From nobody Mon Feb 9 01:20:53 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1487678597300715.7114817964612; Tue, 21 Feb 2017 04:03:17 -0800 (PST) Received: from localhost ([::1]:43939 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cg9A2-0003lp-MW for importer@patchew.org; Tue, 21 Feb 2017 07:03:14 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:37860) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cg92b-00053i-Ux for qemu-devel@nongnu.org; Tue, 21 Feb 2017 06:55:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cg92a-00057C-Fi for qemu-devel@nongnu.org; Tue, 21 Feb 2017 06:55:34 -0500 Received: from mx1.redhat.com ([209.132.183.28]:24298) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cg92W-00055n-Rv; Tue, 21 Feb 2017 06:55:29 -0500 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E426E61B92; Tue, 21 Feb 2017 11:55:28 +0000 (UTC) Received: from t460.redhat.com (ovpn-117-196.ams2.redhat.com [10.36.117.196]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1LBtLjC032624; Tue, 21 Feb 2017 06:55:26 -0500 From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Tue, 21 Feb 2017 11:54:56 +0000 Message-Id: <20170221115512.21918-3-berrange@redhat.com> In-Reply-To: <20170221115512.21918-1-berrange@redhat.com> References: <20170221115512.21918-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 21 Feb 2017 11:55:28 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v5 02/18] block: add ability to set a prefix for opt names X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Alberto Garcia , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When integrating the crypto support with qcow/qcow2, we don't want to use the bare LUKS option names "hash-alg", "key-secret", etc. We want to namespace them "luks-hash-alg", "luks-key-secret" so that they don't clash with any general qcow options at a later date. Reviewed-by: Max Reitz Reviewed-by: Alberto Garcia Signed-off-by: Daniel P. Berrange --- block/crypto.c | 111 +++++++++++++++++++++++++++++++++++++++++++++++++----= ---- block/crypto.h | 42 +++++++++++----------- 2 files changed, 119 insertions(+), 34 deletions(-) diff --git a/block/crypto.c b/block/crypto.c index d281de6..876eabc 100644 --- a/block/crypto.c +++ b/block/crypto.c @@ -27,6 +27,7 @@ #include "qapi-visit.h" #include "qapi/error.h" #include "block/crypto.h" +#include "qemu/cutils.h" =20 typedef struct BlockCrypto BlockCrypto; =20 @@ -128,7 +129,7 @@ static QemuOptsList block_crypto_runtime_opts_luks =3D { .name =3D "crypto", .head =3D QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head), .desc =3D { - BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET, + BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""), { /* end of list */ } }, }; @@ -143,31 +144,101 @@ static QemuOptsList block_crypto_create_opts_luks = =3D { .type =3D QEMU_OPT_SIZE, .help =3D "Virtual disk size" }, - BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET, - BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG, - BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE, - BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG, - BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG, - BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG, - BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME, + BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""), + BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(""), + BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(""), + BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(""), + BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(""), + BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(""), + BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""), { /* end of list */ } }, }; =20 +static QemuOptsList empty_opts =3D { + .name =3D "crypto-empty", + .merge_lists =3D false, + .head =3D QTAILQ_HEAD_INITIALIZER(empty_opts.head), + .desc =3D { + /* no elements =3D> accept any params */ + { /* end of list */ } + }, +}; + + +struct BlockCryptoCopyData { + QemuOpts *opts; + const char *prefix; +}; + +static int block_crypto_copy_value(void *opaque, const char *name, + const char *value, Error **errp) +{ + struct BlockCryptoCopyData *data =3D opaque; + const char *newname; + + if (strstart(name, data->prefix, &newname)) { + Error *local_err =3D NULL; + + qemu_opt_set(data->opts, newname, value, &local_err); + if (local_err) { + error_propagate(errp, local_err); + return -1; + } + } + + return 0; +} + +/* + * Create a copy of @opts containing only the fields with + * a prefix of @prefix, stripping the prefix in the returned + * opts + */ +static QemuOpts * +block_crypto_copy_opts(QemuOpts *opts, + const char *prefix, + Error **errp) +{ + struct BlockCryptoCopyData data =3D { + .opts =3D qemu_opts_create(&empty_opts, NULL, false, errp), + .prefix =3D prefix + }; + if (!data.opts) { + return NULL; + } + + if (qemu_opt_foreach(opts, block_crypto_copy_value, &data, errp) < 0) { + qemu_opts_del(data.opts); + return NULL; + } + + return data.opts; +} =20 QCryptoBlockOpenOptions * block_crypto_open_opts_init(QCryptoBlockFormat format, QemuOpts *opts, + const char *prefix, Error **errp) { - Visitor *v; + Visitor *v =3D NULL; QCryptoBlockOpenOptions *ret =3D NULL; Error *local_err =3D NULL; + QemuOpts *newopts =3D NULL; =20 ret =3D g_new0(QCryptoBlockOpenOptions, 1); ret->format =3D format; =20 - v =3D opts_visitor_new(opts); + if (prefix !