1. Patchew
  2. Libvirt
  3. [libvirt] [tck PATCH v2 00/13] Make sure all tests pass
  4. View patch

[libvirt] [tck PATCH v2 07/13] scripts: switch to using luks encryption with QEMU

Daniel P. Berrangé posted 13 patches 7 years, 5 months ago
[libvirt] [tck PATCH v2 07/13] scripts: switch to using luks encryption with QEMU
Posted by Daniel P. Berrangé 7 years, 5 months ago 
The ability to use qcow legacy encryption is disabled with QEMU for a
long time. Switch to using luks encryption, although this is not yet
fully wired up in libvirt so the tests still (temporarily) fail.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 lib/Sys/Virt/TCK/DomainBuilder.pm     |  4 ++--
 lib/Sys/Virt/TCK/StorageVolBuilder.pm | 18 +++++++++++++-----
 scripts/qemu/100-disk-encryption.t    |  2 ++
 3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/lib/Sys/Virt/TCK/DomainBuilder.pm b/lib/Sys/Virt/TCK/DomainBuilder.pm
index 83cea15..b6adbd3 100644
--- a/lib/Sys/Virt/TCK/DomainBuilder.pm
+++ b/lib/Sys/Virt/TCK/DomainBuilder.pm
@@ -412,8 +412,8 @@ sub as_xml {
         $w->emptyTag("target",
                      dev => $disk->{dst},
                      $disk->{bus} ? (bus => $disk->{bus}) : ());
-        if ($disk->{secret}) {
-            $w->startTag("encryption", format => "qcow");
+        if ($disk->{encformat}) {
+            $w->startTag("encryption", format => $self->{encryption_format});
             $w->emptyTag("secret", type => "passphrase", uuid => $disk->{secret});
             $w->endTag("encryption");
         }
diff --git a/lib/Sys/Virt/TCK/StorageVolBuilder.pm b/lib/Sys/Virt/TCK/StorageVolBuilder.pm
index 7208f75..ad950ed 100644
--- a/lib/Sys/Virt/TCK/StorageVolBuilder.pm
+++ b/lib/Sys/Virt/TCK/StorageVolBuilder.pm
@@ -60,6 +60,14 @@ sub format {
     return $self;
 }
 
+sub encryption_format {
+    my $self = shift;
+
+    $self->{encformat} = shift;
+
+    return $self;
+}
+
 sub secret {
     my $self = shift;
 
@@ -95,13 +103,13 @@ sub as_xml {
     $w->dataElement("capacity", $self->{capacity});
     $w->dataElement("allocation", $self->{allocation});
 
-    if ($self->{format} || $self->{secret}) {
+    if ($self->{format} || $self->{encformat}) {
         $w->startTag("target");
         if ($self->{format}) {
             $w->emptyTag("format", type => $self->{format});
         }
-        if ($self->{secret}) {
-            $w->startTag("encryption", format => "qcow");
+        if ($self->{encformat}) {
+            $w->startTag("encryption", format => $self->{encformat});
             $w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
             $w->endTag("encryption");
         }
@@ -114,8 +122,8 @@ sub as_xml {
         if ($self->{backingFormat}) {
             $w->emptyTag("format", type => $self->{backingFormat});
         }
-        if ($self->{secret}) {
-            $w->startTag("encryption", format => "qcow");
+        if ($self->{encformat}) {
+            $w->startTag("encryption", format => $self->{encformat});
             $w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
             $w->endTag("encryption");
         }
diff --git a/scripts/qemu/100-disk-encryption.t b/scripts/qemu/100-disk-encryption.t
index 8a0fd5e..3b1651a 100644
--- a/scripts/qemu/100-disk-encryption.t
+++ b/scripts/qemu/100-disk-encryption.t
@@ -76,6 +76,7 @@ lives_ok(sub { $pool = $conn->create_storage_pool($poolXML) }, "pool created");
 my $volXML = Sys::Virt::TCK::StorageVolBuilder->new(name => "demo.qcow2")
     ->capacity(1024*1024*1024)
     ->format("qcow2")
+    ->encryption_format("luks")
     ->secret($secretUUID)
     ->as_xml();
 
