From nobody Thu Apr 25 22:16:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=reject dis=none) header.from=il.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1678107602; cv=none; d=zohomail.com; s=zohoarc; b=bws3/ZnDfk4XiBP/ANMl+2/CmdInt18saSOPuHkck0ng/2jE9Y+oaTNKlVn8OpYks/RapXUK3fVdle/j3+QbkhFK3r1PSsnOQZ3oiIAj5Z91uecymtfDAhgAX1KUaYUytFqHtk4VZAkTl80BmxeBCGv/RAQQ00MgUoQ+WMJOyCE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678107602; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ot0fSowe8Yw3YT1KSbrj4BW5/dekB4ao0k9eh9nR7c8=; b=VljXtF4Sxb2xTzZaL+Q/Fcf7o5NKsnvMJrepJRv1iezCkK5jjCfsSYRgIbSy6ecXd9B/8UJlI+P2sr+wGwvU0wQZZ6xXEZxgqfwxrXGpE4K4dhXbR3cSIS0JzDfHJCGt7pTielyaaTe88MX2rUtqqhhfSJiKOldXbNCRDIuIM5k= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=reject dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1678107602215866.8862626567604; Mon, 6 Mar 2023 05:00:02 -0800 (PST) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-46-CTzGHs-INqOEWdIAtyLl1Q-1; Mon, 06 Mar 2023 07:59:59 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 44BFB3C0F664; Mon, 6 Mar 2023 12:59:57 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2F1A440C945A; Mon, 6 Mar 2023 12:59:57 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 09EDB194658C; Mon, 6 Mar 2023 12:59:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 27EBD1946586 for ; Mon, 6 Mar 2023 12:59:56 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 192EF40C1106; Mon, 6 Mar 2023 12:59:56 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast09.extmail.prod.ext.rdu2.redhat.com [10.11.55.25]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1116340C10FA for ; Mon, 6 Mar 2023 12:59:56 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E52812A5957B for ; Mon, 6 Mar 2023 12:59:55 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-605-W_v-GdfyO1OObOeGesO3OA-1; Mon, 06 Mar 2023 07:59:54 -0500 Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 326BsUnZ007352 for ; Mon, 6 Mar 2023 12:59:53 GMT Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p4ysdm1pj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 06 Mar 2023 12:59:52 +0000 Received: from m0098409.ppops.net (m0098409.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 326B7P2Q026016 for ; Mon, 6 Mar 2023 12:59:52 GMT Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p4ysdm1p4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 Mar 2023 12:59:52 +0000 Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3269dXMA028688; Mon, 6 Mar 2023 12:59:51 GMT Received: from smtprelay05.wdc07v.mail.ibm.com ([9.208.129.117]) by ppma05wdc.us.ibm.com (PPS) with ESMTPS id 3p419v56qm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 Mar 2023 12:59:51 +0000 Received: from smtpav01.wdc07v.mail.ibm.com (smtpav01.wdc07v.mail.ibm.com [10.39.53.228]) by smtprelay05.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 326CxmlE4391428 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 6 Mar 2023 12:59:48 GMT Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3834A5804B; Mon, 6 Mar 2023 12:59:48 +0000 (GMT) Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1647658059; Mon, 6 Mar 2023 12:59:47 +0000 (GMT) Received: from oro.sl.cloud9.ibm.com (unknown [9.59.192.176]) by smtpav01.wdc07v.mail.ibm.com (Postfix) with ESMTP; Mon, 6 Mar 2023 12:59:46 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678107600; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ot0fSowe8Yw3YT1KSbrj4BW5/dekB4ao0k9eh9nR7c8=; b=b4eBraimjviwUZH3WsYqwidH4fxp3QiUAM9GFzUZOaSPvSZrxd7ddbp4RJ/0BrGfXLfaHC 1T5SMHmy4bT6ZD0yJcyQt35Tcaish6YnZpc1KUBFYrKe0Auh9/Ru+q9+Ygr7G4pq+iQBRH OKemt7ST00Ag8n9bspWfdmxcq264ETY= X-MC-Unique: CTzGHs-INqOEWdIAtyLl1Q-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: W_v-GdfyO1OObOeGesO3OA-1 From: Or Ozeri To: libvir-list@redhat.com Subject: [PATCH v1 1/3] tests: qemucapabilitiesdata: Add luks-any encryption format Date: Mon, 6 Mar 2023 06:59:34 -0600 Message-Id: <20230306125936.3077765-2-oro@il.ibm.com> In-Reply-To: <20230306125936.3077765-1-oro@il.ibm.com> References: <20230306125936.3077765-1-oro@il.