From nobody Wed Feb 11 06:00:05 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org ARC-Seal: i=1; a=rsa-sha256; t=1770712187; cv=none; d=zohomail.com; s=zohoarc; b=VzSFA3/NQpqcyuZMQAzmAcQymNLHvmpc+zJ2aPeWMYYkRn8hpw5jHLldRo8ovhvrU+qZTYNkvCZ/Raz7qkC/oFzQmK4mms3OClU2zWI9exlzC0sTMXERETwDIm1FQ7x+8m+4q7F7NtwWDX0rh0NKd+oPLd1aq10A6Lt/cyEcFpQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770712187; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Subject:Subject:To:To:Message-Id; bh=zmED5tmZ80C0xHeREcGGn9qHYT1BWzJRQwRnf65NtNQ=; b=himGL4l5SOW39spiQ5xR4TxXTykIW0xVA8JxZWOLeVpGdSS9GClifi/nZdN/TMxYi8DCTalEK8erkr6ZcFfdktIIJxsPH3GXEmtckK4nHBqasYUSLe0lXCVYMqMHDDUI10HYj14Ujjgzq67fYswvgB7MgQ46a2vcdcey1Vcrl8Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1770712187586580.0677854071433; Tue, 10 Feb 2026 00:29:47 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id A738644181; Tue, 10 Feb 2026 03:29:46 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 79E8D44120; Tue, 10 Feb 2026 03:27:33 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 73E593F2B4; Tue, 10 Feb 2026 03:00:32 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 8E84A3F344 for ; Tue, 10 Feb 2026 03:00:31 -0500 (EST) Received: from mail-pl1-f200.google.com (mail-pl1-f200.google.com [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-661-8zlMaBLSNWGfcATBfOQWBg-1; Tue, 10 Feb 2026 03:00:29 -0500 Received: by mail-pl1-f200.google.com with SMTP id d9443c01a7336-2aad5fec176so28785555ad.2 for ; Tue, 10 Feb 2026 00:00:29 -0800 (PST) Received: from armenon-kvm.armenon-thinkpadp16vgen1.bengluru.csb ([49.36.106.198]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2aadc397d8dsm98273835ad.1.2026.02.10.00.00.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Feb 2026 00:00:24 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1770710431; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zmED5tmZ80C0xHeREcGGn9qHYT1BWzJRQwRnf65NtNQ=; b=GkS40yxfNVJ0uq1eJGRZwwGhsVX/zGMSY5bBUlyUbcjikNpZT0mA35lRZPD3STRdCOaXgH AUJsG8GHa5NGRYezBbIk5pyCmdSTfVFHLZTnfPtisMmNS4LBjLkDZ8HZ4Q6EiqZy10TLm1 vH0qkRF49qqrdtg6qwuW3ZM5CoFAd4w= X-MC-Unique: 8zlMaBLSNWGfcATBfOQWBg-1 X-Mimecast-MFC-AGG-ID: 8zlMaBLSNWGfcATBfOQWBg_1770710428 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770710428; x=1771315228; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=zmED5tmZ80C0xHeREcGGn9qHYT1BWzJRQwRnf65NtNQ=; b=Nn0ggFNlGz8Ngg3ZT+jKGXQsl7/azDXjuF2lO9fxvmLDaR7Hx6PwzEcv2NHASmBHOq H1Ql8b8RFB/IEobghYH2PJcfcqzuszOWW3SG5WHFgvgo+UzW9KcuwSu/U0zzaao/KmTA BhQOo/ROUTXpoAtPTqz4gHm0SpG1Iq2V3hgISNgz5aTqQE+R9ldq4FcnarlgLKc+tKFX xtkh6zWYjdHsWbFadq2OQwYOWZgSGrxfUOjyX6Uf+P3AG81cEAq9rDYrSVOcBJ2lP4oW 7AMEfQD8aHMfWqMiaNqgB4qUdGboCKmJyJdC8o4FnWamQ+pctKZ88YBJGq5QkTg2q450 zQ/g== X-Gm-Message-State: AOJu0YyZ3LTIvPvC6NfWS8J1n9jpUvuFQaH+cQhAPPABfN9va1QjJT2W iHBKoVyjyuXxwdXTTCdjdupfo5n1x24QfY6eO8eBP9MC7xeyX+5ka3gNb8ukgV+APdpvFhEGtDF aMrTAwSrnLGywoeMjgBhGUsNYMh2eSDKkgYSd6yS26gX87xEuG9IXnOAxw5DE2AA99Wxglrj0Dl sub25p09KQFnSC6U0SujWn8Jg9YFrXb9I0Pn/HSn28Ow== X-Gm-Gg: AZuq6aIDl54QP7mOYTYmuD68d6cKpkELnGqWdrUQSk0hG3N5YaTT8obooEoHS4lKNGJ b1306GqHlPG7tKM/VOjqAkfMwS1GlKkap1lsEeC9TVhCnNMkhrrrWK32s3rFJGDkyHjy5lUBG8i zmMG1HQ4urOJ1xgxnETJuI/Jw4uI6NLYU8jEMzGR2lFT/X0xbFe69YBkjcmbUXmRIsv+5+bzDwe b2sna3dHB10ZTs7RlNhm03b2Kw5W7x0oXk1jjBiKSpoKfJF2sTwAxg3oiko4/lYOW4qs1Fh/QoE YEE3h42xM+j42OE6XovBFgp5OSE0gL08uJVk+eNYPhIlUvhJ33Vnj75g5U9XEX+H9DmL6lQAncj /TYeCOogZlc2moU0rZ71qDF1HYnkiwJCD3CHw6kTZnh0bXLtqCKGUpu74tyV78WV6mOZRNw== X-Received: by 2002:a17:903:906:b0:29e:76b8:41e5 with SMTP id d9443c01a7336-2a9521f3eebmr148760315ad.30.1770710427676; Tue, 10 Feb 2026 00:00:27 -0800 (PST) X-Received: by 2002:a17:903:906:b0:29e:76b8:41e5 with SMTP id d9443c01a7336-2a9521f3eebmr148758455ad.30.1770710425158; Tue, 10 Feb 2026 00:00:25 -0800 (PST) To: devel@lists.libvirt.org Subject: [PATCH v5 5/6] secret: Add functionality to load and save secrets in encrypted format Date: Tue, 10 Feb 2026 13:30:11 +0530 Message-ID: <20260210080012.17753-6-armenon@redhat.com> X-Mailer: git-send-email 2.51.1 In-Reply-To: <20260210080012.17753-1-armenon@redhat.com> References: <20260210080012.17753-1-armenon@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: 2wtnIAmMqtVCTlT2F4BAdl_60UUxxlfQx7Yqw7qSKjw_1770710428 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: PXDTPZHDT2DOXNYBDK44SXFM545VJQ3H X-Message-ID-Hash: PXDTPZHDT2DOXNYBDK44SXFM545VJQ3H X-MailFrom: armenon@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Arun Menon X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Arun Menon via Devel Reply-To: Arun Menon X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1770712200614154101 Content-Type: text/plain; charset="utf-8"; x-default="true" Now that we have the functionality to provide the secrets driver with an encryption key through a configuration file or using system credentials, and the newly introduced array to iterate over the encryption schemes, we can use the key to save and load secrets. Encrypt all secrets that are going to be saved on the disk if the 'secrets_encryption_key' path is set in the secret.conf file OR if a valid systemd generated credential exists. While loading secrets, identify the decryption method by matching the file extension of the stored secret against the known array values. If no matching scheme is found, the secret is skipped. If the encryption key is changed across restarts, then also the secret driver will fail to lo= ad the secrets from the disk that were encrypted with the former key. Signed-off-by: Arun Menon --- src/conf/virsecretobj.c | 249 ++++++++++++++++++++++++++++--------- src/conf/virsecretobj.h | 16 ++- src/secret/secret_driver.c | 20 ++- 3 files changed, 222 insertions(+), 63 deletions(-) diff --git a/src/conf/virsecretobj.c b/src/conf/virsecretobj.c index a3dd7983bb..49b69b4867 100644 --- a/src/conf/virsecretobj.c +++ b/src/conf/virsecretobj.c @@ -31,6 +31,10 @@ #include "virhash.h" #include "virlog.h" #include "virstring.h" +#include "virsecret.h" +#include "virrandom.h" +#include "vircrypto.h" +#include "virsecureerase.h" =20 #define VIR_FROM_THIS VIR_FROM_SECRET =20 @@ -45,6 +49,16 @@ struct _virSecretObj { size_t value_size; }; =20 +typedef struct _virSecretSchemeInfo { + const char *suffix; + virCryptoCipher cipher; +} virSecretSchemeInfo; + +virSecretSchemeInfo schemeInfo[] =3D { + { ".aes256cbc", VIR_CRYPTO_CIPHER_AES256CBC }, + { ".base64", -1 }, +}; + static virClass *virSecretObjClass; static virClass *virSecretObjListClass; static void virSecretObjDispose(void *obj); @@ -377,12 +391,14 @@ virSecretObjListAdd(virSecretObjList *secrets, =20 if (!