From: Maxim Levitsky <mlevitsk@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Kevin Wolf" <kwolf@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
qemu-block@nongnu.org, "Markus Armbruster" <armbru@redhat.com>,
"Max Reitz" <mreitz@redhat.com>,
"Maxim Levitsky" <mlevitsk@redhat.com>,
"John Snow" <jsnow@redhat.com>
Subject: [Qemu-devel] [PATCH 08/10] block/crypto: implement blockdev-amend
Date: Fri, 30 Aug 2019 23:56:06 +0300 [thread overview]
Message-ID: <20190830205608.18192-9-mlevitsk@redhat.com> (raw)
In-Reply-To: <20190830205608.18192-1-mlevitsk@redhat.com>
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
---
block/crypto.c | 86 +++++++++++++++++++++++++++++++++-----------
qapi/block-core.json | 4 +--
2 files changed, 68 insertions(+), 22 deletions(-)
diff --git a/block/crypto.c b/block/crypto.c
index dbd95a99ba..9cb668ff0e 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -534,6 +534,17 @@ block_crypto_co_create_luks(BlockdevCreateOptions *create_options, Error **errp)
assert(create_options->driver == BLOCKDEV_DRIVER_LUKS);
luks_opts = &create_options->u.luks;
+ if (!luks_opts->has_size) {
+ error_setg(errp, "'size' is manadatory for image creation");
+ return -EINVAL;
+ }
+
+ if (!luks_opts->has_file) {
+ error_setg(errp, "'file' is manadatory for image creation");
+ return -EINVAL;
+ }
+
+
bs = bdrv_open_blockdev_ref(luks_opts->file, errp);
if (bs == NULL) {
return -EIO;
@@ -667,6 +678,39 @@ block_crypto_get_specific_info_luks(BlockDriverState *bs, Error **errp)
}
+static int
+block_crypto_amend_options_generic(BlockDriverState *bs,
+ QCryptoBlockCreateOptions *amend_options,
+ bool force,
+ Error **errp)
+{
+ BlockCrypto *crypto = bs->opaque;
+ int ret = -1;
+
+ assert(crypto);
+ assert(crypto->block);
+
+ /* apply for exclusive write permissions to the underlying file*/
+ crypto->updating_keys = true;
+ ret = bdrv_child_refresh_perms(bs, bs->file, errp);
+ if (ret) {
+ goto cleanup;
+ }
+
+ ret = qcrypto_block_amend_options(crypto->block,
+ block_crypto_read_func,
+ block_crypto_write_func,
+ bs,
+ amend_options,
+ force,
+ errp);
+cleanup:
+ /* release exclusive write permissions to the underlying file*/
+ crypto->updating_keys = false;
+ bdrv_child_refresh_perms(bs, bs->file, errp);
+ return ret;
+}
+
static int
block_crypto_amend_options(BlockDriverState *bs,
QemuOpts *opts,
@@ -678,44 +722,45 @@ block_crypto_amend_options(BlockDriverState *bs,
BlockCrypto *crypto = bs->opaque;
QDict *cryptoopts = NULL;
QCryptoBlockCreateOptions *amend_options = NULL;
- int ret;
+ int ret= -EINVAL;
assert(crypto);
assert(crypto->block);
- crypto->updating_keys = true;
-
- ret = bdrv_child_refresh_perms(bs, bs->file, errp);
- if (ret) {
- goto cleanup;
- }
-
cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL,
&block_crypto_create_opts_luks,
true);
qdict_put_str(cryptoopts, "format", "luks");
amend_options = block_crypto_create_opts_init(cryptoopts, errp);
+
if (!amend_options) {
- ret = -EINVAL;
- goto cleanup;
+ goto out;
}
- ret = qcrypto_block_amend_options(crypto->block,
- block_crypto_read_func,
- block_crypto_write_func,
- bs,
- amend_options,
- force,
- errp);
-cleanup:
- crypto->updating_keys = false;
- bdrv_child_refresh_perms(bs, bs->file, errp);
+ ret = block_crypto_amend_options_generic(bs, amend_options, force, errp);
+out:
qapi_free_QCryptoBlockCreateOptions(amend_options);
qobject_unref(cryptoopts);
