@SRCDIR@src/conf/snapshot_conf.c
@SRCDIR@src/conf/storage_adapter_conf.c
@SRCDIR@src/conf/storage_conf.c
+@SRCDIR@src/conf/storage_encryption_conf.c
@SRCDIR@src/conf/storage_source_conf.c
@SRCDIR@src/conf/virchrdev.c
@SRCDIR@src/conf/virdomainmomentobjlist.c
@SRCDIR@src/util/virscsivhost.c
@SRCDIR@src/util/virsecret.c
@SRCDIR@src/util/virsocketaddr.c
-@SRCDIR@src/util/virstorageencryption.c
@SRCDIR@src/util/virstoragefile.c
@SRCDIR@src/util/virstring.c
@SRCDIR@src/util/virsysinfo.c
#include "internal.h"
#include "virconftypes.h"
#include "capabilities.h"
-#include "virstorageencryption.h"
+#include "storage_encryption_conf.h"
#include "cpu_conf.h"
#include "virthread.h"
#include "virhash.h"
'storage_adapter_conf.c',
'storage_capabilities.c',
'storage_conf.c',
+ 'storage_encryption_conf.c',
'storage_source_conf.c',
'virstorageobj.c',
]
#pragma once
#include "internal.h"
-#include "virstorageencryption.h"
+#include "storage_encryption_conf.h"
#include "storage_source_conf.h"
#include "virbitmap.h"
#include "virthread.h"
--- /dev/null
+/*
+ * storage_encryption_conf.c: volume encryption information
+ *
+ * Copyright (C) 2009-2014 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+
+#include <fcntl.h>
+#include <unistd.h>
+
+#include "internal.h"
+
+#include "virbuffer.h"
+#include "viralloc.h"
+#include "storage_encryption_conf.h"
+#include "virxml.h"
+#include "virerror.h"
+#include "viruuid.h"
+#include "virfile.h"
+#include "virsecret.h"
+#include "virstring.h"
+
+#define VIR_FROM_THIS VIR_FROM_STORAGE
+
+VIR_ENUM_IMPL(virStorageEncryptionSecret,
+ VIR_STORAGE_ENCRYPTION_SECRET_TYPE_LAST,
+ "passphrase",
+);
+
+VIR_ENUM_IMPL(virStorageEncryptionFormat,
+ VIR_STORAGE_ENCRYPTION_FORMAT_LAST,
+ "default", "qcow", "luks",
+);
+
+static void
+virStorageEncryptionInfoDefFree(virStorageEncryptionInfoDefPtr def)
+{
+ VIR_FREE(def->cipher_name);
+ VIR_FREE(def->cipher_mode);
+ VIR_FREE(def->cipher_hash);
+ VIR_FREE(def->ivgen_name);
+ VIR_FREE(def->ivgen_hash);
+}
+
+
+static void
+virStorageEncryptionSecretFree(virStorageEncryptionSecretPtr secret)
+{
+ if (!secret)
+ return;
+ virSecretLookupDefClear(&secret->seclookupdef);
+ VIR_FREE(secret);
+}
+
+void
+virStorageEncryptionFree(virStorageEncryptionPtr enc)
+{
+ size_t i;
+
+ if (!enc)
+ return;
+
+ for (i = 0; i < enc->nsecrets; i++)
+ virStorageEncryptionSecretFree(enc->secrets[i]);
+ virStorageEncryptionInfoDefFree(&enc->encinfo);
+ VIR_FREE(enc->secrets);
+ VIR_FREE(enc);
+}
+
+static virStorageEncryptionSecretPtr
+virStorageEncryptionSecretCopy(const virStorageEncryptionSecret *src)
+{
+ virStorageEncryptionSecretPtr ret = g_new0(virStorageEncryptionSecret, 1);
+
+ ret->type = src->type;
+ virSecretLookupDefCopy(&ret->seclookupdef, &src->seclookupdef);
+
+ return ret;
+}
+
+
+static int
+virStorageEncryptionInfoDefCopy(const virStorageEncryptionInfoDef *src,
+ virStorageEncryptionInfoDefPtr dst)
+{
+ dst->cipher_size = src->cipher_size;
+ dst->cipher_name = g_strdup(src->cipher_name);
+ dst->cipher_mode = g_strdup(src->cipher_mode);
+ dst->cipher_hash = g_strdup(src->cipher_hash);
