From nobody Mon Feb  9 09:22:24 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 207.211.31.120 as permitted sender) client-ip=207.211.31.120;
 envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1586856278; cv=none;
	d=zohomail.com; s=zohoarc;
	b=SLW6eKLwE1w36mwExS6X83Pk8HEAefXFYbSDgp0rSXB5tfNyqfUai16PE7HAV0I2AqkjX2JPbzMEdq3J/jKBjRcU1xcA0QB4KEQSCzHvchXDNNYAk4ZvSREB5qK5T49hlwfKsvnPG85PUYYnrVPxLwRODWVP5VbNm4IsqgbDaJI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1586856278;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=1B5q8mF516Pgp7MQZaX/DED4ypdtV1vdjare5WRpptM=;
	b=HIiL4kYrZRAYHirrMf2lP1qmAKeR1nr9qtOyvYR9kj/uayECrJ7rtGj/Phw5Xjs6Cw/lIZkI1kTgUKdMyI1QfVY9leFyWrWM48ksoO3ETkdoHoU/RKdgUaUs6pLi3z4WZ/r06gGVDaxOxjCu3T6ZVNyXiQSJ30VHYDcWqDE0NpA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
 header.from=<pkrempa@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
 [207.211.31.120]) by mx.zohomail.com
	with SMTPS id 158685627827991.80065215327261;
 Tue, 14 Apr 2020 02:24:38 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-125-nLIswmaCNei7FdpICnOD9g-1; Tue, 14 Apr 2020 05:24:34 -0400
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com
 [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 694D01922020;
	Tue, 14 Apr 2020 09:24:29 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 029E89F99D;
	Tue, 14 Apr 2020 09:24:28 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 097CA180CB3B;
	Tue, 14 Apr 2020 09:24:26 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
	[10.5.11.23])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 03E9Ms1q018085 for <libvir-list@listman.util.phx.redhat.com>;
	Tue, 14 Apr 2020 05:22:54 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 5D974196AE; Tue, 14 Apr 2020 09:22:54 +0000 (UTC)
Received: from localhost.localdomain.com (unknown [10.40.208.94])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 99BFB38F
	for <libvir-list@redhat.com>; Tue, 14 Apr 2020 09:22:51 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1586856277;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=1B5q8mF516Pgp7MQZaX/DED4ypdtV1vdjare5WRpptM=;
	b=iqkOWwbbcNhTBdnkrHJz9fqV47DRuHa0ubiJwtvZG47VeBO0DxKbxQmLEM/G4hOePUivDI
	YJpaFAzw5F1Q+V/W4bF4CQl/9/rWj4NUwgL9H8AEN1Ptp5cSss6Ws8Wz9gvsQlWtLx2g8k
	wZoxZ/CRkznBgW/tEeR3uPEMvke3djY=
X-MC-Unique: nLIswmaCNei7FdpICnOD9g-1
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 2/2] backup: Allow 'encryption' of backups and scratch images
Date: Tue, 14 Apr 2020 11:22:44 +0200
Message-Id: 
 <8822b554716ca68df8e21b179d891e92465e03e6.1586856084.git.pkrempa@redhat.com>
In-Reply-To: <cover.1586856084.git.pkrempa@redhat.com>
References: <cover.1586856084.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

Add the appropriate entries into the schema to allow encryption of the
backup or scratch image. Since we use blockdev internals for everything
no changes to the code are actually necessary.

