This will be used first to implement luks keyslot management.
block_crypto_amend_opts_init will be used to convert
qemu-img cmdline to QCryptoBlockAmendOptions
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
---
block/crypto.c | 17 +++++++++++++++++
block/crypto.h | 3 +++
crypto/block.c | 31 +++++++++++++++++++++++++++++++
crypto/blockpriv.h | 8 ++++++++
include/crypto/block.h | 22 ++++++++++++++++++++++
qapi/crypto.json | 16 ++++++++++++++++
6 files changed, 97 insertions(+)
diff --git a/block/crypto.c b/block/crypto.c
index 24823835c1..ecf96a7a9b 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -184,6 +184,23 @@ block_crypto_create_opts_init(QDict *opts, Error **errp)
return ret;
}
+QCryptoBlockAmendOptions *
+block_crypto_amend_opts_init(QDict *opts, Error **errp)
+{
+ Visitor *v;
+ QCryptoBlockAmendOptions *ret;
+
+ v = qobject_input_visitor_new_flat_confused(opts, errp);
+ if (!v) {
+ return NULL;
+ }
+
+ visit_type_QCryptoBlockAmendOptions(v, NULL, &ret, errp);
+
+ visit_free(v);
+ return ret;
+}
+
static int block_crypto_open_generic(QCryptoBlockFormat format,
QemuOptsList *opts_spec,
diff --git a/block/crypto.h b/block/crypto.h
index b935695e79..06e044c9be 100644
--- a/block/crypto.h
+++ b/block/crypto.h
@@ -91,6 +91,9 @@
QCryptoBlockCreateOptions *
block_crypto_create_opts_init(QDict *opts, Error **errp);
+QCryptoBlockAmendOptions *
+block_crypto_amend_opts_init(QDict *opts, Error **errp);
+
QCryptoBlockOpenOptions *
block_crypto_open_opts_init(QDict *opts, Error **errp);
diff --git a/crypto/block.c b/crypto/block.c
index 325752871c..0ce67db641 100644
--- a/crypto/block.c
+++ b/crypto/block.c
@@ -115,6 +115,37 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
}
+int qcrypto_block_amend_options(QCryptoBlock *block,
+ QCryptoBlockReadFunc readfunc,
+ QCryptoBlockWriteFunc writefunc,
+ void *opaque,
+ QCryptoBlockAmendOptions *options,
+ bool force,
+ Error **errp)
+{
+ if (options->format != block->format) {
+ error_setg(errp,
+ "Cannot amend encryption format");
+ return -1;
+ }
+
+ if (!block->driver->amend) {
+ error_setg(errp,
+ "Crypto format %s doesn't support format options amendment",
+ QCryptoBlockFormat_str(block->format));
+ return -1;
+ }
+
+ return block->driver->amend(block,
+ readfunc,
+ writefunc,
+ opaque,
+ options,
+ force,
+ errp);
+}
+
+
QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
Error **errp)
{
diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
index 71c59cb542..3c7ccea504 100644
--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -62,6 +62,14 @@ struct QCryptoBlockDriver {
void *opaque,
Error **errp);
+ int (*amend)(QCryptoBlock *block,
+ QCryptoBlockReadFunc readfunc,
+ QCryptoBlockWriteFunc writefunc,
+ void *opaque,
+ QCryptoBlockAmendOptions *options,
+ bool force,
+ Error **errp);
+
int (*get_info)(QCryptoBlock *block,
QCryptoBlockInfo *info,
Error **errp);
diff --git a/include/crypto/block.h b/include/crypto/block.h
index d49d2c2da9..e4553cf33d 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -144,6 +144,28 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
void *opaque,
Error **errp);
+/**
+ * qcrypto_block_amend_options:
+ * @block: the block encryption object
+ *
+ * @readfunc: callback for reading data from the volume header
+ * @writefunc: callback for writing data to the volume header
+ * @opaque: data to pass to @readfunc and @writefunc
+ * @options: the new/amended encryption options
+ * @force: hint for the driver to allow unsafe operation
+ * @errp: error pointer
+ *
+ * Changes the crypto options of the encryption format
+ *
+ */
+int qcrypto_block_amend_options(QCryptoBlock *block,
+ QCryptoBlockReadFunc readfunc,
+ QCryptoBlockWriteFunc writefunc,
+ void *opaque,
+ QCryptoBlockAmendOptions *options,
+ bool force,
+ Error **errp);
+
/**
* qcrypto_block_get_info:
diff --git a/qapi/crypto.json b/qapi/crypto.json
index b2a4cff683..9faebd03d4 100644
--- a/qapi/crypto.json
+++ b/qapi/crypto.json
@@ -309,3 +309,19 @@
'base': 'QCryptoBlockInfoBase',
'discriminator': 'format',
'data': { 'luks': 'QCryptoBlockInfoLUKS' } }
+
+
+
+##
+# @QCryptoBlockAmendOptions:
+#
+# The options that are available for all encryption formats
+# when initializing a new volume
+#
+# Since: 5.0
+##
+{ 'union': 'QCryptoBlockAmendOptions',
+ 'base': 'QCryptoBlockOptionsBase',
+ 'discriminator': 'format',
+ 'data': {
+ } }
--
2.17.2
On Tue, Jan 14, 2020 at 09:33:38PM +0200, Maxim Levitsky wrote:
> This will be used first to implement luks keyslot management.
