[libvirt] [PATCH 14/19] conf: Add new secret type "key"

John Ferlan jferlan at redhat.com
Thu Jun 23 13:06:58 UTC 2016 


On 06/21/2016 08:08 AM, Peter Krempa wrote:
> On Mon, Jun 13, 2016 at 20:27:53 -0400, John Ferlan wrote:
>> Add a new secret type known as "key" - it will handle adding the secret
>> objects that need a key (or passphrase), such as will soon be the case
> 
> This may be misleading a "key" is not equal to a "passprhase" in usual
> encryption terminology. Key usually refers to the actual encryption key
> used to encrypt the data whereas passprhase is usually a human readable
> secret string (which may not be random at all) used to access the key
> later.
> 
> The cryptsetup man page tends to treat them interchangably to some
> extent (eg a key slot equals to passprhase, but the master key refers to
> the actual encryption key used for the data).
> 
> To avoid confusion I'd rather stick with "passphrase".
> 
>> for a luks volume for both storage driver create and libvirt domain usage.
>>
>> Signed-off-by: John Ferlan <jferlan at redhat.com>
>> ---

Perhaps a rephrasing...

Instead of:

<secret ...>
  ...
  <usage type='key'>
    <key>Text</key>
  </usage>
  ...
</secret>

The preference is:

<secret ...>
  ...
  <usage type='passphrase'>
    <XXX>Text</XXX>
  </usage>
  ...
</secret>

Where, I'm struggling what to call "XXX".  It's not a <passphrase>...

<usage type='volume'> uses <volume>
<usage type='ceph'> uses <name>
<usage type='iscsi'> uses <target>

So given that, does the following work?

  <usage type='passphrase'>
    <id>Text</id>
  </usage>

In the long run "Text" is what's used by the <domain...> in order to
match/find the secret.



Currently the domain secrets have:

<domain>
  ...
  <encryption format='qcow'>
    <secret type='passphrase' uuid='xxxx'/}
  </encryption>
  ...
  <disk>
     ...
     <auth ...>
       <secret type='{iscsi|ceph}' {usage|uuid}='string'/>
     </auth>
</domain>

where "usage='string'" essentially the contents of <secret....>
<usage...> "Text"

NB: There are patches to allow usage for <encryption ... <secret...>

So, for LUKS we would then have

<domain>
  ...
  <encryption format='luks'>
    <secret type='YYY' {uuid|usage}='string'/>
  </encryption>

The YYY could be 'passphrase', right?

Furthermore "the future" would "reuse" this <secret> type - so I'm
trying to make it generic as possible.

John

More information about the libvir-list mailing list