External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-03 11:35:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: add multi-secret support in qemuBlockStorageSourceAttachData

Browse Source 
This commit changes the qemuBlockStorageSourceAttachData struct
to support multiple secrets (instead of a single one before this commit).
This will useful for storage encryption requiring more than a single secret.

Signed-off-by: Or Ozeri <oro@il.ibm.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
Or Ozeri 2023-03-13 04:50:19 -05:00 committed by Peter Krempa
parent e239f7d0a8
commit 5c84e6fcdd
4 changed files with 47 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/qemu/qemu_block.c
View File

@ -1311,6 +1311,7 @@ qemuBlockStorageSourceGetBlockdevStorageSliceProps(virStorageSource *src)
void void
qemuBlockStorageSourceAttachDataFree(qemuBlockStorageSourceAttachData *data) qemuBlockStorageSourceAttachDataFree(qemuBlockStorageSourceAttachData *data)
{ {
size_t i;
if (!data) if (!data)
return; return;
@ -1320,12 +1321,16 @@ qemuBlockStorageSourceAttachDataFree(qemuBlockStorageSourceAttachData *data)
virJSONValueFree(data->prmgrProps); virJSONValueFree(data->prmgrProps);
virJSONValueFree(data->authsecretProps); virJSONValueFree(data->authsecretProps);
virJSONValueFree(data->httpcookiesecretProps); virJSONValueFree(data->httpcookiesecretProps);
virJSONValueFree(data->encryptsecretProps); for (i = 0; i < data->encryptsecretCount; ++i) {
virJSONValueFree(data->encryptsecretProps[i]);
g_free(data->encryptsecretAlias[i]);
}
virJSONValueFree(data->tlsProps); virJSONValueFree(data->tlsProps);
virJSONValueFree(data->tlsKeySecretProps); virJSONValueFree(data->tlsKeySecretProps);
g_free(data->tlsAlias); g_free(data->tlsAlias);
g_free(data->tlsKeySecretAlias); g_free(data->tlsKeySecretAlias);
g_free(data->authsecretAlias); g_free(data->authsecretAlias);
g_free(data->encryptsecretProps);
g_free(data->encryptsecretAlias); g_free(data->encryptsecretAlias);
g_free(data->httpcookiesecretAlias); g_free(data->httpcookiesecretAlias);
g_free(data->driveCmd); g_free(data->driveCmd);
@ -1436,10 +1441,12 @@ static int
qemuBlockStorageSourceAttachApplyFormatDeps(qemuMonitor *mon, qemuBlockStorageSourceAttachApplyFormatDeps(qemuMonitor *mon,
qemuBlockStorageSourceAttachData *data) qemuBlockStorageSourceAttachData *data)
{ {
if (data->encryptsecretProps && size_t i;
qemuMonitorAddObject(mon, &data->encryptsecretProps, for (i = 0; i < data->encryptsecretCount; ++i) {
&data->encryptsecretAlias) < 0) if (qemuMonitorAddObject(mon, &data->encryptsecretProps[i],
&data->encryptsecretAlias[i]) < 0)
return -1; return -1;
}
return 0; return 0;
} }
@ -1525,6 +1532,7 @@ qemuBlockStorageSourceAttachRollback(qemuMonitor *mon,
qemuBlockStorageSourceAttachData *data) qemuBlockStorageSourceAttachData *data)
{ {
virErrorPtr orig_err; virErrorPtr orig_err;
size_t i;
virErrorPreserveLast(&orig_err); virErrorPreserveLast(&orig_err);
@ -1550,8 +1558,10 @@ qemuBlockStorageSourceAttachRollback(qemuMonitor *mon,
if (data->authsecretAlias) if (data->authsecretAlias)
ignore_value(qemuMonitorDelObject(mon, data->authsecretAlias, false)); ignore_value(qemuMonitorDelObject(mon, data->authsecretAlias, false));
if (data->encryptsecretAlias) for (i = 0; i < data->encryptsecretCount; ++i) {
ignore_value(qemuMonitorDelObject(mon, data->encryptsecretAlias, false)); if (data->encryptsecretAlias[i])
ignore_value(qemuMonitorDelObject(mon, data->encryptsecretAlias[i], false));
}
if (data->httpcookiesecretAlias) if (data->httpcookiesecretAlias)
ignore_value(qemuMonitorDelObject(mon, data->httpcookiesecretAlias, false)); ignore_value(qemuMonitorDelObject(mon, data->httpcookiesecretAlias, false));
@ -1606,8 +1616,12 @@ qemuBlockStorageSourceDetachPrepare(virStorageSource *src)
if (srcpriv->secinfo) if (srcpriv->secinfo)
data->authsecretAlias = g_strdup(srcpriv->secinfo->alias); data->authsecretAlias = g_strdup(srcpriv->secinfo->alias);
if (srcpriv->encinfo) if (srcpriv->encinfo) {
data->encryptsecretAlias = g_strdup(srcpriv->encinfo->alias); data->encryptsecretCount = 1;
data->encryptsecretProps = g_new0(virJSONValue *, 1);
data->encryptsecretAlias = g_new0(char *, 1);
data->encryptsecretAlias[0] = g_strdup(srcpriv->encinfo->alias);
}
if (srcpriv->httpcookie) if (srcpriv->httpcookie)
data->httpcookiesecretAlias = g_strdup(srcpriv->httpcookie->alias); data->httpcookiesecretAlias = g_strdup(srcpriv->httpcookie->alias);