(obj =3D virSecretObjNew())) goto cleanup; - /* Generate the possible configFile and secretValueFile strings - * using the configDir, uuidstr, and appropriate suffix + * using the configDir, uuidstr, and appropriate suffix. + * Note that secretValueFile extension is not set here. It is dete= rmined + * based on a) existing availability of secret file (virSecretLoad= Value) or + * b) target storage format (virSecretObjSaveData) */ if (!(obj->configFile =3D virFileBuildPath(configDir, uuidstr, ".x= ml")) || - !(obj->secretValueFile =3D virFileBuildPath(configDir, uuidstr= , ".base64"))) + !(obj->secretValueFile =3D virFileBuildPath(configDir, uuidstr= , NULL))) goto cleanup; =20 if (virHashAddEntry(secrets->objs, uuidstr, obj) < 0) @@ -682,18 +698,75 @@ virSecretObjSaveConfig(virSecretObj *obj) =20 =20 int -virSecretObjSaveData(virSecretObj *obj) +virSecretObjSaveData(virSecretObj *obj, + const char *configDir, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { + char uuidstr[VIR_UUID_STRING_BUFLEN]; + g_autofree char *base64 =3D NULL; + g_autofree char *newSecretFile =3D NULL; + g_autofree uint8_t *secret =3D NULL; + g_autofree uint8_t *encryptedValue =3D NULL; + + const char *selectedSuffix =3D NULL; + size_t encryptedValueLen =3D 0; + + size_t i; + size_t secretLen =3D 0; + uint8_t iv[16] =3D { 0 }; =20 if (!obj->value) return 0; =20 - base64 =3D g_base64_encode(obj->value, obj->value_size); + virUUIDFormat(obj->def->uuid, uuidstr); + + /* Based on whether encryption is on/off, save the secret in either + * the latest encryption scheme or in base64 formats. + * Subsequently, delete the other formats of the same uuid on the disk. + */ + if (encryptData && secretsEncryptionKey) { + selectedSuffix =3D schemeInfo[0].suffix; + if (virRandomBytes(iv, sizeof(iv)) < 0) { + return -1; + } + if (virCryptoEncryptData(schemeInfo[0].cipher, + secretsEncryptionKey, secretsKeyLen, + iv, sizeof(iv), + (uint8_t *)obj->value, obj->value_size, + &encryptedValue, &encryptedValueLen) < 0)= { + return -1; + } + secretLen =3D sizeof(iv) + encryptedValueLen; + secret =3D g_new0(uint8_t, secretLen); + memcpy(secret, iv, sizeof(iv)); + memcpy(secret + sizeof(iv), encryptedValue, encryptedValueLen); + base64 =3D g_base64_encode(secret, secretLen); + } else { + int baseElement =3D G_N_ELEMENTS(schemeInfo) - 1; + selectedSuffix =3D schemeInfo[baseElement].suffix; + base64 =3D g_base64_encode(obj->value, obj->value_size); + } + + if (!