+ dst->ivgen_name = g_strdup(src->ivgen_name);
+ dst->ivgen_hash = g_strdup(src->ivgen_hash);
+
+ return 0;
+}
+
+
+virStorageEncryptionPtr
+virStorageEncryptionCopy(const virStorageEncryption *src)
+{
+ virStorageEncryptionPtr ret;
+ size_t i;
+
+ ret = g_new0(virStorageEncryption, 1);
+
+ ret->secrets = g_new0(virStorageEncryptionSecretPtr, src->nsecrets);
+ ret->nsecrets = src->nsecrets;
+ ret->format = src->format;
+
+ for (i = 0; i < src->nsecrets; i++) {
+ if (!(ret->secrets[i] = virStorageEncryptionSecretCopy(src->secrets[i])))
+ goto error;
+ }
+
+ if (virStorageEncryptionInfoDefCopy(&src->encinfo, &ret->encinfo) < 0)
+ goto error;
+
+ return ret;
+
+ error:
+ virStorageEncryptionFree(ret);
+ return NULL;
+}
+
+static virStorageEncryptionSecretPtr
+virStorageEncryptionSecretParse(xmlXPathContextPtr ctxt,
+ xmlNodePtr node)
+{
+ VIR_XPATH_NODE_AUTORESTORE(ctxt)
+ virStorageEncryptionSecretPtr ret;
+ g_autofree char *type_str = NULL;
+
+ ret = g_new0(virStorageEncryptionSecret, 1);
+
+ ctxt->node = node;
+
+ if (!(type_str = virXPathString("string(./@type)", ctxt))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("unknown volume encryption secret type"));
+ goto cleanup;
+ }
+
+ if ((ret->type = virStorageEncryptionSecretTypeFromString(type_str)) < 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("unknown volume encryption secret type %s"),
+ type_str);
+ goto cleanup;
+ }
+
+ if (virSecretLookupParseSecret(node, &ret->seclookupdef) < 0)
+ goto cleanup;
+
+ return ret;
+
+ cleanup:
+ virStorageEncryptionSecretFree(ret);
+ return NULL;
+}
+
+
+static int
+virStorageEncryptionInfoParseCipher(xmlNodePtr info_node,
+ virStorageEncryptionInfoDefPtr info)
+{
+ g_autofree char *size_str = NULL;
+
+ if (!(info->cipher_name = virXMLPropString(info_node, "name"))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("cipher info missing 'name' attribute"));
+ return -1;
+ }
+
+ if ((size_str = virXMLPropString(info_node, "size")) &&
+ virStrToLong_uip(size_str, NULL, 10, &info->cipher_size) < 0) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("cannot parse cipher size: '%s'"),
+ size_str);
+ return -1;
+ }
+
+ if (!size_str) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("cipher info missing 'size' attribute"));
+ return -1;
+ }
+
+ info->cipher_mode = virXMLPropString(info_node, "mode");
+ info->cipher_hash = virXMLPropString(info_node, "hash");
+
+ return 0;
+}
+
+
+static int
+virStorageEncryptionInfoParseIvgen(xmlNodePtr info_node,
+ virStorageEncryptionInfoDefPtr info)
+{
+ if (!(info->ivgen_name = virXMLPropString(info_node, "name"))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("missing ivgen info name string"));
+ return -1;
+ }
+
+ info->ivgen_hash = virXMLPropString(info_node, "hash");
+
+ return 0;
+}
+
+
+virStorageEncryptionPtr
+virStorageEncryptionParseNode(xmlNodePtr node,
+ xmlXPathContextPtr ctxt)
+{
+ VIR_XPATH_NODE_AUTORESTORE(ctxt)
+ xmlNodePtr *nodes = NULL;
+ virStorageEncryptionPtr encdef = NULL;
+ virStorageEncryptionPtr ret = NULL;
+ g_autofree char *format_str = NULL;