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: pKpCn1IN4GZXHBOTDS0J9FUj9OtgWSza X-Proofpoint-GUID: 2-vEvkAcc-gABYCjFsn1bgPOCJVk4gWX X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-06_05,2023-03-06_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 clxscore=1015 malwarescore=0 adultscore=0 spamscore=0 impostorscore=0 lowpriorityscore=0 mlxlogscore=563 suspectscore=0 bulkscore=0 priorityscore=1501 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2303060110 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: oro@il.ibm.com, idryomov@gmail.com, dannyh@il.ibm.com Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1678107604136100001 Content-Type: text/plain; charset="utf-8"; x-default="true" luks-any encryption format for RBD images was added in b8f218ef. Signed-off-by: Or Ozeri --- tests/qemucapabilitiesdata/caps_8.0.0.x86_64.replies | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/qemucapabilitiesdata/caps_8.0.0.x86_64.replies b/tests/q= emucapabilitiesdata/caps_8.0.0.x86_64.replies index a41b3e1825..ecf8852e03 100644 --- a/tests/qemucapabilitiesdata/caps_8.0.0.x86_64.replies +++ b/tests/qemucapabilitiesdata/caps_8.0.0.x86_64.replies @@ -17035,6 +17035,10 @@ { "case": "luks2", "type": "668" + }, + { + "case": "luks-any", + "type": "668" } ], "members": [ @@ -20003,6 +20007,9 @@ }, { "name": "luks2" + }, + { + "name": "luks-any" } ], "meta-type": "enum", --=20 2.25.1 From nobody Thu Apr 25 22:16:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=reject dis=none) header.from=il.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1678107611; cv=none; d=zohomail.com; s=zohoarc; b=YbCmon7PUZJNgZfDpFlbz7mOHcge8dL/T6+PDJ08QD1ZJKZRKkpKuFvY5oalXyrcbQeU/+XyXDnplggu6V0OHYP//5lcB/ifOxWQsUEhYDMp2YIQ8B9KvtiWoloIdzci4cUitCkgaOybMnZLfHv9JUWAdx9YJkxmq8Ub1fUho8g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678107611; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=eaLzgDDwUl2i7CtjTkpCtmoJTV78dI5A6+dROHajolo=; b=hwJ+SL386TDMN59PYXK3dPFyWdv5Jk3oNP8i7juftzvPzYxpQg9EAxcOFrbXAjTyFfuXubrZli3MOyinI4kujIVHp22vu37pxLKbTju+5DNhX68Hs9hL+400fElbY4shApW4VnQ83qwrZXRMgU0VcZn4plzgXBVpD8Bw8MvEOnk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=reject dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1678107611698196.63996123313916; Mon, 6 Mar 2023 05:00:11 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-320-_OBIebkjN2C2nWGyQYZYJA-1; Mon, 06 Mar 2023 08:00:07 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DE6FE100F917; Mon, 6 Mar 2023 13:00:02 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id BE7F240C1106; Mon, 6 Mar 2023 13:00:02 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 84586194658C; Mon, 6 Mar 2023 13:00:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 4D1C91946586 for ; Mon, 6 Mar 2023 13:00:01 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 250A814171C4; Mon, 6 Mar 2023 13:00:01 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1CEB414171C3 for ; Mon, 6 Mar 2023 13:00:01 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 0118D85CBE5 for ; Mon, 6 Mar 2023 13:00:01 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-607-ifMO19yWN9m_E2utwbHPJQ-1; Mon, 06 Mar 2023 07:59:58 -0500 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 326B4IbR006766 for ; Mon, 6 Mar 2023 12:59:57 GMT Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p4vp1xn50-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 06 Mar 2023 12:59:57 +0000 Received: from m0098396.ppops.net (m0098396.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 326CNk3i025085 for ; Mon, 6 Mar 2023 12:59:56 GMT Received: from ppma01wdc.us.ibm.com (fd.55.37a9.ip4.static.sl-reverse.com [169.55.85.253]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p4vp1xn4h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 Mar 2023 12:59:56 +0000 Received: from pps.filterd (ppma01wdc.us.ibm.com [127.0.0.1]) by ppma01wdc.