Commit Graph

14 Commits

Author SHA1 Message Date
Cole Robinson
7662194bf3 Require a semicolon to VIR_ENUM_DECL calls
Missing semicolon at the end of macros can confuse some analyzers
(like cppcheck <filename>), and we have a mix of semicolon and
non-semicolon usage through the code. Let's standardize on using
a semicolon for VIR_ENUM_DECL calls.

Drop the semicolon from the final statement of the macro, so
the compiler will require callers to add a semicolon.

Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2019-02-03 17:46:29 -05:00
Daniel P. Berrangé
568a417224 Enforce a standard header file guard symbol name
Require that all headers are guarded by a symbol named

  LIBVIRT_$FILENAME

where $FILENAME is the uppercased filename, with all characters
outside a-z changed into '_'.

Note we do not use a leading __ because that is technically a
namespace reserved for the toolchain.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-12-14 10:47:13 +00:00
Daniel P. Berrangé
600462834f Remove all Author(s): lines from source file headers
In many files there are header comments that contain an Author:
statement, supposedly reflecting who originally wrote the code.
In a large collaborative project like libvirt, any non-trivial
file will have been modified by a large number of different
contributors. IOW, the Author: comments are quickly out of date,
omitting people who have made significant contribitions.

In some places Author: lines have been added despite the person
merely being responsible for creating the file by moving existing
code out of another file. IOW, the Author: lines give an incorrect
record of authorship.

With this all in mind, the comments are useless as a means to identify
who to talk to about code in a particular file. Contributors will always
be better off using 'git log' and 'git blame' if they need to  find the
author of a particular bit of code.

This commit thus deletes all Author: comments from the source and adds
a rule to prevent them reappearing.

The Copyright headers are similarly misleading and inaccurate, however,
we cannot delete these as they have legal meaning, despite being largely
inaccurate. In addition only the copyright holder is permitted to change
their respective copyright statement.

Reviewed-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-12-13 16:08:38 +00:00
Peter Krempa
1e6e34b144 util: storage: Sanitize parsing of disk encryption XMLs
Pass in the XPath context as we do in all other places rather than
allocating a new one.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-03-08 14:29:50 +01:00
John Ferlan
b7d44f450c storage: Fix capacity value for LUKS encrypted volumes
https://bugzilla.redhat.com/show_bug.cgi?id=1371892

The 'capacity' value (e.g. guest logical size) for a LUKS volume is
smaller than the 'physical' value of the file in the file system, so
we need to account for that.

When peeking at the encryption information about the volume add a fetch
of the payload_offset which is described as the offset to the start of
the volume data (in 512 byte sectors) in QEMU's QCryptoBlockLUKSHeader.

Then adjust the ->capacity appropriately when we determine that the
volume target encryption has a payload_offset value.
2017-04-03 16:15:29 -04:00
John Ferlan
2552fec248 encryption: Add <cipher> and <ivgen> to encryption
For a luks device, allow the configuration of a specific cipher to be
used for encrypting the volume.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-07-01 15:46:57 -04:00
John Ferlan
9bbf0d7e64 encryption: Add luks parsing for storageencryption
Add parse and format of the luks/passphrase secret including tests for
volume XML parsing.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-07-01 15:46:52 -04:00
John Ferlan
47e88b33be util: Add 'usage' for encryption
In order to use more common code and set up for a future type, modify the
encryption secret to allow the "usage" attribute or the "uuid" attribute
to define the secret. The "usage" in the case of a volume secret would be
the path to the volume as dictated by the backwards compatibility brought
on by virStorageGenerateQcowEncryption where it set up the usage field as
the vol->target.path and didn't allow someone to provide it. This carries
into virSecretObjListFindByUsageLocked which takes the secret usage attribute
value from from the domain disk definition and compares it against the
usage type from the secret definition. Since none of the code dealing
with qcow/qcow2 encryption secrets uses usage for lookup, it's a mostly
cosmetic change. The real usage comes in a future path where the encryption
is expanded to be a luks volume and the secret will allow definition of
the usage field.

This code will make use of the virSecretLookup{Parse|Format}Secret common code.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-07-01 15:46:24 -04:00
Peter Krempa
756b46ddd2 storage: encryption: Add deep copy function for storage encryption 2014-06-20 09:14:46 +02:00
Eric Blake
71bce84a06 Revert "maint: prefer enum over int for virstoragefile structs"
This partially reverts commits b279e52f7 and ea18f8b2.

