This commit changes the qemuBlockStorageSourceAttachData struct
to support multiple secrets (instead of a single one before this commit).
This will useful for storage encryption requiring more than a single secret.
Signed-off-by: Or Ozeri <oro@il.ibm.com>
---
src/qemu/qemu_block.c | 32 +++++++++++++++++++++++---------
src/qemu/qemu_block.h | 5 +++--
src/qemu/qemu_blockjob.c | 6 ++++++
src/qemu/qemu_command.c | 19 +++++++++++++++----
4 files changed, 47 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
index 8fcebd8992..9e1ecf68f9 100644
--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
@@ -1311,6 +1311,7 @@ qemuBlockStorageSourceGetBlockdevStorageSliceProps(virStorageSource *src)
void
qemuBlockStorageSourceAttachDataFree(qemuBlockStorageSourceAttachData *data)
{
+ size_t i;
if (!data)
return;
@@ -1320,12 +1321,16 @@ qemuBlockStorageSourceAttachDataFree(qemuBlockStorageSourceAttachData *data)
virJSONValueFree(data->prmgrProps);
virJSONValueFree(data->authsecretProps);
virJSONValueFree(data->httpcookiesecretProps);
- virJSONValueFree(data->encryptsecretProps);
+ for (i = 0; i < data->encryptsecretCount; ++i) {
+ virJSONValueFree(data->encryptsecretProps[i]);
+ g_free(data->encryptsecretAlias[i]);
+ }
virJSONValueFree(data->tlsProps);
virJSONValueFree(data->tlsKeySecretProps);
g_free(data->tlsAlias);
g_free(data->tlsKeySecretAlias);
g_free(data->authsecretAlias);
+ g_free(data->encryptsecretProps);
g_free(data->encryptsecretAlias);
g_free(data->httpcookiesecretAlias);
g_free(data->driveCmd);
@@ -1436,10 +1441,12 @@ static int
qemuBlockStorageSourceAttachApplyFormatDeps(qemuMonitor *mon,
qemuBlockStorageSourceAttachData *data)
{
- if (data->encryptsecretProps &&
- qemuMonitorAddObject(mon, &data->encryptsecretProps,
- &data->encryptsecretAlias) < 0)
- return -1;
+ size_t i;
+ for (i = 0; i < data->encryptsecretCount; ++i) {
+ if (qemuMonitorAddObject(mon, &data->encryptsecretProps[i],
+ &data->encryptsecretAlias[i]) < 0)
+ return -1;
+ }
return 0;
}
@@ -1525,6 +1532,7 @@ qemuBlockStorageSourceAttachRollback(qemuMonitor *mon,
qemuBlockStorageSourceAttachData *data)
{
virErrorPtr orig_err;
+ size_t i;
virErrorPreserveLast(&orig_err);
@@ -1550,8 +1558,10 @@ qemuBlockStorageSourceAttachRollback(qemuMonitor *mon,
if (data->authsecretAlias)
ignore_value(qemuMonitorDelObject(mon, data->authsecretAlias, false));
- if (data->encryptsecretAlias)
- ignore_value(qemuMonitorDelObject(mon, data->encryptsecretAlias, false));
+ for (i = 0; i < data->encryptsecretCount; ++i) {
+ if (data->encryptsecretAlias[i])
+ ignore_value(qemuMonitorDelObject(mon, data->encryptsecretAlias[i], false));
+ }
if (data->httpcookiesecretAlias)
ignore_value(qemuMonitorDelObject(mon, data->httpcookiesecretAlias, false));
@@ -1606,8 +1616,12 @@ qemuBlockStorageSourceDetachPrepare(virStorageSource *src)
if (srcpriv->secinfo)
data->authsecretAlias = g_strdup(srcpriv->secinfo->alias);
- if (srcpriv->encinfo)
- data->encryptsecretAlias = g_strdup(srcpriv->encinfo->alias);
+ if (srcpriv->encinfo) {
+ data->encryptsecretCount = 1;
+ data->encryptsecretProps = g_new0(virJSONValue *, 1);
