External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-04-01 20:05:19 +00:00
Code

qemu: Introduce qemuDomainSecretInfoNew

Browse Source 
Create a helper which will create the secinfo used for disks, hostdevs,
and chardevs.

Signed-off-by: John Ferlan <jferlan@redhat.com>
This commit is contained in:
John Ferlan 2017-02-20 15:04:58 -05:00
parent 0de1066fb9
commit c9a7b7b6ea
1 changed files with 72 additions and 67 deletions

139
src/qemu/qemu_domain.c

@ -1112,6 +1112,52 @@ qemuDomainSecretSetup(virConnectPtr conn,
}
/* qemuDomainSecretInfoNew:
* @conn: Pointer to connection
* @priv: pointer to domain private object
* @srcAlias: Alias base to use for TLS object
* @usageType: Secret usage type
* @username: username for plain secrets (only)
* @looupdef: lookup def describing secret
* @isLuks: boolean for luks lookup
*
* Helper function to create a secinfo to be used for secinfo consumers
*
* Returns @secinfo on success, NULL on failure. Caller is responsible
* to eventually free @secinfo.
*/
static qemuDomainSecretInfoPtr
qemuDomainSecretInfoNew(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
const char *srcAlias,
virSecretUsageType usageType,
const char *username,
virSecretLookupTypeDefPtr lookupDef,
bool isLuks)
{
qemuDomainSecretInfoPtr secinfo = NULL;
if (VIR_ALLOC(secinfo) < 0)
return NULL;
if (qemuDomainSecretSetup(conn, priv, secinfo, srcAlias, usageType,
username, lookupDef, isLuks) < 0)
goto error;
if (!username && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("encrypted secrets are not supported"));
goto error;
}
return secinfo;
error:
qemuDomainSecretInfoFree(&secinfo);
return NULL;
}
/* qemuDomainSecretDiskDestroy:
* @disk: Pointer to a disk definition
*
@ -1171,51 +1217,30 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn,
{
virStorageSourcePtr src = disk->src;
qemuDomainDiskPrivatePtr diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
qemuDomainSecretInfoPtr secinfo = NULL;
if (qemuDomainSecretDiskCapable(src)) {
virSecretUsageType secretUsageType = VIR_SECRET_USAGE_TYPE_ISCSI;
if (VIR_ALLOC(secinfo) < 0)
return -1;
if (src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD)
secretUsageType = VIR_SECRET_USAGE_TYPE_CEPH;
if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias,
secretUsageType, src->auth->username,
&src->auth->seclookupdef, false) < 0)
goto error;
diskPriv->secinfo = secinfo;
if (!(diskPriv->secinfo =
qemuDomainSecretInfoNew(conn, priv, disk->info.alias,
secretUsageType, src->auth->username,
&src->auth->seclookupdef, false)))
return -1;
}
if (qemuDomainDiskHasEncryptionSecret(src)) {
if (VIR_ALLOC(secinfo) < 0)
return -1;
if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias,
VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
&src->encryption->secrets[0]->seclookupdef,
true) < 0)
goto error;
if (secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("luks encryption requires encrypted secrets "
"to be supported"));
goto error;
}
diskPriv->encinfo = secinfo;
if (!(diskPriv->encinfo =
qemuDomainSecretInfoNew(conn, priv, disk->info.alias,
VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
&src->encryption->secrets[0]->seclookupdef,
true)))
return -1;
}
return 0;
error:
qemuDomainSecretInfoFree(&secinfo);
return -1;
}
@ -1251,8 +1276,6 @@ qemuDomainSecretHostdevPrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
virDomainHostdevDefPtr hostdev)
{
qemuDomainSecretInfoPtr secinfo = NULL;
if (virHostdevIsSCSIDevice(hostdev)) {
virDomainHostdevSubsysSCSIPtr scsisrc = &hostdev->source.subsys.u.scsi;
virDomainHostdevSubsysSCSIiSCSIPtr iscsisrc = &scsisrc->u.iscsi;
@ -1263,24 +1286,17 @@ qemuDomainSecretHostdevPrepare(virConnectPtr conn,
qemuDomainHostdevPrivatePtr hostdevPriv =
QEMU_DOMAIN_HOSTDEV_PRIVATE(hostdev);
if (VIR_ALLOC(secinfo) < 0)
if (!(hostdevPriv->secinfo =
qemuDomainSecretInfoNew(conn, priv, hostdev->info->alias,
VIR_SECRET_USAGE_TYPE_ISCSI,
iscsisrc->auth->username,
&iscsisrc->auth->seclookupdef,
false)))
return -1;
if (qemuDomainSecretSetup(conn, priv, secinfo, hostdev->info->alias,
VIR_SECRET_USAGE_TYPE_ISCSI,
iscsisrc->auth->username,
&iscsisrc->auth->seclookupdef, false) < 0)
goto error;
hostdevPriv->secinfo = secinfo;
}
}
return 0;
error:
qemuDomainSecretInfoFree(&secinfo);
return -1;
}
@ -1322,7 +1338,6 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
virDomainChrSourceDefPtr dev)
{
virSecretLookupTypeDef seclookupdef = {0};
qemuDomainSecretInfoPtr secinfo = NULL;
char *charAlias = NULL;
if (dev->type != VIR_DOMAIN_CHR_TYPE_TCP)
@ -1337,36 +1352,26 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn,
seclookupdef.u.uuid) < 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("malformed chardev TLS secret uuid in qemu.conf"));
goto error;
return -1;
}
seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
if (VIR_ALLOC(secinfo) < 0)
goto error;
if (!(charAlias = qemuAliasChardevFromDevAlias(chrAlias)))
return -1;
if (!(chrSourcePriv->secinfo =
qemuDomainSecretInfoNew(conn, priv, charAlias,
VIR_SECRET_USAGE_TYPE_TLS, NULL,
&seclookupdef, false)))
goto error;
if (qemuDomainSecretSetup(conn, priv, secinfo, charAlias,
VIR_SECRET_USAGE_TYPE_TLS, NULL,
&seclookupdef, false) < 0)
goto error;
if (secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("TLS X.509 requires encrypted secrets "
"to be supported"));
goto error;
}
chrSourcePriv->secinfo = secinfo;
VIR_FREE(charAlias);
}
VIR_FREE(charAlias);
return 0;
error:
qemuDomainSecretInfoFree(&secinfo);
VIR_FREE(charAlias);
return -1;
}