It turns out our code base is full of:

if ((struct.member = virBlahFromString(str)) < 0)
    goto error;

Meanwhile, the C standard says it is up to the compiler whether
an enum is signed or unsigned when all of its declared values
happen to be positive.  In my testing (Fedora 20, gcc 4.8.2),
the compiler picked signed, and nothing changed.  But others
testing with gcc 4.7 got compiler warnings, because it picked
the enum to be unsigned, but no unsigned value is less than 0.
Even worse:

if ((struct.member = virBlahFromString(str)) <= 0)
    goto error;

is silently compiled without warning, but incorrectly treats -1
from a bad parse as a large positive number with no warning; and
without the compiler's help to find these instances, it is a
nightmare to maintain correctly.  We could force signed enums
with a dummy negative declaration in each enum, or cast the
result of virBlahFromString back to int after assigning to an
enum value, or use a temporary int for collecting results from
virBlahFromString, but those actions are all uglier than what we
were trying to cure by directly using enum types for struct
values in the first place.  It's better off to just live with int
members, and use 'switch ((virFoo) struct.member)' where we want
the compiler to help, than to track down all the conversions from
string to enum and ensure they don't suffer from type problems.

* src/util/virstorageencryption.h: Revert back to int declarations
with comment about enum usage.
* src/util/virstoragefile.h: Likewise.
* src/conf/domain_conf.c: Restore back to casts in switches.
* src/qemu/qemu_driver.c: Likewise.
* src/qemu/qemu_command.c: Add cast rather than revert.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-19 09:00:51 -06:00
Eric Blake
ab5178188f maint: shorten 'TypeType' function names
The VIR_ENUM_DECL/VIR_ENUM_IMPL helper macros already append 'Type'
to the enum name being converted; it looks silly to have functions
with 'TypeType' in their name.  Even though some of our enums have
to have a 'Type' suffix, the corresponding string conversion
functions do not.

* src/conf/secret_conf.h (VIR_ENUM_DECL): Rename virSecretUsageType.
* src/conf/storage_conf.h (VIR_ENUM_DECL): Rename
virStoragePoolAuthType, virStoragePoolSourceAdapterType,
virStoragePartedFsType.
* src/conf/domain_conf.c (virDomainDiskDefParseXML)
(virDomainFSDefParseXML, virDomainFSDefFormat): Update callers.
* src/conf/secret_conf.c (virSecretDefParseUsage)
(virSecretDefFormatUsage): Likewise.
* src/conf/storage_conf.c (virStoragePoolDefParseAuth)
(virStoragePoolDefParseSource, virStoragePoolSourceFormat):
Likewise.
* src/lxc/lxc_controller.c (virLXCControllerSetupLoopDevices):
Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskPartFormat): Likewise.
* src/util/virstorageencryption.c (virStorageEncryptionSecretParse)
(virStorageEncryptionSecretFormat): Likewise.
* tools/virsh-secret.c (cmdSecretList): Likewise.
* src/libvirt_private.syms (secret_conf.h, storage_conf.h): Export
corrected names.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-16 00:22:18 -06:00
Eric Blake
ea18f8b2b0 maint: use enum typedef for virstorageencryption.h
Continuing the work of consistent enum cleanups; this time in
virstorageencryption.h.

* src/util/virstorageencryption.h (virStorageEncryptionFormat):
Convert to typedef, renaming to avoid collision with function.
(virStorageEncryptionSecret, virStorageEncryption): Directly use
enums.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-16 00:22:18 -06:00
Julio Faracco
1b14c449b8 util: use typedefs for enums in "src/util/" directory
In "src/util/" there are many enumeration (enum) declarations.
Sometimes, it's better using a typedef for variable types,
function types and other usages. Other enumeration will be
changed to typedef's in the future.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-05 14:30:01 -06:00
Eric Blake
8fc328592c conf: move storage encryption type to util/
Encryption keys can be associated with each source file in a
backing chain; as such, this file belongs more in util/ where
it can be used by virstoragefile.h.

* src/conf/storage_encryption_conf.h: Rename...
* src/util/virstorageencryption.h: ...to this.
* src/conf/storage_encryption_conf.c: Rename...
* src/util/virstorageencryption.c: ...to this.
* src/Makefile.am (ENCRYPTION_CONF_SOURCES, CONF_SOURCES)
(UTIL_SOURCES): Update to new file names.
* src/libvirt_private.syms: Likewise.
* src/conf/domain_conf.h: Update client.
* src/conf/storage_conf.h: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-01 10:38:13 -06:00