[Qemu-devel] [PATCH v6 00/11] Add new LUKS block driver (for 2.6)

["Daniel P. Berrange" <berrange@redhat.com>]

This series is just the block layer parts needed to add
a LUKS driver to QEMU. It was previously posted as part
of the larger series

  v1: https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg04748.html
  v2: https://lists.gnu.org/archive/html/qemu-block/2016-01/msg00534.html
  v3: https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03176.html
  v4: https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg06552.html
  v5: https://lists.gnu.org/archive/html/qemu-devel/2016-03/msg04397.html

The crypto subsystem pieces that this series depends on have now
all been merged.

In this posting I am only proposing merge of the generic LUKS
driver. This can be added as a layer above any of the existing
drivers for accessing LUKS formatted volumes.

When creating new volumes, however, only the file backend can
be used, since the block driver API doesn't allow for arbitrary
stacking of protocols when creating images.

The integration with the qcow2 driver to replace the existing
built-in AES-CBC code is dropped from this series, postponed
until the 2.7 development cycle.

There is a QEMU I/O test 149 that exercises the LUKS driver
and checks for compatibility with the dm-crypt/cryptsetup
impl.

Changed in v6:

 - Remove redundant mutex locking from I/O aths
 - Rebased to resolve conflicts in qemu-img
 - Switch to use blk_open where appropriate
 - Add BDRV_O_CACHE_WB flag
 - Avoid creating bounce buffer larger than iov size
 - Add drv_truncate implementation
 - Extend I/O test framework to support running with
   luks driver for existing tests
 - Split dm-crypt interop test into separate patch
 - Don't prevent use of qcow2 AES encryption entirely,
   just move location of warning message out of generic
   block layer

Daniel P. Berrange (11):
  block: add flag to indicate that no I/O will be performed
  qemu-img/qemu-io: don't prompt for passwords if not required
  tests: redirect stderr to stdout for iotests
  tests: refactor python I/O tests helper main method
  tests: add output filter to python I/O tests helper
  block: add generic full disk encryption driver
  block: move encryption deprecation warning into qcow code
  block: add support for --image-opts in block I/O tests
  block: add support for encryption secrets in block I/O tests
  block: enable testing of LUKS driver with block I/O tests
  block: an interoperability test for luks vs dm-crypt/cryptsetup

 block.c                          |   17 +-
 block/Makefile.objs              |    2 +
 block/crypto.c                   |  586 ++++++++++++
 block/io.c                       |    2 +
 block/qcow.c                     |    9 +
 block/qcow2.c                    |    8 +
 include/block/block.h            |    2 +
 qapi/block-core.json             |   22 +-
 qemu-img.c                       |   45 +-
 qemu-io.c                        |    2 +-
 tests/qemu-iotests/004           |    2 +-
 tests/qemu-iotests/012           |    2 +-
 tests/qemu-iotests/048           |   22 +-
 tests/qemu-iotests/048.out       |    6 +-
 tests/qemu-iotests/049.out       |    6 -
 tests/qemu-iotests/052           |    4 +
 tests/qemu-iotests/052.out       |    4 +
 tests/qemu-iotests/087           |    3 +-
 tests/qemu-iotests/087.out       |   26 +-
 tests/qemu-iotests/100           |    7 +
 tests/qemu-iotests/100.out       |   14 +
 tests/qemu-iotests/134.out       |   18 -
 tests/qemu-iotests/149           |  519 +++++++++++
 tests/qemu-iotests/149.out       | 1880 ++++++++++++++++++++++++++++++++++++++
 tests/qemu-iotests/common        |   16 +-
 tests/qemu-iotests/common.config |   21 +-
 tests/qemu-iotests/common.filter |    3 +-
 tests/qemu-iotests/common.rc     |   75 +-
 tests/qemu-iotests/group         |    1 +
 tests/qemu-iotests/iotests.py    |   48 +-
 30 files changed, 3255 insertions(+), 117 deletions(-)
 create mode 100644 block/crypto.c
 create mode 100755 tests/qemu-iotests/149
 create mode 100644 tests/qemu-iotests/149.out

-- 
2.5.0