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3269a9QH005093; Mon, 6 Mar 2023 12:59:55 GMT Received: from smtprelay06.dal12v.mail.ibm.com ([9.208.130.100]) by ppma01wdc.us.ibm.com (PPS) with ESMTPS id 3p41845750-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 Mar 2023 12:59:55 +0000 Received: from smtpav01.wdc07v.mail.ibm.com (smtpav01.wdc07v.mail.ibm.com [10.39.53.228]) by smtprelay06.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 326Cxr0Z8979154 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 6 Mar 2023 12:59:53 GMT Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1611A58066; Mon, 6 Mar 2023 12:59:53 +0000 (GMT) Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4D82A5804B; Mon, 6 Mar 2023 12:59:52 +0000 (GMT) Received: from oro.sl.cloud9.ibm.com (unknown [9.59.192.176]) by smtpav01.wdc07v.mail.ibm.com (Postfix) with ESMTP; Mon, 6 Mar 2023 12:59:52 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678107610; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=eaLzgDDwUl2i7CtjTkpCtmoJTV78dI5A6+dROHajolo=; b=HiN4RcFB1oLkewr6j1XetBdEjOHVmE8E7ubNOtRpRaicIw8ZeoIw2oumN2NjWZNmaQunq3 4r65Kmx9+StlSjoVAHxtYWmmo2r1oAVF2UA2RYaPEFUXDXPMjPNEDco4+zCnVrSba04Ry5 IvFTSRLJbXBsc66WRXAcF1APJzHiqiU= X-MC-Unique: _OBIebkjN2C2nWGyQYZYJA-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: ifMO19yWN9m_E2utwbHPJQ-1 From: Or Ozeri To: libvir-list@redhat.com Subject: [PATCH v1 2/3] qemu: capabilities: Introduce QEMU_CAPS_RBD_ENCRYPTION_LUKS_ANY capability Date: Mon, 6 Mar 2023 06:59:35 -0600 Message-Id: <20230306125936.3077765-3-oro@il.ibm.com> In-Reply-To: <20230306125936.3077765-1-oro@il.ibm.com> References: <20230306125936.3077765-1-oro@il.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: DMO_-T13Ieghb0QtwOA9XWZTfw8KP7Re X-Proofpoint-GUID: lMeUNWhLt1zOpKYgLJ-wn6cOulUXyKlQ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-06_05,2023-03-06_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 impostorscore=0 lowpriorityscore=0 malwarescore=0 bulkscore=0 clxscore=1015 suspectscore=0 mlxlogscore=982 mlxscore=0 priorityscore=1501 adultscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2303060110 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: oro@il.ibm.com, idryomov@gmail.com, dannyh@il.ibm.com Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1678107612114100001 Content-Type: text/plain; charset="utf-8"; x-default="true" This capability represents that qemu supports the "luks-any" encryption format for RBD images. Both LUKS and LUKS2 formats can be parsed using this wildcard format. Signed-off-by: Or Ozeri Reviewed-by: Peter Krempa --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + tests/qemucapabilitiesdata/caps_8.0.0.x86_64.xml | 1 + 3 files changed, 4 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 3cb5785baa..94df1fd8ed 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -690,6 +690,7 @@ VIR_ENUM_IMPL(virQEMUCaps, =20 /* 445 */ "netdev.stream.reconnect", /* QEMU_CAPS_NETDEV_STREAM_RECONN= ECT */ + "rbd-encryption-luks-any", /* QEMU_CAPS_RBD_ENCRYPTION_LUKS_= ANY */ ); =20 =20 @@ -1554,6 +1555,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsQMPSc= hemaQueries[] =3D { { "blockdev-add/arg-type/+nvme", QEMU_CAPS_DRIVE_NVME }, { "blockdev-add/arg-type/+file/aio/^io_uring", QEMU_CAPS_AIO_IO_URING = }, { "blockdev-add/arg-type/+rbd/encrypt", QEMU_CAPS_RBD_ENCRYPTION }, + { "blockdev-add/arg-type/+rbd/encrypt/format/^luks-any", QEMU_CAPS_RBD= _ENCRYPTION_LUKS_ANY }, { "blockdev-add/arg-type/+nbd/tls-hostname", QEMU_CAPS_BLOCKDEV_NBD_TL= S_HOSTNAME }, { "blockdev-snapshot/$allow-write-only-overlay", QEMU_CAPS_BLOCKDEV_SN= APSHOT_ALLOW_WRITE_ONLY }, { "chardev-add/arg-type/backend/+socket/data/reconnect", QEMU_CAPS_CHA= RDEV_RECONNECT }, diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index d049f79dd9..9bfa9addbc 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -669,6 +669,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ =20 /* 445 */ QEMU_CAPS_NETDEV_STREAM_RECONNECT, /* -netdev stream supports reconnec= t */ + QEMU_CAPS_RBD_ENCRYPTION_LUKS_ANY, /* luks-any (LUKS and LUKS2) encryp= tion format for Ceph RBD */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/tests/qemucapabilitiesdata/caps_8.0.