return ret;
}
+static int
+coroutine_fn block_crypto_co_amend(BlockDriverState *bs,
+ BlockdevCreateOptions *opts,
+ bool force,
+ Error **errp)
+{
+ QCryptoBlockCreateOptions amend_opts;
+
+ amend_opts = (QCryptoBlockCreateOptions) {
+ .format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
+ .u.luks = *qapi_BlockdevCreateOptionsLUKS_base(&opts->u.luks),
+ };
+
+ return block_crypto_amend_options_generic(bs, &amend_opts, force, errp);
+}
+
static void
block_crypto_child_perms(BlockDriverState *bs, BdrvChild *c,
@@ -774,6 +819,7 @@ static BlockDriver bdrv_crypto_luks = {
.bdrv_get_info = block_crypto_get_info_luks,
.bdrv_get_specific_info = block_crypto_get_specific_info_luks,
.bdrv_amend_options = block_crypto_amend_options,
+ .bdrv_co_amend = block_crypto_co_amend,
.strong_runtime_opts = block_crypto_strong_runtime_opts,
};
diff --git a/qapi/block-core.json b/qapi/block-core.json
index 7900914506..02375fb59a 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -4220,8 +4220,8 @@
##
{ 'struct': 'BlockdevCreateOptionsLUKS',
'base': 'QCryptoBlockCreateOptionsLUKS',
- 'data': { 'file': 'BlockdevRef',
- 'size': 'size',
+ 'data': { '*file': 'BlockdevRef',
+ '*size': 'size',
'*preallocation': 'PreallocMode' } }
##
--
2.17.2
next prev parent reply other threads:[~2019-08-30 21:06 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-30 20:55 [Qemu-devel] [PATCH 00/10] RFC crypto/luks: encryption key managment using amend interface Maxim Levitsky
2019-08-30 20:55 ` [Qemu-devel] [PATCH 01/10] qcrypto: add suport for amend options Maxim Levitsky
2019-09-06 13:40 ` Daniel P. Berrangé
2019-08-30 20:56 ` [Qemu-devel] [PATCH 02/10] qcrypto-luks: extend the create options for upcoming encryption key management Maxim Levitsky
2019-09-06 13:49 ` Daniel P. Berrangé
2019-09-06 13:57 ` Maxim Levitsky
2019-09-06 14:15 ` Daniel P. Berrangé
2019-08-30 20:56 ` [Qemu-devel] [PATCH 03/10] qcrypto-luks: implement the " Maxim Levitsky
2019-09-06 13:55 ` Daniel P. Berrangé
2019-09-12 9:48 ` Maxim Levitsky
2019-08-30 20:56 ` [Qemu-devel] [PATCH 04/10] block: amend: add 'force' option Maxim Levitsky
2019-09-06 13:59 ` Daniel P. Berrangé
2019-09-12 9:53 ` Maxim Levitsky
2019-08-30 20:56 ` [Qemu-devel] [PATCH 05/10] block/crypto: implement the encryption key management Maxim Levitsky
2019-09-06 14:04 ` Daniel P. Berrangé
2019-09-12 10:08 ` Maxim Levitsky
2019-08-30 20:56 ` [Qemu-devel] [PATCH 06/10] qcow2: implement crypto amend options Maxim Levitsky
2019-09-06 14:06 ` Daniel P. Berrangé
2019-09-12 19:11 ` Maxim Levitsky
2019-08-30 20:56 ` [Qemu-devel] [PATCH 07/10] block: add x-blockdev-amend qmp command Maxim Levitsky
2019-08-30 20:56 ` Maxim Levitsky [this message]
2019-09-06 14:10 ` [Qemu-devel] [PATCH 08/10] block/crypto: implement blockdev-amend Daniel P. Berrangé
2019-09-12 19:18 ` Maxim Levitsky
2019-08-30 20:56 ` [Qemu-devel] [PATCH 09/10] block/qcow2: " Maxim Levitsky
2019-09-06 14:12 ` Daniel P. Berrangé
2019-09-12 19:22 ` Maxim Levitsky
2019-08-30 20:56 ` [Qemu-devel] [PATCH 10/10] iotests : add tests for encryption key management Maxim Levitsky
2019-09-06 14:14 ` Daniel P. Berrangé
2019-09-06 14:26 ` Maxim Levitsky
2019-09-06 14:27 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190830205608.18192-9-mlevitsk@redhat.com \
--to=mlevitsk@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=jsnow@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.