https://bugzilla.redhat.com/show_bug.cgi?id=3D1811906

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
---
 docs/formatbackup.html.in                     | 14 +++-
 docs/schemas/domainbackup.rng                 | 65 +++++++++++++++----
 .../backup-pull-encrypted.xml                 | 30 +++++++++
 .../backup-push-encrypted.xml                 | 29 +++++++++
 .../backup-pull-encrypted.xml                 | 30 +++++++++
 .../backup-push-encrypted.xml                 | 29 +++++++++
 tests/genericxml2xmltest.c                    |  3 +
 7 files changed, 185 insertions(+), 15 deletions(-)
 create mode 100644 tests/domainbackupxml2xmlin/backup-pull-encrypted.xml
 create mode 100644 tests/domainbackupxml2xmlin/backup-push-encrypted.xml
 create mode 100644 tests/domainbackupxml2xmlout/backup-pull-encrypted.xml
 create mode 100644 tests/domainbackupxml2xmlout/backup-push-encrypted.xml

diff --git a/docs/formatbackup.html.in b/docs/formatbackup.html.in
index 87744bac98..9e69d8f7d3 100644
--- a/docs/formatbackup.html.in
+++ b/docs/formatbackup.html.in
@@ -101,7 +101,7 @@
                 <code>block</code>.
                 Similar to a disk declaration for a domain, the choice of =
type
                 controls what additional sub-elements are needed to descri=
be
-                the destination.
+                the destination.</dd>
               <dt><code>target</code></dt>
               <dd>Valid only for push mode backups, this is the
                 primary sub-element that describes the file name of
@@ -110,7 +110,8 @@
                 disk. An optional sub-element <code>driver</code> can
                 also be used, with an attribute <code>type</code> to
                 specify a destination format different from
-                qcow2. </dd>
+                qcow2. See documentation for <code>scratch</code> below for
+                additional configuration.</dd>
               <dt><code>scratch</code></dt>
               <dd>Valid only for pull mode backups, this is the
                 primary sub-element that describes the file name of
@@ -130,7 +131,14 @@
                 used without modification. The file is not deleted after t=
he
                 backup but the contents of the file don't make sense outsi=
de
                 of the backup. The same applies for the block device which
-                must be formatted appropriately.</dd>
+                must be formatted appropriately.
+
+                Similarly to the domain
+                <a href=3D"formatdomain.html#elementsDisks"><code>disk</co=
de></a>
+                definition <code>scratch</code> and <code>target</code> can
+                contain <code>seclabel</code> and/or <code>encryption</cod=
e>
+                subelements to configure the corresponding properties.
+              </dd>
             </dl>
           </dd>
         </dl>
diff --git a/docs/schemas/domainbackup.rng b/docs/schemas/domainbackup.rng
index 395ea841f9..ac5b12c463 100644
--- a/docs/schemas/domainbackup.rng
+++ b/docs/schemas/domainbackup.rng
@@ -7,6 +7,27 @@

