Re: [libvirt] [PATCH v4 0/7] Add support for LUKS encrypted devices

According to Dan's post commit response: http://www.redhat.com/archives/libvir-list/2016-July/msg00088.html to the v3 series: http://www.redhat.com/archives/libvir-list/2016-June/msg01935.html using a 'passphrase' usage is not desired, rather a 'volume' usage model should be used for LUKS. So patches 1 & 2 make those alterations to already pushed docs and tests Patch 3 then repurposes the 'passphrase' usage to a 'tls' usage type. I posted with this series since it removed the 'passphrase' usage and thus flushed out any errors in subsequent patches. I could hold off and repost it with the TLS changes that will also need to be made... Patches 4-7 were reviewed previously and had been given what I took as provisional ACK's; however, I reposted the changes after the most recent review "just in case". Fortunately (I guess) I didn't push them along with the other changes. In any case, there are once again posted here - the primary difference between what's posted in this series vs. what was posted previously is the change to use a "volume" secret plus a tweak to the qemuxml2argvtest to fix some issues found while making the change. John Ferlan (7): tests: Adjust LUKS tests to use 'volume' secret type docs: Update docs to reflect LUKS secret changes Repurpose the 'passphrase' secret to 'tls' storage: Add support to create a luks volume qemu: Add secinfo for hotplug virtio disk qemu: Alter the qemuDomainGetSecretAESAlias to add new arg qemu: Add luks support for domain disk docs/aclpolkit.html.in | 2 +- docs/formatsecret.html.in | 81 +++++--- docs/formatstorage.html.in | 16 ++ docs/formatstorageencryption.html.in | 29 ++- docs/schemas/secret.rng | 6 +- include/libvirt/libvirt-secret.h | 2 +- src/access/viraccessdriverpolkit.c | 2 +- src/conf/secret_conf.c | 12 +- src/conf/virsecretobj.c | 2 +- src/libvirt_private.syms | 1 + src/qemu/qemu_alias.c | 10 +- src/qemu/qemu_alias.h | 3 +- src/qemu/qemu_command.c | 9 + src/qemu/qemu_domain.c | 40 +++- src/qemu/qemu_hotplug.c | 126 +++++++++++- src/storage/storage_backend.c | 218 +++++++++++++++++++-- src/storage/storage_backend.h | 3 +- src/util/virqemu.c | 23 +++ src/util/virqemu.h | 6 + .../qemuxml2argv-luks-disk-cipher.xml | 45 ----- .../qemuxml2argvdata/qemuxml2argv-luks-disks.args | 36 ++++ tests/qemuxml2argvdata/qemuxml2argv-luks-disks.xml | 2 +- tests/qemuxml2argvtest.c | 24 ++- .../qemuxml2xmlout-luks-disk-cipher.xml | 1 - tests/qemuxml2xmltest.c | 1 - tests/secretxml2xmlin/usage-passphrase.xml | 7 - tests/secretxml2xmlin/usage-tls.xml | 7 + tests/secretxml2xmltest.c | 2 +- tests/storagevolxml2argvtest.c | 3 +- tests/storagevolxml2xmlin/vol-luks-cipher.xml | 2 +- tests/storagevolxml2xmlin/vol-luks.xml | 2 +- tests/storagevolxml2xmlout/vol-luks-cipher.xml | 2 +- tests/storagevolxml2xmlout/vol-luks.xml | 2 +- 33 files changed, 577 insertions(+), 150 deletions(-) delete mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disk-cipher.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-luks-disks.args delete mode 120000 tests/qemuxml2xmloutdata/qemuxml2xmlout-luks-disk-cipher.xml delete mode 100644 tests/secretxml2xmlin/usage-passphrase.xml create mode 100644 tests/secretxml2xmlin/usage-tls.xml