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_8.0.0.x86_64.xml index ce051d3f1c..3957cb0805 100644 --- a/tests/qemucapabilitiesdata/caps_8.0.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_8.0.0.x86_64.xml @@ -206,6 +206,7 @@ + 7002050 0 43100244 --=20 2.25.1 From nobody Thu Apr 25 22:16:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=reject dis=none) header.from=il.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1678107663; cv=none; d=zohomail.com; s=zohoarc; b=AOAs9oncFqKI1oGsS6+26Fa+MzwfZ3LP1Y42KVlZL5IQo+PnMGr6Y1FZLog5bPH0dC0vncjkhUcX0NJa97MT0VVKkEpkuY5f74SuwNoJpRAyRn7IbrQZuJqwAfbnZpHJXiwXR7x1jLHndoHf0pUXnhSQvcO5nvmL4BZMMZsyHWs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1678107663; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=t4tuvn1tIXXwViQ7fc8Ggvdnr6A/kt+/LovDx6HEpUs=; b=eghAb7PeElymGkjC6FS6/MFpa//8Ufu2yV2uvfoDrST2dJkk/iIG924lVVHyB0ez3decZQrkLpjlhwYhjKLPgs+3WFWr08nqBGO5iVBkvJdeLMLaSALOhDELbmWUIGP430+NnkX6KyBVWTZDg999kaTPpY8TORceJQ8cKAVQqZQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=reject dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 167810766346131.62849387047777; Mon, 6 Mar 2023 05:01:03 -0800 (PST) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-86-ik9ZntySMJWSeReNatRLqg-1; Mon, 06 Mar 2023 08:00:12 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9C0FD1871D9F; Mon, 6 Mar 2023 13:00:08 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 82B1314171C3; Mon, 6 Mar 2023 13:00:08 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 44E25194658D; Mon, 6 Mar 2023 13:00:08 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 81AA6194658C for ; Mon, 6 Mar 2023 13:00:06 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 60A4F112132D; Mon, 6 Mar 2023 13:00:06 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast08.extmail.prod.ext.rdu2.redhat.com [10.11.55.24]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 58FEB1121314 for ; Mon, 6 Mar 2023 13:00:06 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 32F0C3810B08 for ; Mon, 6 Mar 2023 13:00:06 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-561-PMT0Q71dOpazrSM7lc8tkw-1; Mon, 06 Mar 2023 08:00:04 -0500 Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 326As2BR017168 for ; Mon, 6 Mar 2023 13:00:03 GMT Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p500dk8ve-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 06 Mar 2023 13:00:03 +0000 Received: from m0098404.ppops.net (m0098404.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 326CnZPI014077 for ; Mon, 6 Mar 2023 13:00:02 GMT Received: from ppma03wdc.us.ibm.com (ba.79.3fa9.ip4.static.sl-reverse.com [169.63.121.186]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p500dk8um-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 Mar 2023 13:00:02 +0000 Received: from pps.filterd (ppma03wdc.us.ibm.com [127.0.0.1]) by ppma03wdc.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3269Sjd1008225; Mon, 6 Mar 2023 13:00:01 GMT Received: from smtprelay02.dal12v.mail.ibm.com ([9.208.130.97]) by ppma03wdc.us.ibm.com (PPS) with ESMTPS id 3p417vn7qs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 06 Mar 2023 13:00:01 +0000 Received: from smtpav01.wdc07v.mail.ibm.com (smtpav01.wdc07v.mail.ibm.com [10.39.53.228]) by smtprelay02.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 326Cxw9431916456 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 6 Mar 2023 12:59:58 GMT Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 721365804B; Mon, 6 Mar 2023 12:59:58 +0000 (GMT) Received: from smtpav01.