[libvirt] [PATCH 0/2] Use secret objects to pass iSCSI passwords

John Ferlan posted 2 patches 6 years, 6 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20170905190935.18247-1-jferlan@redhat.com
There is a newer version of this series
src/qemu/qemu_capabilities.c                       |  4 ++
src/qemu/qemu_capabilities.h                       |  3 ++
src/qemu/qemu_command.c                            | 19 ++++++++-
src/qemu/qemu_domain.c                             |  4 ++
tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml  |  1 +
tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml    |  1 +
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml   |  1 +
...xml2argv-disk-drive-network-iscsi-auth-AES.args | 39 ++++++++++++++++++
...uxml2argv-disk-drive-network-iscsi-auth-AES.xml | 43 +++++++++++++++++++
...ml2argv-hostdev-scsi-virtio-iscsi-auth-AES.args | 35 ++++++++++++++++
...xml2argv-hostdev-scsi-virtio-iscsi-auth-AES.xml | 48 ++++++++++++++++++++++
tests/qemuxml2argvtest.c                           | 10 +++++
12 files changed, 206 insertions(+), 2 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-AES.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-AES.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-AES.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-AES.xml
[libvirt] [PATCH 0/2] Use secret objects to pass iSCSI passwords
Posted by John Ferlan 6 years, 6 months ago
Fairly simple exercise since similar processing is used for RBD,
just needed to check for the proper capabililty and then use it
and test that it works.

NB 1: Depending on order of submit either this patch will need to
      add the capability flag into caps_2.10.0 or the other patch
      will need to add it...  Plan is to wait for the other patch
      to be ACK'd and then add the capability here

NB 2: "Theoretically speaking" one could/should also consider the
      <auth> for the JSON virstoragefile source parse backing code;
      however, <auth> is not a <source> property rather it is a
      <disk> property and thus stored in QEMU_DOMAIN_DISK_PRIVATE.
      But for both RBD and iSCSI the "user" and "password-secret"
      options are -drive properties that could be parsed and
      handled (ok well mostly handled). In any case, the RBD code
      doesn't handle it (for now), so neither will the iSCSI code.

John Ferlan (2):
  qemu: Get capabilities for iscsi usage of password-secret argument
  qemu: Use secret objects to pass iSCSI passwords

 src/qemu/qemu_capabilities.c                       |  4 ++
 src/qemu/qemu_capabilities.h                       |  3 ++
 src/qemu/qemu_command.c                            | 19 ++++++++-
 src/qemu/qemu_domain.c                             |  4 ++
 tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml  |  1 +
 tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml    |  1 +
 tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml   |  1 +
 ...xml2argv-disk-drive-network-iscsi-auth-AES.args | 39 ++++++++++++++++++
 ...uxml2argv-disk-drive-network-iscsi-auth-AES.xml | 43 +++++++++++++++++++
 ...ml2argv-hostdev-scsi-virtio-iscsi-auth-AES.args | 35 ++++++++++++++++
 ...xml2argv-hostdev-scsi-virtio-iscsi-auth-AES.xml | 48 ++++++++++++++++++++++
 tests/qemuxml2argvtest.c                           | 10 +++++
 12 files changed, 206 insertions(+), 2 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-AES.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth-AES.xml
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-AES.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-hostdev-scsi-virtio-iscsi-auth-AES.xml

-- 
2.9.5

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list