From nobody Wed Oct 30 22:13:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1722397744847814.7093827675146; Tue, 30 Jul 2024 20:49:04 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 93148135C; Tue, 30 Jul 2024 23:49:03 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id D4C611357; Tue, 30 Jul 2024 23:48:42 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 5132AB66; Tue, 30 Jul 2024 23:48:39 -0400 (EDT) Received: from smtp.cecloud.com (ba-smtp01.cecloud.com [15.184.121.248]) by lists.libvirt.org (Postfix) with ESMTP id 6364CB66 for ; Tue, 30 Jul 2024 23:48:36 -0400 (EDT) Received: from smtp.cecloud.com (unknown [103.166.174.66]) by smtp.cecloud.com (Postfix) with ESMTP id 9A44D120 for ; Wed, 31 Jul 2024 11:43:07 +0800 (CST) Received: from localhost (localhost [127.0.0.1]) by smtp.cecloud.com (Postfix) with ESMTP id 03B32900117 for ; Wed, 31 Jul 2024 11:43:01 +0800 (CST) Received: from localhost.localdomain (unknown [111.48.58.10]) by smtp.cecloud.com (postfix) whith ESMTP id P1340312T281473214968176S1722397379800803_; Wed, 31 Jul 2024 11:43:00 +0800 (CST) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 X-Greylist: delayed 327 seconds by postgrey-1.37 at lists.libvirt.org; Tue, 30 Jul 2024 23:48:36 EDT X-MAIL-GRAY: 0 X-MAIL-DELIVERY: 1 X-SKE-CHECKED: 1 X-ANTISPAM-LEVEL: 2 X-IP-DOMAINF: 1 X-RL-SENDER: luzhipeng@cestc.cn X-SENDER: luzhipeng@cestc.cn X-LOGIN-NAME: luzhipeng@cestc.cn X-FST-TO: devel@lists.libvirt.org X-RCPT-COUNT: 2 X-LOCAL-RCPT-COUNT: 1 X-MUTI-DOMAIN-COUNT: 0 X-SENDER-IP: 111.48.58.10 X-ATTACHMENT-NUM: 0 X-UNIQUE-TAG: <3b9777f2f54d27ecea22185570969136> X-System-Flag: 0 From: luzhipeng To: devel@lists.libvirt.org Subject: [PATCH] crypto: add support for sm4 without key length suffix and remove the restriction about ciper name in xml Date: Wed, 31 Jul 2024 11:42:35 +0800 Message-Id: <20240731034235.1613-1-luzhipeng@cestc.cn> X-Mailer: git-send-email 2.34.0.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: VDP23YRFK2EDSEIPOWMMNRDWJ6WO3JLU X-Message-ID-Hash: VDP23YRFK2EDSEIPOWMMNRDWJ6WO3JLU X-MailFrom: luzhipeng@cestc.cn X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0 CC: luzhipeng X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZM-MESSAGEID: 1722397745945116600 Content-Type: text/plain; charset="utf-8" qemu add sm4 in release 9, but the name of sm4 doesn't have the key length suffix, So set size to 0, construct cipher name without key length as suffix. In order to support the snapshot of encrypted disks, it remove the restrictions about cipher names in XML Signed-off-by: luzhipeng --- docs/formatstorageencryption.rst | 8 +++++--- src/conf/domain_validate.c | 12 ------------ src/qemu/qemu_block.c | 10 +++++++--- 3 files changed, 12 insertions(+), 18 deletions(-) diff --git a/docs/formatstorageencryption.rst b/docs/formatstorageencryptio= n.rst index 066d285090..6cb8cf024c 100644 --- a/docs/formatstorageencryption.rst +++ b/docs/formatstorageencryption.rst @@ -75,11 +75,13 @@ initialization vector generation. =20 ``name`` The name of the cipher algorithm used for data encryption, such as '= aes', - 'des', 'cast5', 'serpent', 'twofish', etc. Support of the specific + 'des', 'cast5', 'serpent', 'twofish', 'sm4', etc. Support of the spe= cific algorithm is storage driver implementation dependent. ``size`` - The size of the cipher in bits, such as '256', '192', '128', etc. Su= pport - of the specific size for a specific cipher is hypervisor dependent. + The size of the cipher in bits, such as '256', '192', '128', '0', et= c. + '0' indicates that the encryption algorithm name doesn't have key le= ngth + suffix. Support of the specific size for a specific cipher is hyperv= isor + dependent. ``mode`` An optional cipher algorithm mode such as 'cbc', 'xts', 'ecb', etc. Support of the specific cipher mode is hypervisor dependent. diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 39b8d67928..b70edcaaa0 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -529,18 +529,6 @@ virDomainDiskDefValidateSourceChainOne(const virStorag= eSource *src) } } =20 - if (src->encryption) { - virStorageEncryption *encryption =3D src->encryption; - - if (encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS && - encryption->encinfo.cipher_name) { - - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("supplying for domain disk definitio= n is unnecessary")); - return -1; - } - } - /* internal snapshots and config files are currently supported only wi= th rbd: */ if (virStorageSourceGetActualType(src) !=3D VIR_STORAGE_TYPE_NETWORK && src->protocol !=3D VIR_STORAGE_NET_PROTOCOL_RBD) { diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index d6cdf521c4..ac55c077e9 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -2137,9 +2137,13 @@ qemuBlockStorageSourceCreateGetEncryptionLUKS(virSto= rageSource *src, =20 if (src->encryption) { if (src->encryption->encinfo.cipher_name) { - cipheralg =3D g_strdup_printf("%s-%u", - src->encryption->encinfo.cipher_na= me, - src->encryption->encinfo.cipher_si= ze); + if (src->encryption->encinfo.cipher_size) { + cipheralg =3D g_strdup_printf("%s-%u", + src->encryption->encinfo.ciphe= r_name, + src->encryption->encinfo.ciphe= r_size); + } else { + cipheralg =3D g_strdup_printf("%s", src->encryption->encin= fo.cipher_name) + } } =20 if (virJSONValueObjectAdd(&props, --=20 2.34.0.windows.1