+ int n;
+ size_t i;
+
+ ctxt->node = node;
+
+ encdef = g_new0(virStorageEncryption, 1);
+
+ if (!(format_str = virXPathString("string(./@format)", ctxt))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("unknown volume encryption format"));
+ goto cleanup;
+ }
+
+ if ((encdef->format =
+ virStorageEncryptionFormatTypeFromString(format_str)) < 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("unknown volume encryption format type %s"),
+ format_str);
+ goto cleanup;
+ }
+
+ if ((n = virXPathNodeSet("./secret", ctxt, &nodes)) < 0)
+ goto cleanup;
+
+ if (n > 0) {
+ encdef->secrets = g_new0(virStorageEncryptionSecretPtr, n);
+ encdef->nsecrets = n;
+
+ for (i = 0; i < n; i++) {
+ if (!(encdef->secrets[i] =
+ virStorageEncryptionSecretParse(ctxt, nodes[i])))
+ goto cleanup;
+ }
+ }
+
+ if (encdef->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) {
+ xmlNodePtr tmpnode;
+
+ if ((tmpnode = virXPathNode("./cipher[1]", ctxt))) {
+ if (virStorageEncryptionInfoParseCipher(tmpnode, &encdef->encinfo) < 0)
+ goto cleanup;
+ }
+
+ if ((tmpnode = virXPathNode("./ivgen[1]", ctxt))) {
+ /* If no cipher node, then fail */
+ if (!encdef->encinfo.cipher_name) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("ivgen element found, but cipher is missing"));
+ goto cleanup;
+ }
+
+ if (virStorageEncryptionInfoParseIvgen(tmpnode, &encdef->encinfo) < 0)
+ goto cleanup;
+ }
+ }
+
+ ret = g_steal_pointer(&encdef);
+
+ cleanup:
+ VIR_FREE(nodes);
+ virStorageEncryptionFree(encdef);
+
+ return ret;
+}
+
+
+static int
+virStorageEncryptionSecretFormat(virBufferPtr buf,
+ virStorageEncryptionSecretPtr secret)
+{
+ const char *type;
+
+ if (!(type = virStorageEncryptionSecretTypeToString(secret->type))) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("unexpected volume encryption secret type"));
+ return -1;
+ }
+
+ virSecretLookupFormatSecret(buf, type, &secret->seclookupdef);
+
+ return 0;
+}
+
+
+static void
+virStorageEncryptionInfoDefFormat(virBufferPtr buf,
+ const virStorageEncryptionInfoDef *enc)
+{
+ virBufferEscapeString(buf, "<cipher name='%s'", enc->cipher_name);
+ virBufferAsprintf(buf, " size='%u'", enc->cipher_size);
+ if (enc->cipher_mode)
+ virBufferEscapeString(buf, " mode='%s'", enc->cipher_mode);
+ if (enc->cipher_hash)
+ virBufferEscapeString(buf, " hash='%s'", enc->cipher_hash);
+ virBufferAddLit(buf, "/>\n");
+
+ if (enc->ivgen_name) {
+ virBufferEscapeString(buf, "<ivgen name='%s'", enc->ivgen_name);
+ if (enc->ivgen_hash)
+ virBufferEscapeString(buf, " hash='%s'", enc->ivgen_hash);
+ virBufferAddLit(buf, "/>\n");
+ }
+}
+
+
+int
+virStorageEncryptionFormat(virBufferPtr buf,
+ virStorageEncryptionPtr enc)
+{
+ const char *format;
+ size_t i;
+
+ if (!(format = virStorageEncryptionFormatTypeToString(enc->format))) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("unexpected encryption format"));
+ return -1;
+ }
+ virBufferAsprintf(buf, "<encryption format='%s'>\n", format);
+ virBufferAdjustIndent(buf, 2);
+
+ for (i = 0; i < enc->nsecrets; i++) {
+ if (virStorageEncryptionSecretFormat(buf, enc->secrets[i]) < 0)