@@ -86,6 +87,7 @@ lives_ok(sub { $vol = $pool->create_volume($volXML) }, "volume created");
 
 my $xml = $tck->generic_domain(name => "tck")
     ->disk(format => { name => "qemu", type => "qcow2" },
+	   encryption_format => "luks",
 	   secret => $secretUUID,
 	   type => "file",
 	   src => $disk,
-- 
2.17.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [tck PATCH v2 07/13] scripts: switch to using luks encryption with QEMU
Posted by Laine Stump 7 years, 5 months ago 
On 05/21/2018 12:46 PM, Daniel P. Berrangé wrote:
> The ability to use qcow legacy encryption is disabled with QEMU for a
> long time. Switch to using luks encryption, although this is not yet
> fully wired up in libvirt so the tests still (temporarily) fail.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

Reviewed-by: Laine Stump <laine@laine.org>

(when applied together with patch 08/13, of course :-)

> ---
>  lib/Sys/Virt/TCK/DomainBuilder.pm     |  4 ++--
>  lib/Sys/Virt/TCK/StorageVolBuilder.pm | 18 +++++++++++++-----
>  scripts/qemu/100-disk-encryption.t    |  2 ++
>  3 files changed, 17 insertions(+), 7 deletions(-)
>
> diff --git a/lib/Sys/Virt/TCK/DomainBuilder.pm b/lib/Sys/Virt/TCK/DomainBuilder.pm
> index 83cea15..b6adbd3 100644
> --- a/lib/Sys/Virt/TCK/DomainBuilder.pm
> +++ b/lib/Sys/Virt/TCK/DomainBuilder.pm
> @@ -412,8 +412,8 @@ sub as_xml {
>          $w->emptyTag("target",
>                       dev => $disk->{dst},
>                       $disk->{bus} ? (bus => $disk->{bus}) : ());
> -        if ($disk->{secret}) {
> -            $w->startTag("encryption", format => "qcow");
> +        if ($disk->{encformat}) {
> +            $w->startTag("encryption", format => $self->{encryption_format});
>              $w->emptyTag("secret", type => "passphrase", uuid => $disk->{secret});
>              $w->endTag("encryption");
>          }
> diff --git a/lib/Sys/Virt/TCK/StorageVolBuilder.pm b/lib/Sys/Virt/TCK/StorageVolBuilder.pm
> index 7208f75..ad950ed 100644
> --- a/lib/Sys/Virt/TCK/StorageVolBuilder.pm
> +++ b/lib/Sys/Virt/TCK/StorageVolBuilder.pm
> @@ -60,6 +60,14 @@ sub format {
>      return $self;
>  }
>  
> +sub encryption_format {
> +    my $self = shift;
> +
> +    $self->{encformat} = shift;
> +
> +    return $self;
> +}
> +
>  sub secret {
>      my $self = shift;
>  
> @@ -95,13 +103,13 @@ sub as_xml {
>      $w->dataElement("capacity", $self->{capacity});
>      $w->dataElement("allocation", $self->{allocation});
>  
> -    if ($self->{format} || $self->{secret}) {
> +    if ($self->{format} || $self->{encformat}) {
>          $w->startTag("target");
>          if ($self->{format}) {
>              $w->emptyTag("format", type => $self->{format});
>          }
> -        if ($self->{secret}) {
> -            $w->startTag("encryption", format => "qcow");
> +        if ($self->{encformat}) {
> +            $w->startTag("encryption", format => $self->{encformat});
>              $w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
>              $w->endTag("encryption");
>          }
> @@ -114,8 +122,8 @@ sub as_xml {
>          if ($self->{backingFormat}) {
>              $w->emptyTag("format", type => $self->{backingFormat});
>          }
> -        if ($self->{secret}) {
> -            $w->startTag("encryption", format => "qcow");
> +        if ($self->{encformat}) {
> +            $w->startTag("encryption", format => $self->{encformat});
>              $w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
>              $w->endTag("encryption");
>          }
> diff --git a/scripts/qemu/100-disk-encryption.t b/scripts/qemu/100-disk-encryption.t
> index 8a0fd5e..3b1651a 100644
> --- a/scripts/qemu/100-disk-encryption.t
> +++ b/scripts/qemu/100-disk-encryption.t
> @@ -76,6 +76,7 @@ lives_ok(sub { $pool = $conn->create_storage_pool($poolXML) }, "pool created");
>  my $volXML = Sys::Virt::TCK::StorageVolBuilder->new(name => "demo.qcow2")
>      ->capacity(1024*1024*1024)
>      ->format("qcow2")
> +    ->encryption_format("luks")
>      ->secret($secretUUID)
>      ->as_xml();
>  
> @@ -86,6 +87,7 @@ lives_ok(sub { $vol = $pool->create_volume($volXML) }, "volume created");
>  
>  my $xml = $tck->generic_domain(name => "tck")
>      ->disk(format => { name => "qemu", type => "qcow2" },
> +	   encryption_format => "luks",
>  	   secret => $secretUUID,
>  	   type => "file",
>  	   src => $disk,


