mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-22 20:45:18 +00:00
37537a7c64
Since the virStorageEncryptionPtr encryption; is a member of _virStorageSource it really should be allowed to be a subelement of the disk <source> for various disk formats: Source{File|Dir|Block|Volume} SourceProtocol{RBD|ISCSI|NBD|Gluster|Simple|HTTP} NB: Simple includes sheepdog, ftp, ftps, tftp That way we can set up to allow the <encryption> element to be formatted within the disk source, but we still need to be wary from whence the element was read - see keep track and when it comes to format the data, ensure it's written in the correct place. Modify the qemuxml2argvtest to add a parse failure when there is an <encryption> as a child of <disk> *and* an <encryption> as a child of <source>. The virschematest will read the new test files and validate from a RNG viewpoint things are fine.
63 lines
2.7 KiB
Plaintext
63 lines
2.7 KiB
Plaintext
LC_ALL=C \
|
|
PATH=/bin \
|
|
HOME=/home/test \
|
|
USER=test \
|
|
LOGNAME=test \
|
|
QEMU_AUDIO_DRV=none \
|
|
/usr/bin/qemu-system-x86_64 \
|
|
-name encryptdisk \
|
|
-S \
|
|
-object secret,id=masterKey0,format=raw,\
|
|
file=/tmp/lib/domain--1-encryptdisk/master-key.aes \
|
|
-M pc-i440fx-2.1 \
|
|
-m 1024 \
|
|
-smp 1,sockets=1,cores=1,threads=1 \
|
|
-uuid 496898a6-e6ff-f7c8-5dc2-3cf410945ee9 \
|
|
-nographic \
|
|
-nodefaults \
|
|
-chardev socket,id=charmonitor,\
|
|
path=/tmp/lib/domain--1-encryptdisk/monitor.sock,server,nowait \
|
|
-mon chardev=charmonitor,id=monitor,mode=readline \
|
|
-no-acpi \
|
|
-boot c \
|
|
-usb \
|
|
-object secret,id=virtio-disk0-luks-secret0,\
|
|
data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
|
|
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
-drive file=/storage/guest_disks/encryptdisk,\
|
|
key-secret=virtio-disk0-luks-secret0,format=luks,if=none,id=drive-virtio-disk0 \
|
|
-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
|
|
id=virtio-disk0 \
|
|
-object secret,id=virtio-disk1-luks-secret0,\
|
|
data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
|
|
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
-drive file=/storage/guest_disks/encryptdisk2,\
|
|
key-secret=virtio-disk1-luks-secret0,format=luks,if=none,id=drive-virtio-disk1 \
|
|
-device virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk1,\
|
|
id=virtio-disk1 \
|
|
-object secret,id=virtio-disk2-luks-secret0,\
|
|
data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
|
|
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
-drive file=iscsi://myname:AQCVn5hO6HzFAhAAq0NCv8jtJcIcE+HOBlMQ1A@example.org:\
|
|
6000/iqn.1992-01.com.example%3Astorage/1,key-secret=virtio-disk2-luks-secret0,\
|
|
format=luks,if=none,id=drive-virtio-disk2 \
|
|
-device virtio-blk-pci,bus=pci.0,addr=0x6,drive=drive-virtio-disk2,\
|
|
id=virtio-disk2 \
|
|
-object secret,id=virtio-disk3-luks-secret0,\
|
|
data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
|
|
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
-drive file=iscsi://iscsi.example.com:3260/demo-target/3,\
|
|
key-secret=virtio-disk3-luks-secret0,format=luks,if=none,id=drive-virtio-disk3 \
|
|
-device virtio-blk-pci,bus=pci.0,addr=0x7,drive=drive-virtio-disk3,\
|
|
id=virtio-disk3 \
|
|
-object secret,id=virtio-disk4-luks-secret0,\
|
|
data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
|
|
keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
|
|
-drive 'file=rbd:pool/image:auth_supported=none:mon_host=mon1.example.org\:\
|
|
6321\;mon2.example.org\:6322\;mon3.example.org\:6322,\
|
|
key-secret=virtio-disk4-luks-secret0,format=luks,if=none,\
|
|
id=drive-virtio-disk4' \
|
|
-device virtio-blk-pci,bus=pci.0,addr=0x8,drive=drive-virtio-disk4,\
|
|
id=virtio-disk4 \
|
|
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
|