[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 04/18] qcrypto/core: add generic infrastructure for crypto options
From: |
Max Reitz |
Subject: |
[PULL 04/18] qcrypto/core: add generic infrastructure for crypto options amendment |
Date: |
Mon, 22 Jun 2020 17:10:45 +0200 |
From: Maxim Levitsky <mlevitsk@redhat.com>
This will be used first to implement luks keyslot management.
block_crypto_amend_opts_init will be used to convert
qemu-img cmdline to QCryptoBlockAmendOptions
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200608094030.670121-2-mlevitsk@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
---
qapi/crypto.json | 16 ++++++++++++++++
block/crypto.h | 3 +++
crypto/blockpriv.h | 8 ++++++++
include/crypto/block.h | 22 ++++++++++++++++++++++
block/crypto.c | 17 +++++++++++++++++
crypto/block.c | 29 +++++++++++++++++++++++++++++
6 files changed, 95 insertions(+)
diff --git a/qapi/crypto.json b/qapi/crypto.json
index b2a4cff683..aeb6c7ef7b 100644
--- a/qapi/crypto.json
+++ b/qapi/crypto.json
@@ -309,3 +309,19 @@
'base': 'QCryptoBlockInfoBase',
'discriminator': 'format',
'data': { 'luks': 'QCryptoBlockInfoLUKS' } }
+
+
+
+##
+# @QCryptoBlockAmendOptions:
+#
+# The options that are available for all encryption formats
+# when amending encryption settings
+#
+# Since: 5.1
+##
+{ 'union': 'QCryptoBlockAmendOptions',
+ 'base': 'QCryptoBlockOptionsBase',
+ 'discriminator': 'format',
+ 'data': {
+ } }
diff --git a/block/crypto.h b/block/crypto.h
index b935695e79..06e044c9be 100644
--- a/block/crypto.h
+++ b/block/crypto.h
@@ -91,6 +91,9 @@
QCryptoBlockCreateOptions *
block_crypto_create_opts_init(QDict *opts, Error **errp);
+QCryptoBlockAmendOptions *
+block_crypto_amend_opts_init(QDict *opts, Error **errp);
+
QCryptoBlockOpenOptions *
block_crypto_open_opts_init(QDict *opts, Error **errp);
diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
index 71c59cb542..3c7ccea504 100644
--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -62,6 +62,14 @@ struct QCryptoBlockDriver {
void *opaque,
Error **errp);
+ int (*amend)(QCryptoBlock *block,
+ QCryptoBlockReadFunc readfunc,
+ QCryptoBlockWriteFunc writefunc,
+ void *opaque,
+ QCryptoBlockAmendOptions *options,
+ bool force,
+ Error **errp);
+
int (*get_info)(QCryptoBlock *block,
QCryptoBlockInfo *info,
Error **errp);
diff --git a/include/crypto/block.h b/include/crypto/block.h
index c77ccaf9c0..d274819791 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -144,6 +144,28 @@ QCryptoBlock
*qcrypto_block_create(QCryptoBlockCreateOptions *options,
void *opaque,
Error **errp);
+/**
+ * qcrypto_block_amend_options:
+ * @block: the block encryption object
+ *
+ * @readfunc: callback for reading data from the volume header
+ * @writefunc: callback for writing data to the volume header
+ * @opaque: data to pass to @readfunc and @writefunc
+ * @options: the new/amended encryption options
+ * @force: hint for the driver to allow unsafe operation
+ * @errp: error pointer
+ *
+ * Changes the crypto options of the encryption format
+ *
+ */
+int qcrypto_block_amend_options(QCryptoBlock *block,
+ QCryptoBlockReadFunc readfunc,
+ QCryptoBlockWriteFunc writefunc,
+ void *opaque,
+ QCryptoBlockAmendOptions *options,
+ bool force,
+ Error **errp);
+
/**
