1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-23 21:34:54 +03:00

qemu: domain: Extract setup for disk source secrets

Separate it so that it deals only with single virStorageSource, so that
it can later be reused for full backing chain support.

Two aliases are passed since authentication is more relevant to the
'storage backend' whereas encryption is more relevant to the protocol
layer. When using node names, the aliases will be different.
This commit is contained in:
Peter Krempa 2017-10-20 13:50:23 +02:00
parent 2b757b964b
commit e53a42f0f6

View File

@ -1369,6 +1369,61 @@ qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
}
/**
* qemuDomainSecretStorageSourcePrepare:
* @conn: connection object - for secret lookup
* @priv: domain private object
* @src: storage source struct to setup
* @authalias: prefix of the alias for secret holding authentication data
* @encalias: prefix of the alias for secret holding encryption password
*
* Prepares data necessary for encryption and authentication of @src. The two
* alias prefixes are provided since in the backing chain authentication belongs
* to the storage protocol data whereas encryption is relevant to the format
* driver in qemu. The two will have different node names.
*
* Returns 0 on success; -1 on error while reporting an libvirt error.
*/
static int
qemuDomainSecretStorageSourcePrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
virStorageSourcePtr src,
const char *authalias,
const char *encalias)
{
qemuDomainStorageSourcePrivatePtr srcPriv;
if (!(src->privateData = qemuDomainStorageSourcePrivateNew()))
return -1;
srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src);
if (qemuDomainSecretDiskCapable(src)) {
virSecretUsageType usageType = VIR_SECRET_USAGE_TYPE_ISCSI;
if (src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD)
usageType = VIR_SECRET_USAGE_TYPE_CEPH;
if (!(srcPriv->secinfo =
qemuDomainSecretInfoNew(conn, priv, authalias,
usageType, src->auth->username,
&src->auth->seclookupdef, false)))
return -1;
}
if (qemuDomainDiskHasEncryptionSecret(src)) {
if (!(srcPriv->encinfo =
qemuDomainSecretInfoNew(conn, priv, encalias,
VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
&src->encryption->secrets[0]->seclookupdef,
true)))
return -1;
}
return 0;
}
/* qemuDomainSecretDiskPrepare:
* @conn: Pointer to connection
* @priv: pointer to domain private object
@ -1378,42 +1433,15 @@ qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
*
* Returns 0 on success, -1 on failure
*/
int
qemuDomainSecretDiskPrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
virDomainDiskDefPtr disk)
{
virStorageSourcePtr src = disk->src;
qemuDomainStorageSourcePrivatePtr srcPriv;
if (!(disk->src->privateData = qemuDomainStorageSourcePrivateNew()))
return -1;
srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src);
if (qemuDomainSecretDiskCapable(src)) {
virSecretUsageType usageType = VIR_SECRET_USAGE_TYPE_ISCSI;
if (src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD)
usageType = VIR_SECRET_USAGE_TYPE_CEPH;
if (!(srcPriv->secinfo =
qemuDomainSecretInfoNew(conn, priv, disk->info.alias,
usageType, src->auth->username,
&src->auth->seclookupdef, false)))
return -1;
}
if (qemuDomainDiskHasEncryptionSecret(src)) {
if (!(srcPriv->encinfo =
qemuDomainSecretInfoNew(conn, priv, disk->info.alias,
VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
&src->encryption->secrets[0]->seclookupdef,
true)))
return -1;
}
return 0;
return qemuDomainSecretStorageSourcePrepare(conn, priv, disk->src,
disk->info.alias,
disk->info.alias);
}