[libvirt] [PATCH 1/5] list: Define new API virConnectListAllSecrets

Mon Sep 17 05:09:46 UTC 2012

On 2012年09月14日 17:47, Peter Krempa wrote:
> On 09/14/12 10:38, Osier Yang wrote:
>> This is to list the secret objects. No flags are supported
>
> This statement isn't accurate as you added filtering flags.
>
>>
>> include/libvirt/libvirt.h.in: Declare enum virConnectListAllSecretFlags
>> and virConnectListAllSecrets.
>> python/generator.py: Skip auto-generating
>> src/driver.h: (virDrvConnectListAllSecrets)
>> src/libvirt.c: Implement the public API
>> src/libvirt_public.syms: Export the symbol to public
>> ---
>> include/libvirt/libvirt.h.in | 21 +++++++++++++
>> python/generator.py | 1 +
>> src/driver.h | 5 +++
>> src/libvirt.c | 66 ++++++++++++++++++++++++++++++++++++++++++
>> src/libvirt_public.syms | 1 +
>> 5 files changed, 94 insertions(+), 0 deletions(-)
>>
>> diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
>> index 3d41026..c38ab23 100644
>> --- a/include/libvirt/libvirt.h.in
>> +++ b/include/libvirt/libvirt.h.in
>> @@ -3266,6 +3266,27 @@ int virConnectNumOfSecrets (virConnectPtr conn);
>> int virConnectListSecrets (virConnectPtr conn,
>> char **uuids,
>> int maxuuids);
>> +
>> +/*
>> + * virConnectListAllSecrets:
>> + *
>> + * Flags used to filter the returned secrets. Flags in each group
>> + * are exclusive attributes of a secret.
>> + */
>> +typedef enum {
>> + /* kept in memory, never stored persistently */
>> + VIR_CONNECT_LIST_SECRETS_EPHEMERAL = 1 << 0,
>> + VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL = 1 << 1,
>> +
>> + /* not revealed to any caller of libvirt, nor
>> + * to any other node */
>> + VIR_CONNECT_LIST_SECRETS_PRIVATE = 1 << 2,
>> + VIR_CONNECT_LIST_SECRETS_NO_PRIVATE = 1 << 3,
>> +} virConnectListAllSecretsFlags;
>> +
>> +int virConnectListAllSecrets(virConnectPtr conn,
>> + virSecretPtr **secrets,
>> + unsigned int flags);
>> virSecretPtr virSecretLookupByUUID(virConnectPtr conn,
>> const unsigned char *uuid);
>> virSecretPtr virSecretLookupByUUIDString(virConnectPtr conn,
>> diff --git a/python/generator.py b/python/generator.py
>> index d3163e4..955c893 100755
>> --- a/python/generator.py
>> +++ b/python/generator.py
>> @@ -466,6 +466,7 @@ skip_function = (
>> 'virConnectListAllInterfaces', # overridden in virConnect.py
>> 'virConnectListAllNodeDevices', # overridden in virConnect.py
>> 'virConnectListAllNWFilters', # overridden in virConnect.py
>> + 'virConnectListAllSecrets', # overridden in virConnect.py
>>
>> 'virStreamRecvAll', # Pure python libvirt-override-virStream.py
>> 'virStreamSendAll', # Pure python libvirt-override-virStream.py
>> diff --git a/src/driver.h b/src/driver.h
>> index 9984a85..3e69dae 100644
>> --- a/src/driver.h
>> +++ b/src/driver.h
>> @@ -1567,6 +1567,10 @@ typedef int
>> (*virDrvListSecrets) (virConnectPtr conn,
>> char **uuids,
>> int maxuuids);
>> +typedef int
>> + (*virDrvListAllSecrets) (virConnectPtr conn,
>> + virSecretPtr **secrets,
>> + unsigned int flags);
>>
>> typedef struct _virSecretDriver virSecretDriver;
>> typedef virSecretDriver *virSecretDriverPtr;
>> @@ -1588,6 +1592,7 @@ struct _virSecretDriver {
>>
>> virDrvNumOfSecrets numOfSecrets;
>> virDrvListSecrets listSecrets;
>> + virDrvListAllSecrets listAllSecrets;
>> virDrvSecretLookupByUUID lookupByUUID;
>> virDrvSecretLookupByUsage lookupByUsage;
>> virDrvSecretDefineXML defineXML;
>> diff --git a/src/libvirt.c b/src/libvirt.c
>> index cae9bc9..6a9be6d 100644
>> --- a/src/libvirt.c
>> +++ b/src/libvirt.c
>> @@ -14594,6 +14594,72 @@ error:
>> }
>>
>> /**
>> + * virConnectListAllSecrets:
>> + * @conn: Pointer to the hypervisor connection.
>> + * @secrets: Pointer to a variable to store the array containing the
>> secret
>> + * objects or NULL if the list is not required (just returns the
>> + * number of secrets).
>> + * @flags: extra flags; not used yet, so callers should always pass 0
>> + *
>> + * Collect the list of secrets, and allocate an array to store those
>> + * objects.
>> + *
>> + * Normally, all secrets are returned; however, @flags can be used to
>> + * filter the results for a smaller list of targeted secrets. The valid
>> + * flags are divided into groups, where each group contains bits that
>> + * describe mutually exclusive attributes of a secret, and where all
>> bits
>> + * within a group describe all possible secrets.
>> + *
>> + * The first group of @flags is
>> VIR_CONNECT_LIST_SECRETS_EPHEMERAL(kept in
>> + * memory, not persistent) and VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL
>> + * (nor ephemeral) to filter the secrets by whether it's ephemeral or
>> not.
>
> I'd rephrase this paragraph a little bit:
>
> The first group of @flags is used to filter the list by storage location
> of the secret. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL selects secrets
> that are kept only in memory. Flag VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL
> selects secrets that are allowed to be kept in persistent storage.
>
> (In any case, it'd be best if Eric would state his opinion on this :) )
>
>> + *
>> + * The second group of @flags is VIR_CONNECT_LIST_SECRETS_PRIVATE
>> + * (not revealed to any caller of libvirt, nor to any other node)
>> + * and VIR_CONNECT_LIST_SECRETS_NO_PRIVATE (not private), to filter
>> + * the secrets by whether it's private or not.
>
> This paragraph also contains a lot of redundant information:
>
> The second group of @flags allows filtering secrets by privacy. When
> flag VIR_CONNECT_LIST_SECRETS_PRIVATE is specified secrets that are
> never revealed to any caller of libvirt nor to any other node are
> returned. Flag VIR_CONNECT_LIST_SECRETS_NO_PRIVATE can be used to select
> non-private secrets.
>

I reword your suggestion a bit like:

  * The first group of @flags is used to filter secrets by its storage
  * location. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL
  * selects secrets that are kept only in memory. Flag
  * VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL selects secrets that are
  * kept in persistent storage.
  *
  * The second group of @flags is used to filter secrets by privacy.
  * Flag VIR_CONNECT_LIST_SECRETS_PRIVATE seclets secrets that are
  * never revealed to any caller of libvirt nor to any other node.
  * Flag VIR_CONNECT_LIST_SECRETS_NO_PRIVATE selects non-private secrets.

Osier