From nobody Mon May 6 02:40:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1600343973; cv=none; d=zohomail.com; s=zohoarc; b=drt2XXdcKEZq7pEnL5HliNcTnMcPr6M/h7XqtG9sXfwwFj6zKm5YtXb8GvDSrV8LLvgGzOWbFcut1ejHQamZC/Q/+gANW7nJgZOHTTFdi2V9ZawxngsRwxKc03QjEkv586Yh5RlSLmsid5nOXIZ8d/60n0rXNaWhWvNuDtz3wPE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600343973; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Vny3+iMjFm2pKAQUPTMNAZun9L2QuQ6UOPrHc+iULvc=; b=n9pUCKHrC9B4/OK793BKZaQwt7a4vFnqbe9WVWAse/KSBNrORz0YHGzg7D/4rVXEfAOw1xbtY3pN6tC/2LsrA5S5Uzh9qcDgrb/6yrRekP/te0AlsGJcP3iaindFNSUnv+Arx1DaSmpvuaSCtfW6h5J2JqJNOocertZSi8FRuck= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1600343973674884.6033554172735; Thu, 17 Sep 2020 04:59:33 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-159-B2sAcZCRNKC9Dg385WjLpQ-1; Thu, 17 Sep 2020 07:59:30 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 40AAA186DD30; Thu, 17 Sep 2020 11:59:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DAFBF19D7C; Thu, 17 Sep 2020 11:59:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9D22A8C7CA; Thu, 17 Sep 2020 11:59:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 08HBxIL7027440 for ; Thu, 17 Sep 2020 07:59:18 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3F40B7EEDA; Thu, 17 Sep 2020 11:59:18 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-114-29.ams2.redhat.com [10.36.114.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3D5607EEB4; Thu, 17 Sep 2020 11:59:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1600343972; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Vny3+iMjFm2pKAQUPTMNAZun9L2QuQ6UOPrHc+iULvc=; b=MKWlO4cv1LFj91IbCMc51XtSTytr9cWpq6AvIyffqsLBDdXoi5YzWbdVBqiFTmGH0Njtv4 Sd48Fxosr7k9KlNAv5lTpQtN1y+g4AMQE81Nq++3dmmUIXj3wNszZlnikhijW3g6IVwu29 PAlOrVeFxHPEQ5dXq6W0FlRwq2/JpKU= X-MC-Unique: B2sAcZCRNKC9Dg385WjLpQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH v2 1/4] scripts: fix logic error in argv wrapping code Date: Thu, 17 Sep 2020 12:59:05 +0100 Message-Id: <20200917115908.1615571-2-berrange@redhat.com> In-Reply-To: <20200917115908.1615571-1-berrange@redhat.com> References: <20200917115908.1615571-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) The first piece of the command we process must be added to the list straight away regardless of whether it starts with a '-' or not. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- scripts/test-wrap-argv.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/test-wrap-argv.py b/scripts/test-wrap-argv.py index 4193e6b68d..6b0d3511f3 100755 --- a/scripts/test-wrap-argv.py +++ b/scripts/test-wrap-argv.py @@ -59,7 +59,7 @@ def rewrap_line(line): # If there's a leading '-' then this is a new # parameter, otherwise its a value for the prev # parameter. - if bit.startswith("-"): + if bit.startswith("-") or len(args) =3D=3D 0: args.append(bit) else: args[-1] =3D args[-1] + " " + bit --=20 2.26.2 From nobody Mon May 6 02:40:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1600343986; cv=none; d=zohomail.com; s=zohoarc; b=RVLePM56D66BiiF5HmkIKO7OrD7bGvBbrPFTXtMfPYYBGL3ep3spt09/8wtkTG4nsrsptcyrmq86AtymME0L2yyK6IJ9IxF5vdNxkLeTsYEHhM4ISoAAzZIkJ8KOpzq6c3ZoKTvsisRoiW48xczRbZ0xcr+SNI+l+LA12dJ1igE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600343986; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=iVVmX+51BjKBaIAfYt/noeTC/412bku+PBHaBVi8Jw4=; b=aMcI8JbichlQDPQZMqqH7la51VN+cZ+jdZ0BHQAJdKFaZtmke98H/9tFqMbR98JmPm/AzsH2EuHpSTahpdjbBleI65cmaJAjO42KItnqCvKjqbiyE4vbHzwNA7dCueoDzHQ4nvw7AvOOI2sSpfFtC3nS1X+K0OE9EagdYpz4le8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1600343986634272.7640515047467; Thu, 17 Sep 2020 04:59:46 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-506-KXwCz3_qN02hdYY8MoABHA-1; Thu, 17 Sep 2020 07:59:43 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 25CEC186DD40; Thu, 17 Sep 2020 11:59:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 024BC68D60; Thu, 17 Sep 2020 11:59:38 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B9A1D8C7D6; Thu, 17 Sep 2020 11:59:37 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 08HBxNIM027455 for ; Thu, 17 Sep 2020 07:59:23 -0400 Received: by smtp.corp.redhat.com (Postfix) id B56EA7EEB4; Thu, 17 Sep 2020 11:59:22 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-114-29.ams2.redhat.com [10.36.114.