NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

storage: Disallow create/resize of qcow2 encrypted images

Browse Source 
https://bugzilla.redhat.com/show_bug.cgi?id=1526382

Since commit c4eedd793 disallowed qcow2 encrypted images to be
used for domains, it no longer makes sense to allow a qcow2
encrypted volume to be created or resized.

Add a test that will exhibit the failure of creation as well
as the xml2xml validation of the format still being correct.

Update the documentation to note the removal of the capability
to create and use qcow/default encrypted volumes.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
John Ferlan
2018-06-20 16:21:50 -04:00
parent a02d879858
commit 8f83af6823
7 changed files with 104 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docs/formatsecret.html.in
View File

@@ -51,7 +51,7 @@
<p>
This secret is associated with a volume, whether the format is either
for a "qcow" or a "luks" encrypted volume. Each volume will have a
for a "luks" encrypted volume. Each volume will have a
unique secret associated with it and it is safe to delete the
secret after the volume is deleted. The
<code>&lt;usage type='volume'&gt;</code> element must contain a
@@ -83,16 +83,6 @@ Secret value set
#
</pre>
<p>
The volume type secret can be supplied in domain XML for a qcow storage
volume <a href="formatstorageencryption.html">encryption</a> as follows:
</p>
<pre>
&lt;encryption format='qcow'&gt;
&lt;secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/&gt;
&lt;/encryption&gt;
</pre>
<p>
The volume type secret can be supplied either in volume XML during
creation of a <a href="formatstorage.html#StorageVol">storage volume</a>
@@ -120,6 +110,16 @@ Secret value set
#
</pre>
<p>
The volume type secret can be supplied in domain XML for a luks storage
volume <a href="formatstorageencryption.html">encryption</a> as follows:
</p>
<pre>
&lt;encryption format='luks'&gt;
&lt;secret type='passphrase' uuid='f52a81b2-424e-490c-823d-6bd4235bc57'/&gt;
&lt;/encryption&gt;
</pre>
<h3><a id="CephUsageType">Usage type "ceph"</a></h3>
<p>
This secret is associated with a Ceph RBD (rados block device).