+ return -1;
+ }
+
+ if (enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
+ enc->encinfo.cipher_name)
+ virStorageEncryptionInfoDefFormat(buf, &enc->encinfo);
+
+ virBufferAdjustIndent(buf, -2);
+ virBufferAddLit(buf, "</encryption>\n");
+
+ return 0;
+}
--- /dev/null
+/*
+ * storage_encryption_conf.h: volume encryption information
+ *
+ * Copyright (C) 2009-2011, 2014 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#include "internal.h"
+#include "virbuffer.h"
+#include "virsecret.h"
+#include "virenum.h"
+
+#include <libxml/tree.h>
+
+typedef enum {
+ VIR_STORAGE_ENCRYPTION_SECRET_TYPE_PASSPHRASE = 0,
+
+ VIR_STORAGE_ENCRYPTION_SECRET_TYPE_LAST
+} virStorageEncryptionSecretType;
+VIR_ENUM_DECL(virStorageEncryptionSecret);
+
+typedef struct _virStorageEncryptionSecret virStorageEncryptionSecret;
+typedef virStorageEncryptionSecret *virStorageEncryptionSecretPtr;
+struct _virStorageEncryptionSecret {
+ int type; /* virStorageEncryptionSecretType */
+ virSecretLookupTypeDef seclookupdef;
+};
+
+/* It's possible to dictate the cipher and if necessary iv */
+typedef struct _virStorageEncryptionInfoDef virStorageEncryptionInfoDef;
+typedef virStorageEncryptionInfoDef *virStorageEncryptionInfoDefPtr;
+struct _virStorageEncryptionInfoDef {
+ unsigned int cipher_size;
+ char *cipher_name;
+ char *cipher_mode;
+ char *cipher_hash;
+ char *ivgen_name;
+ char *ivgen_hash;
+};
+
+typedef enum {
+ /* "default" is only valid for volume creation */
+ VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT = 0,
+ VIR_STORAGE_ENCRYPTION_FORMAT_QCOW, /* Both qcow and qcow2 */
+ VIR_STORAGE_ENCRYPTION_FORMAT_LUKS,
+
+ VIR_STORAGE_ENCRYPTION_FORMAT_LAST,
+} virStorageEncryptionFormatType;
+VIR_ENUM_DECL(virStorageEncryptionFormat);
+
+typedef struct _virStorageEncryption virStorageEncryption;
+typedef virStorageEncryption *virStorageEncryptionPtr;
+struct _virStorageEncryption {
+ int format; /* virStorageEncryptionFormatType */
+ int payload_offset;
+
+ size_t nsecrets;
+ virStorageEncryptionSecretPtr *secrets;
+
+ virStorageEncryptionInfoDef encinfo;
+};
+
+virStorageEncryptionPtr virStorageEncryptionCopy(const virStorageEncryption *src)
+ ATTRIBUTE_NONNULL(1);
+
+void virStorageEncryptionFree(virStorageEncryptionPtr enc);
+G_DEFINE_AUTOPTR_CLEANUP_FUNC(virStorageEncryption, virStorageEncryptionFree);
+
+virStorageEncryptionPtr virStorageEncryptionParseNode(xmlNodePtr node,
+ xmlXPathContextPtr ctxt);
+int virStorageEncryptionFormat(virBufferPtr buf,
+ virStorageEncryptionPtr enc);
+
+/* A helper for VIR_STORAGE_ENCRYPTION_FORMAT_QCOW */
+enum {
+ VIR_STORAGE_QCOW_PASSPHRASE_SIZE = 16
+};
#pragma once
+#include "storage_encryption_conf.h"
#include "virbitmap.h"
#include "virenum.h"
#include "virobject.h"
#include "virpci.h"
#include "virseclabel.h"
#include "virsecret.h"
-#include "virstorageencryption.h"
/* Types of disk backends (host resource). Comparable to the public
* virStorageVolType, except we have an undetermined state, don't have
virStorageVolTypeToString;
+# conf/storage_encryption_conf.h
+virStorageEncryptionFormat;
