From nobody Sat Nov 23 23:32:19 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1730832120; cv=none; d=zohomail.com; s=zohoarc; b=MWT+4uDODnfdJs1AL1Px3n7YANyO5/oXCAReQYaTHxt5kd0RAYLH7OjI1UCpAtdnnW8/sJjJtShmiyY1vyOP+7EeIA9/OCZRWcT6MJ2LfR9PCnFUII2PSb7/rE66J+igvoFw0p48MgGtyBa3A8NIUPEbh/28/yKSC4Yk1YetPA4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1730832120; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=o/LngSMQlJeEYpc3eJyLSfuVRMc1wQAlW1XQw4yN1t0=; b=beGcUkKjrg5I/5f8570k2IkoUQT3Ok2HMmW3GsTF49KixkT1JiDxA/gM7AYQoslbDQiJ4Xc2LuLHLU7eHIns9LWYLsquylqH5c2dHO+qVUiuTULQJi+aIs2f8+gSQmlio24JtigoGJbtiLJwDQsiV1i8P8kl32k6pqE9Ky+TlQk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1730832120957982.8680617706004; Tue, 5 Nov 2024 10:42:00 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1t8OUm-0001Xu-QT; Tue, 05 Nov 2024 13:41:40 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t8OUa-0001Ur-Qi for qemu-devel@nongnu.org; Tue, 05 Nov 2024 13:41:29 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t8OUX-0008GI-Sf for qemu-devel@nongnu.org; Tue, 05 Nov 2024 13:41:28 -0500 Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-414-mUbLf23NNPOft8AIPj_kWg-1; Tue, 05 Nov 2024 13:41:23 -0500 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 7313D1955D45; Tue, 5 Nov 2024 18:41:22 +0000 (UTC) Received: from toolbox.redhat.com (unknown [10.42.28.52]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 3DC6619560A7; Tue, 5 Nov 2024 18:41:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1730832085; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=o/LngSMQlJeEYpc3eJyLSfuVRMc1wQAlW1XQw4yN1t0=; b=glUdU5K7542pRsypS9hB9OW/VlAPENSyGdUL57j1ERwkNDC32sSbB8/S/e9l9Kxd6Lsa9y LQI2ebfc6YpzvSiv/DIvLjlRF02COjCdcZT91JUTF2goo6Wr+7yAfXAGDbTASLJaKV1ivP 2MLu/B/o70AZzaTAa2h0K59i/gRApe8= X-MC-Unique: mUbLf23NNPOft8AIPj_kWg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: Eric Blake , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , Paolo Bonzini , Markus Armbruster Subject: [PULL 1/4] crypto: purge 'loaded' property that was not fully removed Date: Tue, 5 Nov 2024 18:41:12 +0000 Message-ID: <20241105184115.381511-2-berrange@redhat.com> In-Reply-To: <20241105184115.381511-1-berrange@redhat.com> References: <20241105184115.381511-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -23 X-Spam_score: -2.4 X-Spam_bar: -- X-Spam_report: (-2.4 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.34, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1730832122541116600 The 'loaded' property on TLS creds and secret objects was marked as deprecated in 6.0.0. In 7.1.0 the deprecation info was moved into the 'removed-features.rst' file, but the property was not actually removed, just made read-only. This was a highly unusual practice, so finish the long overdue removal job. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Markus Armbruster Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/secret_common.c | 12 -------- crypto/tlscredsanon.c | 35 ---------------------- crypto/tlscredspsk.c | 34 ---------------------- crypto/tlscredsx509.c | 30 ------------------- docs/about/removed-features.rst | 6 ++-- qapi/crypto.json | 51 +++------------------------------ 6 files changed, 7 insertions(+), 161 deletions(-) diff --git a/crypto/secret_common.c b/crypto/secret_common.c index 2c141107a5..dbda998940 100644 --- a/crypto/secret_common.c +++ b/crypto/secret_common.c @@ -191,15 +191,6 @@ qcrypto_secret_complete(UserCreatable *uc, Error **err= p) } =20 =20 -static bool -qcrypto_secret_prop_get_loaded(Object *obj, - Error **errp G_GNUC_UNUSED) -{ - QCryptoSecretCommon *secret =3D QCRYPTO_SECRET_COMMON(obj); - return secret->rawdata !