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8230C58065; Mon, 6 Mar 2023 12:59:57 +0000 (GMT) Received: from oro.sl.cloud9.ibm.com (unknown [9.59.192.176]) by smtpav01.wdc07v.mail.ibm.com (Postfix) with ESMTP; Mon, 6 Mar 2023 12:59:57 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678107662; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=t4tuvn1tIXXwViQ7fc8Ggvdnr6A/kt+/LovDx6HEpUs=; b=Vs70INAottnPh0whPbeEVpT6iBTGVfY8lhdX7cMsT4h0Tu5t2pBF+ErBMQU7gOas+AsiQ1 erGJM2CtuoFCs22SyNUVrFtjMsS8/wuXP+EqwudTkUZnAHyRDKHK3lnXlQUqFLVxOL0arS Xm78DqlzhBgPDPldN8lp2KxdITtUNHg= X-MC-Unique: ik9ZntySMJWSeReNatRLqg-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: PMT0Q71dOpazrSM7lc8tkw-1 From: Or Ozeri To: libvir-list@redhat.com Subject: [PATCH v1 3/3] qemu: add luks-any encryption support for RBD images Date: Mon, 6 Mar 2023 06:59:36 -0600 Message-Id: <20230306125936.3077765-4-oro@il.ibm.com> In-Reply-To: <20230306125936.3077765-1-oro@il.ibm.com> References: <20230306125936.3077765-1-oro@il.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: jsGC-RwnJHv-A2CCU_aZdUhN30nHFXPC X-Proofpoint-GUID: O3PE3Vhgt-oyx_0kyg-7FNHByrvtnoy3 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-06_05,2023-03-06_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 phishscore=0 impostorscore=0 clxscore=1015 lowpriorityscore=0 bulkscore=0 suspectscore=0 adultscore=0 malwarescore=0 priorityscore=1501 mlxlogscore=999 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2303060110 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: oro@il.ibm.com, idryomov@gmail.com, dannyh@il.ibm.com Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1678107669184100001 Content-Type: text/plain; charset="utf-8"; x-default="true" The newly added luks-any rbd encryption format in qemu allows for opening both LUKS and LUKS2 encryption formats. This commit enables libvirt uses to use this wildcard format. Signed-off-by: Or Ozeri --- docs/formatstorageencryption.rst | 9 ++++ src/conf/schemas/storagecommon.rng | 1 + src/conf/storage_encryption_conf.c | 2 +- src/conf/storage_encryption_conf.h | 1 + src/libvirt_private.syms | 1 + src/qemu/qemu_block.c | 10 ++++- src/qemu/qemu_domain.c | 32 +++++++++++++- ...k-rbd-encryption-luks-any.x86_64-7.2.0.err | 1 + ...rbd-encryption-luks-any.x86_64-latest.args | 38 ++++++++++++++++ .../disk-network-rbd-encryption-luks-any.xml | 39 ++++++++++++++++ tests/qemuxml2argvtest.c | 2 + ...-rbd-encryption-luks-any.x86_64-latest.xml | 44 +++++++++++++++++++ tests/qemuxml2xmltest.c | 1 + 13 files changed, 176 insertions(+), 5 deletions(-) create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks= -any.x86_64-7.2.0.err create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks= -any.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks= -any.xml create mode 100644 tests/qemuxml2xmloutdata/disk-network-rbd-encryption-lu= ks-any.x86_64-latest.xml diff --git a/docs/formatstorageencryption.rst b/docs/formatstorageencryptio= n.rst index 2c19473d6b..c58d088403 100644 --- a/docs/formatstorageencryption.rst +++ b/docs/formatstorageencryption.rst @@ -104,6 +104,15 @@ it to control such disks. However, pre-formatted RBD l= uks2 disks can be loaded to a qemu VM using the qemu VM driver. A single ```` element is expected. =20 +``luks-any`` format +~~~~~~~~~~~~~~~~~~~ + +The ``luks-any`` format is currently supported only by the ``librbd`` engi= ne, +and can only be applied to RBD network disks (RBD images). This format wil= l try +to parse the disk as either LUKS or LUKS2, depending on the actual on-disk +format. A single ```` element is expected (= except +for the case of RBD layered encryption mentioned above) :since:`Since 9.3.= 0` . + Examples -------- =20 diff --git a/src/conf/schemas/storagecommon.rng b/src/conf/schemas/storagec= ommon.rng index 4d6e646c9a..aef1bd969c 100644 --- a/src/conf/schemas/storagecommon.rng +++ b/src/conf/schemas/storagecommon.rng @@ -14,6 +14,7 @@ qcow luks luks2 + luks-any diff --git a/src/conf/storage_encryption_conf.c b/src/conf/storage_encrypti= on_conf.c index 3651ff8cfd..639cbf2e58 100644 --- a/src/conf/storage_encryption_conf.c +++ b/src/conf/storage_encryption_conf.c @@ -41,7 +41,7 @@ VIR_ENUM_IMPL(virStorageEncryptionSecret, =20 VIR_ENUM_IMPL(virStorageEncryptionFormat, VIR_STORAGE_ENCRYPTION_FORMAT_LAST, - "default", "qcow", "luks", "luks2", + "default", "qcow", "luks", "luks2", "luks-any", ); =20 