xenbits.xensource.com Git - libvirt.git/commit

author	John Ferlan <jferlan@redhat.com>
	Wed, 6 Apr 2016 19:00:59 +0000 (15:00 -0400)
committer	John Ferlan <jferlan@redhat.com>
	Mon, 2 May 2016 10:10:19 +0000 (06:10 -0400)
commit	40d8e2ba37163a86d072452774b098b12c918c7e
tree	864cd43a61e4142d8a176af98f0bfa234b716332	tree
parent	48f56a9c5ab711abdfe30174f455231a269bba07	commit \| diff

qemu: Introduce qemuDomainSecretPrepare and Destroy

Rather than needing to pass the conn parameter to various command
line building API's, add qemuDomainSecretPrepare just prior to the
qemuProcessLaunch which calls qemuBuilCommandLine. The function
must be called after qemuProcessPrepareHost since it's expected
to eventually need the domain masterKey generated during the prepare
host call. Additionally, future patches may require device aliases
(assigned during the prepare domain call) in order to associate
the secret objects.

The qemuDomainSecretDestroy is called after the qemuProcessLaunch
finishes in order to clear and free memory used by the secrets
that were recently prepared, so they are not kept around in memory
too long.

Placing the setup here is beneficial for future patches which will
need the domain masterKey in order to generate an encrypted secret
along with an initialization vector to be saved and passed (since
the masterKey shouldn't be passed around).

Finally, since the secret is not added during command line build,
the hotplug code will need to get the secret into the private disk data.

Signed-off-by: John Ferlan <jferlan@redhat.com>

src/qemu/qemu_command.c		diff \| blob \| blame \| history
src/qemu/qemu_command.h		diff \| blob \| blame \| history
src/qemu/qemu_domain.c		diff \| blob \| blame \| history
src/qemu/qemu_domain.h		diff \| blob \| blame \| history
src/qemu/qemu_driver.c		diff \| blob \| blame \| history
src/qemu/qemu_hotplug.c		diff \| blob \| blame \| history
src/qemu/qemu_hotplug.h		diff \| blob \| blame \| history
src/qemu/qemu_process.c		diff \| blob \| blame \| history