=3D NULL) { + newopts =3D block_crypto_copy_opts(opts, prefix, &local_err); + if (local_err) { + goto out; + } + v =3D opts_visitor_new(newopts); + } else { + v =3D opts_visitor_new(opts); + } =20 visit_start_struct(v, NULL, NULL, 0, &local_err); if (local_err) { @@ -196,6 +267,7 @@ block_crypto_open_opts_init(QCryptoBlockFormat format, qapi_free_QCryptoBlockOpenOptions(ret); ret =3D NULL; } + qemu_opts_del(newopts); visit_free(v); return ret; } @@ -204,16 +276,26 @@ block_crypto_open_opts_init(QCryptoBlockFormat format, QCryptoBlockCreateOptions * block_crypto_create_opts_init(QCryptoBlockFormat format, QemuOpts *opts, + const char *prefix, Error **errp) { - Visitor *v; + Visitor *v =3D NULL; QCryptoBlockCreateOptions *ret =3D NULL; Error *local_err =3D NULL; + QemuOpts *newopts =3D NULL; =20 ret =3D g_new0(QCryptoBlockCreateOptions, 1); ret->format =3D format; =20 - v =3D opts_visitor_new(opts); + if (prefix !=3D NULL) { + newopts =3D block_crypto_copy_opts(opts, prefix, &local_err); + if (local_err) { + goto out; + } + v =3D opts_visitor_new(newopts); + } else { + v =3D opts_visitor_new(opts); + } =20 visit_start_struct(v, NULL, NULL, 0, &local_err); if (local_err) { @@ -242,6 +324,7 @@ block_crypto_create_opts_init(QCryptoBlockFormat format, qapi_free_QCryptoBlockCreateOptions(ret); ret =3D NULL; } + qemu_opts_del(newopts); visit_free(v); return ret; } @@ -268,7 +351,7 @@ static int block_crypto_open_generic(QCryptoBlockFormat= format, goto cleanup; } =20 - open_opts =3D block_crypto_open_opts_init(format, opts, errp); + open_opts =3D block_crypto_open_opts_init(format, opts, NULL, errp); if (!open_opts) { goto cleanup; } @@ -312,7 +395,7 @@ static int block_crypto_create_generic(QCryptoBlockForm= at format, .filename =3D filename, }; =20 - create_opts =3D block_crypto_create_opts_init(format, opts, errp); + create_opts =3D block_crypto_create_opts_init(format, opts, NULL, errp= ); if (!create_opts) { return -1; } diff --git a/block/crypto.h b/block/crypto.h index e42f20e..e70e2f0 100644 --- a/block/crypto.h +++ b/block/crypto.h @@ -29,51 +29,51 @@ #define BLOCK_CRYPTO_OPT_LUKS_HASH_ALG "hash-alg" #define BLOCK_CRYPTO_OPT_LUKS_ITER_TIME "iter-time" =20 -#define BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET \ +#define BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(prefix) \ { \ - .name =3D BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET, \ + .name =3D prefix BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET, \ .type =3D QEMU_OPT_STRING, \ .help =3D "ID of the secret that provides the keyslot passphrase",= \ } =20 -#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG \ +#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(prefix) \ { \ - .name =3D BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG, \ + .name =3D prefix BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG, \ .type =3D QEMU_OPT_STRING, \ .help =3D "Name of encryption cipher algorithm", \ } =20 -#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE \ - { \ - .name =3D BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE, \ - .type =3D QEMU_OPT_STRING, \ - .help =3D "Name of encryption cipher mode", \ +#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(prefix) \ + { \ + .name =3D prefix BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE, \ + .type =3D QEMU_OPT_STRING, \ + .help =3D "Name of encryption cipher mode", \ } =20 -#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG \ - { \ - .name =3D BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG, \ - .type =3D QEMU_OPT_STRING, \ - .help =3D "Name of IV generator algorithm", \ +#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(prefix) \ + { \ + .name =3D prefix BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG, \ + .type =3D QEMU_OPT_STRING, \ + .help =3D "Name of IV generator algorithm", \ } =20 -#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG \ +#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(prefix) \ { \ - .name =3D BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG, \ + .name =3D prefix BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG, \ .type =3D QEMU_OPT_STRING, \ .help =3D "Name of IV generator hash algorithm", \ } =20 -#define BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG \ +#define BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(prefix) \ { \ - .name =3D BLOCK_CRYPTO_OPT_LUKS_HASH_ALG, \ + .name =3D prefix BLOCK_CRYPTO_OPT_LUKS_HASH_ALG, \ .type =3D QEMU_OPT_STRING, \ .help =3D "Name of encryption hash algorithm", \ } =20 -#define BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME \ +#define BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(prefix) \ { \ - .name =3D BLOCK_CRYPTO_OPT_LUKS_ITER_TIME, \ + .name =3D prefix BLOCK_CRYPTO_OPT_LUKS_ITER_TIME, \ .type =3D QEMU_OPT_NUMBER, \ .help =3D "Time to spend in PBKDF in milliseconds", \ } @@ -81,11 +81,13 @@ QCryptoBlockCreateOptions * block_crypto_create_opts_init(QCryptoBlockFormat format, QemuOpts *opts, + const char *prefix, Error **errp); =20 QCryptoBlockOpenOptions * block_crypto_open_opts_init(QCryptoBlockFormat format, QemuOpts *opts, + const char *prefix, Error **errp); =20 #endif /* BLOCK_CRYPTO_H__ */ --=20 2.9.3