From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:59371)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1aeU8y-00076o-Ek
	for qemu-devel@nongnu.org; Fri, 11 Mar 2016 15:58:45 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1aeU8x-0005fR-4c
	for qemu-devel@nongnu.org; Fri, 11 Mar 2016 15:58:44 -0500
References: <1456747261-22032-1-git-send-email-berrange@redhat.com>
	<1456747261-22032-13-git-send-email-berrange@redhat.com>
From: Eric Blake <eblake@redhat.com>
Message-ID: <56E33179.3040502@redhat.com>
Date: Fri, 11 Mar 2016 13:58:33 -0700
MIME-Version: 1.0
In-Reply-To: <1456747261-22032-13-git-send-email-berrange@redhat.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="3rh53W43Mrpp7hvDGSJbwfNIsMP0DNdON"
Subject: Re: [Qemu-devel] [PATCH v4 12/26] crypto: add block encryption
	framework
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Daniel P. Berrange" <berrange@redhat.com>, qemu-devel@nongnu.org
Cc: Fam Zheng <famz@redhat.com>, qemu-block@nongnu.org

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--3rh53W43Mrpp7hvDGSJbwfNIsMP0DNdON
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 02/29/2016 05:00 AM, Daniel P. Berrange wrote:
> Add a generic framework for support different block encryption

s/support/supporting/

> formats. Upon instantiating a QCryptoBlock object, it will read
> the encryption header and extract the encryption keys. It is
> then possible to call methods to encrypt/decrypt data buffers.
>=20
> There is also a mode whereby it will create/initialize a new
> encryption header on a previously unformatted volume.
>=20
> The initial framework comes with support for the legacy QCow
> AES based encryption. This enables code in the QCow driver to
> be consolidated later.
>=20
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---

> +/**
> + * qcrypto_block_open:
> + * @options: the encryption options
> + * @readfunc: callback for reading data from the volume
> + * @opaque: data to pass to @readfunc
> + * @flags: bitmask of QCryptoBlockOpenFlags values
> + * @errp: pointer to a NULL-initialized error object

> + *
> + * If any part of initializing the encryption context
> + * fails an error will be returned. This could be due
> + * to the volume being in the wrong format, an cipher

s/an/a/

> + * or IV generator algorithm that is not supported,
> + * or incorrect passphrases.
> + *
> + * Returns: a block encryption format, or NULL on error
> + */
> +QCryptoBlock *qcrypto_block_open(QCryptoBlockOpenOptions *options,
> +                                 QCryptoBlockReadFunc readfunc,
> +                                 void *opaque,
> +                                 unsigned int flags,
> +                                 Error **errp);
> +
> +/**
> + * qcrypto_block_create:

> + * If any part of initializing the encryption context
> + * fails an error will be returned. This could be due
> + * to the volume being in the wrong format, an cipher

and again

> +++ b/qapi/crypto.json
> @@ -109,3 +109,70 @@
>  { 'enum': 'QCryptoIVGenAlgorithm',

> +
> +##
> +# QCryptoBlockOptionsBase:
> +#
> +# The common options that apply to all full disk
> +# encryption formats
> +#
> +# @format: the encryption format
> +#
> +# Since: 2.6
> +##
> +{ 'struct': 'QCryptoBlockOptionsBase',
> +  'data': { 'format': 'QCryptoBlockFormat' }}

We are so close to having my patches in for anonymous base; depending on
whose lands first, we can clean this up to get rid of the one-shot base
(followup is fine).

https://lists.gnu.org/archive/html/qemu-devel/2016-03/msg02296.html

> +
> +##
> +# QCryptoBlockOptionsQCow:
> +#
> +# The options that apply to QCow/QCow2 AES-CBC encryption format
> +#
> +# @key-secret: #optional the ID of a QCryptoSecret object providing th=
e
> +#              decryption key

I mentioned in a previous round that you may want to mention that it is
optional only when probing the image metadata, and mandatory for
reading/writing guest-visible data.  Don't know if that is worth adding
words here.

With the typo fixes,
Reviewed-by: Eric Blake <eblake@redhat.com>

--=20
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


--3rh53W43Mrpp7hvDGSJbwfNIsMP0DNdON
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCAAGBQJW4zF5AAoJEKeha0olJ0NqO+0H/i3Uoy3Q0z8+bxxabAxFSV2r
cCC+tPk+9deqHg4cSeX8xvdkWpTDZDAd59lQJrYws5vxtb3GM4XF3HBebCcIT1oC
PHKSIyd6mTvyhefEKPIY0M1vgRT/OblOcFWZGV0XhZ9/+/BF1qd9d4hZi3/aUbld
rLv1QzKrqRvobgn7gcELNWhUTTEej34cmTx3+SfmrwSZjrnRYpaomJEX/qf39Jmr
IzBWhHZUEWpfDt2FxTLBeoIwhEPsuBxNiU1Sw2Zx0sxX0Rz9pfTvsrsqhVliT6lt
tAX/CzJSv4aQ+jMq0PifqKg3Putb6iFu4DZ/s0+Rhn4TLnbKJ/ZWSg3i4QEafas=
=H+yv
-----END PGP SIGNATURE-----

--3rh53W43Mrpp7hvDGSJbwfNIsMP0DNdON--