From nobody Wed Oct 30 22:15:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1722409648934812.0984251302618; Wed, 31 Jul 2024 00:07:28 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id E38DA9ED; Wed, 31 Jul 2024 03:07:27 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 796269A9; Wed, 31 Jul 2024 03:07:08 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id CE50C11E; Wed, 31 Jul 2024 03:07:04 -0400 (EDT) Received: from smtp.cecloud.com (unknown [1.203.97.240]) by lists.libvirt.org (Postfix) with ESMTP id 025F110A for ; Wed, 31 Jul 2024 03:07:01 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by smtp.cecloud.com (Postfix) with ESMTP id 3782E900114 for ; Wed, 31 Jul 2024 15:06:57 +0800 (CST) Received: from localhost.localdomain (unknown [111.48.58.10]) by smtp.cecloud.com (postfix) whith ESMTP id P1340312T281473348858224S1722409615998676_; Wed, 31 Jul 2024 15:06:57 +0800 (CST) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=0.3 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.4 X-Greylist: delayed 12238 seconds by postgrey-1.37 at lists.libvirt.org; Wed, 31 Jul 2024 03:07:02 EDT X-MAIL-GRAY: 0 X-MAIL-DELIVERY: 1 X-SKE-CHECKED: 1 X-ANTISPAM-LEVEL: 2 X-IP-DOMAINF: 1 X-RL-SENDER: luzhipeng@cestc.cn X-SENDER: luzhipeng@cestc.cn X-LOGIN-NAME: luzhipeng@cestc.cn X-FST-TO: devel@lists.libvirt.org X-RCPT-COUNT: 2 X-LOCAL-RCPT-COUNT: 1 X-MUTI-DOMAIN-COUNT: 0 X-SENDER-IP: 111.48.58.10 X-ATTACHMENT-NUM: 0 X-UNIQUE-TAG: <588b5b15919c4126feea3e8ca5cacf28> X-System-Flag: 0 From: luzhipeng To: devel@lists.libvirt.org Subject: [PATCH RESEND] crypto: add support for sm4 without key length suffix and remove the restriction about ciper name in xml Date: Wed, 31 Jul 2024 15:06:30 +0800 Message-Id: <20240731070630.869-1-luzhipeng@cestc.cn> X-Mailer: git-send-email 2.34.0.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: GNMLEXO7GH5QO6XNGZ7G3LUOYQO7B5TX X-Message-ID-Hash: GNMLEXO7GH5QO6XNGZ7G3LUOYQO7B5TX X-MailFrom: luzhipeng@cestc.cn X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0 CC: luzhipeng X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZM-MESSAGEID: 1722409650896116600 Content-Type: text/plain; charset="utf-8" qemu add sm4 in release 9, but the name of sm4 doesn't have the key length suffix, So set size to 0, construct cipher name without key length as suffix. In order to support the snapshot of encrypted disks, it remove the restrictions about cipher names in XML Signed-off-by: luzhipeng --- docs/formatstorageencryption.rst | 8 +++++--- src/conf/domain_validate.c | 12 ------------ src/qemu/qemu_block.c | 10 +++++++--- 3 files changed, 12 insertions(+), 18 deletions(-) diff --git a/docs/formatstorageencryption.rst b/docs/formatstorageencryptio= n.rst index 066d285090..6cb8cf024c 100644 --- a/docs/formatstorageencryption.rst +++ b/docs/formatstorageencryption.rst @@ -75,11 +75,13 @@ initialization vector generation. =20 ``name`` The name of the cipher algorithm used for data encryption, such as '= aes', - 'des', 'cast5', 'serpent', 'twofish', etc. Support of the specific + 'des', 'cast5', 'serpent', 'twofish', 'sm4', etc. Support of the spe= cific algorithm is storage driver implementation dependent. ``size`` - The size of the cipher in bits, such as '256', '192', '128', etc. Su= pport - of the specific size for a specific cipher is hypervisor dependent. + The size of the cipher in bits, such as '256', '192', '128', '0', et= c. + '0' indicates that the encryption algorithm name doesn't have key le= ngth + suffix. Support of the specific size for a specific cipher is hyperv= isor + dependent. ``mode`` An optional cipher algorithm mode such as 'cbc', 'xts', 'ecb', etc. Support of the specific cipher mode is hypervisor dependent. diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 39b8d67928..b70edcaaa0 100644 B --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -529,18 +529,6 @@ virDomainDiskDefValidateSourceChainOne(const virStorag= eSource *src) } } =20 - if (src->encryption) { - virStorageEncryption *encryption =3D src->encryption; - - if (encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS && - encryption->encinfo.cipher_name) { - - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("supplying for domain disk definitio= n is unnecessary")); - return -1; - } - } - /* internal snapshots and config files are currently supported only wi= th rbd: */ if (virStorageSourceGetActualType(src) !=3D VIR_STORAGE_TYPE_NETWORK && src->protocol !=3D VIR_STORAGE_NET_PROTOCOL_RBD) { diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index d6cdf521c4..ac55c077e9 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -2137,9 +2137,13 @@ qemuBlockStorageSourceCreateGetEncryptionLUKS(virSto= rageSource *src, =20 if (src->encryption) { if (src->encryption->encinfo.cipher_name) { - cipheralg =3D g_strdup_printf("%s-%u", - src->encryption->encinfo.cipher_na= me, - src->encryption->encinfo.cipher_si= ze); + if (src->encryption->encinfo.cipher_size) { + cipheralg =3D g_strdup_printf("%s-%u", + src->encryption->encinfo.ciphe= r_name, + src->encryption->encinfo.ciphe= r_size); + } else { + cipheralg =3D g_strdup_printf("%s", src->encryption->encin= fo.cipher_name); + } } =20 if (virJSONValueObjectAdd(&props, --=20 2.34.0.windows.1