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id A9CE97FB7C; Thu, 17 Sep 2020 11:59:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1600343985; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=iVVmX+51BjKBaIAfYt/noeTC/412bku+PBHaBVi8Jw4=; b=atBV0DGigVgi2tWzKJhQbPsSAvJFF+h2P9IOsry0NiDEkflAVgDnbLCd+7DGu+ze1uZaPG Y4U8OZtOa9CV4Tvn8mgpab5LPTUIulPg8Uc6H28HI6PLQUJGB5pwxJnniQhrFe4Dgp9yJG BhhLrAK1n1J1u7u0jcXvfGiSkIPSQ9w= X-MC-Unique: KXwCz3_qN02hdYY8MoABHA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH v2 2/4] util: detect LUKS encryption scheme in qcow2 files Date: Thu, 17 Sep 2020 12:59:06 +0100 Message-Id: <20200917115908.1615571-3-berrange@redhat.com> In-Reply-To: <20200917115908.1615571-1-berrange@redhat.com> References: <20200917115908.1615571-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Crypt method number 2 indicates LUKS format. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/util/virstoragefile.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index 97a346db28..42341150e5 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -290,6 +290,22 @@ static struct FileEncryptionInfo const qcow2Encryption= Info[] =3D { =20 .payloadOffset =3D -1, }, + { + .format =3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS, + + .magicOffset =3D 0, + .magic =3D NULL, + .endian =3D LV_BIG_ENDIAN, + + .versionOffset =3D -1, + .versionSize =3D 0, + .versionNumbers =3D {}, + + .modeOffset =3D QCOW2_HDR_CRYPT, + .modeValue =3D 2, + + .payloadOffset =3D -1, + }, { 0 } }; =20 --=20 2.26.2 From nobody Mon May 6 02:40:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1600344004; cv=none; d=zohomail.com; s=zohoarc; b=F83CXQzlmAg19YLyajtqboY+5aYuwOuv/uQRZDr3mx6FK2JzSIJLaqzuV/GtCJSLi0uWCZgXLkUWv/DcbEOLtduSc3E/90tjYMkVBB3kdXeM2/Ju8DMJ76C39eSQnoeXrk5EQ/R2gljEvTHtBX4RMKVzXDEIMi9ycrw3h2nTILs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600344004; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ghfm/5QVfYeYCQmV/PTi7A70oAhx0b/JwdECv+oGW74=; b=HhhHN8CahUD82JvFNC2/T17debUchqVx/PoUYnwi/6JQQGXHhOUatljG8anz5eUkc2n06/Uss1c+AL15ZgRTupCFXgVOEK2hodX3v6vnRqvmDqNINL8gxbqosb5R31zrKqXGcxapbGpQ1UvqHyhBPxT7gglM0M99HyNBKp10rN8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1600344004179381.28732114748016; Thu, 17 Sep 2020 05:00:04 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-474-0oJ4SYsmN4GFMSqqsVAukw-1; Thu, 17 Sep 2020 07:59:43 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1A25A6409C; Thu, 17 Sep 2020 11:59:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id EB8287EEDA; Thu, 17 Sep 2020 11:59:37 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B1612183D041; Thu, 17 Sep 2020 11:59:37 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 08HBxNco027463 for ; Thu, 17 Sep 2020 07:59:23 -0400 Received: by smtp.corp.redhat.com (Postfix) id D75837EEB4; Thu, 17 Sep 2020 11:59:23 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-114-29.ams2.redhat.com [10.36.114.