(newSecretFile =3D virFileBuildPath(configDir, uuidstr, selectedS= uffix))) { + return -1; + } + g_free(obj->secretValueFile); + obj->secretValueFile =3D g_steal_pointer(&newSecretFile); =20 if (virFileRewriteStr(obj->secretValueFile, S_IRUSR | S_IWUSR, base64)= < 0) return -1; =20 + for (i =3D 0; i < G_N_ELEMENTS(schemeInfo); i++) { + g_autofree char* deleteFile =3D virFileBuildPath(configDir, + uuidstr, + schemeInfo[i].suffi= x); + if (STRNEQ_NULLABLE(schemeInfo[i].suffix, selectedSuffix)) { + unlink(deleteFile); + } + } return 0; } =20 @@ -737,7 +810,11 @@ virSecretObjGetValue(virSecretObj *obj) int virSecretObjSetValue(virSecretObj *obj, const unsigned char *value, - size_t value_size) + size_t value_size, + const char *configDir, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { virSecretDef *def =3D obj->def; g_autofree unsigned char *old_value =3D NULL; @@ -753,7 +830,11 @@ virSecretObjSetValue(virSecretObj *obj, obj->value =3D g_steal_pointer(&new_value); obj->value_size =3D value_size; =20 - if (!def->isephemeral && virSecretObjSaveData(obj) < 0) + if (!def->isephemeral && virSecretObjSaveData(obj, + configDir, + encryptData, + secretsEncryptionKey, + secretsKeyLen) < 0) goto error; =20 /* Saved successfully - drop old value */ @@ -807,59 +888,109 @@ virSecretLoadValidateUUID(virSecretDef *def, =20 =20 static int -virSecretLoadValue(virSecretObj *obj) +virSecretLoadValue(virSecretObj *obj, + const char *configDir, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { - int ret =3D -1, fd =3D -1; + int ret =3D -1; + char uuidstr[VIR_UUID_STRING_BUFLEN]; + VIR_AUTOCLOSE fd =3D -1; struct stat st; - g_autofree char *contents =3D NULL; + size_t i; =20 - if ((fd =3D open(obj->secretValueFile, O_RDONLY)) =3D=3D -1) { - if (errno =3D=3D ENOENT) { - ret =3D 0; + g_autofree char *contents =3D NULL; + g_autofree uint8_t *contentsEncrypted =3D NULL; + g_autofree uint8_t *decryptedValue =3D NULL; + + size_t decryptedValueLen =3D 0; + uint8_t iv[16] =3D { 0 }; + uint8_t *ciphertext =3D NULL; + size_t ciphertextLen =3D 0; + + virUUIDFormat(obj->def->uuid, uuidstr); + + /* Iterate over the list of suffixes, find the one that when appended = to the + * uuid will result in a file that exists on the disk. This essentiall= y is the + * secret file. Subsequently, load/decrypt the secret by using the app= ropriate + * encryption scheme. + */ + for (i =3D 0; i < G_N_ELEMENTS(schemeInfo); i++) { + g_autofree char *candidatePath =3D NULL; + if (!(candidatePath =3D virFileBuildPath(configDir, + uuidstr, + schemeInfo[i].suffix))) { goto cleanup; } - virReportSystemError(errno, _("cannot open '%1$s'"), - obj->secretValueFile); - goto cleanup; - } - - if (fstat(fd, &st) < 0) { - virReportSystemError(errno, _("cannot stat '%1$s'"), - obj->secretValueFile); - goto cleanup; - } - - if ((size_t)st.st_size !=3D st.st_size) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("'%1$s' file does not fit in memory"), - obj->secretValueFile); - goto cleanup; - } - - if (st.st_size < 1) { - ret =3D 0; - goto cleanup; - } - - contents =3D g_new0(char, st.st_size + 1); - - if (saferead(fd, contents, st.st_size) !