 2.25.1