From nobody Wed Feb 11 11:36:18 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.25 as permitted sender) client-ip=209.132.183.25; envelope-from=libvir-list-bounces@redhat.com; helo=mx4-phx2.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.25 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by mx.zohomail.com with SMTPS id 1488411279840178.980779737052; Wed, 1 Mar 2017 15:34:39 -0800 (PST) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v21NVUG1028774; Wed, 1 Mar 2017 18:31:30 -0500 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v21NUUs5000913 for ; Wed, 1 Mar 2017 18:30:30 -0500 Received: from localhost.localdomain.com (ovpn-116-78.phx2.redhat.com [10.3.116.78]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v21NUSjh004618 for ; Wed, 1 Mar 2017 18:30:29 -0500 From: John Ferlan To: libvir-list@redhat.com Date: Wed, 1 Mar 2017 18:30:19 -0500 Message-Id: <20170301233026.27908-2-jferlan@redhat.com> In-Reply-To: <20170301233026.27908-1-jferlan@redhat.com> References: <20170301233026.27908-1-jferlan@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v3 1/8] qemu: Introduce qemuDomainSecretInfoNew X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Create a helper which will create the secinfo used for disks, hostdevs, and chardevs. Signed-off-by: John Ferlan --- src/qemu/qemu_domain.c | 137 +++++++++++++++++++++++++--------------------= ---- 1 file changed, 71 insertions(+), 66 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index c187214..f8ac0f4 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1112,6 +1112,52 @@ qemuDomainSecretSetup(virConnectPtr conn, } =20 =20 +/* qemuDomainSecretInfoNew: + * @conn: Pointer to connection + * @priv: pointer to domain private object + * @srcAlias: Alias base to use for TLS object + * @lookupType: Type of secret lookup + * @username: username for plain secrets (only) + * @looupdef: lookup def describing secret + * @isLuks: boolean for luks lookup + * + * Helper function to create a secinfo to be used for secinfo consumers + * + * Returns @secinfo on success, NULL on failure. Caller is responsible + * to eventually free @secinfo. + */ +static qemuDomainSecretInfoPtr +qemuDomainSecretInfoNew(virConnectPtr conn, + qemuDomainObjPrivatePtr priv, + const char *srcAlias, + virSecretUsageType secretUsageType, + const char *username, + virSecretLookupTypeDefPtr lookupDef, + bool isLuks) +{ + qemuDomainSecretInfoPtr secinfo =3D NULL; + + if (VIR_ALLOC(secinfo) < 0) + return NULL; + + if (qemuDomainSecretSetup(conn, priv, secinfo, srcAlias, secretUsageTy= pe, + username, lookupDef, isLuks) < 0) + goto error; + + if (!username && secinfo->type =3D=3D VIR_DOMAIN_SECRET_INFO_TYPE_PLAI= N) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("encrypted secrets are not supported")); + goto error; + } + + return secinfo; + + error: + qemuDomainSecretInfoFree(&secinfo); + return NULL; +} + + /* qemuDomainSecretDiskDestroy: * @disk: Pointer to a disk definition * @@ -1171,51 +1217,30 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn, { virStorageSourcePtr src =3D disk->src; qemuDomainDiskPrivatePtr diskPriv =3D QEMU_DOMAIN_DISK_PRIVATE(disk); - qemuDomainSecretInfoPtr secinfo =3D NULL; =20 if (qemuDomainSecretDiskCapable(src)) { virSecretUsageType secretUsageType =3D VIR_SECRET_USAGE_TYPE_ISCSI; =20 - if (VIR_ALLOC(secinfo) < 0) - return -1; - if (src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_RBD) secretUsageType =3D VIR_SECRET_USAGE_TYPE_CEPH; =20 - if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias, - secretUsageType, src->auth->username, - &src->auth->seclookupdef, false) < 0) - goto error; - - diskPriv->secinfo =3D secinfo; + if (!