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 14EF17EEDA; Thu, 17 Sep 2020 11:59:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1600344003; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ghfm/5QVfYeYCQmV/PTi7A70oAhx0b/JwdECv+oGW74=; b=JOMqwT6XLb2EQqGmyFrnztCvAkI5bl3cwCq28A7naEqnQri23IIsrI/7BzBvv0vhsOSzyK S5ywLEw+vqcuN/vo/bRz7N19kgqavhlzQGDjN61/4GRIrvR/uhYxZRJtrT8d5T7xIbgAjW Rs5sCzpXdXAZAVQUqc4GrWNTm6haeOc= X-MC-Unique: 0oJ4SYsmN4GFMSqqsVAukw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH v2 3/4] tests: remove redundant LUKS volume data files Date: Thu, 17 Sep 2020 12:59:07 +0100 Message-Id: <20200917115908.1615571-4-berrange@redhat.com> In-Reply-To: <20200917115908.1615571-1-berrange@redhat.com> References: <20200917115908.1615571-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) The two removed files have exactly the same config as other LUKS volume data files, simply with different file names. Consolidate down to just two LUKS volume data files as that's all that we need for the test coverage. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- .../luks-convert-encrypt.argv | 18 ++++++++-------- .../luks-convert-encrypt2fileqcow2.argv | 6 +++--- .../luks-convert-encrypt2fileraw.argv | 6 +++--- tests/storagevolxml2argvtest.c | 8 +++---- tests/storagevolxml2xmlin/vol-encrypt1.xml | 21 ------------------- tests/storagevolxml2xmlin/vol-encrypt2.xml | 21 ------------------- 6 files changed, 19 insertions(+), 61 deletions(-) delete mode 100644 tests/storagevolxml2xmlin/vol-encrypt1.xml delete mode 100644 tests/storagevolxml2xmlin/vol-encrypt2.xml diff --git a/tests/storagevolxml2argvdata/luks-convert-encrypt.argv b/tests= /storagevolxml2argvdata/luks-convert-encrypt.argv index b2ad16b7cb..78bce96aaa 100644 --- a/tests/storagevolxml2argvdata/luks-convert-encrypt.argv +++ b/tests/storagevolxml2argvdata/luks-convert-encrypt.argv @@ -1,11 +1,11 @@ qemu-img create -f luks \ ---object secret,id=3Dencrypt2.img_encrypt0,file=3D/path/to/secretFile \ --o key-secret=3Dencrypt2.img_encrypt0 \ -/var/lib/libvirt/images/encrypt2.img 5242880K +--object secret,id=3DLuksDemo.img_encrypt0,file=3D/path/to/secretFile \ +-o key-secret=3DLuksDemo.img_encrypt0 \ +/var/lib/libvirt/images/LuksDemo.img 5242880K qemu-img convert --image-opts -n --target-image-opts \ ---object secret,id=3Dencrypt2.img_encrypt0,file=3D/path/to/secretFile \ ---object secret,id=3Dencrypt1.img_encrypt0,file=3D/path/to/inputSecretFile= \ -driver=3Dluks,file.filename=3D/var/lib/libvirt/images/encrypt1.img,\ -key-secret=3Dencrypt1.img_encrypt0 \ -driver=3Dluks,file.filename=3D/var/lib/libvirt/images/encrypt2.img,\ -key-secret=3Dencrypt2.img_encrypt0 +--object secret,id=3DLuksDemo.img_encrypt0,file=3D/path/to/secretFile \ +--object secret,id=3DOtherDemo.img_encrypt0,file=3D/path/to/inputSecretFil= e \ +driver=3Dluks,file.filename=3D/var/lib/libvirt/images/OtherDemo.img,\ +key-secret=3DOtherDemo.img_encrypt0 \ +driver=3Dluks,file.filename=3D/var/lib/libvirt/images/LuksDemo.img,\ +key-secret=3DLuksDemo.img_encrypt0 diff --git a/tests/storagevolxml2argvdata/luks-convert-encrypt2fileqcow2.ar= gv b/tests/storagevolxml2argvdata/luks-convert-encrypt2fileqcow2.argv index 82cb364b61..fd974f863e 100644 --- a/tests/storagevolxml2argvdata/luks-convert-encrypt2fileqcow2.argv +++ b/tests/storagevolxml2argvdata/luks-convert-encrypt2fileqcow2.argv @@ -1,7 +1,7 @@ qemu-img create -f qcow2 \ -o compat=3D0.10 /var/lib/libvirt/images/sparse-qcow2.img 1073741824K qemu-img convert --image-opts -n --target-image-opts \ ---object secret,id=3Dencrypt2.img_encrypt0,file=3D/path/to/inputSecretFile= \ -driver=3Dluks,file.filename=3D/var/lib/libvirt/images/encrypt2.img,\ -key-secret=3Dencrypt2.img_encrypt0 \ +--object secret,id=3DOtherDemo.img_encrypt0,file=3D/path/to/inputSecretFil= e \ +driver=3Dluks,file.filename=3D/var/lib/libvirt/images/OtherDemo.img,\ +key-secret=3DOtherDemo.img_encrypt0 \ driver=3Dqcow2,file.filename=3D/var/lib/libvirt/images/sparse-qcow2.img diff --git a/tests/storagevolxml2argvdata/luks-convert-encrypt2fileraw.argv= b/tests/storagevolxml2argvdata/luks-convert-encrypt2fileraw.argv index 2661c345a8..82473db57b 