+virStorageEncryptionFree;
+virStorageEncryptionParseNode;
+
+
# conf/storage_event.h
virStoragePoolEventLifecycleNew;
virStoragePoolEventRefreshNew;
virSocketAddrSetPort;
-# util/virstorageencryption.h
-virStorageEncryptionFormat;
-virStorageEncryptionFree;
-virStorageEncryptionParseNode;
-
-
# util/virstoragefile.h
virStorageFileCanonicalizePath;
virStorageFileGetNPIVKey;
'virsecret.c',
'virsocket.c',
'virsocketaddr.c',
- 'virstorageencryption.c',
'virstoragefile.c',
'virstring.c',
'virsysinfo.c',
+++ /dev/null
-/*
- * virstorageencryption.c: volume encryption information
- *
- * Copyright (C) 2009-2014 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <http://www.gnu.org/licenses/>.
- */
-
-#include <config.h>
-
-#include <fcntl.h>
-#include <unistd.h>
-
-#include "internal.h"
-
-#include "virbuffer.h"
-#include "viralloc.h"
-#include "virstorageencryption.h"
-#include "virxml.h"
-#include "virerror.h"
-#include "viruuid.h"
-#include "virfile.h"
-#include "virsecret.h"
-#include "virstring.h"
-
-#define VIR_FROM_THIS VIR_FROM_STORAGE
-
-VIR_ENUM_IMPL(virStorageEncryptionSecret,
- VIR_STORAGE_ENCRYPTION_SECRET_TYPE_LAST,
- "passphrase",
-);
-
-VIR_ENUM_IMPL(virStorageEncryptionFormat,
- VIR_STORAGE_ENCRYPTION_FORMAT_LAST,
- "default", "qcow", "luks",
-);
-
-static void
-virStorageEncryptionInfoDefFree(virStorageEncryptionInfoDefPtr def)
-{
- VIR_FREE(def->cipher_name);
- VIR_FREE(def->cipher_mode);
- VIR_FREE(def->cipher_hash);
- VIR_FREE(def->ivgen_name);
- VIR_FREE(def->ivgen_hash);
-}
-
-
-static void
-virStorageEncryptionSecretFree(virStorageEncryptionSecretPtr secret)
-{
- if (!secret)
- return;
- virSecretLookupDefClear(&secret->seclookupdef);
- VIR_FREE(secret);
-}
-
-void
-virStorageEncryptionFree(virStorageEncryptionPtr enc)
-{
- size_t i;
-
- if (!enc)
- return;
-
- for (i = 0; i < enc->nsecrets; i++)
- virStorageEncryptionSecretFree(enc->secrets[i]);
- virStorageEncryptionInfoDefFree(&enc->encinfo);
- VIR_FREE(enc->secrets);
- VIR_FREE(enc);
-}
-
-static virStorageEncryptionSecretPtr
-virStorageEncryptionSecretCopy(const virStorageEncryptionSecret *src)
-{
- virStorageEncryptionSecretPtr ret = g_new0(virStorageEncryptionSecret, 1);
-
- ret->type = src->type;
- virSecretLookupDefCopy(&ret->seclookupdef, &src->seclookupdef);
-
- return ret;
-}
-
-
-static int
-virStorageEncryptionInfoDefCopy(const virStorageEncryptionInfoDef *src,
- virStorageEncryptionInfoDefPtr dst)
-{
- dst->cipher_size = src->cipher_size;
- dst->cipher_name = g_strdup(src->cipher_name);
- dst->cipher_mode = g_strdup(src->cipher_mode);
- dst->cipher_hash = g_strdup(src->cipher_hash);
- dst->ivgen_name = g_strdup(src->ivgen_name);
- dst->ivgen_hash = g_strdup(src->ivgen_hash);
-
- return 0;
-}
-
-
-virStorageEncryptionPtr
-virStorageEncryptionCopy(const virStorageEncryption *src)
-{
- virStorageEncryptionPtr ret;
- size_t i;
-
- ret = g_new0(virStorageEncryption, 1);
-
- ret->secrets = g_new0(virStorageEncryptionSecretPtr, src->nsecrets);
- ret->nsecrets = src->nsecrets;
- ret->format = src->format;
-
- for (i = 0; i < src->nsecrets; i++) {