VIR_ENUM_IMPL(virStorageEncryptionEngine, diff --git a/src/conf/storage_encryption_conf.h b/src/conf/storage_encrypti= on_conf.h index 312599ad44..03f0e60feb 100644 --- a/src/conf/storage_encryption_conf.h +++ b/src/conf/storage_encryption_conf.h @@ -66,6 +66,7 @@ typedef enum { VIR_STORAGE_ENCRYPTION_FORMAT_QCOW, /* Both qcow and qcow2 */ VIR_STORAGE_ENCRYPTION_FORMAT_LUKS, VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2, + VIR_STORAGE_ENCRYPTION_FORMAT_LUKS_ANY, =20 VIR_STORAGE_ENCRYPTION_FORMAT_LAST, } virStorageEncryptionFormatType; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index b249dcc85c..eb3ff37b81 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1095,6 +1095,7 @@ virStorageVolTypeToString; =20 # conf/storage_encryption_conf.h virStorageEncryptionFormat; +virStorageEncryptionFormatTypeToString; virStorageEncryptionFree; virStorageEncryptionParseNode; =20 diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index 5e700eff99..254d82df41 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -572,6 +572,10 @@ qemuBlockStorageSourceGetRBDProps(virStorageSource *sr= c, encformat =3D "luks2"; break; =20 + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS_ANY: + encformat =3D "luks-any"; + break; + case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW: case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT: case VIR_STORAGE_ENCRYPTION_FORMAT_LAST: @@ -1040,8 +1044,10 @@ qemuBlockStorageSourceGetCryptoProps(virStorageSourc= e *src, break; =20 case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2: - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("luks2 is currently not supported by the qemu enc= ryption engine")); + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS_ANY: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("%s is currently not supported by the qemu encryp= tion engine"), + virStorageEncryptionFormatTypeToString(src->encrypt= ion->format)); return -1; =20 case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT: diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index f5fd140c85..94ea482363 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -5136,8 +5136,10 @@ qemuDomainValidateStorageSource(virStorageSource *sr= c, break; =20 case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2: - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("luks2 is currently not supported= by the qemu encryption engine")); + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS_ANY: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("%s is currently not supported by= the qemu encryption engine"), + virStorageEncryptionFormatTypeToStr= ing(src->encryption->format)); return -1; =20 case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT: @@ -5163,6 +5165,32 @@ qemuDomainValidateStorageSource(virStorageSource *sr= c, _("librbd encryption is supported only = with RBD backed disks")); return -1; } + + switch ((virStorageEncryptionFormatType) src->encryption->= format) { + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS: + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2: + break; + + case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS_ANY: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_RBD_ENCRYP= TION_LUKS_ANY)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s= ", + _("luks-any encryption is not s= upported by this QEMU binary")); + return -1; + } + break; + + case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("qcow encryption format is not su= pported by the librbd encryption engine")); + return -1; + + case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT: + case VIR_STORAGE_ENCRYPTION_FORMAT_LAST: + default: + virReportEnumRangeError(virStorageEncryptionFormat= Type, + src->encryption->format); + return -1; + } break; =20 case VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT: diff --git a/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x8= 6_64-7.2.0.err b/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-an= y.x86_64-7.2.0.err new file mode 100644 index 0000000000..66b2a65ac1 --- /dev/null +++ b/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-7.