From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Maxim Levitsky <mlevitsk@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>,
qemu-block@nongnu.org, Markus Armbruster <armbru@redhat.com>,
qemu-devel@nongnu.org, Max Reitz <mreitz@redhat.com>,
John Snow <jsnow@redhat.com>
Subject: Re: [PATCH v3 00/14] LUKS: encryption slot management using amend interface
Date: Mon, 4 May 2020 11:19:25 +0100 [thread overview]
Message-ID: <20200504101925.GH115875@redhat.com> (raw)
In-Reply-To: <20200503184324.12506-1-mlevitsk@redhat.com>
On Sun, May 03, 2020 at 09:43:10PM +0300, Maxim Levitsky wrote:
> Hi!
> Here is the updated series of my patches, incorporating all the feedback I received.
>
> This implements the API interface that we agreed upon except that I merged the
> LUKSKeyslotActive/LUKSKeyslotInactive union into a struct because otherwise
> I need nested unions which are not supported currently by QAPI parser.
> This didn't change the API and thus once support for nested unions is there,
> it can always be implemented in backward compatible way.
>
> I hope that this series will finally be considered for merging, since I am somewhat running
> out of time to finish this task.
>
> Patches are strictly divided by topic to 3 groups, and each group depends on former groups.
>
> * Patches 1,2 implement qcrypto generic amend interface, including definition
> of structs used in crypto.json and implement this in luks crypto driver
> Nothing is exposed to the user at this stage
>
> * Patches 3-9 use the code from patches 1,2 to implement qemu-img amend based encryption slot management
> for luks and for qcow2, and add a bunch of iotests to cover that.
>
> * Patches 10-13 add x-blockdev-amend (I'll drop the -x prefix if you like), and wire it
> to luks and qcow2 driver to implement qmp based encryption slot management also using
> the code from patches 1,2, and also add a bunch of iotests to cover this.
>
> Tested with -raw,-qcow2 and -luks iotests and 'make check'
>
> V3: rebased, addressed most of the review feedback.
> For now I kept the slot bitmap code since I am not sure that replacing it will be better.
I'm still of the opinion that the bitmaps code should be replaced.
With this current design we are iterating over the slot of keys slots
4 times, doing different checks/logic in each iteration. This is really
not nice for understanding how the code works. IMHO we should be iterating
at most twice - once to validate the requested configuration, and once
to apply the requested configuration. Even if there si duplication of
logic in between the delete/add key codepaths, I think it will be better
as the logic for each operation will be in one place.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2020-05-04 10:20 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-03 18:43 [PATCH v3 00/14] LUKS: encryption slot management using amend interface Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 01/14] qcrypto/core: add generic infrastructure for crypto options amendment Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 02/14] qcrypto/luks: implement encryption key management Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 03/14] block/amend: add 'force' option Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 04/14] block/amend: separate amend and create options for qemu-img Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 05/14] block/amend: refactor qcow2 amend options Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 06/14] block/crypto: rename two functions Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 07/14] block/crypto: implement the encryption key management Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 08/14] block/qcow2: extend qemu-img amend interface with crypto options Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 09/14] iotests: filter few more luks specific create options Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 10/14] iotests: qemu-img tests for luks key management Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 11/14] block/core: add generic infrastructure for x-blockdev-amend qmp command Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 12/14] block/crypto: implement blockdev-amend Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 13/14] block/qcow2: " Maxim Levitsky
2020-05-03 18:43 ` [PATCH v3 14/14] iotests: add tests for blockdev-amend Maxim Levitsky
2020-05-03 19:43 ` [PATCH v3 00/14] LUKS: encryption slot management using amend interface no-reply
2020-05-04 10:19 ` Daniel P. Berrangé [this message]
2020-05-04 10:26 ` Maxim Levitsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200504101925.GH115875@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=jsnow@redhat.com \
--cc=kwolf@redhat.com \
--cc=mlevitsk@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).