- if (!(ret->secrets[i] = virStorageEncryptionSecretCopy(src->secrets[i])))
- goto error;
- }
-
- if (virStorageEncryptionInfoDefCopy(&src->encinfo, &ret->encinfo) < 0)
- goto error;
-
- return ret;
-
- error:
- virStorageEncryptionFree(ret);
- return NULL;
-}
-
-static virStorageEncryptionSecretPtr
-virStorageEncryptionSecretParse(xmlXPathContextPtr ctxt,
- xmlNodePtr node)
-{
- VIR_XPATH_NODE_AUTORESTORE(ctxt)
- virStorageEncryptionSecretPtr ret;
- g_autofree char *type_str = NULL;
-
- ret = g_new0(virStorageEncryptionSecret, 1);
-
- ctxt->node = node;
-
- if (!(type_str = virXPathString("string(./@type)", ctxt))) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("unknown volume encryption secret type"));
- goto cleanup;
- }
-
- if ((ret->type = virStorageEncryptionSecretTypeFromString(type_str)) < 0) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("unknown volume encryption secret type %s"),
- type_str);
- goto cleanup;
- }
-
- if (virSecretLookupParseSecret(node, &ret->seclookupdef) < 0)
- goto cleanup;
-
- return ret;
-
- cleanup:
- virStorageEncryptionSecretFree(ret);
- return NULL;
-}
-
-
-static int
-virStorageEncryptionInfoParseCipher(xmlNodePtr info_node,
- virStorageEncryptionInfoDefPtr info)
-{
- g_autofree char *size_str = NULL;
-
- if (!(info->cipher_name = virXMLPropString(info_node, "name"))) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("cipher info missing 'name' attribute"));
- return -1;
- }
-
- if ((size_str = virXMLPropString(info_node, "size")) &&
- virStrToLong_uip(size_str, NULL, 10, &info->cipher_size) < 0) {
- virReportError(VIR_ERR_XML_ERROR,
- _("cannot parse cipher size: '%s'"),
- size_str);
- return -1;
- }
-
- if (!size_str) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("cipher info missing 'size' attribute"));
- return -1;
- }
-
- info->cipher_mode = virXMLPropString(info_node, "mode");
- info->cipher_hash = virXMLPropString(info_node, "hash");
-
- return 0;
-}
-
-
-static int
-virStorageEncryptionInfoParseIvgen(xmlNodePtr info_node,
- virStorageEncryptionInfoDefPtr info)
-{
- if (!(info->ivgen_name = virXMLPropString(info_node, "name"))) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("missing ivgen info name string"));
- return -1;
- }
-
- info->ivgen_hash = virXMLPropString(info_node, "hash");
-
- return 0;
-}
-
-
-virStorageEncryptionPtr
-virStorageEncryptionParseNode(xmlNodePtr node,
- xmlXPathContextPtr ctxt)
-{
- VIR_XPATH_NODE_AUTORESTORE(ctxt)
- xmlNodePtr *nodes = NULL;
- virStorageEncryptionPtr encdef = NULL;
- virStorageEncryptionPtr ret = NULL;
- g_autofree char *format_str = NULL;
- int n;
- size_t i;
-
- ctxt->node = node;
-
- encdef = g_new0(virStorageEncryption, 1);
-
- if (!(format_str = virXPathString("string(./@format)", ctxt))) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("unknown volume encryption format"));
- goto cleanup;
- }
-
- if ((encdef->format =
- virStorageEncryptionFormatTypeFromString(format_str)) < 0) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("unknown volume encryption format type %s"),
- format_str);
- goto cleanup;