=3D st.st_size) { - virReportSystemError(errno, _("cannot read '%1$s'"), - obj->secretValueFile); - goto cleanup; + if (virFileExists(candidatePath)) { + if ((fd =3D open(candidatePath, O_RDONLY)) =3D=3D -1) { + if (errno =3D=3D ENOENT) { + ret =3D 0; + } else { + virReportSystemError(errno, _("cannot open '%1$s'"), + candidatePath); + } + goto cleanup; + } + if (fstat(fd, &st) < 0) { + virReportSystemError(errno, _("cannot stat '%1$s'"), + candidatePath); + goto cleanup; + } + if ((size_t)st.st_size !=3D st.st_size) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("'%1$s' file does not fit in memory"), + candidatePath); + goto cleanup; + } + if (st.st_size < 1) { + ret =3D 0; + goto cleanup; + } + contents =3D g_new0(char, st.st_size + 1); + + if (saferead(fd, contents, st.st_size) !=3D st.st_size) { + virReportSystemError(errno, _("cannot read '%1$s'"), + candidatePath); + goto cleanup; + } + contents[st.st_size] =3D '\0'; + if (schemeInfo[i].cipher !=3D -1) { + contentsEncrypted =3D g_base64_decode(contents, &obj->valu= e_size); + if (sizeof(iv) > obj->value_size) { + virReportError(VIR_ERR_INVALID_SECRET, + _("Encrypted secret size '%1$zu' is inv= alid"), + obj->value_size); + goto cleanup; + } + memcpy(iv, contentsEncrypted, sizeof(iv)); + ciphertext =3D contentsEncrypted + sizeof(iv); + ciphertextLen =3D obj->value_size - sizeof(iv); + if (virCryptoDecryptData(schemeInfo[i].cipher, + secretsEncryptionKey, secretsKeyL= en, + iv, sizeof(iv), + ciphertext, ciphertextLen, + &decryptedValue, &decryptedValueL= en) < 0) { + goto cleanup; + } + g_free(obj->value); + obj->value =3D g_steal_pointer(&decryptedValue); + obj->value_size =3D decryptedValueLen; + } else { + obj->value =3D g_base64_decode(contents, &obj->value_size); + } + + g_free(obj->secretValueFile); + obj->secretValueFile =3D g_steal_pointer(&candidatePath); + + break; + } } - contents[st.st_size] =3D '\0'; - - VIR_FORCE_CLOSE(fd); - - obj->value =3D g_base64_decode(contents, &obj->value_size); - ret =3D 0; - cleanup: - if (contents !=3D NULL) - memset(contents, 0, st.st_size); - VIR_FORCE_CLOSE(fd); + virSecureErase(contentsEncrypted, obj->value_size); + virSecureErase(contents, st.st_size); + virSecureErase(iv, sizeof(iv)); return ret; } =20 @@ -868,7 +999,9 @@ static virSecretObj * virSecretLoad(virSecretObjList *secrets, const char *file, const char *path, - const char *configDir) + const char *configDir, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { g_autoptr(virSecretDef) def =3D NULL; virSecretObj *obj =3D NULL; @@ -882,7 +1015,7 @@ virSecretLoad(virSecretObjList *secrets, if (!(obj =3D virSecretObjListAdd(secrets, &def, configDir, NULL))) return NULL; =20 - if (virSecretLoadValue(obj) < 0) { + if (virSecretLoadValue(obj, configDir, secretsEncryptionKey, secretsKe= yLen) < 0) { virSecretObjListRemove(secrets, obj); g_clear_pointer(&obj, virObjectUnref); return NULL; @@ -894,7 +1027,9 @@ virSecretLoad(virSecretObjList *secrets, =20 int virSecretLoadAllConfigs(virSecretObjList *secrets, - const char *configDir) + const char *configDir, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen) { g_autoptr(DIR) dir =3D NULL; struct dirent *de; @@ -915,7 +1050,9 @@ virSecretLoadAllConfigs(virSecretObjList *secrets, if (!