5
src/qemu/qemu_block.h
View File

@ -89,8 +89,9 @@ struct qemuBlockStorageSourceAttachData {
virJSONValue *authsecretProps; virJSONValue *authsecretProps;
char *authsecretAlias; char *authsecretAlias;
virJSONValue *encryptsecretProps; size_t encryptsecretCount;
char *encryptsecretAlias; virJSONValue **encryptsecretProps;
char **encryptsecretAlias;
virJSONValue *httpcookiesecretProps; virJSONValue *httpcookiesecretProps;
char *httpcookiesecretAlias; char *httpcookiesecretAlias;

6
src/qemu/qemu_blockjob.c
View File

@ -1336,9 +1336,15 @@ qemuBlockJobProcessEventConcludedCreate(virQEMUDriver *driver,
/* the format node part was not attached yet, so we don't need to detach it */ /* the format node part was not attached yet, so we don't need to detach it */
backend->formatAttached = false; backend->formatAttached = false;
if (job->data.create.storage) { if (job->data.create.storage) {
size_t i;
backend->storageAttached = false; backend->storageAttached = false;
backend->storageSliceAttached = false; backend->storageSliceAttached = false;
for (i = 0; i < backend->encryptsecretCount; ++i) {
VIR_FREE(backend->encryptsecretAlias[i]);
}
VIR_FREE(backend->encryptsecretAlias); VIR_FREE(backend->encryptsecretAlias);
VIR_FREE(backend->encryptsecretProps);
} }
if (qemuDomainObjEnterMonitorAsync(vm, asyncJob) < 0) if (qemuDomainObjEnterMonitorAsync(vm, asyncJob) < 0)

17
src/qemu/qemu_command.c
View File

@ -2108,15 +2108,21 @@ qemuBuildBlockStorageSourceAttachDataCommandline(virCommand *cmd,
virQEMUCaps *qemuCaps) virQEMUCaps *qemuCaps)
{ {
char *tmp; char *tmp;
size_t i;
if (qemuBuildObjectCommandline(cmd, data->prmgrProps, qemuCaps) < 0 || if (qemuBuildObjectCommandline(cmd, data->prmgrProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->authsecretProps, qemuCaps) < 0 || qemuBuildObjectCommandline(cmd, data->authsecretProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->encryptsecretProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->httpcookiesecretProps, qemuCaps) < 0 || qemuBuildObjectCommandline(cmd, data->httpcookiesecretProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->tlsKeySecretProps, qemuCaps) < 0 || qemuBuildObjectCommandline(cmd, data->tlsKeySecretProps, qemuCaps) < 0 ||
qemuBuildObjectCommandline(cmd, data->tlsProps, qemuCaps) < 0) qemuBuildObjectCommandline(cmd, data->tlsProps, qemuCaps) < 0)
return -1; return -1;
for (i = 0; i < data->encryptsecretCount; ++i) {
if (qemuBuildObjectCommandline(cmd, data->encryptsecretProps[i], qemuCaps) < 0) {
return -1;
}
}
if (data->driveCmd) if (data->driveCmd)
virCommandAddArgList(cmd, "-drive", data->driveCmd, NULL); virCommandAddArgList(cmd, "-drive", data->driveCmd, NULL);
@ -10770,9 +10776,14 @@ qemuBuildStorageSourceAttachPrepareCommon(virStorageSource *src,
qemuBuildSecretInfoProps(srcpriv->secinfo, &data->authsecretProps) < 0) qemuBuildSecretInfoProps(srcpriv->secinfo, &data->authsecretProps) < 0)
return -1; return -1;
if (srcpriv->encinfo && if (srcpriv->encinfo) {
qemuBuildSecretInfoProps(srcpriv->encinfo, &data->encryptsecretProps) < 0) data->encryptsecretCount = 1;
data->encryptsecretProps = g_new0(virJSONValue *, 1);
data->encryptsecretAlias = g_new0(char *, 1);
if (qemuBuildSecretInfoProps(srcpriv->encinfo, &data->encryptsecretProps[0]) < 0)
return -1; return -1;
}
if (srcpriv->httpcookie && if (srcpriv->httpcookie &&
qemuBuildSecretInfoProps(srcpriv->httpcookie, &data->httpcookiesecretProps) < 0) qemuBuildSecretInfoProps(srcpriv->httpcookie, &data->httpcookiesecretProps) < 0)