- }
-
- if ((n = virXPathNodeSet("./secret", ctxt, &nodes)) < 0)
- goto cleanup;
-
- if (n > 0) {
- encdef->secrets = g_new0(virStorageEncryptionSecretPtr, n);
- encdef->nsecrets = n;
-
- for (i = 0; i < n; i++) {
- if (!(encdef->secrets[i] =
- virStorageEncryptionSecretParse(ctxt, nodes[i])))
- goto cleanup;
- }
- }
-
- if (encdef->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) {
- xmlNodePtr tmpnode;
-
- if ((tmpnode = virXPathNode("./cipher[1]", ctxt))) {
- if (virStorageEncryptionInfoParseCipher(tmpnode, &encdef->encinfo) < 0)
- goto cleanup;
- }
-
- if ((tmpnode = virXPathNode("./ivgen[1]", ctxt))) {
- /* If no cipher node, then fail */
- if (!encdef->encinfo.cipher_name) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("ivgen element found, but cipher is missing"));
- goto cleanup;
- }
-
- if (virStorageEncryptionInfoParseIvgen(tmpnode, &encdef->encinfo) < 0)
- goto cleanup;
- }
- }
-
- ret = g_steal_pointer(&encdef);
-
- cleanup:
- VIR_FREE(nodes);
- virStorageEncryptionFree(encdef);
-
- return ret;
-}
-
-
-static int
-virStorageEncryptionSecretFormat(virBufferPtr buf,
- virStorageEncryptionSecretPtr secret)
-{
- const char *type;
-
- if (!(type = virStorageEncryptionSecretTypeToString(secret->type))) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("unexpected volume encryption secret type"));
- return -1;
- }
-
- virSecretLookupFormatSecret(buf, type, &secret->seclookupdef);
-
- return 0;
-}
-
-
-static void
-virStorageEncryptionInfoDefFormat(virBufferPtr buf,
- const virStorageEncryptionInfoDef *enc)
-{
- virBufferEscapeString(buf, "<cipher name='%s'", enc->cipher_name);
- virBufferAsprintf(buf, " size='%u'", enc->cipher_size);
- if (enc->cipher_mode)
- virBufferEscapeString(buf, " mode='%s'", enc->cipher_mode);
- if (enc->cipher_hash)
- virBufferEscapeString(buf, " hash='%s'", enc->cipher_hash);
- virBufferAddLit(buf, "/>\n");
-
- if (enc->ivgen_name) {
- virBufferEscapeString(buf, "<ivgen name='%s'", enc->ivgen_name);
- if (enc->ivgen_hash)
- virBufferEscapeString(buf, " hash='%s'", enc->ivgen_hash);
- virBufferAddLit(buf, "/>\n");
- }
-}
-
-
-int
-virStorageEncryptionFormat(virBufferPtr buf,
- virStorageEncryptionPtr enc)
-{
- const char *format;
- size_t i;
-
- if (!(format = virStorageEncryptionFormatTypeToString(enc->format))) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- "%s", _("unexpected encryption format"));
- return -1;
- }
- virBufferAsprintf(buf, "<encryption format='%s'>\n", format);
- virBufferAdjustIndent(buf, 2);
-
- for (i = 0; i < enc->nsecrets; i++) {
- if (virStorageEncryptionSecretFormat(buf, enc->secrets[i]) < 0)
- return -1;
- }
-
- if (enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
- enc->encinfo.cipher_name)
- virStorageEncryptionInfoDefFormat(buf, &enc->encinfo);
-
- virBufferAdjustIndent(buf, -2);
- virBufferAddLit(buf, "</encryption>\n");
-
- return 0;
-}
+++ /dev/null
-/*
- * virstorageencryption.h: volume encryption information
- *
- * Copyright (C) 2009-2011, 2014 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <http://www.gnu.org/licenses/>.
