[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 02/11] qcrypto-luks: extend the create options for upcomin
From: |
Max Reitz |
Subject: |
Re: [PATCH v2 02/11] qcrypto-luks: extend the create options for upcoming encryption key management |
Date: |
Fri, 4 Oct 2019 19:42:45 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0 |
On 13.09.19 00:30, Maxim Levitsky wrote:
> Now you can specify which slot to put the encryption key to
> Plus add 'active' option which will let user erase the key secret
> instead of adding it.
> Check that active=true it when creating.
>
> Signed-off-by: Maxim Levitsky <address@hidden>
> ---
> block/crypto.c | 2 ++
> block/crypto.h | 16 +++++++++++
> block/qcow2.c | 2 ++
> crypto/block-luks.c | 26 +++++++++++++++---
> qapi/crypto.json | 19 ++++++++++++++
> tests/qemu-iotests/082.out | 54 ++++++++++++++++++++++++++++++++++++++
> 6 files changed, 115 insertions(+), 4 deletions(-)
(Just doing a cursory RFC-style review)
I think we also want to reject unlock-secret if it’s given for creation;
and I suppose it’d be more important to print which slots are OK than
the slot the user has given. (It isn’t like we shouldn’t print that
slot index, but it’s more likely the user knows that than what the
limits are. I think.)
Max
signature.asc
Description: OpenPGP digital signature
- Re: [PATCH v2 02/11] qcrypto-luks: extend the create options for upcoming encryption key management,
Max Reitz <=