On a Tuesday in 2024, Michal Privoznik wrote:
If user requests their virSecret value to be encrypted using hosts' TPM we can now honour such request as we have all the APIs ready. The value is still stored in a file (obj->base64File) but because it was encrypted by TPM it's not readable (even though it's still base64 encoded). And since we can detect usability of host's TPM, let's do that when a virSecret is defined and TPM is requested. This avoids unpleasant surprises later on. Resolves: https://issues.redhat.com/browse/RHEL-7125
That link is private so it does not belong in an upstream commit message. Jano
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> --- src/conf/virsecretobj.c | 32 +++++++++++++++++++++++++++++--- src/secret/secret_driver.c | 7 +++++++ 2 files changed, 36 insertions(+), 3 deletions(-)
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Devel mailing list -- devel@xxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxx
