[libvirt] [PATCH RFC 00/16] Add support for LUKS encrypted devices
John Ferlan
jferlan at redhat.com
Tue Jun 7 14:45:29 UTC 2016
Patches 1-3 were posted separately:
http://www.redhat.com/archives/libvir-list/2016-June/msg00256.html
But perhaps seeing the final direction will make things more clear as
to why a "real" flag system wasn't used and keeping the current paradigm
of constant value returns still works just fine.
Patches 4-5 were posted separately:
http://www.redhat.com/archives/libvir-list/2016-June/msg00091.html (4)
http://www.redhat.com/archives/libvir-list/2016-June/msg00094.html (5)
Although at one point patch 4 had an ACK:
http://www.redhat.com/archives/libvir-list/2016-May/msg02115.html
It wasn't clear if the more recent review rescinded that, so it still
remains "in the list". I understand the concern about adding secret to
cfg.mk checking, but without a better idea of how to handle - I left
things as they were.
Patches 6-16 are all new. Some parts are separable, but rather than continue
piecemeal I just figured going with an RFC will at least
Patch 6 is only there to "prove" that using the current encryption paradigm
XML still works, although if I've read the tea leaves correctly, the qemu
support isn't working as desired/expected.
Patch 7 adds "usage" as an XML attribute for encryption and the associated
tests with that. I've chosen to "reuse" the <encryption> XML element rather
than inventing something new. I'm not opposed to something new, but let's
decide up a name quickly...
Patch 8-9 adds the ability for the storage backend to create/recognize a
luks volume
Patches 10-13 adds support for luks encryption in the storage backend.
The new "<secret>" format uses "luks" as the usage type and "<key>" as
the 'name'. If those names cause angst, I'm fine with changing, but just
give a better suggestion! Adding <cipher> and <ivgen> were a result of
using qemu constructs from qemu commit id '3e308f20'. Since we are parsing
something new, I figure failing in the domain parse code for this new type
was acceptible as opposed to some post processing check.
Patches 14-16 adds support for luks encryption to the domain using
<encryption type='luks'... <secret format='key' usage/uuid='xxx'>>
I've tested using a "good" and "bad" password and got the expected results
for starting a domain. I did not add 'virsh vol-create-as' support just
yet. I figured that would be less to go back and redo if the names of
elements changes. I've also run the changes through Coverity with no
new issues detected.
The whole series is a result of the following bz:
https://bugzilla.redhat.com/show_bug.cgi?id=1301021
John Ferlan (16):
storage: Adjust qemu-img switches check
storage: Create helper to set backing for CreateQemuImg code
storage: Create helper to set options for CreateQemuImg code
storage: Use virSecretGetSecretString
secret: Move virStorageSecretType to secret_util and rename
tests: Adjust tests for encrypted storage
util: Add 'usage' for encryption
util: Modify the FileTypeInfo for meta data checks
util: Add 'luks' to the FileTypeInfo
conf: Add new secret type "luks"
encryption: Add luks parsing for storageencryption
encryption: Add <cipher> and <ivgen> to encryption
storage: Add support to create a luks volume
qemu: Change protocol parameter for secret setup
qemu: Remove authdef from secret setup
qemu: Add luks support for domain disk
cfg.mk | 2 +-
docs/aclpolkit.html.in | 4 +
docs/formatsecret.html.in | 60 ++-
docs/formatstorageencryption.html.in | 115 ++++-
docs/schemas/secret.rng | 10 +
docs/schemas/storagecommon.rng | 58 ++-
include/libvirt/libvirt-secret.h | 3 +-
src/Makefile.am | 1 +
src/access/viraccessdriverpolkit.c | 13 +
src/conf/domain_conf.c | 11 +
src/conf/secret_conf.c | 26 +-
src/conf/secret_conf.h | 3 +-
src/conf/virsecretobj.c | 5 +
src/libvirt_private.syms | 1 +
src/libxl/libxl_conf.c | 2 +-
src/qemu/qemu_command.c | 8 +-
src/qemu/qemu_domain.c | 154 ++++---
src/qemu/qemu_process.c | 18 +-
src/secret/secret_util.c | 18 +-
src/secret/secret_util.h | 22 +-
src/storage/storage_backend.c | 480 +++++++++++++++------
src/storage/storage_backend.h | 3 +-
src/storage/storage_backend_fs.c | 10 +-
src/storage/storage_backend_gluster.c | 2 +
src/storage/storage_backend_iscsi.c | 55 +--
src/storage/storage_backend_rbd.c | 49 +--
src/util/virendian.h | 24 ++
src/util/virqemu.c | 23 +
src/util/virqemu.h | 6 +
src/util/virstorageencryption.c | 166 ++++++-
src/util/virstorageencryption.h | 18 +-
src/util/virstoragefile.c | 125 ++++--
src/util/virstoragefile.h | 18 +-
tests/qemuargv2xmltest.c | 4 +-
.../qemuxml2argv-encrypted-disk-usage.args | 24 ++
.../qemuxml2argv-encrypted-disk-usage.xml | 32 ++
.../qemuxml2argv-encrypted-disk.args | 26 +-
.../qemuxml2argv-encrypted-disk.xml | 4 +-
.../qemuxml2argv-luks-disk-cipher.args | 36 ++
.../qemuxml2argv-luks-disk-cipher.xml | 41 ++
.../qemuxml2argvdata/qemuxml2argv-luks-disks.args | 36 ++
tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml | 41 ++
tests/qemuxml2argvtest.c | 14 +-
.../qemuxml2xmlout-encrypted-disk-usage.xml | 36 ++
.../qemuxml2xmlout-encrypted-disk.xml | 4 +-
.../qemuxml2xmlout-luks-disk-cipher.xml | 45 ++
.../qemuxml2xmlout-luks-disks.xml | 45 ++
tests/qemuxml2xmltest.c | 3 +
tests/secretxml2xmlin/usage-luks.xml | 7 +
tests/secretxml2xmltest.c | 1 +
tests/storagevolxml2argvdata/qcow2-flag.argv | 2 -
.../qcow2-nobacking-convert-flag.argv | 2 -
.../qcow2-nobacking-convert-none.argv | 2 -
.../qcow2-nobacking-flag.argv | 1 -
.../qcow2-nobacking-none.argv | 1 -
tests/storagevolxml2argvdata/qcow2-none.argv | 1 -
tests/storagevolxml2argvtest.c | 25 +-
tests/storagevolxml2xmlin/vol-luks-cipher.xml | 23 +
tests/storagevolxml2xmlin/vol-luks.xml | 21 +
tests/storagevolxml2xmlout/vol-luks-cipher.xml | 23 +
tests/storagevolxml2xmlout/vol-luks.xml | 21 +
tests/storagevolxml2xmltest.c | 2 +
tests/virendiantest.c | 18 +
63 files changed, 1619 insertions(+), 435 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk-usage.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-encrypted-disk-usage.xml
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disks.xml
create mode 100644 tests/secretxml2xmlin/usage-luks.xml
delete mode 100644 tests/storagevolxml2argvdata/qcow2-flag.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-convert-flag.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-convert-none.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-flag.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-nobacking-none.argv
delete mode 100644 tests/storagevolxml2argvdata/qcow2-none.argv
create mode 100644 tests/storagevolxml2xmlin/vol-luks-cipher.xml
create mode 100644 tests/storagevolxml2xmlin/vol-luks.xml
create mode 100644 tests/storagevolxml2xmlout/vol-luks-cipher.xml
create mode 100644 tests/storagevolxml2xmlout/vol-luks.xml
--
2.5.5
More information about the libvir-list
mailing list