/* qemuDomainGetSecretAESAlias:
+ * @srcalias: Source alias used to generate the secret alias
+ * @isLuks: True when we are generating a secret for LUKS encrypt/decrypt
*
* Generate and return an alias for the encrypted secret
*
* Returns NULL or a string containing the alias
*/
char *
-qemuDomainGetSecretAESAlias(const char *srcalias)
+qemuDomainGetSecretAESAlias(const char *srcalias,
+ bool isLuks)
{
char *alias;
return NULL;
}
- ignore_value(virAsprintf(&alias, "%s-secret0", srcalias));
+ if (isLuks)
+ ignore_value(virAsprintf(&alias, "%s-luks-secret0", srcalias));
+ else
+ ignore_value(virAsprintf(&alias, "%s-secret0", srcalias));
return alias;
}
* @secretUsageType: The virSecretUsageType
* @username: username to use for authentication (may be NULL)
* @seclookupdef: Pointer to seclookupdef data
+ * @isLuks: True/False for is for luks (alias generation)
*
* Taking a secinfo, fill in the AES specific information using the
*
const char *srcalias,
virSecretUsageType secretUsageType,
const char *username,
- virSecretLookupTypeDefPtr seclookupdef)
+ virSecretLookupTypeDefPtr seclookupdef,
+ bool isLuks)
{
int ret = -1;
uint8_t *raw_iv = NULL;
if (VIR_STRDUP(secinfo->s.aes.username, username) < 0)
return -1;
- if (!(secinfo->s.aes.alias = qemuDomainGetSecretAESAlias(srcalias)))
+ if (!(secinfo->s.aes.alias = qemuDomainGetSecretAESAlias(srcalias, isLuks)))
return -1;
/* Create a random initialization vector */
* @secretUsageType: The virSecretUsageType
* @username: username to use for authentication (may be NULL)
* @seclookupdef: Pointer to seclookupdef data
+ * @isLuks: True when is luks (generates different alias)
*
* If we have the encryption API present and can support a secret object, then
* build the AES secret; otherwise, build the Plain secret. This is the magic
const char *srcalias,
virSecretUsageType secretUsageType,
const char *username,
- virSecretLookupTypeDefPtr seclookupdef)
+ virSecretLookupTypeDefPtr seclookupdef,
+ bool isLuks)
{
if (virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC) &&
virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET) &&
secretUsageType == VIR_SECRET_USAGE_TYPE_CEPH) {
if (qemuDomainSecretAESSetup(conn, priv, secinfo, srcalias,
secretUsageType, username,
- seclookupdef) < 0)
+ seclookupdef, isLuks) < 0)
return -1;
} else {
if (qemuDomainSecretPlainSetup(conn, secinfo, secretUsageType,
qemuDomainSecretInfoPtr secinfo = NULL;
if (conn && qemuDomainSecretDiskCapable(src)) {
-
virSecretUsageType secretUsageType = VIR_SECRET_USAGE_TYPE_ISCSI;
qemuDomainDiskPrivatePtr diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias,
secretUsageType, src->auth->username,
- &src->auth->seclookupdef) < 0)
+ &src->auth->seclookupdef, false) < 0)
goto error;
diskPriv->secinfo = secinfo;
if (qemuDomainSecretSetup(conn, priv, secinfo, hostdev->info->alias,
VIR_SECRET_USAGE_TYPE_ISCSI,
iscsisrc->auth->username,
- &iscsisrc->auth->seclookupdef) < 0)
+ &iscsisrc->auth->seclookupdef, false) < 0)
goto error;
hostdevPriv->secinfo = secinfo;
projects / libvirt.git / commitdiff