External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-10-14 10:09:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
c17edaf778
libvirt/src/storage
History
John Ferlan 39cef12a95 storage: Add support for using inputvol for encryption 
Starting with QEMU 2.9, encryption convert processing requires
a multi-step process in order to generate an encrypted image from
some non encrypted raw image.

Processing requires to first create an encrypted image using the
sizing parameters from the input source and second to use the
--image-opts, -n, and --target-image-opts options along with inline
driver options to describe the input and output files, generating
two commands such as:

  $ qemu-img create -f luks \
      --object secret,id=demo.img_encrypt0,file=/path/to/secretFile \
      -o key-secret=demo.img_encrypt0 \
      demo.img 500K
  Formatting 'demo.img', fmt=luks size=512000 key-secret=demo.img_encrypt0
  $ qemu-img convert --image-opts -n --target-image-opts \
      --object secret,id=demo.img_encrypt0,file=/path/to/secretFile \
      driver=raw,file.filename=sparse.img \
      driver=luks,file.filename=demo.img,key-secret=demo.img_encrypt0
  $

This patch handles the convert processing by running the processing
in a do..while loop essentially reusing the existing create logic and
arguments to create the target vol from the inputvol and then converting
the inputvol using new arguments.

This then allows the following virsh command to work properly:

  virsh vol-create-from default encrypt1-luks.xml data.img --inputpool default

where encrypt1-luks.xml would provided the path and secret for
the new image, while data.img would be the source image.

Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-26 14:02:43 -04:00
..
Makefile.inc.am storage: create separate loadable modules for storage file drivers 2018-05-03 13:17:59 +01:00
parthelper.c
storage_backend_disk.c storage: Add capability to use LUKS encryption for disk backend 2018-05-29 10:48:51 -04:00
storage_backend_disk.h
storage_backend_fs.c storage: create separate loadable modules for storage file drivers 2018-05-03 13:17:59 +01:00
storage_backend_fs.h
storage_backend_gluster.c storage/: Remove spaces after casts 2018-05-03 22:31:37 +02:00
storage_backend_gluster.h
storage_backend_iscsi.c
storage_backend_iscsi.h
storage_backend_logical.c storage: Add specific check for LUKS encryption support 2018-06-05 07:42:00 -04:00
storage_backend_logical.h
storage_backend_mpath.c
storage_backend_mpath.h
storage_backend_rbd.c
storage_backend_rbd.h
storage_backend_scsi.c
storage_backend_scsi.h
storage_backend_sheepdog_priv.h
storage_backend_sheepdog.c
storage_backend_sheepdog.h
storage_backend_vstorage.c storage/: Remove spaces after casts 2018-05-03 22:31:37 +02:00
storage_backend_vstorage.h
storage_backend_zfs.c
storage_backend_zfs.h
storage_backend.c util: create new virmodule.{c,h} files for dlopen support code 2018-05-03 12:47:43 +01:00
storage_backend.h
storage_driver.c events: add NULL check in virObjectEventStateQueue 2018-06-12 07:28:18 +02:00
storage_driver.h
storage_file_fs.c all: Use virFileCanonicalizePath() instead of canonicalize_file_name() 2018-05-03 18:23:30 +02:00
storage_file_fs.h storage: split fs storage file code from storage driver backend 2018-05-03 12:51:38 +01:00
storage_file_gluster.c storage: split gluster storage file code from storage driver backend 2018-05-03 12:49:22 +01:00
storage_file_gluster.h storage: split gluster storage file code from storage driver backend 2018-05-03 12:49:22 +01:00
storage_util.c storage: Add support for using inputvol for encryption 2018-06-26 14:02:43 -04:00
storage_util.h storage: Add support for using inputvol for encryption 2018-06-26 14:02:43 -04:00