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [tck PATCH v2 07/13] scripts: switch to using luks encryption with QEMU
Posted by Laine Stump 7 years, 5 months ago 
On 06/01/2018 09:06 PM, Laine Stump wrote:
> On 05/21/2018 12:46 PM, Daniel P. Berrangé wrote:
>> The ability to use qcow legacy encryption is disabled with QEMU for a
>> long time. Switch to using luks encryption, although this is not yet
>> fully wired up in libvirt so the tests still (temporarily) fail.
>>
>> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> Reviewed-by: Laine Stump <laine@laine.org>
>
> (when applied together with patch 08/13, of course :-)

Actually, when I did a complete build/install and tested this, I found
that libvirt-tck's self-tests are now failing because the <encryption
format='qcow'> element is no longer added to the <disk> in
t/070-domain-builder.t and t/100-storage-vol-builder.t.

If you want to squash that change into this patch, that's fine,
otherwise you can make a separate patch, or if you don't want to I can.

>> ---
>>  lib/Sys/Virt/TCK/DomainBuilder.pm     |  4 ++--
>>  lib/Sys/Virt/TCK/StorageVolBuilder.pm | 18 +++++++++++++-----
>>  scripts/qemu/100-disk-encryption.t    |  2 ++
>>  3 files changed, 17 insertions(+), 7 deletions(-)
>>
>> diff --git a/lib/Sys/Virt/TCK/DomainBuilder.pm b/lib/Sys/Virt/TCK/DomainBuilder.pm
>> index 83cea15..b6adbd3 100644
>> --- a/lib/Sys/Virt/TCK/DomainBuilder.pm
>> +++ b/lib/Sys/Virt/TCK/DomainBuilder.pm
>> @@ -412,8 +412,8 @@ sub as_xml {
>>          $w->emptyTag("target",
>>                       dev => $disk->{dst},
>>                       $disk->{bus} ? (bus => $disk->{bus}) : ());
>> -        if ($disk->{secret}) {
>> -            $w->startTag("encryption", format => "qcow");
>> +        if ($disk->{encformat}) {
>> +            $w->startTag("encryption", format => $self->{encryption_format});
>>              $w->emptyTag("secret", type => "passphrase", uuid => $disk->{secret});
>>              $w->endTag("encryption");
>>          }
>> diff --git a/lib/Sys/Virt/TCK/StorageVolBuilder.pm b/lib/Sys/Virt/TCK/StorageVolBuilder.pm
>> index 7208f75..ad950ed 100644
>> --- a/lib/Sys/Virt/TCK/StorageVolBuilder.pm
>> +++ b/lib/Sys/Virt/TCK/StorageVolBuilder.pm
>> @@ -60,6 +60,14 @@ sub format {
>>      return $self;
>>  }
>>  
>> +sub encryption_format {
>> +    my $self = shift;
>> +
>> +    $self->{encformat} = shift;
>> +
>> +    return $self;
>> +}
>> +
>>  sub secret {
>>      my $self = shift;
>>  
>> @@ -95,13 +103,13 @@ sub as_xml {
>>      $w->dataElement("capacity", $self->{capacity});
>>      $w->dataElement("allocation", $self->{allocation});
>>  
>> -    if ($self->{format} || $self->{secret}) {
>> +    if ($self->{format} || $self->{encformat}) {
>>          $w->startTag("target");
>>          if ($self->{format}) {
>>              $w->emptyTag("format", type => $self->{format});
>>          }
>> -        if ($self->{secret}) {
>> -            $w->startTag("encryption", format => "qcow");
>> +        if ($self->{encformat}) {
>> +            $w->startTag("encryption", format => $self->{encformat});
>>              $w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
>>              $w->endTag("encryption");
>>          }
>> @@ -114,8 +122,8 @@ sub as_xml {
>>          if ($self->{backingFormat}) {
>>              $w->emptyTag("format", type => $self->{backingFormat});
>>          }
>> -        if ($self->{secret}) {
>> -            $w->startTag("encryption", format => "qcow");
>> +        if ($self->{encformat}) {
>> +            $w->startTag("encryption", format => $self->{encformat});
>>              $w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
>>              $w->endTag("encryption");
>>          }
>> diff --git a/scripts/qemu/100-disk-encryption.t b/scripts/qemu/100-disk-encryption.t
>> index 8a0fd5e..3b1651a 100644
>> --- a/scripts/qemu/100-disk-encryption.t
>> +++ b/scripts/qemu/100-disk-encryption.t
>> @@ -76,6 +76,7 @@ lives_ok(sub { $pool = $conn->create_storage_pool($poolXML) }, "pool created");
>>  my $volXML = Sys::Virt::TCK::StorageVolBuilder->new(name => "demo.qcow2")
>>      ->capacity(1024*1024*1024)
>>      ->format("qcow2")
>> +    ->encryption_format("luks")
>>      ->secret($secretUUID)
>>      ->as_xml();
>>  
>> @@ -86,6 +87,7 @@ lives_ok(sub { $vol = $pool->create_volume($volXML) }, "volume created");
>>  
>>  my $xml = $tck->generic_domain(name => "tck")
>>      ->disk(format => { name => "qemu", type => "qcow2" },
>> +	   encryption_format => "luks",
>>  	   secret => $secretUUID,
>>  	   type => "file",
>>  	   src => $disk,
>
> --
> libvir-list mailing list
> libvir-list@redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [tck PATCH v2 07/13] scripts: switch to using luks encryption with QEMU
Posted by Daniel P. Berrangé 7 years, 4 months ago 
On Fri, Jun 01, 2018 at 09:52:50PM -0400, Laine Stump wrote:
> On 06/01/2018 09:06 PM, Laine Stump wrote:
> > On 05/21/2018 12:46 PM, Daniel P. Berrangé wrote:
> >> The ability to use qcow legacy encryption is disabled with QEMU for a
> >> long time. Switch to using luks encryption, although this is not yet
> >> fully wired up in libvirt so the tests still (temporarily) fail.
> >>
> >> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> > Reviewed-by: Laine Stump <laine@laine.org>
> >
> > (when applied together with patch 08/13, of course :-)
> 
> Actually, when I did a complete build/install and tested this, I found
> that libvirt-tck's self-tests are now failing because the <encryption
> format='qcow'> element is no longer added to the <disk> in
> t/070-domain-builder.t and t/100-storage-vol-builder.t.
> 
> If you want to squash that change into this patch, that's fine,
> otherwise you can make a separate patch, or if you don't want to I can.