100644 --- a/tests/storagevolxml2argvdata/luks-convert-encrypt2fileraw.argv +++ b/tests/storagevolxml2argvdata/luks-convert-encrypt2fileraw.argv @@ -1,7 +1,7 @@ qemu-img create -f raw \ /var/lib/libvirt/images/sparse.img 1073741824K qemu-img convert --image-opts -n --target-image-opts \ ---object secret,id=3Dencrypt2.img_encrypt0,file=3D/path/to/inputSecretFile= \ -driver=3Dluks,file.filename=3D/var/lib/libvirt/images/encrypt2.img,\ -key-secret=3Dencrypt2.img_encrypt0 \ +--object secret,id=3DOtherDemo.img_encrypt0,file=3D/path/to/inputSecretFil= e \ +driver=3Dluks,file.filename=3D/var/lib/libvirt/images/OtherDemo.img,\ +key-secret=3DOtherDemo.img_encrypt0 \ driver=3Draw,file.filename=3D/var/lib/libvirt/images/sparse.img diff --git a/tests/storagevolxml2argvtest.c b/tests/storagevolxml2argvtest.c index 1832690e29..618f481039 100644 --- a/tests/storagevolxml2argvtest.c +++ b/tests/storagevolxml2argvtest.c @@ -264,16 +264,16 @@ mymain(void) "pool-dir", "vol-file-qcow2", "luks-convert-qcow2", 0); =20 - DO_TEST("pool-dir", "vol-encrypt2", - "pool-dir", "vol-encrypt1", + DO_TEST("pool-dir", "vol-luks", + "pool-dir", "vol-luks-convert", "luks-convert-encrypt", 0); =20 DO_TEST("pool-dir", "vol-file", - "pool-dir", "vol-encrypt2", + "pool-dir", "vol-luks-convert", "luks-convert-encrypt2fileraw", 0); =20 DO_TEST("pool-dir", "vol-file-qcow2", - "pool-dir", "vol-encrypt2", + "pool-dir", "vol-luks-convert", "luks-convert-encrypt2fileqcow2", 0); =20 return ret =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; diff --git a/tests/storagevolxml2xmlin/vol-encrypt1.xml b/tests/storagevolx= ml2xmlin/vol-encrypt1.xml deleted file mode 100644 index 681734dc7b..0000000000 --- a/tests/storagevolxml2xmlin/vol-encrypt1.xml +++ /dev/null @@ -1,21 +0,0 @@ - - encrypt1.img - /var/lib/libvirt/images/encrypt1.img - - - 5 - 294912 - - /var/lib/libvirt/images/encrypt1.img - - - 0644 - 0 - 0 - - - - - - - diff --git a/tests/storagevolxml2xmlin/vol-encrypt2.xml b/tests/storagevolx= ml2xmlin/vol-encrypt2.xml deleted file mode 100644 index 0507d3b9e6..0000000000 --- a/tests/storagevolxml2xmlin/vol-encrypt2.xml +++ /dev/null @@ -1,21 +0,0 @@ - - encrypt2.img - /var/lib/libvirt/images/encrypt2.img - - - 5 - 294912 - - /var/lib/libvirt/images/encrypt2.img - - - 0644 - 0 - 0 - - - - - - - --=20 2.26.2 From nobody Mon May 6 02:40:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1600343993; cv=none; d=zohomail.com; s=zohoarc; b=e2H+hFG9DIMz1AR4wLCdpn9iKFvijuci00QWh/qQZkVYz40eGygu4hTWffzu1w14j3FWRPAWpJbdllBcVzgQnHL5uJOfDr+xE0up1UOFIizp/Ol7S7X+mhftGFhB5Jt/0v6wVO/ZXajYOhUMwmOb38hrh+pbCKkN5bb58shy5vM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600343993; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=XvBAHQ9REQldzfYdAHsFbkf8Vd+Wm1bNXJx1ZNyaqwI=; b=Y+k5VwiEAaHbJNlUhT5jyjuw6vovU4UpVURg1qHNpUGFZRu5nHuiQzb+gcR/4Z7bdaLc3uLELlMcMuLFu/njDTqV5qw2FJpHs6IMfyJIrc2+wrCwnylokQCiaifdu3sRADVB0tKfPfwGZn88KSfpI8b7b0p55q4/CUpkD05XNgI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1600343993380341.4161073424199; Thu, 17 Sep 2020 04:59:53 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-385-wtFBEXl0OgilWRI9LmpXiw-1; Thu, 17 Sep 2020 07:59:49 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 74D6164098; Thu, 17 Sep 2020 11:59:43 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 48F271014175; Thu, 17 Sep 2020 11:59:43 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0DD5E183D044; Thu, 17 Sep 2020 11:59:43 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 08HBxPwB027471 for ; Thu, 17 Sep 2020 07:59:25 -0400 Received: by smtp.corp.redhat.com (Postfix) id 46B117EEDA; Thu, 17 Sep 2020 11:59:25 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-114-29.ams2.redhat.com [10.36.114.