   <include href=3D'domaincommon.rng'/>

+  <define name=3D'backupEncryption'>
+    <element name=3D'encryption'>
+      <attribute name=3D'format'>
+        <choice>
+          <value>luks</value>
+        </choice>
+      </attribute>
+      <interleave>
+        <ref name=3D'secret'/>
+        <optional>
+          <element name=3D'cipher'>
+            <ref name=3D'keycipher'/>
+          </element>
+          <element name=3D'ivgen'>
+            <ref name=3D'keyivgen'/>
+          </element>
+        </optional>
+      </interleave>
+    </element>
+  </define>
+
   <define name=3D'domainbackup'>
     <element name=3D'domainbackup'>
       <interleave>
@@ -123,9 +144,14 @@
                       <attribute name=3D'file'>
                         <ref name=3D'absFilePath'/>
                       </attribute>
-                      <zeroOrMore>
-                        <ref name=3D'devSeclabel'/>
-                      </zeroOrMore>
+                      <interleave>
+                        <zeroOrMore>
+                          <ref name=3D'devSeclabel'/>
+                        </zeroOrMore>
+                        <optional>
+                          <ref name=3D'backupEncryption'/>
+                        </optional>
+                      </interleave>
                     </element>
                   </optional>
                   <ref name=3D'backupPushDriver'/>
@@ -142,9 +168,14 @@
                       <attribute name=3D'dev'>
                         <ref name=3D'absFilePath'/>
                       </attribute>
-                      <zeroOrMore>
-                        <ref name=3D'devSeclabel'/>
-                      </zeroOrMore>
+                      <interleave>
+                        <zeroOrMore>
+                          <ref name=3D'devSeclabel'/>
+                        </zeroOrMore>
+                        <optional>
+                          <ref name=3D'backupEncryption'/>
+                        </optional>
+                      </interleave>
                     </element>
                   </optional>
                   <ref name=3D'backupPushDriver'/>
@@ -192,9 +223,14 @@
                       <attribute name=3D'file'>
                         <ref name=3D'absFilePath'/>
                       </attribute>
-                      <zeroOrMore>
-                        <ref name=3D'devSeclabel'/>
-                      </zeroOrMore>
+                      <interleave>
+                        <zeroOrMore>
+                          <ref name=3D'devSeclabel'/>
+                        </zeroOrMore>
+                        <optional>
+                          <ref name=3D'backupEncryption'/>
+                        </optional>
+                      </interleave>
                     </element>
                     <ref name=3D'backupPullDriver'/>
                   </interleave>
@@ -210,9 +246,14 @@
                     <attribute name=3D'dev'>
                       <ref name=3D'absFilePath'/>
                     </attribute>
-                    <zeroOrMore>
-                      <ref name=3D'devSeclabel'/>
-                    </zeroOrMore>
+                    <interleave>
+                      <zeroOrMore>
+                        <ref name=3D'devSeclabel'/>
+                      </zeroOrMore>
+                      <optional>
+                        <ref name=3D'backupEncryption'/>
+                      </optional>
+                    </interleave>
                   </element>
                   <ref name=3D'backupPullDriver'/>
                 </interleave>
diff --git a/tests/domainbackupxml2xmlin/backup-pull-encrypted.xml b/tests/=
domainbackupxml2xmlin/backup-pull-encrypted.xml
new file mode 100644
index 0000000000..1469189a37
--- /dev/null
+++ b/tests/domainbackupxml2xmlin/backup-pull-encrypted.xml
@@ -0,0 +1,30 @@
+<domainbackup mode=3D"pull">
+  <incremental>1525889631</incremental>
+  <server transport=3D'tcp' name=3D'localhost' port=3D'10809'/>
+  <disks>
+    <disk name=3D'vda' type=3D'file' exportname=3D'test-vda' exportbitmap=
=3D'blah'>
+      <driver type=3D'qcow2'/>
+      <scratch file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' uuid=3D'0a81f5b2-8403-7b23-c8d6-21cc=
c2f80d6f'/>
+        </encryption>
+      </scratch>
+    </disk>
+    <disk name=3D'vdb' type=3D'file' exportname=3D'test-vda' exportbitmap=
=3D'blah'>
+      <driver type=3D'qcow2'/>