* qcrypto_block_calculate_payload_offset:
diff --git a/block/crypto.c b/block/crypto.c
index 973b57b3eb..dcf8b42bb2 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -202,6 +202,23 @@ block_crypto_create_opts_init(QDict *opts, Error **errp)
return ret;
}
+QCryptoBlockAmendOptions *
+block_crypto_amend_opts_init(QDict *opts, Error **errp)
+{
+ Visitor *v;
+ QCryptoBlockAmendOptions *ret;
+
+ v = qobject_input_visitor_new_flat_confused(opts, errp);
+ if (!v) {
+ return NULL;
+ }
+
+ visit_type_QCryptoBlockAmendOptions(v, NULL, &ret, errp);
+
+ visit_free(v);
+ return ret;
+}
+
static int block_crypto_open_generic(QCryptoBlockFormat format,
QemuOptsList *opts_spec,
diff --git a/crypto/block.c b/crypto/block.c
index 6f42b32f1e..eb057948b5 100644
--- a/crypto/block.c
+++ b/crypto/block.c
@@ -150,6 +150,35 @@
qcrypto_block_calculate_payload_offset(QCryptoBlockCreateOptions *create_opts,
return crypto != NULL;
}
+int qcrypto_block_amend_options(QCryptoBlock *block,
+ QCryptoBlockReadFunc readfunc,
+ QCryptoBlockWriteFunc writefunc,
+ void *opaque,
+ QCryptoBlockAmendOptions *options,
+ bool force,
+ Error **errp)
+{
+ if (options->format != block->format) {
+ error_setg(errp,
+ "Cannot amend encryption format");
+ return -1;
+ }
+
+ if (!block->driver->amend) {
+ error_setg(errp,
+ "Crypto format %s doesn't support format options amendment",
+ QCryptoBlockFormat_str(block->format));
+ return -1;
+ }
+
+ return block->driver->amend(block,
+ readfunc,
+ writefunc,
+ opaque,
+ options,
+ force,
+ errp);
+}
QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
Error **errp)
--
2.26.2
- [PULL 00/18] Block patches, Max Reitz, 2020/06/22
- [PULL 01/18] iotests: Make _filter_img_create more active, Max Reitz, 2020/06/22
- [PULL 03/18] block/block-copy: block_copy_dirty_clusters: fix failure check, Max Reitz, 2020/06/22
- [PULL 07/18] block/amend: separate amend and create options for qemu-img, Max Reitz, 2020/06/22
- [PULL 10/18] block/crypto: implement the encryption key management, Max Reitz, 2020/06/22
- [PULL 02/18] iotests: filter few more luks specific create options, Max Reitz, 2020/06/22
- [PULL 09/18] block/crypto: rename two functions, Max Reitz, 2020/06/22
- [PULL 05/18] qcrypto/luks: implement encryption key management, Max Reitz, 2020/06/22
- [PULL 06/18] block/amend: add 'force' option, Max Reitz, 2020/06/22
- [PULL 04/18] qcrypto/core: add generic infrastructure for crypto options amendment,
Max Reitz <=
- [PULL 08/18] block/amend: refactor qcow2 amend options, Max Reitz, 2020/06/22
- [PULL 11/18] block/qcow2: extend qemu-img amend interface with crypto options, Max Reitz, 2020/06/22
- [PULL 14/18] block/crypto: implement blockdev-amend, Max Reitz, 2020/06/22
- [PULL 18/18] iotests: don't test qcow2.py inside 291, Max Reitz, 2020/06/22
- [PULL 13/18] block/core: add generic infrastructure for x-blockdev-amend qmp command, Max Reitz, 2020/06/22
- [PULL 12/18] iotests: qemu-img tests for luks key management, Max Reitz, 2020/06/22
- [PULL 17/18] iotests: Fix 051 output after qdev_init_nofail() removal, Max Reitz, 2020/06/22
- [PULL 15/18] block/qcow2: implement blockdev-amend, Max Reitz, 2020/06/22
- [PULL 16/18] iotests: add tests for blockdev-amend, Max Reitz, 2020/06/22
- Re: [PULL 00/18] Block patches, no-reply, 2020/06/22