3:48 p.m.
The XML allows <encryption format='unencrypted'/>, this implementation
canonicalizes the internal representation so that "disk->encryption" is
non-NULL iff encryption information is available.
A domain with partial encryption information can be defined,
completeness of the information is not verified. The domain won't
start until the remaining information is added, of course.
Changes since the second submission:
- Mark <encryption> as <optional> in the schema
- Drop <encryption format='unencrypted'/>
---
docs/formatdomain.html | 6 ++++++
docs/formatdomain.html.in | 8 ++++++++
docs/schemas/domain.rng | 5 +++++
src/domain_conf.c | 14 ++++++++++++++
src/domain_conf.h | 2 ++
5 files changed, 35 insertions(+), 0 deletions(-)
diff --git a/docs/formatdomain.html b/docs/formatdomain.html
index efba65a..3368ad5 100644
--- a/docs/formatdomain.html
+++ b/docs/formatdomain.html
@@ -453,6 +453,9 @@
<driver name="tap" type="aio">
<source file='/var/lib/xen/images/fv0'/>
<target dev='hda' bus='ide'/>
+ <encryption type='...'>
+ ...
+ </encryption>
</disk>
...</pre>
<dl><dt><code>disk</code></dt><dd>The
<code>disk</code> element is the main container for describing
@@ -478,6 +481,9 @@
<code>driver</code> element allows them to be selected. The
<code>name</code>
attribute is the primary backend driver name, while the optional
<code>type</code>
attribute provides the sub-type. <span class="since">Since
0.1.8</span>
+ </dd><dt><code>encryption</code></dt><dd>If
present, specifies how the volume is encrypted. See
+ the <a href="formatstorageencryption.html">Storage
Encryption</a> page
+ for more information.
</dd></dl>
<h4>
<a name="elementsUSB" id="elementsUSB">USB and PCI
devices</a>
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index eb12784..211f7ed 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -338,6 +338,9 @@
<driver name="tap" type="aio">
<source file='/var/lib/xen/images/fv0'/>
<target dev='hda' bus='ide'/>
+ <encryption type='...'>
+ ...
+ </encryption>
</disk>
...</pre>
@@ -373,6 +376,11 @@
attribute is the primary backend driver name, while the optional
<code>type</code>
attribute provides the sub-type. <span class="since">Since
0.1.8</span>
</dd>
+ <dt><code>encryption</code></dt>
+ <dd>If present, specifies how the volume is encrypted. See
+ the <a href="formatstorageencryption.html">Storage
Encryption</a> page
+ for more information.
+ </dd>
</dl>
<h4><a name="elementsUSB">USB and PCI
devices</a></h4>
diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
index f857301..df31f4a 100644
--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
@@ -4,6 +4,8 @@
<start>
<ref name="domain"/>
</start>
+
+ <include href='storageencryption.rng'/>
<!--
We handle only document defining a domain
-->
@@ -336,6 +338,9 @@
<empty/>
</element>
</optional>
+ <optional>
+ <ref name="encryption"/>
+ </optional>
</define>
<!--
A disk description can be either of type file or block
diff --git a/src/domain_conf.c b/src/domain_conf.c
index bad53f7..c5b9ae5 100644
--- a/src/domain_conf.c
+++ b/src/domain_conf.c
@@ -288,6 +288,7 @@ void virDomainDiskDefFree(virDomainDiskDefPtr def)
VIR_FREE(def->dst);
VIR_FREE(def->driverName);
VIR_FREE(def->driverType);
+ virStorageEncryptionFree(def->encryption);
VIR_FREE(def);
}
@@ -658,6 +659,7 @@ virDomainDiskDefParseXML(virConnectPtr conn,
char *bus = NULL;
char *cachetag = NULL;
char *devaddr = NULL;
+ virStorageEncryptionPtr encryption = NULL;
if (VIR_ALLOC(def) < 0) {
virReportOOMError(conn);
@@ -715,6 +717,12 @@ virDomainDiskDefParseXML(virConnectPtr conn,
} else if ((flags & VIR_DOMAIN_XML_INTERNAL_STATUS) &&
xmlStrEqual(cur->name, BAD_CAST "state")) {
devaddr = virXMLPropString(cur, "devaddr");
+ } else if (encryption == NULL &&
+ xmlStrEqual(cur->name, BAD_CAST "encryption")) {
+ encryption = virStorageEncryptionParseNode(conn, node->doc,
+ cur);
+ if (encryption == NULL)
+ goto error;
}
}
cur = cur->next;
@@ -833,6 +841,8 @@ virDomainDiskDefParseXML(virConnectPtr conn,
driverName = NULL;
def->driverType = driverType;
driverType = NULL;
+ def->encryption = encryption;
+ encryption = NULL;
cleanup:
VIR_FREE(bus);
@@ -844,6 +854,7 @@ cleanup:
VIR_FREE(driverName);
VIR_FREE(cachetag);
VIR_FREE(devaddr);
+ virStorageEncryptionFree(encryption);
return def;
@@ -3516,6 +3527,9 @@ virDomainDiskDefFormat(virConnectPtr conn,
virBufferAddLit(buf, " <readonly/>\n");
if (def->shared)
virBufferAddLit(buf, " <shareable/>\n");
+ if (def->encryption != NULL &&
+ virStorageEncryptionFormat(conn, buf, def->encryption) < 0)
+ return -1;
if (flags & VIR_DOMAIN_XML_INTERNAL_STATUS) {
virBufferAddLit(buf, " <state");
diff --git a/src/domain_conf.h b/src/domain_conf.h
index 44302be..e422f6f 100644
--- a/src/domain_conf.h
+++ b/src/domain_conf.h
@@ -30,6 +30,7 @@
#include "internal.h"
#include "capabilities.h"
+#include "storage_encryption.h"
#include "util.h"
#include "threads.h"
@@ -117,6 +118,7 @@ struct _virDomainDiskDef {
unsigned bus;
unsigned slot;
} pci_addr;
+ virStorageEncryptionPtr encryption;
};
static inline int
--
1.6.2.5