On 09/15/2017 12:06 AM, Peter Krempa wrote:
On Thu, Sep 14, 2017 at 14:03:09 -0400, John Ferlan wrote:
Rather than checking during XML processing, move the check for valid <encryption> into virDomainDiskDefParseValidate.
Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/conf/domain_conf.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 07bda1a36..09c5bc1ae 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -8605,7 +8605,23 @@ virDomainDiskDefParseValidate(const virDomainDiskDef *def) } }
- return virDomainDiskSourceDefParseAuthValidate(def->src); + if (virDomainDiskSourceDefParseAuthValidate(def->src) < 0)
This is the exact reason why I did not like this style in the patch that added it.
+ return -1; + + if (def->src->encryption) { + virStorageEncryptionPtr encryption = def->src->encryption; + + if (encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS && + encryption->encinfo.cipher_name) { + + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("supplying the <cipher> for a domain is " + "unnecessary"));
Perhaps we can improve the message now. How about:
"supplying <cipher> for domain disk definition is unnecessary" ?
Yep - fixed here and adjusted the previous commit to note that error message will be to the effect that <cipher> is unnecessary. Tks - John
+ return -1; + }
ACK