[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 16/20] Attach encryption information to virDomainDiskDef.



The XML allows <encryption format='unencrypted'/>, this implementation
canonicalizes the internal representation so that "disk->encryption" is
non-NULL iff encryption information is available.

A domain with partial encryption information can be defined,
completeness of the information is not verified.  The domain won't
start until the remaining information is added, of course.
---
 docs/formatdomain.html    |    6 ++++++
 docs/formatdomain.html.in |    8 ++++++++
 docs/schemas/domain.rng   |    5 +++++
 src/domain_conf.c         |   14 ++++++++++++++
 src/domain_conf.h         |    2 ++
 5 files changed, 35 insertions(+), 0 deletions(-)

diff --git a/docs/formatdomain.html b/docs/formatdomain.html
index efba65a..3368ad5 100644
--- a/docs/formatdomain.html
+++ b/docs/formatdomain.html
@@ -453,6 +453,9 @@
 	    &lt;driver name="tap" type="aio"&gt;
 	    &lt;source file='/var/lib/xen/images/fv0'/&gt;
 	    &lt;target dev='hda' bus='ide'/&gt;
+            &lt;encryption type='...'&gt;
+              ...
+            &lt;/encryption&gt;
 	  &lt;/disk&gt;
 	  ...</pre>
         <dl><dt><code>disk</code></dt><dd>The <code>disk</code> element is the main container for describing
@@ -478,6 +481,9 @@
 	<code>driver</code> element allows them to be selected. The <code>name</code>
 	attribute is the primary backend driver name, while the optional <code>type</code>
 	attribute provides the sub-type. <span class="since">Since 0.1.8</span>
+      </dd><dt><code>encryption</code></dt><dd>If present, specifies how the volume is encrypted.  See
+        the <a href="formatstorageencryption.html">Storage Encryption</a> page
+        for more information.
       </dd></dl>
         <h4>
           <a name="elementsUSB" id="elementsUSB">USB and PCI devices</a>
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index eb12784..211f7ed 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -338,6 +338,9 @@
 	    &lt;driver name="tap" type="aio"&gt;
 	    &lt;source file='/var/lib/xen/images/fv0'/&gt;
 	    &lt;target dev='hda' bus='ide'/&gt;
+            &lt;encryption type='...'&gt;
+              ...
+            &lt;/encryption&gt;
 	  &lt;/disk&gt;
 	  ...</pre>
 
@@ -373,6 +376,11 @@
 	attribute is the primary backend driver name, while the optional <code>type</code>
 	attribute provides the sub-type. <span class="since">Since 0.1.8</span>
       </dd>
+      <dt><code>encryption</code></dt>
+      <dd>If present, specifies how the volume is encrypted.  See
+        the <a href="formatstorageencryption.html">Storage Encryption</a> page
+        for more information.
+      </dd>
     </dl>
 
     <h4><a name="elementsUSB">USB and PCI devices</a></h4>
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index f857301..df31f4a 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -4,6 +4,8 @@
   <start>
     <ref name="domain"/>
   </start>
+
+  <include href='storageencryption.rng'/>
   <!--
       We handle only document defining a domain
     -->
@@ -336,6 +338,9 @@
         <empty/>
       </element>
     </optional>
+    <optional>
+      <ref name="encryption"/>
+    </optional>
   </define>
   <!--
       A disk description can be either of type file or block
diff --git a/src/domain_conf.c b/src/domain_conf.c
index 1d2cc7c..46acf5e 100644
--- a/src/domain_conf.c
+++ b/src/domain_conf.c
@@ -288,6 +288,7 @@ void virDomainDiskDefFree(virDomainDiskDefPtr def)
     VIR_FREE(def->dst);
     VIR_FREE(def->driverName);
     VIR_FREE(def->driverType);
+    virStorageEncryptionFree(def->encryption);
 
     VIR_FREE(def);
 }
@@ -661,6 +662,7 @@ virDomainDiskDefParseXML(virConnectPtr conn,
     char *bus = NULL;
     char *cachetag = NULL;
     char *devaddr = NULL;
+    virStorageEncryptionPtr encryption = NULL;
 
     if (VIR_ALLOC(def) < 0) {
         virReportOOMError(conn);
@@ -718,6 +720,12 @@ virDomainDiskDefParseXML(virConnectPtr conn,
             } else if ((flags & VIR_DOMAIN_XML_INTERNAL_STATUS) &&
                        xmlStrEqual(cur->name, BAD_CAST "state")) {
                 devaddr = virXMLPropString(cur, "devaddr");
+            } else if (encryption == NULL &&
+                       xmlStrEqual(cur->name, BAD_CAST "encryption")) {
+                encryption = virStorageEncryptionParseNode(conn, node->doc,
+                                                           cur);
+                if (encryption == NULL)
+                    goto error;
             }
         }
         cur = cur->next;
@@ -836,6 +844,8 @@ virDomainDiskDefParseXML(virConnectPtr conn,
     driverName = NULL;
     def->driverType = driverType;
     driverType = NULL;
+    def->encryption = encryption;
+    encryption = NULL;
 
 cleanup:
     VIR_FREE(bus);
@@ -847,6 +857,7 @@ cleanup:
     VIR_FREE(driverName);
     VIR_FREE(cachetag);
     VIR_FREE(devaddr);
+    virStorageEncryptionFree(encryption);
 
     return def;
 
@@ -3519,6 +3530,9 @@ virDomainDiskDefFormat(virConnectPtr conn,
         virBufferAddLit(buf, "      <readonly/>\n");
     if (def->shared)
         virBufferAddLit(buf, "      <shareable/>\n");
+    if (def->encryption != NULL &&
+        virStorageEncryptionFormat(conn, buf, def->encryption) < 0)
+        return -1;
 
     if (flags & VIR_DOMAIN_XML_INTERNAL_STATUS) {
         virBufferAddLit(buf, "      <state");
diff --git a/src/domain_conf.h b/src/domain_conf.h
index 44302be..e422f6f 100644
--- a/src/domain_conf.h
+++ b/src/domain_conf.h
@@ -30,6 +30,7 @@
 
 #include "internal.h"
 #include "capabilities.h"
+#include "storage_encryption.h"
 #include "util.h"
 #include "threads.h"
 
@@ -117,6 +118,7 @@ struct _virDomainDiskDef {
         unsigned bus;
         unsigned slot;
     } pci_addr;
+    virStorageEncryptionPtr encryption;
 };
 
 static inline int
-- 
1.6.2.5


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]