From eda3af2488f8385931927c0c294c507229633b5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Tue, 21 Jul 2009 00:28:11 +0200 Subject: [PATCH] Attach encryption information to virStorageVolDef. The XML allows , this implementation canonicalizes the internal representation so that "vol->encryption" is non-NULL iff the volume is encrypted. Note that partial encryption information (e.g. specifying an encryption format, but not the key/passphrase) is valid, libvirt will automatically choose value for the missing information during volume creation. The user can read the volume XML, and use the unmodified tag in future operations (without having to be able to understand) its contents. * docs/formatstorage.html, docs/formatstorage.html.in: Document storage volume encryption options * src/storage_conf.c, src/storage_conf.h: Hook up storage encryption XML handling * tests/storagevolschemadata/vol-qcow2.xml: Test case for encryption schema changes --- docs/formatstorage.html | 6 ++++++ docs/formatstorage.html.in | 8 ++++++++ docs/schemas/storagevol.rng | 5 +++++ src/storage_conf.c | 15 +++++++++++++++ src/storage_conf.h | 3 +++ tests/storagevolschemadata/vol-qcow2.xml | 3 +++ 6 files changed, 40 insertions(+) diff --git a/docs/formatstorage.html b/docs/formatstorage.html index 8c16a0fb75..cb95263f3f 100644 --- a/docs/formatstorage.html +++ b/docs/formatstorage.html @@ -252,6 +252,9 @@ <mode>0744</mode> <label>virt_image_t</label> </permissions> + <encryption type='...'> + ... + </encryption> </target> </pool>
path
Provides the location at which the pool will be mapped into @@ -274,6 +277,9 @@ element contains the numeric group ID. The label element contains the MAC (eg SELinux) label string. Since 0.4.1 +
encryption
If present, specifies how the volume is encrypted. See + the Storage Encryption page + for more information.

Device extents diff --git a/docs/formatstorage.html.in b/docs/formatstorage.html.in index 4878d729eb..3ed88a2914 100644 --- a/docs/formatstorage.html.in +++ b/docs/formatstorage.html.in @@ -124,6 +124,9 @@ <mode>0744</mode> <label>virt_image_t</label> </permissions> + <encryption type='...'> + ... + </encryption> </target> </pool> @@ -152,6 +155,11 @@ contains the MAC (eg SELinux) label string. Since 0.4.1 +
encryption
+
If present, specifies how the volume is encrypted. See + the Storage Encryption page + for more information. +

Device extents

diff --git a/docs/schemas/storagevol.rng b/docs/schemas/storagevol.rng index 5b0b038666..00b70f6924 100644 --- a/docs/schemas/storagevol.rng +++ b/docs/schemas/storagevol.rng @@ -5,6 +5,8 @@ + + @@ -73,6 +75,9 @@ + + + diff --git a/src/storage_conf.c b/src/storage_conf.c index 245b2d0cc5..c4460691c7 100644 --- a/src/storage_conf.c +++ b/src/storage_conf.c @@ -260,8 +260,10 @@ virStorageVolDefFree(virStorageVolDefPtr def) { VIR_FREE(def->target.path); VIR_FREE(def->target.perms.label); + virStorageEncryptionFree(def->target.encryption); VIR_FREE(def->backingStore.path); VIR_FREE(def->backingStore.perms.label); + virStorageEncryptionFree(def->backingStore.encryption); VIR_FREE(def); } @@ -955,6 +957,7 @@ virStorageVolDefParseXML(virConnectPtr conn, char *allocation = NULL; char *capacity = NULL; char *unit = NULL; + xmlNodePtr node; options = virStorageVolOptionsForPoolType(pool->type); if (options == NULL) @@ -1019,6 +1022,14 @@ virStorageVolDefParseXML(virConnectPtr conn, "./target/permissions", 0600) < 0) goto cleanup; + node = virXPathNode(conn, "./target/encryption", ctxt); + if (node != NULL) { + ret->target.encryption = virStorageEncryptionParseNode(conn, ctxt->doc, + node); + if (ret->target.encryption == NULL) + goto cleanup; + } + ret->backingStore.path = virXPathString(conn, "string(./backingStore/path)", ctxt); @@ -1189,6 +1200,10 @@ virStorageVolTargetDefFormat(virConnectPtr conn, virBufferAddLit(buf," \n"); + if (def->encryption != NULL && + virStorageEncryptionFormat(conn, buf, def->encryption) < 0) + return -1; + virBufferVSprintf(buf, " \n", type); return 0; diff --git a/src/storage_conf.h b/src/storage_conf.h index a6c3650bd9..bcf9b933cd 100644 --- a/src/storage_conf.h +++ b/src/storage_conf.h @@ -26,6 +26,7 @@ #include "internal.h" #include "util.h" +#include "storage_encryption_conf.h" #include "threads.h" #include @@ -77,6 +78,8 @@ struct _virStorageVolTarget { int format; virStoragePerms perms; int type; /* only used by disk backend for partition type */ + /* Currently used only in virStorageVolDef.target, not in .backingstore. */ + virStorageEncryptionPtr encryption; }; diff --git a/tests/storagevolschemadata/vol-qcow2.xml b/tests/storagevolschemadata/vol-qcow2.xml index c1cf02f461..2a13cd16e4 100644 --- a/tests/storagevolschemadata/vol-qcow2.xml +++ b/tests/storagevolschemadata/vol-qcow2.xml @@ -14,6 +14,9 @@ 0 + + + /var/lib/libvirt/images/BaseDemo.img