>
> block_crypto_amend_opts_init will be used to convert
> qemu-img cmdline to QCryptoBlockAmendOptions
>
> Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
> ---
> block/crypto.c | 17 +++++++++++++++++
> block/crypto.h | 3 +++
> crypto/block.c | 31 +++++++++++++++++++++++++++++++
> crypto/blockpriv.h | 8 ++++++++
> include/crypto/block.h | 22 ++++++++++++++++++++++
> qapi/crypto.json | 16 ++++++++++++++++
> 6 files changed, 97 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> diff --git a/qapi/crypto.json b/qapi/crypto.json
> index b2a4cff683..9faebd03d4 100644
> --- a/qapi/crypto.json
> +++ b/qapi/crypto.json
> @@ -309,3 +309,19 @@
> 'base': 'QCryptoBlockInfoBase',
> 'discriminator': 'format',
> 'data': { 'luks': 'QCryptoBlockInfoLUKS' } }
> +
> +
> +
> +##
> +# @QCryptoBlockAmendOptions:
> +#
> +# The options that are available for all encryption formats
> +# when initializing a new volume
minor point, the comment needs updating
> +#
> +# Since: 5.0
> +##
> +{ 'union': 'QCryptoBlockAmendOptions',
> + 'base': 'QCryptoBlockOptionsBase',
> + 'discriminator': 'format',
> + 'data': {
> + } }
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
On Tue, 2020-01-28 at 16:59 +0000, Daniel P. Berrangé wrote:
> On Tue, Jan 14, 2020 at 09:33:38PM +0200, Maxim Levitsky wrote:
> > This will be used first to implement luks keyslot management.
> >
> > block_crypto_amend_opts_init will be used to convert
> > qemu-img cmdline to QCryptoBlockAmendOptions
> >
> > Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
> > ---
> > block/crypto.c | 17 +++++++++++++++++
> > block/crypto.h | 3 +++
> > crypto/block.c | 31 +++++++++++++++++++++++++++++++
> > crypto/blockpriv.h | 8 ++++++++
> > include/crypto/block.h | 22 ++++++++++++++++++++++
> > qapi/crypto.json | 16 ++++++++++++++++
> > 6 files changed, 97 insertions(+)
>
> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
>
>
> > diff --git a/qapi/crypto.json b/qapi/crypto.json
> > index b2a4cff683..9faebd03d4 100644
> > --- a/qapi/crypto.json
> > +++ b/qapi/crypto.json
> > @@ -309,3 +309,19 @@
> > 'base': 'QCryptoBlockInfoBase',
> > 'discriminator': 'format',
> > 'data': { 'luks': 'QCryptoBlockInfoLUKS' } }
> > +
> > +
> > +
> > +##
> > +# @QCryptoBlockAmendOptions:
> > +#
> > +# The options that are available for all encryption formats
> > +# when initializing a new volume
>
> minor point, the comment needs updating
Done.
Thanks for the review!
Best regards,
Maxim Levitsky
>
> > +#
> > +# Since: 5.0
> > +##
> > +{ 'union': 'QCryptoBlockAmendOptions',
> > + 'base': 'QCryptoBlockOptionsBase',
> > + 'discriminator': 'format',
> > + 'data': {
> > + } }
>
> Regards,
> Daniel
© 2016 - 2026 Red Hat, Inc.