=3D NULL; -} - - static void qcrypto_secret_prop_set_format(Object *obj, int value, @@ -278,9 +269,6 @@ qcrypto_secret_class_init(ObjectClass *oc, void *data) =20 ucc->complete =3D qcrypto_secret_complete; =20 - object_class_property_add_bool(oc, "loaded", - qcrypto_secret_prop_get_loaded, - NULL); object_class_property_add_enum(oc, "format", "QCryptoSecretFormat", &QCryptoSecretFormat_lookup, diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c index c0d23a0ef3..476cf89c96 100644 --- a/crypto/tlscredsanon.c +++ b/crypto/tlscredsanon.c @@ -127,37 +127,6 @@ qcrypto_tls_creds_anon_complete(UserCreatable *uc, Err= or **errp) } =20 =20 -#ifdef CONFIG_GNUTLS - - -static bool -qcrypto_tls_creds_anon_prop_get_loaded(Object *obj, - Error **errp G_GNUC_UNUSED) -{ - QCryptoTLSCredsAnon *creds =3D QCRYPTO_TLS_CREDS_ANON(obj); - - if (creds->parent_obj.endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVE= R) { - return creds->data.server !=3D NULL; - } else { - return creds->data.client !=3D NULL; - } -} - - -#else /* ! CONFIG_GNUTLS */ - - -static bool -qcrypto_tls_creds_anon_prop_get_loaded(Object *obj G_GNUC_UNUSED, - Error **errp G_GNUC_UNUSED) -{ - return false; -} - - -#endif /* ! CONFIG_GNUTLS */ - - static void qcrypto_tls_creds_anon_finalize(Object *obj) { @@ -173,10 +142,6 @@ qcrypto_tls_creds_anon_class_init(ObjectClass *oc, voi= d *data) UserCreatableClass *ucc =3D USER_CREATABLE_CLASS(oc); =20 ucc->complete =3D qcrypto_tls_creds_anon_complete; - - object_class_property_add_bool(oc, "loaded", - qcrypto_tls_creds_anon_prop_get_loaded, - NULL); } =20 =20 diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c index 0d6b71a37c..aa270d7988 100644 --- a/crypto/tlscredspsk.c +++ b/crypto/tlscredspsk.c @@ -206,37 +206,6 @@ qcrypto_tls_creds_psk_complete(UserCreatable *uc, Erro= r **errp) } =20 =20 -#ifdef CONFIG_GNUTLS - - -static bool -qcrypto_tls_creds_psk_prop_get_loaded(Object *obj, - Error **errp G_GNUC_UNUSED) -{ - QCryptoTLSCredsPSK *creds =3D QCRYPTO_TLS_CREDS_PSK(obj); - - if (creds->parent_obj.endpoint =3D=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVE= R) { - return creds->data.server !=3D NULL; - } else { - return creds->data.client !=3D NULL; - } -} - - -#else /* ! CONFIG_GNUTLS */ - - -static bool -qcrypto_tls_creds_psk_prop_get_loaded(Object *obj G_GNUC_UNUSED, - Error **errp G_GNUC_UNUSED) -{ - return false; -} - - -#endif /* ! CONFIG_GNUTLS */ - - static void qcrypto_tls_creds_psk_finalize(Object *obj) { @@ -273,9 +242,6 @@ qcrypto_tls_creds_psk_class_init(ObjectClass *oc, void = *data) =20 ucc->complete =3D qcrypto_tls_creds_psk_complete; =20 - object_class_property_add_bool(oc, "loaded", - qcrypto_tls_creds_psk_prop_get_loaded, - NULL); object_class_property_add_str(oc, "username", qcrypto_tls_creds_psk_prop_get_username, qcrypto_tls_creds_psk_prop_set_username); diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c index d14313925d..24ec584922 100644 --- a/crypto/tlscredsx509.c +++ b/crypto/tlscredsx509.c @@ -695,33 +695,6 @@ qcrypto_tls_creds_x509_complete(UserCreatable *uc, Err= or **errp) } =20 =20 -#ifdef CONFIG_GNUTLS - - -static bool -qcrypto_tls_creds_x509_prop_get_loaded(Object *obj, - Error **errp G_GNUC_UNUSED) -{ - QCryptoTLSCredsX509 *creds =3D QCRYPTO_TLS_CREDS_X509(obj); - - return creds->data !=3D NULL; -} - - -#else /* ! CONFIG_GNUTLS */ - - -static bool -qcrypto_tls_creds_x509_prop_get_loaded(Object *obj G_GNUC_UNUSED, - Error **errp G_GNUC_UNUSED) -{ - return false; -} - - -#endif /* ! CONFIG_GNUTLS */ - - static void qcrypto_tls_creds_x509_prop_set_sanity(Object *obj, bool value, @@ -838,9 +811,6 @@ qcrypto_tls_creds_x509_class_init(ObjectClass *oc, void= *data) =20 ucc->complete =3D qcrypto_tls_creds_x509_complete; =20 - object_class_property_add_bool(oc, "loaded", - qcrypto_tls_creds_x509_prop_get_loaded, - NULL); object_class_property_add_bool(oc, "sanity-check", qcrypto_tls_creds_x509_prop_get_sanity, qcrypto_tls_creds_x509_prop_set_sanity); diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.