[PATCH v1 0/3] qemu: add luks-any encryption support for RBD images

Or Ozeri posted 3 patches 1 year ago
Failed in applying to current master (apply log)
docs/formatstorageencryption.rst              |  9 ++++
src/conf/schemas/storagecommon.rng            |  1 +
src/conf/storage_encryption_conf.c            |  2 +-
src/conf/storage_encryption_conf.h            |  1 +
src/libvirt_private.syms                      |  1 +
src/qemu/qemu_block.c                         | 10 ++++-
src/qemu/qemu_capabilities.c                  |  2 +
src/qemu/qemu_capabilities.h                  |  1 +
src/qemu/qemu_domain.c                        | 32 +++++++++++++-
.../caps_8.0.0.x86_64.replies                 |  7 +++
.../caps_8.0.0.x86_64.xml                     |  1 +
...k-rbd-encryption-luks-any.x86_64-7.2.0.err |  1 +
...rbd-encryption-luks-any.x86_64-latest.args | 38 ++++++++++++++++
.../disk-network-rbd-encryption-luks-any.xml  | 39 ++++++++++++++++
tests/qemuxml2argvtest.c                      |  2 +
...-rbd-encryption-luks-any.x86_64-latest.xml | 44 +++++++++++++++++++
tests/qemuxml2xmltest.c                       |  1 +
17 files changed, 187 insertions(+), 5 deletions(-)
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-7.2.0.err
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.xml
create mode 100644 tests/qemuxml2xmloutdata/disk-network-rbd-encryption-luks-any.x86_64-latest.xml
[PATCH v1 0/3] qemu: add luks-any encryption support for RBD images
Posted by Or Ozeri 1 year ago
Starting from Ceph 0f93f745 (unreleased 18.0.0) and qemu b8f218ef (unreleased 8.0.0),
qemu and librbd users can use a wildcard format ("luks-any" in qemu, "luks" in librbd).
This format can be used to parse the image as either LUKS or LUKS2, auto-detecting
the actual format from the on-disk header.

This patch series enables libvirt users to use this wildcard format as well
(for RBD images only, of course).

I manually patched the qemu 8.0.0 replies file to reflect relevant qemu support,
to allow my tests to run.
Note that any build qemu will not support this feature, unless compiled
while having a librbd that has this feature bundled.

Or Ozeri (3):
  tests: qemucapabilitiesdata: Add luks-any encryption format
  qemu: capabilities: Introduce QEMU_CAPS_RBD_ENCRYPTION_LUKS_ANY
    capability
  qemu: add luks-any encryption support for RBD images

 docs/formatstorageencryption.rst              |  9 ++++
 src/conf/schemas/storagecommon.rng            |  1 +
 src/conf/storage_encryption_conf.c            |  2 +-
 src/conf/storage_encryption_conf.h            |  1 +
 src/libvirt_private.syms                      |  1 +
 src/qemu/qemu_block.c                         | 10 ++++-
 src/qemu/qemu_capabilities.c                  |  2 +
 src/qemu/qemu_capabilities.h                  |  1 +
 src/qemu/qemu_domain.c                        | 32 +++++++++++++-
 .../caps_8.0.0.x86_64.replies                 |  7 +++
 .../caps_8.0.0.x86_64.xml                     |  1 +
 ...k-rbd-encryption-luks-any.x86_64-7.2.0.err |  1 +
 ...rbd-encryption-luks-any.x86_64-latest.args | 38 ++++++++++++++++
 .../disk-network-rbd-encryption-luks-any.xml  | 39 ++++++++++++++++
 tests/qemuxml2argvtest.c                      |  2 +
 ...-rbd-encryption-luks-any.x86_64-latest.xml | 44 +++++++++++++++++++
 tests/qemuxml2xmltest.c                       |  1 +
 17 files changed, 187 insertions(+), 5 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-7.2.0.err
 create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-latest.args
 create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.xml
 create mode 100644 tests/qemuxml2xmloutdata/disk-network-rbd-encryption-luks-any.x86_64-latest.xml

-- 
2.25.1