(diskPriv->secinfo =3D + qemuDomainSecretInfoNew(conn, priv, disk->info.alias, + secretUsageType, src->auth->username, + &src->auth->seclookupdef, false))) + return -1; } =20 if (qemuDomainDiskHasEncryptionSecret(src)) { - - if (VIR_ALLOC(secinfo) < 0) - return -1; - - if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias, - VIR_SECRET_USAGE_TYPE_VOLUME, NULL, - &src->encryption->secrets[0]->seclookupd= ef, - true) < 0) - goto error; - - if (secinfo->type =3D=3D VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("luks encryption requires encrypted secrets " - "to be supported")); - goto error; - } - - diskPriv->encinfo =3D secinfo; + if (!(diskPriv->encinfo =3D + qemuDomainSecretInfoNew(conn, priv, disk->info.alias, + VIR_SECRET_USAGE_TYPE_VOLUME, NULL, + &src->encryption->secrets[0]->secloo= kupdef, + true))) + return -1; } =20 return 0; - - error: - qemuDomainSecretInfoFree(&secinfo); - return -1; } =20 =20 @@ -1251,8 +1276,6 @@ qemuDomainSecretHostdevPrepare(virConnectPtr conn, qemuDomainObjPrivatePtr priv, virDomainHostdevDefPtr hostdev) { - qemuDomainSecretInfoPtr secinfo =3D NULL; - if (virHostdevIsSCSIDevice(hostdev)) { virDomainHostdevSubsysSCSIPtr scsisrc =3D &hostdev->source.subsys.= u.scsi; virDomainHostdevSubsysSCSIiSCSIPtr iscsisrc =3D &scsisrc->u.iscsi; @@ -1263,24 +1286,17 @@ qemuDomainSecretHostdevPrepare(virConnectPtr conn, qemuDomainHostdevPrivatePtr hostdevPriv =3D QEMU_DOMAIN_HOSTDEV_PRIVATE(hostdev); =20 - if (VIR_ALLOC(secinfo) < 0) + if (!(hostdevPriv->secinfo =3D + qemuDomainSecretInfoNew(conn, priv, hostdev->info->alias, + VIR_SECRET_USAGE_TYPE_ISCSI, + iscsisrc->auth->username, + &iscsisrc->auth->seclookupdef, + false))) return -1; - - if (qemuDomainSecretSetup(conn, priv, secinfo, hostdev->info->= alias, - VIR_SECRET_USAGE_TYPE_ISCSI, - iscsisrc->auth->username, - &iscsisrc->auth->seclookupdef, false= ) < 0) - goto error; - - hostdevPriv->secinfo =3D secinfo; } } =20 return 0; - - error: - qemuDomainSecretInfoFree(&secinfo); - return -1; } =20 =20 @@ -1322,7 +1338,6 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn, virDomainChrSourceDefPtr dev) { virSecretLookupTypeDef seclookupdef =3D {0}; - qemuDomainSecretInfoPtr secinfo =3D NULL; char *charAlias =3D NULL; =20 if (dev->type !=3D VIR_DOMAIN_CHR_TYPE_TCP) @@ -1337,36 +1352,26 @@ qemuDomainSecretChardevPrepare(virConnectPtr conn, seclookupdef.u.uuid) < 0) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("malformed chardev TLS secret uuid in qemu.co= nf")); - goto error; + return -1; } seclookupdef.type =3D VIR_SECRET_LOOKUP_TYPE_UUID; =20 - if (VIR_ALLOC(secinfo) < 0) - goto error; - if (!(charAlias =3D qemuAliasChardevFromDevAlias(chrAlias))) - goto error; - - if (qemuDomainSecretSetup(conn, priv, secinfo, charAlias, - VIR_SECRET_USAGE_TYPE_TLS, NULL, - &seclookupdef, false) < 0) - goto error; + return -1; =20 - if (secinfo->type =3D=3D VIR_DOMAIN_SECRET_INFO_TYPE_PLAIN) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("TLS X.509 requires encrypted secrets " - "to be supported")); + if (!(chrSourcePriv->secinfo =3D + qemuDomainSecretInfoNew(conn, priv, charAlias, + VIR_SECRET_USAGE_TYPE_TLS, NULL, + &seclookupdef, false))) goto error; - } =20 - chrSourcePriv->secinfo =3D secinfo; + VIR_FREE(charAlias); } =20 - VIR_FREE(charAlias); return 0; =20 error: - qemuDomainSecretInfoFree(&secinfo); + VIR_FREE(charAlias); return -1; } =20 --=20 2.9.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list