From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>,
qemu-block@nongnu.org, Max Reitz <mreitz@redhat.com>
Subject: [Qemu-devel] [PATCH v7 2/3] block: add support for encryption secrets in block I/O tests
Date: Wed, 30 Mar 2016 14:53:16 +0100 [thread overview]
Message-ID: <1459345997-1610-3-git-send-email-berrange@redhat.com> (raw)
In-Reply-To: <1459345997-1610-1-git-send-email-berrange@redhat.com>
The LUKS block driver tests will require the ability to specify
encryption secrets with block devices. This requires using the
--object argument to qemu-img/qemu-io to create a 'secret'
object.
When the IMGKEYSECRET env variable is set, it provides the
password to be associated with a secret called 'keysec0'
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
tests/qemu-iotests/common | 1 +
tests/qemu-iotests/common.config | 6 ++++++
tests/qemu-iotests/common.filter | 3 ++-
tests/qemu-iotests/common.rc | 16 +++++++++++++---
4 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/tests/qemu-iotests/common b/tests/qemu-iotests/common
index fe3b1a0..e87287c 100644
--- a/tests/qemu-iotests/common
+++ b/tests/qemu-iotests/common
@@ -53,6 +53,7 @@ export QEMU_IO_OPTIONS=""
export CACHEMODE_IS_DEFAULT=true
export QEMU_OPTIONS="-nodefaults"
export VALGRIND_QEMU=
+export IMGKEYSECRET=
export IMGOPTSSYNTAX=false
for r
diff --git a/tests/qemu-iotests/common.config b/tests/qemu-iotests/common.config
index 6d4c829..5ec40d3 100644
--- a/tests/qemu-iotests/common.config
+++ b/tests/qemu-iotests/common.config
@@ -126,6 +126,9 @@ _qemu_io_wrapper()
local QEMU_IO_ARGS="$QEMU_IO_OPTIONS"
if [ "$IMGOPTSSYNTAX" = "true" ]; then
QEMU_IO_ARGS="--image-opts $QEMU_IO_ARGS"
+ if [ -n "$IMGKEYSECRET" ]; then
+ QEMU_IO_ARGS="--object secret,id=keysec0,data=$IMGKEYSECRET $QEMU_IO_ARGS"
+ fi
fi
local RETVAL
(
@@ -161,6 +164,9 @@ export QEMU_NBD=_qemu_nbd_wrapper
QEMU_IMG_EXTRA_ARGS=
if [ "$IMGOPTSSYNTAX" = "true" ]; then
QEMU_IMG_EXTRA_ARGS="--image-opts $QEMU_IMG_EXTRA_ARGS"
+ if [ -n "$IMGKEYSECRET" ]; then
+ QEMU_IMG_EXTRA_ARGS="--object secret,id=keysec0,data=$IMGKEYSECRET $QEMU_IMG_EXTRA_ARGS"
+ fi
fi
export QEMU_IMG_EXTRA_ARGS
diff --git a/tests/qemu-iotests/common.filter b/tests/qemu-iotests/common.filter
index 84b7434..cbd3607 100644
--- a/tests/qemu-iotests/common.filter
+++ b/tests/qemu-iotests/common.filter
@@ -198,7 +198,8 @@ _filter_img_create()
-e "s# block_state_zero=\\(on\\|off\\)##g" \
-e "s# log_size=[0-9]\\+##g" \
-e "s/archipelago:a/TEST_DIR\//g" \
- -e "s# refcount_bits=[0-9]\\+##g"
+ -e "s# refcount_bits=[0-9]\\+##g" \
+ -e "s# key-secret=[a-zA-Z0-9]\\+##g"
}
_filter_img_info()
diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc
index d8a832d..355dbb2 100644
--- a/tests/qemu-iotests/common.rc
+++ b/tests/qemu-iotests/common.rc
@@ -129,6 +129,7 @@ _make_test_img()
local img_name=""
local use_backing=0
local backing_file=""
+ local object_options=""
if [ -n "$TEST_IMG_FILE" ]; then
img_name=$TEST_IMG_FILE
@@ -139,6 +140,10 @@ _make_test_img()
if [ -n "$IMGOPTS" ]; then
optstr=$(_optstr_add "$optstr" "$IMGOPTS")
fi
+ if [ -n "$IMGKEYSECRET" ]; then
+ object_options="--object secret,id=keysec0,data=$IMGKEYSECRET"
+ optstr=$(_optstr_add "$optstr" "key-secret=keysec0")
+ fi
if [ "$1" = "-b" ]; then
use_backing=1
@@ -156,9 +161,9 @@ _make_test_img()
# XXX(hch): have global image options?
(
if [ $use_backing = 1 ]; then
- $QEMU_IMG create -f $IMGFMT $extra_img_options -b "$backing_file" "$img_name" $image_size 2>&1
+ $QEMU_IMG create $object_options -f $IMGFMT $extra_img_options -b "$backing_file" "$img_name" $image_size 2>&1
else
- $QEMU_IMG create -f $IMGFMT $extra_img_options "$img_name" $image_size 2>&1
+ $QEMU_IMG create $object_options -f $IMGFMT $extra_img_options "$img_name" $image_size 2>&1
fi
) | _filter_img_create
@@ -222,7 +227,12 @@ _check_test_img()
{
(
if [ "$IMGOPTSSYNTAX" = "true" ]; then
- $QEMU_IMG check --image-opts "$@" "$TEST_IMG" 2>&1
+ object_options=
+ if [ -n "$IMGKEYSECRET" ]; then
+ object_options="--object secret,id=keysec0,data=$IMGKEYSECRET"
+ fi
+
+ $QEMU_IMG check $object_options --image-opts "$@" "$TEST_IMG" 2>&1
else
$QEMU_IMG check "$@" -f $IMGFMT "$TEST_IMG" 2>&1
fi
--
2.5.5
next prev parent reply other threads:[~2016-03-30 13:53 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-30 13:53 [Qemu-devel] [PATCH v7 0/3] Tests for LUKS driver Daniel P. Berrange
2016-03-30 13:53 ` [Qemu-devel] [PATCH v7 1/3] block: add support for --image-opts in block I/O tests Daniel P. Berrange
2016-03-30 15:44 ` Max Reitz
2016-03-30 15:52 ` Daniel P. Berrange
2016-03-30 13:53 ` Daniel P. Berrange [this message]
2016-03-30 15:51 ` [Qemu-devel] [PATCH v7 2/3] block: add support for encryption secrets " Max Reitz
2016-03-30 15:53 ` Daniel P. Berrange
2016-03-30 13:53 ` [Qemu-devel] [PATCH v7 3/3] block: enable testing of LUKS driver with " Daniel P. Berrange
2016-03-30 16:03 ` Max Reitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1459345997-1610-3-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.