- */
-
-#pragma once
-
-#include "internal.h"
-#include "virbuffer.h"
-#include "virsecret.h"
-#include "virenum.h"
-
-#include <libxml/tree.h>
-
-typedef enum {
- VIR_STORAGE_ENCRYPTION_SECRET_TYPE_PASSPHRASE = 0,
-
- VIR_STORAGE_ENCRYPTION_SECRET_TYPE_LAST
-} virStorageEncryptionSecretType;
-VIR_ENUM_DECL(virStorageEncryptionSecret);
-
-typedef struct _virStorageEncryptionSecret virStorageEncryptionSecret;
-typedef virStorageEncryptionSecret *virStorageEncryptionSecretPtr;
-struct _virStorageEncryptionSecret {
- int type; /* virStorageEncryptionSecretType */
- virSecretLookupTypeDef seclookupdef;
-};
-
-/* It's possible to dictate the cipher and if necessary iv */
-typedef struct _virStorageEncryptionInfoDef virStorageEncryptionInfoDef;
-typedef virStorageEncryptionInfoDef *virStorageEncryptionInfoDefPtr;
-struct _virStorageEncryptionInfoDef {
- unsigned int cipher_size;
- char *cipher_name;
- char *cipher_mode;
- char *cipher_hash;
- char *ivgen_name;
- char *ivgen_hash;
-};
-
-typedef enum {
- /* "default" is only valid for volume creation */
- VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT = 0,
- VIR_STORAGE_ENCRYPTION_FORMAT_QCOW, /* Both qcow and qcow2 */
- VIR_STORAGE_ENCRYPTION_FORMAT_LUKS,
-
- VIR_STORAGE_ENCRYPTION_FORMAT_LAST,
-} virStorageEncryptionFormatType;
-VIR_ENUM_DECL(virStorageEncryptionFormat);
-
-typedef struct _virStorageEncryption virStorageEncryption;
-typedef virStorageEncryption *virStorageEncryptionPtr;
-struct _virStorageEncryption {
- int format; /* virStorageEncryptionFormatType */
- int payload_offset;
-
- size_t nsecrets;
- virStorageEncryptionSecretPtr *secrets;
-
- virStorageEncryptionInfoDef encinfo;
-};
-
-virStorageEncryptionPtr virStorageEncryptionCopy(const virStorageEncryption *src)
- ATTRIBUTE_NONNULL(1);
-
-void virStorageEncryptionFree(virStorageEncryptionPtr enc);
-G_DEFINE_AUTOPTR_CLEANUP_FUNC(virStorageEncryption, virStorageEncryptionFree);
-
-virStorageEncryptionPtr virStorageEncryptionParseNode(xmlNodePtr node,
- xmlXPathContextPtr ctxt);
-int virStorageEncryptionFormat(virBufferPtr buf,
- virStorageEncryptionPtr enc);
-
-/* A helper for VIR_STORAGE_ENCRYPTION_FORMAT_QCOW */
-enum {
- VIR_STORAGE_QCOW_PASSPHRASE_SIZE = 16
-};
projects / libvirt.git / commitdiff