= rst index 912e0a1fcf..ee6455aeee 100644 --- a/docs/about/removed-features.rst +++ b/docs/about/removed-features.rst @@ -355,13 +355,13 @@ The ``-writeconfig`` option was not able to serialize= the entire contents of the QEMU command line. It is thus considered a failed experiment and removed without a replacement. =20 -``loaded`` property of ``secret`` and ``secret_keyring`` objects (removed = in 7.1) -''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''= ''''''' +``loaded`` property of secret and TLS credential objects (removed in 9.2) +''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' =20 The ``loaded=3Don`` option in the command line or QMP ``object-add`` eithe= r had no effect (if ``loaded`` was the last option) or caused options to be effectively ignored as if they were not given. The property is therefore -useless and should simply be removed. +useless and has been removed. =20 ``opened`` property of ``rng-*`` objects (removed in 7.1) ''''''''''''''''''''''''''''''''''''''''''''''''''''''''' diff --git a/qapi/crypto.json b/qapi/crypto.json index 9431522768..7c30df9e31 100644 --- a/qapi/crypto.json +++ b/qapi/crypto.json @@ -419,11 +419,6 @@ # # Properties for objects of classes derived from secret-common. # -# @loaded: if true, the secret is loaded immediately when applying -# this option and will probably fail when processing the next -# option. Don't use; only provided for compatibility. -# (default: false) -# # @format: the data format that the secret is provided in # (default: raw) # @@ -436,16 +431,10 @@ # 16-byte IV. Mandatory if @keyid is given. Ignored if @keyid is # absent. # -# Features: -# -# @deprecated: Member @loaded is deprecated. Setting true doesn't -# make sense, and false is already the default. -# # Since: 2.6 ## { 'struct': 'SecretCommonProperties', - 'data': { '*loaded': { 'type': 'bool', 'features': ['deprecated'] }, - '*format': 'QCryptoSecretFormat', + 'data': { '*format': 'QCryptoSecretFormat', '*keyid': 'str', '*iv': 'str' } } =20 @@ -512,58 +501,32 @@ # # Properties for tls-creds-anon objects. # -# @loaded: if true, the credentials are loaded immediately when -# applying this option and will ignore options that are processed -# later. Don't use; only provided for compatibility. -# (default: false) -# -# Features: -# -# @deprecated: Member @loaded is deprecated. Setting true doesn't -# make sense, and false is already the default. -# # Since: 2.5 ## { 'struct': 'TlsCredsAnonProperties', 'base': 'TlsCredsProperties', - 'data': { '*loaded': { 'type': 'bool', 'features': ['deprecated'] } } } + 'data': { } } =20 ## # @TlsCredsPskProperties: # # Properties for tls-creds-psk objects. # -# @loaded: if true, the credentials are loaded immediately when -# applying this option and will ignore options that are processed -# later. Don't use; only provided for compatibility. -# (default: false) -# # @username: the username which will be sent to the server. For # clients only. If absent, "qemu" is sent and the property will # read back as an empty string. # -# Features: -# -# @deprecated: Member @loaded is deprecated. Setting true doesn't -# make sense, and false is already the default. -# # Since: 3.0 ## { 'struct': 'TlsCredsPskProperties', 'base': 'TlsCredsProperties', - 'data': { '*loaded': { 'type': 'bool', 'features': ['deprecated'] }, - '*username': 'str' } } + 'data': { '*username': 'str' } } =20 ## # @TlsCredsX509Properties: # # Properties for tls-creds-x509 objects. # -# @loaded: if true, the credentials are loaded immediately when -# applying this option and will ignore options that are processed -# later. Don't use; only provided for compatibility. -# (default: false) -# # @sanity-check: if true, perform some sanity checks before using the # credentials (default: true) # @@ -573,17 +536,11 @@ # provides the ID of a previously created secret object containing # the password for decryption. # -# Features: -# -# @deprecated: Member @loaded is deprecated. Setting true doesn't -# make sense, and false is already the default. -# # Since: 2.5 ## { 'struct': 'TlsCredsX509Properties', 'base': 'TlsCredsProperties', - 'data': { '*loaded': { 'type': 'bool', 'features': ['deprecated'] }, - '*sanity-check': 'bool', + 'data': { '*sanity-check': 'bool', '*passwordid': 'str' } } ## # @QCryptoAkCipherAlgo: --=20 2.46.0