Yes, I'm squash in a suitable change, which showed a flaw below....

> 
> >> ---
> >>  lib/Sys/Virt/TCK/DomainBuilder.pm     |  4 ++--
> >>  lib/Sys/Virt/TCK/StorageVolBuilder.pm | 18 +++++++++++++-----
> >>  scripts/qemu/100-disk-encryption.t    |  2 ++
> >>  3 files changed, 17 insertions(+), 7 deletions(-)
> >>
> >> diff --git a/lib/Sys/Virt/TCK/DomainBuilder.pm b/lib/Sys/Virt/TCK/DomainBuilder.pm
> >> index 83cea15..b6adbd3 100644
> >> --- a/lib/Sys/Virt/TCK/DomainBuilder.pm
> >> +++ b/lib/Sys/Virt/TCK/DomainBuilder.pm
> >> @@ -412,8 +412,8 @@ sub as_xml {
> >>          $w->emptyTag("target",
> >>                       dev => $disk->{dst},
> >>                       $disk->{bus} ? (bus => $disk->{bus}) : ());
> >> -        if ($disk->{secret}) {
> >> -            $w->startTag("encryption", format => "qcow");
> >> +        if ($disk->{encformat}) {

s/encformat/encryption_format/

> >> +            $w->startTag("encryption", format => $self->{encryption_format});

s/self/disk/

> >>              $w->emptyTag("secret", type => "passphrase", uuid => $disk->{secret});
> >>              $w->endTag("encryption");
> >>          }

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Patchew 2.1-devel-8c64711

© 2016 - 2025 Red Hat, Inc.