From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39380)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1YVOqQ-0002Ks-HR
	for qemu-devel@nongnu.org; Tue, 10 Mar 2015 14:25:34 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1YVOqM-0003jv-8s
	for qemu-devel@nongnu.org; Tue, 10 Mar 2015 14:25:30 -0400
Message-ID: <54FF3709.9030001@redhat.com>
Date: Tue, 10 Mar 2015 12:25:13 -0600
From: Eric Blake <eblake@redhat.com>
MIME-Version: 1.0
References: <1426008400-22016-1-git-send-email-armbru@redhat.com>
	<1426008400-22016-3-git-send-email-armbru@redhat.com>
In-Reply-To: <1426008400-22016-3-git-send-email-armbru@redhat.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="057Dnok6pF63KKFxAexteMt2iOoV2N5K1"
Subject: Re: [Qemu-devel] [PATCH RFC 2/2] block: Drop code supporting
 encryption outside qemu-img
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Markus Armbruster <armbru@redhat.com>, qemu-devel@nongnu.org
Cc: kwolf@redhat.com, stefanha@redhat.com, qemu-block@nongnu.org, kraxel@redhat.com

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--057Dnok6pF63KKFxAexteMt2iOoV2N5K1
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 03/10/2015 11:26 AM, Markus Armbruster wrote:
> Signed-off-by: Markus Armbruster <armbru@redhat.com>
> ---
>  block.c                   | 30 --------------------
>  blockdev.c                | 43 +---------------------------
>  hmp-commands.hx           | 14 ---------
>  hmp.c                     | 41 ---------------------------
>  hmp.h                     |  1 -
>  hw/usb/dev-storage.c      | 26 -----------------
>  include/monitor/monitor.h |  7 -----
>  monitor.c                 | 72 ---------------------------------------=
--------
>  qapi-schema.json          | 13 ++-------
>  qapi/block-core.json      | 42 ++-------------------------
>  qapi/common.json          |  5 +---
>  qmp-commands.hx           | 26 -----------------
>  qmp.c                     |  8 ------
>  13 files changed, 6 insertions(+), 322 deletions(-)
>=20

> +++ b/qapi/block-core.json

>  ##
> -# @block_passwd:
> -#
> -# This command sets the password of a block device that has not been o=
pen
> -# with a password and requires one.
> -#
> -# The two cases where this can happen are a block device is created th=
rough
> -# QEMU's initial command line or a block device is changed through the=
 legacy
> -# @change interface.
> -#
> -# In the event that the block device is created through the initial co=
mmand
> -# line, the VM will start in the stopped state regardless of whether '=
-S' is
> -# used.  The intention is for a management tool to query the block dev=
ices to
> -# determine which ones are encrypted, set the passwords with this comm=
and, and
> -# then start the guest with the @cont command.
> -#
> -# Either @device or @node-name must be set but not both.
> -#
> -# @device: #optional the name of the block backend device to set the p=
assword on
> -#
> -# @node-name: #optional graph node name to set the password on (Since =
2.0)
> -#
> -# @password: the password to use for the device
> -#
> -# Returns: nothing on success
> -#          If @device is not a valid block device, DeviceNotFound
> -#          If @device is not encrypted, DeviceNotEncrypted
> -#
> -# Notes:  Not all block formats support encryption and some that do ar=
e not
> -#         able to validate that a password is correct.  Disk corruptio=
n may
> -#         occur if an invalid password is specified.
> -#
> -# Since: 0.14.0
> -##
> -{ 'command': 'block_passwd', 'data': {'*device': 'str',
> -                                      '*node-name': 'str', 'password':=
 'str'} }

Good - removing this command means 'query-commands' will have an easy
probe for whether qemu is in the window of time where old broken
encryption could even be attempted, or when a newer (hopefully!) qemu
can support sane LUKS encryption, so that libvirt can issue sane errors
to the user telling them that their qemu cannot support encryption.

I agree with the decision of removing the existing crufty interface so
that any future additions can add in a working design from the get-go,
rather than trying to retrofit fixes for all of the confusing aspects
that you pointed out.  As such, I could live with:

Reviewed-by: Eric Blake <eblake@redhat.com>

--=20
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


--057Dnok6pF63KKFxAexteMt2iOoV2N5K1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCAAGBQJU/zcJAAoJEKeha0olJ0Nq3KIH/2IT0qADURDESJ2z7WhAUQu1
rEwT1sPuIDJ7VamMSDqVfIPcIpUFq5iUuUa17phHkK/DkLBmxmY9fI3u9FkVF3pl
AJ26EKnhlG6YSoz4X2Zh5dO9tJBTwvINUa44AhRR7e6KJoPIoyF6loiLj8uR8Cc8
eQuAdyNrzof3vSAEYGK7b0jtOFsn1M6u8rxzNL/hNK5T+A+8Je/iztpHJzsT/8aV
aLqp7G2T1EMJlf0D4Mk/GymS7GWXhNkQrhzh0yDz9iyAHUPnmeCDd8iSU++GmVGV
XdITLT4hzQRxCfdw7o+5jacad1Aul4+iWNMOxlqdjZCw2SyM9wMDtlwcLfx0G/U=
=j4HK
-----END PGP SIGNATURE-----

--057Dnok6pF63KKFxAexteMt2iOoV2N5K1--