+ data->encryptsecretAlias = g_new0(char *, 1);
+ data->encryptsecretAlias[0] = g_strdup(srcpriv->encinfo->alias);
+ }
if (srcpriv->httpcookie)
data->httpcookiesecretAlias = g_strdup(srcpriv->httpcookie->alias);
diff --git a/src/qemu/qemu_block.h b/src/qemu/qemu_block.h
index 5a61a19da2..530d88d28e 100644
--- a/src/qemu/qemu_block.h
+++ b/src/qemu/qemu_block.h
@@ -89,8 +89,9 @@ struct qemuBlockStorageSourceAttachData {
virJSONValue *authsecretProps;
char *authsecretAlias;
- virJSONValue *encryptsecretProps;
- char *encryptsecretAlias;
+ size_t encryptsecretCount;
+ virJSONValue **encryptsecretProps;
+ char **encryptsecretAlias;
virJSONValue *httpcookiesecretProps;
char *httpcookiesecretAlias;
diff --git a/src/qemu/qemu_blockjob.c b/src/qemu/qemu_blockjob.c
index a20cf1db62..818e90022c 100644
--- a/src/qemu/qemu_blockjob.c
+++ b/src/qemu/qemu_blockjob.c
@@ -1336,9 +1336,15 @@ qemuBlockJobProcessEventConcludedCreate(virQEMUDriver *driver,
/* the format node part was not attached yet, so we don't need to detach it */
backend->formatAttached = false;
if (job->data.create.storage) {
+ size_t i;
+
backend->storageAttached = false;
backend->storageSliceAttached = false;
+ for (i = 0; i < backend->encryptsecretCount; ++i) {
+ VIR_FREE(backend->encryptsecretAlias[i]);
+ }
VIR_FREE(backend->encryptsecretAlias);
+ VIR_FREE(backend->encryptsecretProps);
}
if (qemuDomainObjEnterMonitorAsync(vm, asyncJob) < 0)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 929bcc0be1..f166e1c891 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -2108,15 +2108,21 @@ qemuBuildBlockStorageSourceAttachDataCommandline(virCommand *cmd,
virQEMUCaps *qemuCaps)
{
char *tmp;
+ size_t i;
if (qemuBuildObjectCommandline(cmd, data->prmgrProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->authsecretProps, qemuCaps) < 0 ||
- qemuBuildObjectCommandline(cmd, data->encryptsecretProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->httpcookiesecretProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->tlsKeySecretProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->tlsProps, qemuCaps) < 0)
return -1;
+ for (i = 0; i < data->encryptsecretCount; ++i) {
+ if (qemuBuildObjectCommandline(cmd, data->encryptsecretProps[i], qemuCaps) < 0) {
+ return -1;
+ }
+ }
+
if (data->driveCmd)
virCommandAddArgList(cmd, "-drive", data->driveCmd, NULL);
@@ -10739,9 +10745,14 @@ qemuBuildStorageSourceAttachPrepareCommon(virStorageSource *src,
qemuBuildSecretInfoProps(srcpriv->secinfo, &data->authsecretProps) < 0)
return -1;
- if (srcpriv->encinfo &&
- qemuBuildSecretInfoProps(srcpriv->encinfo, &data->encryptsecretProps) < 0)
- return -1;
+ if (srcpriv->encinfo) {
+ data->encryptsecretCount = 1;
+ data->encryptsecretProps = g_new0(virJSONValue *, 1);
+ data->encryptsecretAlias = g_new0(char *, 1);
+
+ if (qemuBuildSecretInfoProps(srcpriv->encinfo, &data->encryptsecretProps[0]) < 0)
+ return -1;
+ }
if (srcpriv->httpcookie &&
qemuBuildSecretInfoProps(srcpriv->httpcookie, &data->httpcookiesecretProps) < 0)
--
2.25.1
© 2016 - 2024 Red Hat, Inc.