From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59584) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zztxv-0001Rn-4j for qemu-devel@nongnu.org; Fri, 20 Nov 2015 17:15:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Zztxu-0007vw-7W for qemu-devel@nongnu.org; Fri, 20 Nov 2015 17:15:35 -0500 References: <1448042670-17433-1-git-send-email-berrange@redhat.com> <1448042670-17433-5-git-send-email-berrange@redhat.com> From: Eric Blake Message-ID: <564F9B7F.2020101@redhat.com> Date: Fri, 20 Nov 2015 15:15:27 -0700 MIME-Version: 1.0 In-Reply-To: <1448042670-17433-5-git-send-email-berrange@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="RPRohHT2PUsi8do7ShELi5N1QORTGkj9C" Subject: Re: [Qemu-devel] [PATCH WIP 04/30] qcow2: add a 'keyid' parameter to qcow2 options List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" , qemu-devel@nongnu.org Cc: qemu-block@nongnu.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --RPRohHT2PUsi8do7ShELi5N1QORTGkj9C Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 11/20/2015 11:04 AM, Daniel P. Berrange wrote: > Add a 'keyid' parameter that refers to the ID of a > QCryptoSecret instance that provides the encryption key. >=20 > $QEMU \ > -object secret,id=3Dsec0,filename=3D/home/berrange/encrypted.pw \ > -drive file=3D/home/berrange/encrypted.qcow2,keyid=3Dsec0 >=20 > Signed-off-by: Daniel P. Berrange > --- > block/qcow2.c | 80 +++++++++++++++++++++++++++++++++++++-------= -------- > block/qcow2.h | 1 + > qapi/block-core.json | 8 ++++-- > 3 files changed, 64 insertions(+), 25 deletions(-) > +++ b/qapi/block-core.json > @@ -1698,7 +1698,7 @@ > # Driver specific block device options for qcow. > # > # @keyid: #optional ID of the "secret" object providin= g the > -# AES decryption key. > +# AES decryption key (since 2.5) > # > # Since: 2.5 I already pointed this out on the previous post, but this hunk is wrong (since the entire BlockdevOptionsQcow struct is new); it instead belongs.= =2E. > ## > @@ -1742,6 +1742,9 @@ > # caches. The interval is in seconds. The defa= ult value > # is 0 and it disables this feature (since 2.5= ) > # > +# @keyid: #optional ID of the "secret" object providin= g the > +# AES decryption key. =2E..here as part of BlockdevOptionsQcow2. Also, I wonder if inheriting from BlockdevOptionsQcow is any easier here than just declaring keyid directly. > +# > # Since: 1.7 > ## > { 'struct': 'BlockdevOptionsQcow2', > @@ -1754,7 +1757,8 @@ > '*cache-size': 'int', > '*l2-cache-size': 'int', > '*refcount-cache-size': 'int', > - '*cache-clean-interval': 'int' } } > + '*cache-clean-interval': 'int', > + '*keyid': 'str' } } > =20 > =20 > ## >=20 --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --RPRohHT2PUsi8do7ShELi5N1QORTGkj9C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJWT5t/AAoJEKeha0olJ0NqzxEH/1o1yPenoUnFHtwmTsK8MeFh jB7adUWfED88SRqvuQ0xhNp8oPYmIgNd17W5EVvA7Mta5HY6oGV3yBzejCQ407c+ O3NlhNRK3BPoDii/1ncBv4Dbnws3KuDQh3BDLIp7RXXMO3J1FjjpLriOOKXrS9Ny txUPxybRXZ8j2dR9C1rhFNLWQdFGENce5vmzJNPRfUBCMYQsMm1KDIRzPmxP9nHl lkJ2DlwfpyIDi23xaz5MadnvEFTKmWZtm6/5tYTRXGaIssmuoE19lF7jtWuLG9bt 0Wuytaa9BTWbwmHMHiYyXHrVFbE7i6toQGXCA8lNtxkc9FFY39EpG5WQbUr8LTc= =xSjz -----END PGP SIGNATURE----- --RPRohHT2PUsi8do7ShELi5N1QORTGkj9C--