On Thu, Dec 14, 2023 at 13:14:43 +0100, Ján Tomko wrote:
On a Thursday in 2023, Peter Krempa wrote:
> Unfortunately a LUKS image to be decrypted by qemu has
> VIR_STORAGE_FILE_RAW as format, but has encryption properties populated.
>
> Many places in the code don't check it properly and also don't check
> properly whether the image is indeed LUKS to be decrypted by qemu.
>
> Introduce helpes which will simplify this task.
*helpers
>
> Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
> ---
> src/qemu/qemu_block.c | 43 +++++++++++++++++++++++++++++++++++++++++++
> src/qemu/qemu_block.h | 5 +++++
> 2 files changed, 48 insertions(+)
>
> diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
> index 7e9daf0bdc..845b273b27 100644
> --- a/src/qemu/qemu_block.c
> +++ b/src/qemu/qemu_block.c
> @@ -3237,6 +3237,49 @@ qemuBlockReopenReadOnly(virDomainObj *vm,
> return qemuBlockReopenAccess(vm, src, true, asyncJob);
> }
>
> +
> +/**
> + * qemuBlockStorageSourceIsQEMULuks:
This would be the only function with "Luks" capitalized like that in the
whole repo.
qemuBlockStorageSourceIsQEMULUKS looks unreadable.
Would qemuBlockStorageSourceIsLUKS be enough? We're already talking
about "qemu Block Storage"
This function checks for LUKS images which are decrypted by qemu itself.
There is another instance where the LUKS decryption is done in the
storage access library (ceph). I can go with IsLuks and make sure it's
very obviously documented.