(path =3D virFileBuildPath(configDir, de->d_name, NULL))) continue; =20 - if (!(obj =3D virSecretLoad(secrets, de->d_name, path, configDir))= ) { + if (!(obj =3D virSecretLoad(secrets, de->d_name, path, configDir, + secretsEncryptionKey, + secretsKeyLen))) { VIR_ERROR(_("Error reading secret: %1$s"), virGetLastErrorMessage()); continue; diff --git a/src/conf/virsecretobj.h b/src/conf/virsecretobj.h index 17897c5513..74a36baf6d 100644 --- a/src/conf/virsecretobj.h +++ b/src/conf/virsecretobj.h @@ -86,7 +86,11 @@ int virSecretObjSaveConfig(virSecretObj *obj); =20 int -virSecretObjSaveData(virSecretObj *obj); +virSecretObjSaveData(virSecretObj *obj, + const char *configDir, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen); =20 virSecretDef * virSecretObjGetDef(virSecretObj *obj); @@ -101,7 +105,11 @@ virSecretObjGetValue(virSecretObj *obj); int virSecretObjSetValue(virSecretObj *obj, const unsigned char *value, - size_t value_size); + size_t value_size, + const char *configDir, + bool encryptData, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen); =20 size_t virSecretObjGetValueSize(virSecretObj *obj); @@ -112,4 +120,6 @@ virSecretObjSetValueSize(virSecretObj *obj, =20 int virSecretLoadAllConfigs(virSecretObjList *secrets, - const char *configDir); + const char *configDir, + uint8_t *secretsEncryptionKey, + size_t secretsKeyLen); diff --git a/src/secret/secret_driver.c b/src/secret/secret_driver.c index 9b13772ad3..e1668730dd 100644 --- a/src/secret/secret_driver.c +++ b/src/secret/secret_driver.c @@ -229,7 +229,11 @@ secretDefineXML(virConnectPtr conn, =20 if (!objDef->isephemeral) { if (backup && backup->isephemeral) { - if (virSecretObjSaveData(obj) < 0) + if (virSecretObjSaveData(obj, + driver->configDir, + driver->config->encryptData, + driver->config->secretsEncryptionKey, + driver->config->secretsKeyLen) < 0) goto restore_backup; } =20 @@ -333,7 +337,11 @@ secretSetValue(virSecretPtr secret, if (virSecretSetValueEnsureACL(secret->conn, def) < 0) goto cleanup; =20 - if (virSecretObjSetValue(obj, value, value_size) < 0) + if (virSecretObjSetValue(obj, value, value_size, + driver->configDir, + driver->config->encryptData, + driver->config->secretsEncryptionKey, + driver->config->secretsKeyLen) < 0) goto cleanup; =20 event =3D virSecretEventValueChangedNew(def->uuid, @@ -542,7 +550,9 @@ secretStateInitialize(bool privileged, if (!(driver->secrets =3D virSecretObjListNew())) goto error; =20 - if (virSecretLoadAllConfigs(driver->secrets, driver->configDir) < 0) + if (virSecretLoadAllConfigs(driver->secrets, driver->configDir, + driver->config->secretsEncryptionKey, + driver->config->secretsKeyLen) < 0) goto error; =20 return VIR_DRV_STATE_INIT_COMPLETE; @@ -564,7 +574,9 @@ secretStateReload(void) if (!(driver->config =3D virSecretDaemonConfigNew(driver->privileged))) return -1; =20 - ignore_value(virSecretLoadAllConfigs(driver->secrets, driver->configDi= r)); + ignore_value(virSecretLoadAllConfigs(driver->secrets, driver->configDi= r, + driver->config->secretsEncryption= Key, + driver->config->secretsKeyLen)); =20 return 0; } --=20 2.51.1