= 2.0.err @@ -0,0 +1 @@ +unsupported configuration: luks-any encryption is not supported by this QE= MU binary diff --git a/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x8= 6_64-latest.args b/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-= any.x86_64-latest.args new file mode 100644 index 0000000000..90f17eca1a --- /dev/null +++ b/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-la= test.args @@ -0,0 +1,38 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-encryptdisk \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-encryptdisk/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-encryptdisk/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-encryptdisk/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=3Dencryptdisk,debug-threads=3Don \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tm= p/lib/domain--1-encryptdisk/master-key.aes"}' \ +-machine pc-i440fx-2.1,usb=3Doff,dump-guest-core=3Doff,memory-backend=3Dpc= .ram \ +-accel tcg \ +-cpu qemu64 \ +-m 1024 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":1073741824}= ' \ +-overcommit mem-lock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid 496898a6-e6ff-f7c8-5dc2-3cf410945ee9 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server=3Don,wait=3Doff \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-no-acpi \ +-boot strict=3Don \ +-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0= x2"}' \ +-object '{"qom-type":"secret","id":"libvirt-1-format-encryption-secret0","= data":"9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","k= eyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw=3D=3D","format":"base64"}' \ +-blockdev '{"driver":"rbd","pool":"pool","image":"image","server":[{"host"= :"mon1.example.org","port":"6321"},{"host":"mon2.example.org","port":"6322"= },{"host":"mon3.example.org","port":"6322"}],"encrypt":{"format":"luks-any"= ,"key-secret":"libvirt-1-format-encryption-secret0"},"node-name":"libvirt-1= -storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw= ","file":"libvirt-1-storage"}' \ +-device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x2","drive":"li= bvirt-1-format","id":"virtio-disk0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","add= r":"0x3"}' \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,resource= control=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.xm= l b/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.xml new file mode 100644 index 0000000000..37d9900e74 --- /dev/null +++ b/tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.xml @@ -0,0 +1,39 @@ + + encryptdisk + 496898a6-e6ff-f7c8-5dc2-3cf410945ee9 + 1048576 + 524288 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + + + + + + + +
+ + + + + +
+ + + diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index f46fc29f32..7f2dd2780d 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1277,6 +1277,8 @@ mymain(void) DO_TEST_CAPS_LATEST("disk-network-rbd"); DO_TEST_CAPS_VER_PARSE_ERROR("disk-network-rbd-encryption", "6.0.0"); DO_TEST_CAPS_LATEST("disk-network-rbd-encryption"); + DO_TEST_CAPS_VER_PARSE_ERROR("disk-network-rbd-encryption-luks-any", "= 7.2.0"); + DO_TEST_CAPS_LATEST("disk-network-rbd-encryption-luks-any"); DO_TEST_CAPS_LATEST_PARSE_ERROR("disk-encryption-wrong"); DO_TEST_CAPS_LATEST("disk-network-rbd-no-colon"); /* qemu-6.0 is the last qemu version supporting sheepdog */ diff --git a/tests/qemuxml2xmloutdata/disk-network-rbd-encryption-luks-any.= x86_64-latest.xml b/tests/qemuxml2xmloutdata/disk-network-rbd-encryption-lu= ks-any.x86_64-latest.xml new file mode 100644 index 0000000000..d9f4ad17d9 --- /dev/null +++ b/tests/qemuxml2xmloutdata/disk-network-rbd-encryption-luks-any.x86_64-= latest.xml @@ -0,0 +1,44 @@ + + encryptdisk + 496898a6-e6ff-f7c8-5dc2-3cf410945ee9 + 1048576 + 524288 + 1 + + hvm + + + + qemu64 + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + + + + + +
+ + +
+ + + + +