On 2012年09月14日 17:47, Peter Krempa wrote:
On 09/14/12 10:38, Osier Yang wrote:
This is to list the secret objects. No flags are supported
This statement isn't accurate as you added filtering flags.
include/libvirt/libvirt.h.in: Declare enum virConnectListAllSecretFlags and virConnectListAllSecrets. python/generator.py: Skip auto-generating src/driver.h: (virDrvConnectListAllSecrets) src/libvirt.c: Implement the public API src/libvirt_public.syms: Export the symbol to public --- include/libvirt/libvirt.h.in | 21 +++++++++++++ python/generator.py | 1 + src/driver.h | 5 +++ src/libvirt.c | 66 ++++++++++++++++++++++++++++++++++++++++++ src/libvirt_public.syms | 1 + 5 files changed, 94 insertions(+), 0 deletions(-)
diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in index 3d41026..c38ab23 100644 --- a/include/libvirt/libvirt.h.in +++ b/include/libvirt/libvirt.h.in @@ -3266,6 +3266,27 @@ int virConnectNumOfSecrets (virConnectPtr conn); int virConnectListSecrets (virConnectPtr conn, char **uuids, int maxuuids); + +/* + * virConnectListAllSecrets: + * + * Flags used to filter the returned secrets. Flags in each group + * are exclusive attributes of a secret. + */ +typedef enum { + /* kept in memory, never stored persistently */ + VIR_CONNECT_LIST_SECRETS_EPHEMERAL = 1 << 0, + VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL = 1 << 1, + + /* not revealed to any caller of libvirt, nor + * to any other node */ + VIR_CONNECT_LIST_SECRETS_PRIVATE = 1 << 2, + VIR_CONNECT_LIST_SECRETS_NO_PRIVATE = 1 << 3, +} virConnectListAllSecretsFlags; + +int virConnectListAllSecrets(virConnectPtr conn, + virSecretPtr **secrets, + unsigned int flags); virSecretPtr virSecretLookupByUUID(virConnectPtr conn, const unsigned char *uuid); virSecretPtr virSecretLookupByUUIDString(virConnectPtr conn, diff --git a/python/generator.py b/python/generator.py index d3163e4..955c893 100755 --- a/python/generator.py +++ b/python/generator.py @@ -466,6 +466,7 @@ skip_function = ( 'virConnectListAllInterfaces', # overridden in virConnect.py 'virConnectListAllNodeDevices', # overridden in virConnect.py 'virConnectListAllNWFilters', # overridden in virConnect.py + 'virConnectListAllSecrets', # overridden in virConnect.py
'virStreamRecvAll', # Pure python libvirt-override-virStream.py 'virStreamSendAll', # Pure python libvirt-override-virStream.py diff --git a/src/driver.h b/src/driver.h index 9984a85..3e69dae 100644 --- a/src/driver.h +++ b/src/driver.h @@ -1567,6 +1567,10 @@ typedef int (*virDrvListSecrets) (virConnectPtr conn, char **uuids, int maxuuids); +typedef int + (*virDrvListAllSecrets) (virConnectPtr conn, + virSecretPtr **secrets, + unsigned int flags);
typedef struct _virSecretDriver virSecretDriver; typedef virSecretDriver *virSecretDriverPtr; @@ -1588,6 +1592,7 @@ struct _virSecretDriver {
virDrvNumOfSecrets numOfSecrets; virDrvListSecrets listSecrets; + virDrvListAllSecrets listAllSecrets; virDrvSecretLookupByUUID lookupByUUID; virDrvSecretLookupByUsage lookupByUsage; virDrvSecretDefineXML defineXML; diff --git a/src/libvirt.c b/src/libvirt.c index cae9bc9..6a9be6d 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -14594,6 +14594,72 @@ error: }
/** + * virConnectListAllSecrets: + * @conn: Pointer to the hypervisor connection. + * @secrets: Pointer to a variable to store the array containing the secret + * objects or NULL if the list is not required (just returns the + * number of secrets). + * @flags: extra flags; not used yet, so callers should always pass 0 + * + * Collect the list of secrets, and allocate an array to store those + * objects. + * + * Normally, all secrets are returned; however, @flags can be used to + * filter the results for a smaller list of targeted secrets. The valid + * flags are divided into groups, where each group contains bits that + * describe mutually exclusive attributes of a secret, and where all bits + * within a group describe all possible secrets. + * + * The first group of @flags is VIR_CONNECT_LIST_SECRETS_EPHEMERAL(kept in + * memory, not persistent) and VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL + * (nor ephemeral) to filter the secrets by whether it's ephemeral or not.
I'd rephrase this paragraph a little bit:
The first group of @flags is used to filter the list by storage location of the secret. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL selects secrets that are kept only in memory. Flag VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL selects secrets that are allowed to be kept in persistent storage.
(In any case, it'd be best if Eric would state his opinion on this :) )
+ * + * The second group of @flags is VIR_CONNECT_LIST_SECRETS_PRIVATE + * (not revealed to any caller of libvirt, nor to any other node) + * and VIR_CONNECT_LIST_SECRETS_NO_PRIVATE (not private), to filter + * the secrets by whether it's private or not.
This paragraph also contains a lot of redundant information:
The second group of @flags allows filtering secrets by privacy. When flag VIR_CONNECT_LIST_SECRETS_PRIVATE is specified secrets that are never revealed to any caller of libvirt nor to any other node are returned. Flag VIR_CONNECT_LIST_SECRETS_NO_PRIVATE can be used to select non-private secrets.
I reword your suggestion a bit like: * The first group of @flags is used to filter secrets by its storage * location. Flag VIR_CONNECT_LIST_SECRETS_EPHEMERAL * selects secrets that are kept only in memory. Flag * VIR_CONNECT_LIST_SECRETS_NO_EPHEMERAL selects secrets that are * kept in persistent storage. * * The second group of @flags is used to filter secrets by privacy. * Flag VIR_CONNECT_LIST_SECRETS_PRIVATE seclets secrets that are * never revealed to any caller of libvirt nor to any other node. * Flag VIR_CONNECT_LIST_SECRETS_NO_PRIVATE selects non-private secrets. Osier