+      <scratch file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdb'/>
+        </encryption>
+      </scratch>
+    </disk>
+    <disk name=3D'vdc' type=3D'block'>
+      <driver type=3D'qcow2'/>
+      <scratch dev=3D'/dev/block'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdc'/>
+        </encryption>
+      </scratch>
+    </disk>
+  </disks>
+</domainbackup>
diff --git a/tests/domainbackupxml2xmlin/backup-push-encrypted.xml b/tests/=
domainbackupxml2xmlin/backup-push-encrypted.xml
new file mode 100644
index 0000000000..121cfd7fa9
--- /dev/null
+++ b/tests/domainbackupxml2xmlin/backup-push-encrypted.xml
@@ -0,0 +1,29 @@
+<domainbackup mode=3D"push">
+  <incremental>1525889631</incremental>
+  <disks>
+    <disk name=3D'vda' type=3D'file'>
+      <driver type=3D'qcow2'/>
+      <target file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' uuid=3D'0a81f5b2-8403-7b23-c8d6-21cc=
c2f80d6f'/>
+        </encryption>
+      </target>
+    </disk>
+    <disk name=3D'vdb' type=3D'file'>
+      <driver type=3D'raw'/>
+      <target file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdb'/>
+        </encryption>
+      </target>
+    </disk>
+    <disk name=3D'vdc' type=3D'block'>
+      <driver type=3D'qcow2'/>
+      <target dev=3D'/dev/block'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdc'/>
+        </encryption>
+      </target>
+    </disk>
+  </disks>
+</domainbackup>
diff --git a/tests/domainbackupxml2xmlout/backup-pull-encrypted.xml b/tests=
/domainbackupxml2xmlout/backup-pull-encrypted.xml
new file mode 100644
index 0000000000..81519bfcb5
--- /dev/null
+++ b/tests/domainbackupxml2xmlout/backup-pull-encrypted.xml
@@ -0,0 +1,30 @@
+<domainbackup mode=3D'pull'>
+  <incremental>1525889631</incremental>
+  <server transport=3D'tcp' name=3D'localhost' port=3D'10809'/>
+  <disks>
+    <disk name=3D'vda' backup=3D'yes' type=3D'file' exportname=3D'test-vda=
' exportbitmap=3D'blah'>
+      <driver type=3D'qcow2'/>
+      <scratch file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' uuid=3D'0a81f5b2-8403-7b23-c8d6-21cc=
c2f80d6f'/>
+        </encryption>
+      </scratch>
+    </disk>
+    <disk name=3D'vdb' backup=3D'yes' type=3D'file' exportname=3D'test-vda=
' exportbitmap=3D'blah'>
+      <driver type=3D'qcow2'/>
+      <scratch file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdb'/>
+        </encryption>
+      </scratch>
+    </disk>
+    <disk name=3D'vdc' backup=3D'yes' type=3D'block'>
+      <driver type=3D'qcow2'/>
+      <scratch dev=3D'/dev/block'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdc'/>
+        </encryption>
+      </scratch>
+    </disk>
+  </disks>
+</domainbackup>
diff --git a/tests/domainbackupxml2xmlout/backup-push-encrypted.xml b/tests=
/domainbackupxml2xmlout/backup-push-encrypted.xml
new file mode 100644
index 0000000000..a955340964
--- /dev/null
+++ b/tests/domainbackupxml2xmlout/backup-push-encrypted.xml
@@ -0,0 +1,29 @@
+<domainbackup mode=3D'push'>
+  <incremental>1525889631</incremental>
+  <disks>
+    <disk name=3D'vda' backup=3D'yes' type=3D'file'>
+      <driver type=3D'qcow2'/>
+      <target file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' uuid=3D'0a81f5b2-8403-7b23-c8d6-21cc=
c2f80d6f'/>
+        </encryption>
+      </target>
+    </disk>
+    <disk name=3D'vdb' backup=3D'yes' type=3D'file'>
+      <driver type=3D'raw'/>
+      <target file=3D'/path/to/file'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdb'/>
+        </encryption>
+      </target>
+    </disk>
+    <disk name=3D'vdc' backup=3D'yes' type=3D'block'>
+      <driver type=3D'qcow2'/>
+      <target dev=3D'/dev/block'>
+        <encryption format=3D'luks'>
+          <secret type=3D'passphrase' usage=3D'/storage/backup/vdc'/>
+        </encryption>
+      </target>
+    </disk>
+  </disks>
+</domainbackup>
diff --git a/tests/genericxml2xmltest.c b/tests/genericxml2xmltest.c
index 501bcdb0a1..74e520522b 100644
--- a/tests/genericxml2xmltest.c
+++ b/tests/genericxml2xmltest.c
@@ -192,8 +192,11 @@ mymain(void)
     DO_TEST_BACKUP("empty");
     DO_TEST_BACKUP("backup-pull");
     DO_TEST_BACKUP("backup-pull-seclabel");
+    DO_TEST_BACKUP("backup-pull-encrypted");
     DO_TEST_BACKUP("backup-push");
     DO_TEST_BACKUP("backup-push-seclabel");
+    DO_TEST_BACKUP("backup-push-encrypted");
+

     virObjectUnref(caps);
     virObjectUnref(xmlopt);
--=20
2.26.0