[libvirt] [PATCH 00/20] Add support for (qcow*) volume encryption.
Miloslav Trmač
mitr at redhat.com
Tue Aug 4 20:28:15 UTC 2009
Hello,
the following patches add full support for qcow/qcow2 volume encryption,
assuming a client that supports it.
(Main changes since the previous version:
* Use a separate API for "secret" management
* Auto-generate the encryption format and passphrase if not supplied
See the specific patch change logs for more details; patches without
change logs are entirely new.)
New XML tags are defined to represent encryption parameters (currently
format and passphrase, more can be added in the future), e.g.
<encryption format='qcow'>
<secret type='passphrase'
secret_id='724d95f2-0ed2-6ff9-84d0-0f3d1618428d'/>
</encryption>
The <encryption> tag can be added to a <volume> node passed to
virStorageVolCreateXML() to create an encrypted volume, or to a
<disk> node inside a <domain> to specify what encryption parameters to
use for a domain.
secret_id above refers to a separately-managed secret, which was set
using virSecretSetValue(). Other properties of the secret can be
managed using an XML representation.
Detailed documentation of the formats and features is inside the patches.
More information about the libvir-list
mailing list