qcrypto/core: add generic infrastructure for crypto options amendment
This will be used first to implement luks keyslot management. block_crypto_amend_opts_init will be used to convert qemu-img cmdline to QCryptoBlockAmendOptions Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20200608094030.670121-2-mlevitsk@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
This commit is contained in:
parent
d2a839ede8
commit
43cbd06df2
@ -202,6 +202,23 @@ block_crypto_create_opts_init(QDict *opts, Error **errp)
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
QCryptoBlockAmendOptions *
|
||||||
|
block_crypto_amend_opts_init(QDict *opts, Error **errp)
|
||||||
|
{
|
||||||
|
Visitor *v;
|
||||||
|
QCryptoBlockAmendOptions *ret;
|
||||||
|
|
||||||
|
v = qobject_input_visitor_new_flat_confused(opts, errp);
|
||||||
|
if (!v) {
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
visit_type_QCryptoBlockAmendOptions(v, NULL, &ret, errp);
|
||||||
|
|
||||||
|
visit_free(v);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static int block_crypto_open_generic(QCryptoBlockFormat format,
|
static int block_crypto_open_generic(QCryptoBlockFormat format,
|
||||||
QemuOptsList *opts_spec,
|
QemuOptsList *opts_spec,
|
||||||
|
@ -91,6 +91,9 @@
|
|||||||
QCryptoBlockCreateOptions *
|
QCryptoBlockCreateOptions *
|
||||||
block_crypto_create_opts_init(QDict *opts, Error **errp);
|
block_crypto_create_opts_init(QDict *opts, Error **errp);
|
||||||
|
|
||||||
|
QCryptoBlockAmendOptions *
|
||||||
|
block_crypto_amend_opts_init(QDict *opts, Error **errp);
|
||||||
|
|
||||||
QCryptoBlockOpenOptions *
|
QCryptoBlockOpenOptions *
|
||||||
block_crypto_open_opts_init(QDict *opts, Error **errp);
|
block_crypto_open_opts_init(QDict *opts, Error **errp);
|
||||||
|
|
||||||
|
@ -150,6 +150,35 @@ qcrypto_block_calculate_payload_offset(QCryptoBlockCreateOptions *create_opts,
|
|||||||
return crypto != NULL;
|
return crypto != NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int qcrypto_block_amend_options(QCryptoBlock *block,
|
||||||
|
QCryptoBlockReadFunc readfunc,
|
||||||
|
QCryptoBlockWriteFunc writefunc,
|
||||||
|
void *opaque,
|
||||||
|
QCryptoBlockAmendOptions *options,
|
||||||
|
bool force,
|
||||||
|
Error **errp)
|
||||||
|
{
|
||||||
|
if (options->format != block->format) {
|
||||||
|
error_setg(errp,
|
||||||
|
"Cannot amend encryption format");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!block->driver->amend) {
|
||||||
|
error_setg(errp,
|
||||||
|
"Crypto format %s doesn't support format options amendment",
|
||||||
|
QCryptoBlockFormat_str(block->format));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
return block->driver->amend(block,
|
||||||
|
readfunc,
|
||||||
|
writefunc,
|
||||||
|
opaque,
|
||||||
|
options,
|
||||||
|
force,
|
||||||
|
errp);
|
||||||
|
}
|
||||||
|
|
||||||
QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
|
QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
|
||||||
Error **errp)
|
Error **errp)
|
||||||
|
@ -62,6 +62,14 @@ struct QCryptoBlockDriver {
|
|||||||
void *opaque,
|
void *opaque,
|
||||||
Error **errp);
|
Error **errp);
|
||||||
|
|
||||||
|
int (*amend)(QCryptoBlock *block,
|
||||||
|
QCryptoBlockReadFunc readfunc,
|
||||||
|
QCryptoBlockWriteFunc writefunc,
|
||||||
|
void *opaque,
|
||||||
|
QCryptoBlockAmendOptions *options,
|
||||||
|
bool force,
|
||||||
|
Error **errp);
|
||||||
|
|
||||||
int (*get_info)(QCryptoBlock *block,
|
int (*get_info)(QCryptoBlock *block,
|
||||||
QCryptoBlockInfo *info,
|
QCryptoBlockInfo *info,
|
||||||
Error **errp);
|
Error **errp);
|
||||||
|
@ -144,6 +144,28 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
|
|||||||
void *opaque,
|
void *opaque,
|
||||||
Error **errp);
|
Error **errp);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* qcrypto_block_amend_options:
|
||||||
|
* @block: the block encryption object
|
||||||
|
*
|
||||||
|
* @readfunc: callback for reading data from the volume header
|
||||||
|
* @writefunc: callback for writing data to the volume header
|
||||||
|
* @opaque: data to pass to @readfunc and @writefunc
|
||||||
|
* @options: the new/amended encryption options
|
||||||
|
* @force: hint for the driver to allow unsafe operation
|
||||||
|
* @errp: error pointer
|
||||||
|
*
|
||||||
|
* Changes the crypto options of the encryption format
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
int qcrypto_block_amend_options(QCryptoBlock *block,
|
||||||
|
QCryptoBlockReadFunc readfunc,
|
||||||
|
QCryptoBlockWriteFunc writefunc,
|
||||||
|
void *opaque,
|
||||||
|
QCryptoBlockAmendOptions *options,
|
||||||
|
bool force,
|
||||||
|
Error **errp);
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* qcrypto_block_calculate_payload_offset:
|
* qcrypto_block_calculate_payload_offset:
|
||||||
|
@ -309,3 +309,19 @@
|
|||||||
'base': 'QCryptoBlockInfoBase',
|
'base': 'QCryptoBlockInfoBase',
|
||||||
'discriminator': 'format',
|
'discriminator': 'format',
|
||||||
'data': { 'luks': 'QCryptoBlockInfoLUKS' } }
|
'data': { 'luks': 'QCryptoBlockInfoLUKS' } }
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##
|
||||||
|
# @QCryptoBlockAmendOptions:
|
||||||
|
#
|
||||||
|
# The options that are available for all encryption formats
|
||||||
|
# when amending encryption settings
|
||||||
|
#
|
||||||
|
# Since: 5.1
|
||||||
|
##
|
||||||
|
{ 'union': 'QCryptoBlockAmendOptions',
|
||||||
|
'base': 'QCryptoBlockOptionsBase',
|
||||||
|
'discriminator': 'format',
|
||||||
|
'data': {
|
||||||
|
} }
|
||||||
|
Loading…
Reference in New Issue
Block a user