[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 00/20] Add support for (qcow*) volume encryption.



Hello,
the following patches add full support for qcow/qcow2 volume encryption,
assuming a client that supports it.

(Main changes since the previous version:
 * Use a separate API for "secret" management
 * Auto-generate the encryption format and passphrase if not supplied
 See the specific patch change logs for more details; patches without
 change logs are entirely new.) 

New XML tags are defined to represent encryption parameters (currently
format and passphrase, more can be added in the future), e.g.
     <encryption format='qcow'>
       <secret type='passphrase'
               secret_id='724d95f2-0ed2-6ff9-84d0-0f3d1618428d'/>
     </encryption>

The <encryption> tag can be added to a <volume> node passed to
virStorageVolCreateXML() to create an encrypted volume, or to a
<disk> node inside a <domain> to specify what encryption parameters to
use for a domain. 

secret_id above refers to a separately-managed secret, which was set
using virSecretSetValue().  Other properties of the secret can be
managed using an XML representation.

Detailed documentation of the formats and features is inside the patches.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]