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4A6DA7EEB4; Thu, 17 Sep 2020 11:59:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1600343992; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=XvBAHQ9REQldzfYdAHsFbkf8Vd+Wm1bNXJx1ZNyaqwI=; b=NerbR/Gc2JUqWl8lUM7mkVQeDZ2z9G1rUyhSV+A7xvPMtd2guMmfLnhNls2cHGP4/gSOi1 7GVBeFPcmuRIFBln4a8NDGC9FlPafcCvOfR115OH/Xcw6//pe2lkDu6QeOASqD2ewgjxZ1 aKlYK8nLIjYKK5bI/+DSASBeU1RlIBA= X-MC-Unique: wtFBEXl0OgilWRI9LmpXiw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH v2 4/4] storage: add support for qcow2 LUKS encryption Date: Thu, 17 Sep 2020 12:59:08 +0100 Message-Id: <20200917115908.1615571-5-berrange@redhat.com> In-Reply-To: <20200917115908.1615571-1-berrange@redhat.com> References: <20200917115908.1615571-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) The storage driver was wired up to support creating raw volumes in LUKS format, but was never adapted to support LUKS-in-qcow2. This is trivial as it merely requires the encryption properties to be prefixed with the "encrypt." prefix, and "encrypt.format=3Dluks" when creating the volume. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Michal Privoznik --- src/storage/storage_util.c | 70 ++++++++++++++----- src/util/virqemu.c | 23 ++++-- src/util/virqemu.h | 1 + .../qcow2-luks-convert-encrypt.argv | 18 +++++ .../qcow2-luks-convert-encrypt2fileqcow2.argv | 14 ++++ .../qcow2-luks-convert-encrypt2fileraw.argv | 13 ++++ tests/storagevolxml2argvdata/qcow2-luks.argv | 8 +++ tests/storagevolxml2argvtest.c | 15 ++++ .../vol-qcow2-luks-convert.xml | 31 ++++++++ tests/storagevolxml2xmlin/vol-qcow2-luks.xml | 31 ++++++++ tests/storagevolxml2xmlout/vol-qcow2-luks.xml | 31 ++++++++ tests/storagevolxml2xmltest.c | 1 + 12 files changed, 234 insertions(+), 22 deletions(-) create mode 100644 tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt= .argv create mode 100644 tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt= 2fileqcow2.argv create mode 100644 tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt= 2fileraw.argv create mode 100644 tests/storagevolxml2argvdata/qcow2-luks.argv create mode 100644 tests/storagevolxml2xmlin/vol-qcow2-luks-convert.xml create mode 100644 tests/storagevolxml2xmlin/vol-qcow2-luks.xml create mode 100644 tests/storagevolxml2xmlout/vol-qcow2-luks.xml diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index cf82ea0a87..9171cb084f 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -707,7 +707,7 @@ storageBackendCreateQemuImgOpts(virStorageEncryptionInf= oDefPtr encinfo, virStorageFileFormatTypeToString(info->backingFo= rmat)); =20 if (encinfo) - virQEMUBuildQemuImgKeySecretOpts(&buf, encinfo, info->secretAlias); + virQEMUBuildQemuImgKeySecretOpts(&buf, info->format, encinfo, info= ->secretAlias); =20 if (info->preallocate) { if (info->size_arg > info->allocation) @@ -761,7 +761,8 @@ storageBackendCreateQemuImgCheckEncryption(int format, { virStorageEncryptionPtr enc =3D vol->target.encryption; =20 - if (format =3D=3D VIR_STORAGE_FILE_RAW) { + if (format =3D=3D VIR_STORAGE_FILE_RAW || + format =3D=3D VIR_STORAGE_FILE_QCOW2) { if (enc->format !=3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("unsupported volume encryption format %d"), @@ -927,21 +928,34 @@ storageBackendCreateQemuImgSecretObject(virCommandPtr= cmd, } =20 =20 -/* Add a --image-opts to the qemu-img resize command line: +/* Add a --image-opts to the qemu-img resize command line for use + * with encryption: * --image-opts driver=3Dluks,file.filename=3D$volpath,key-secret=3D$se= cretAlias + * or + * --image-opts driver=3Dqcow2,file.filename=3D$volpath,encrypt.key-sec= ret=3D$secretAlias * - * NB: format=3Draw is assumed */ static int storageBackendResizeQemuImgImageOpts(virCommandPtr cmd, + int format, const char *path, const char *secretAlias) { g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; g_autofree char *commandStr =3D NULL; + const char *encprefix; + const char *driver; =20 - virBufferAsprintf(&buf, "driver=3Dluks,key-secret=3D%s,file.filename= =3D", - secretAlias); + if (format =3D=3D VIR_STORAGE_FILE_QCOW2) { + driver =3D "qcow2"; + encprefix =3D "encrypt."; + } else { + driver =3D "luks"; + encprefix =3D ""; + } + + virBufferAsprintf(&buf, "driver=3D%s,%skey-secret=3D%s,file.filename= =3D", + driver, encprefix, secretAlias); virQEMUBuildBufferEscapeComma(&buf, path); =20 commandStr =3D virBufferContentAndReset(&buf); @@ -1006,6 +1020,16 @@ virStorageBackendCreateQemuImgSetInfo(virStoragePool= ObjPtr pool, return -1; } } + if (inputvol && inputvol->target.format =3D=3D VIR_STORAGE_FILE_RAW && + inputvol->target.encryption) { + if (inputvol->target.encryption->format =3D=3D VIR_STORAGE_ENCRYPT= ION_FORMAT_LUKS) { + info->inputType =3D "luks"; + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Only luks encryption is supported for raw fi= les")); + return -1; + } + } =20 if (inputvol && storageBackendCreateQemuImgSetInput(inputvol, convertStep, info) <= 0) @@ -1056,6 +1080,8 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePo= olObjPtr pool, virStorageEncryptionPtr inputenc =3D inputvol ? inputvol->target.encry= ption : NULL; virStorageEncryptionInfoDefPtr encinfo =3D NULL; g_autofree char *inputSecretAlias =3D NULL; + const char *encprefix; + const char *inputencprefix; =20 virCheckFlags(VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA, NULL); =20 @@ -1134,24 +1160,34 @@ virStorageBackendCreateQemuImgCmdFromVol(virStorage= PoolObjPtr pool, virCommandAddArgFormat(cmd, "%lluK", info.size_arg); } else { /* source */ - if (inputenc) + if (inputenc) { + if (inputvol->target.format =3D=3D VIR_STORAGE_FILE_QCOW2) + inputencprefix =3D "encrypt."; + else + inputencprefix =3D ""; virCommandAddArgFormat(cmd, - "driver=3Dluks,file.filename=3D%s,key-s= ecret=3D%s", - info.inputPath, inputSecretAlias); - else + "driver=3D%s,file.filename=3D%s,%skey-s= ecret=3D%s", + info.inputType, info.inputPath, inputen= cprefix, inputSecretAlias); + } else { virCommandAddArgFormat(cmd, "driver=3D%s,file.filename=3D%s", info.inputType ? info.inputType : "raw", info.inputPath); + } =20 /* dest */ - if (enc) + if (enc) { + if (vol->target.format =3D=3D VIR_STORAGE_FILE_QCOW2) + encprefix =3D "encrypt."; + else + encprefix =3D ""; + virCommandAddArgFormat(cmd, - "driver=3D%s,file.filename=3D%s,key-sec= ret=3D%s", - info.type, info.path, info.secretAlias); - else + "driver=3D%s,file.filename=3D%s,%skey-s= ecret=3D%s", + info.type, info.path, encprefix, info.s= ecretAlias); + } else { virCommandAddArgFormat(cmd, "driver=3D%s,file.filename=3D%s", info.type, info.path); - + } } VIR_FREE(info.secretAlias); =20 @@ -2276,7 +2312,9 @@ storageBackendResizeQemuImg(virStoragePoolObjPtr pool, secretAlias) < 0) goto cleanup; =20 - if (storageBackendResizeQemuImgImageOpts(cmd, vol->target.path, + if (storageBackendResizeQemuImgImageOpts(cmd, + vol->target.format, + vol->target.path, secretAlias) < 0) goto cleanup; } diff --git a/src/util/virqemu.c b/src/util/virqemu.c index 25d6fd35c5..5405c9eac9 100644 --- a/src/util/virqemu.c +++ b/src/util/virqemu.c @@ -28,6 +28,7 @@ #include "virqemu.h" #include "virstring.h" #include "viralloc.h" +#include "virstoragefile.h" =20 #define VIR_FROM_THIS VIR_FROM_NONE =20 @@ -407,36 +408,46 @@ virQEMUBuildBufferEscapeComma(virBufferPtr buf, const= char *str) */ void virQEMUBuildQemuImgKeySecretOpts(virBufferPtr buf, + int format, virStorageEncryptionInfoDefPtr encinfo, const char *alias) { - virBufferAsprintf(buf, "key-secret=3D%s,", alias); + const char *encprefix; + + if (format =3D=3D VIR_STORAGE_FILE_QCOW2) { + virBufferAddLit(buf, "encrypt.format=3Dluks,"); + encprefix =3D "encrypt."; + } else { + encprefix =3D ""; + } + + virBufferAsprintf(buf, "%skey-secret=3D%s,", encprefix, alias); =20 if (!encinfo->cipher_name) return; =20 - virBufferAddLit(buf, "cipher-alg=3D"); + virBufferAsprintf(buf, "%scipher-alg=3D", encprefix); virQEMUBuildBufferEscapeComma(buf, encinfo->cipher_name); virBufferAsprintf(buf, "-%u,", encinfo->cipher_size); if (encinfo->cipher_mode) { - virBufferAddLit(buf, "cipher-mode=3D"); + virBufferAsprintf(buf, "%scipher-mode=3D", encprefix); virQEMUBuildBufferEscapeComma(buf, encinfo->cipher_mode); virBufferAddLit(buf, ","); } if (encinfo->cipher_hash) { - virBufferAddLit(buf, "hash-alg=3D"); + virBufferAsprintf(buf, "%shash-alg=3D", encprefix); virQEMUBuildBufferEscapeComma(buf, encinfo->cipher_hash); virBufferAddLit(buf, ","); } if (!encinfo->ivgen_name) return; =20 - virBufferAddLit(buf, "ivgen-alg=3D"); + virBufferAsprintf(buf, "%sivgen-alg=3D", encprefix); virQEMUBuildBufferEscapeComma(buf, encinfo->ivgen_name); virBufferAddLit(buf, ","); =20 if (encinfo->ivgen_hash) { - virBufferAddLit(buf, "ivgen-hash-alg=3D"); + virBufferAsprintf(buf, "%sivgen-hash-alg=3D", encprefix); virQEMUBuildBufferEscapeComma(buf, encinfo->ivgen_hash); virBufferAddLit(buf, ","); } diff --git a/src/util/virqemu.h b/src/util/virqemu.h index b1296cb657..be14c04d51 100644 --- a/src/util/virqemu.h +++ b/src/util/virqemu.h @@ -60,6 +60,7 @@ char *virQEMUBuildDriveCommandlineFromJSON(virJSONValuePt= r src); =20 void virQEMUBuildBufferEscapeComma(virBufferPtr buf, const char *str); void virQEMUBuildQemuImgKeySecretOpts(virBufferPtr buf, + int format, virStorageEncryptionInfoDefPtr enc, const char *alias) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); diff --git a/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt.argv b= /tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt.argv new file mode 100644 index 0000000000..de8aef4233 --- /dev/null +++ b/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt.argv @@ -0,0 +1,18 @@ +qemu-img \ +create \ +-f qcow2 \ +--object secret,id=3DOtherDemoLuks.img_encrypt0,file=3D/path/to/secretFile= \ +-o encrypt.format=3Dluks,encrypt.key-secret=3DOtherDemoLuks.img_encrypt0,\ +compat=3D0.10 /var/lib/libvirt/images/OtherDemoLuks.img 5242880K +qemu-img \ +convert \ +--image-opts \ +-n \ +--target-image-opts \ +--object secret,id=3DOtherDemoLuks.img_encrypt0,file=3D/path/to/secretFile= \ +--object secret,id=3DOtherDemoLuksConvert.img_encrypt0,\ +file=3D/path/to/inputSecretFile driver=3Dqcow2,\ +file.filename=3D/var/lib/libvirt/images/OtherDemoLuksConvert.img,\ +encrypt.key-secret=3DOtherDemoLuksConvert.img_encrypt0 driver=3Dqcow2,\ +file.filename=3D/var/lib/libvirt/images/OtherDemoLuks.img,\ +encrypt.key-secret=3DOtherDemoLuks.img_encrypt0 diff --git a/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt2fileqc= ow2.argv b/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt2fileqcow= 2.argv new file mode 100644 index 0000000000..517156ca83 --- /dev/null +++ b/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt2fileqcow2.argv @@ -0,0 +1,14 @@ +qemu-img \ +create \ +-f qcow2 \ +-o compat=3D0.10 /var/lib/libvirt/images/sparse-qcow2.img 1073741824K +qemu-img \ +convert \ +--image-opts \ +-n \ +--target-image-opts \ +--object secret,id=3DOtherDemoLuksConvert.img_encrypt0,\ +file=3D/path/to/inputSecretFile driver=3Dqcow2,\ +file.filename=3D/var/lib/libvirt/images/OtherDemoLuksConvert.img,\ +encrypt.key-secret=3DOtherDemoLuksConvert.img_encrypt0 driver=3Dqcow2,\ +file.filename=3D/var/lib/libvirt/images/sparse-qcow2.img diff --git a/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt2filera= w.argv b/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt2fileraw.ar= gv new file mode 100644 index 0000000000..7483c864c1 --- /dev/null +++ b/tests/storagevolxml2argvdata/qcow2-luks-convert-encrypt2fileraw.argv @@ -0,0 +1,13 @@ +qemu-img \ +create \ +-f