External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-27 23:15:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

storage: Add specific check for LUKS encryption support

Browse Source 
Modify virStorageBackendLogicalLVCreate to ensure if encryption
is requested that only type LUKS is supported; otherwise, error.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
This commit is contained in:
John Ferlan 2018-05-29 11:01:15 -04:00
parent f785aa6c2b
commit 9b837963c5
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/storage/storage_backend_logical.c
View File

@ -938,6 +938,13 @@ virStorageBackendLogicalLVCreate(virStorageVolDefPtr vol,
unsigned long long capacity = vol->target.capacity; unsigned long long capacity = vol->target.capacity;
virCommandPtr cmd = NULL; virCommandPtr cmd = NULL;
if (vol->target.encryption &&
vol->target.encryption->format != VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("storage pool only supports LUKS encrypted volumes"));
return -1;
}
cmd = virCommandNewArgList(LVCREATE, cmd = virCommandNewArgList(LVCREATE,
"--name", vol->name, "--name", vol->name,
NULL); NULL);
@ -953,8 +960,7 @@ virStorageBackendLogicalLVCreate(virStorageVolDefPtr vol,
/* If we're going to encrypt using LUKS, then we could need up to /* If we're going to encrypt using LUKS, then we could need up to
* an extra 2MB for the LUKS header - so account for that now */ * an extra 2MB for the LUKS header - so account for that now */
if (vol->target.encryption && if (vol->target.encryption)
vol->target.encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS)
capacity += 2 * 1024 * 1024; capacity += 2 * 1024 * 1024;
virCommandAddArgFormat(cmd, "%lluK", VIR_DIV_UP(capacity, 1024)); virCommandAddArgFormat(cmd, "%lluK", VIR_DIV_UP(capacity, 1024));