[libvirt] [PATCH v2 0/4] Add a domain masterKey secret for qemu,

Tuesday, 29 March 2016

v1: http://www.redhat.com/archives/libvir-list/2016-March/msg01206.html

Patch 1 is already ACK'd. I assume this code won't go into 1.3.3, but
would hopefully be early in 1.3.4 and I didn't want to break up the
capability bits across releases...

Differences to v1

 - Patch 2 is new - it's taking the virUUIDGenerateRandomBytes and making
   it generic since we'll use it in Patch 3 (it already opens/reads from
   /dev/urandom, so I figured it'd be better to share than cut, copy, paste).

 - Patch 3 has changes from review:

   * Less comments in qemuDomainGetMasterKeyFilePath

   * Master key no longer base64 encoded to be written (or read). Instead
     the Write code will open, truncate, and write the secret directly.
     The Read code will read the secret directly

   * The fallback algorithm for key generation uses virGenerateRandomBytes

   * Changed 'masterKey' from "char *" to "uint8_t *" and
added the
     masterKeyLen

 - Patch 4 changes in order to tell qemu the format of the file is 'raw'.
   Also affects test .args file

Removed references to encode/decode, adjusted commit messages.

Ran through Coverity checker... happy...

Created a domain that would pass/read the file...  Killed libvirtd, restarted
and read the masterKey file properly. Also ensured the #else of the secret
generation compiled...

John Ferlan (4):
  qemu: Add capability bit for qemu secret object
  util: Introduce virGenerateRandomBytes
  qemu: Create domain master key
  qemu: Introduce qemuBuildMasterKeyCommandLine

 src/libvirt_private.syms                           |   1 +
 src/qemu/qemu_alias.c                              |  17 ++
 src/qemu/qemu_alias.h                              |   3 +
 src/qemu/qemu_capabilities.c                       |   2 +
 src/qemu/qemu_capabilities.h                       |   1 +
 src/qemu/qemu_command.c                            |  68 ++++++
 src/qemu/qemu_domain.c                             | 252 +++++++++++++++++++++
 src/qemu/qemu_domain.h                             |  15 ++
 src/qemu/qemu_process.c                            |  11 +
 src/util/virutil.c                                 |  36 +++
 src/util/virutil.h                                 |   3 +
 src/util/viruuid.c                                 |  30 +--
 tests/qemucapabilitiesdata/caps_2.6.0-1.caps       |   1 +
 tests/qemucapabilitiesdata/caps_2.6.0-1.replies    |   3 +
 .../qemuxml2argvdata/qemuxml2argv-master-key.args  |  23 ++
 tests/qemuxml2argvdata/qemuxml2argv-master-key.xml |  30 +++
 tests/qemuxml2argvtest.c                           |   2 +
 17 files changed, 469 insertions(+), 29 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-master-key.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-master-key.xml

-- 
2.5.5

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH v2 0/4] Add a domain masterKey secret for qemu,