raw /var/lib/libvirt/images/sparse.img 1073741824K +qemu-img \ +convert \ +--image-opts \ +-n \ +--target-image-opts \ +--object secret,id=3DOtherDemoLuksConvert.img_encrypt0,\ +file=3D/path/to/inputSecretFile driver=3Dqcow2,\ +file.filename=3D/var/lib/libvirt/images/OtherDemoLuksConvert.img,\ +encrypt.key-secret=3DOtherDemoLuksConvert.img_encrypt0 driver=3Draw,\ +file.filename=3D/var/lib/libvirt/images/sparse.img diff --git a/tests/storagevolxml2argvdata/qcow2-luks.argv b/tests/storagevo= lxml2argvdata/qcow2-luks.argv new file mode 100644 index 0000000000..4b51b374ca --- /dev/null +++ b/tests/storagevolxml2argvdata/qcow2-luks.argv @@ -0,0 +1,8 @@ +qemu-img \ +create \ +-f qcow2 \ +-b /dev/null \ +--object secret,id=3DOtherDemoLuks.img_encrypt0,file=3D/path/to/secretFile= \ +-o backing_fmt=3Draw,encrypt.format=3Dluks,\ +encrypt.key-secret=3DOtherDemoLuks.img_encrypt0,\ +compat=3D0.10 /var/lib/libvirt/images/OtherDemoLuks.img 5242880K diff --git a/tests/storagevolxml2argvtest.c b/tests/storagevolxml2argvtest.c index 618f481039..5e62313441 100644 --- a/tests/storagevolxml2argvtest.c +++ b/tests/storagevolxml2argvtest.c @@ -255,6 +255,9 @@ mymain(void) DO_TEST("pool-dir", "vol-luks-cipher", NULL, NULL, "luks-cipher", 0); + DO_TEST("pool-dir", "vol-qcow2-luks", + NULL, NULL, + "qcow2-luks", 0); =20 DO_TEST("pool-dir", "vol-luks-convert", "pool-dir", "vol-file", @@ -276,6 +279,18 @@ mymain(void) "pool-dir", "vol-luks-convert", "luks-convert-encrypt2fileqcow2", 0); =20 + DO_TEST("pool-dir", "vol-qcow2-luks", + "pool-dir", "vol-qcow2-luks-convert", + "qcow2-luks-convert-encrypt", 0); + + DO_TEST("pool-dir", "vol-file", + "pool-dir", "vol-qcow2-luks-convert", + "qcow2-luks-convert-encrypt2fileraw", 0); + + DO_TEST("pool-dir", "vol-file-qcow2", + "pool-dir", "vol-qcow2-luks-convert", + "qcow2-luks-convert-encrypt2fileqcow2", 0); + return ret =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; } =20 diff --git a/tests/storagevolxml2xmlin/vol-qcow2-luks-convert.xml b/tests/s= toragevolxml2xmlin/vol-qcow2-luks-convert.xml new file mode 100644 index 0000000000..ec30de07e3 --- /dev/null +++ b/tests/storagevolxml2xmlin/vol-qcow2-luks-convert.xml @@ -0,0 +1,31 @@ + + OtherDemoLuksConvert.img + /var/lib/libvirt/images/OtherDemoLuksConvert.img + + + 5 + 294912 + + /var/lib/libvirt/images/OtherDemoLuksConvert.img + + + 0644 + 0 + 0 + + + + + + + + /dev/null + + + 0644 + 0 + 0 + + + + diff --git a/tests/storagevolxml2xmlin/vol-qcow2-luks.xml b/tests/storagevo= lxml2xmlin/vol-qcow2-luks.xml new file mode 100644 index 0000000000..0b602e63fd --- /dev/null +++ b/tests/storagevolxml2xmlin/vol-qcow2-luks.xml @@ -0,0 +1,31 @@ + + OtherDemoLuks.img + /var/lib/libvirt/images/OtherDemoLuks.img + + + 5 + 294912 + + /var/lib/libvirt/images/OtherDemoLuks.img + + + 0644 + 0 + 0 + + + + + + + + /dev/null + + + 0644 + 0 + 0 + + + + diff --git a/tests/storagevolxml2xmlout/vol-qcow2-luks.xml b/tests/storagev= olxml2xmlout/vol-qcow2-luks.xml new file mode 100644 index 0000000000..2e2b7ce125 --- /dev/null +++ b/tests/storagevolxml2xmlout/vol-qcow2-luks.xml @@ -0,0 +1,31 @@ + + OtherDemoLuks.img + /var/lib/libvirt/images/OtherDemoLuks.img + + + 5368709120 + 294912 + + /var/lib/libvirt/images/OtherDemoLuks.img + + + 0644 + 0 + 0 + + + + + + + + /dev/null + + + 0644 + 0 + 0 + + + + diff --git a/tests/storagevolxml2xmltest.c b/tests/storagevolxml2xmltest.c index c65296c7eb..ed24d98426 100644 --- a/tests/storagevolxml2xmltest.c +++ b/tests/storagevolxml2xmltest.c @@ -87,6 +87,7 @@ mymain(void) DO_TEST("pool-dir", "vol-qcow2-0.10-lazy"); DO_TEST("pool-dir", "vol-qcow2-nobacking"); DO_TEST("pool-dir", "vol-qcow2-encryption"); + DO_TEST("pool-dir", "vol-qcow2-luks"); DO_TEST("pool-dir", "vol-luks"); DO_TEST("pool-dir", "vol-luks-cipher"); DO_TEST("pool-disk", "vol-partition"); --=20 2.26.2