cli: Add --keywrap cipher[0-9]*.name=aes|des, cipher[0-9]*.state=on|off

XML Mapping: <domain> ... <keywrap> <cipher name="X" state="X"/> </keywrap> ... </domain> Reviewed-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Athina Plaskasoviti <athina.plaskasoviti@gmail.com>
2024-12-22 13:34:07 +03:00 · 2019-07-21 16:37:37 +03:00 · 2019-07-21 16:37:37 +03:00 · 9afe51a0f8
commit 9afe51a0f8
parent 567463a07c
6 changed files with 56 additions and 1 deletions
--- a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml
+++ b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml
@ -211,6 +211,9 @@
  <seclabel type="dynamic" model="dac">
    <label>012:345</label>
  </seclabel>
+  <keywrap>
+    <cipher name="aes" state="on"/>
+  </keywrap>
  <on_lockfailure>ignore</on_lockfailure>
  <cputune>
    <vcpupin vcpu="0" cpuset="0-3"/>
@ -432,6 +435,9 @@
  <seclabel type="dynamic" model="dac">
    <label>012:345</label>
  </seclabel>
+  <keywrap>
+    <cipher name="aes" state="on"/>
+  </keywrap>
  <on_lockfailure>ignore</on_lockfailure>
  <cputune>
    <vcpupin vcpu="0" cpuset="0-3"/>
--- a/tests/clitest.py
+++ b/tests/clitest.py
@ -511,6 +511,7 @@ cache.mode=emulate,cache.level=3
 --idmap uid_start=0,uid_target=1000,uid_count=10,gid_start=0,gid_target=1000,gid_count=10
 --seclabel type=static,label='system_u:object_r:svirt_image_t:s0:c100,c200',relabel=yes,baselabel=baselabel
 --seclabel type=dynamic,label=012:345
+--keywrap cipher0.name=aes,cipher0.state=on
 --numatune 1-3,4,mode=strict,\
 memnode0.cellid=1,memnode0.mode=strict,memnode0.nodeset=2
 --memtune hard_limit=10,soft_limit=20,swap_hard_limit=30,min_guarantee=40
--- a/virtinst/cli.py
+++ b/virtinst/cli.py
@ -775,6 +775,10 @@ def add_guest_xml_options(geng):
    geng.add_argument("--seclabel", "--security", action="append",
        help=_("Set domain seclabel configuration."))

+    ParserKeyWrap.register()
+    geng.add_argument("--keywrap", action="append",
+        help=_("Set guest to perform the S390 cryptographic key management operations."))
+
    ParserCputune.register()
    geng.add_argument("--cputune", action="append",
        help=_("Tune CPU parameters for the domain process."))
@ -2367,6 +2371,29 @@ class ParserSeclabel(VirtCLIParser):
        cls.add_arg("baselabel", "baselabel", can_comma=True)


+######################
+# --keywrap parsing  #
+######################
+
+class ParserKeyWrap(VirtCLIParser):
+    cli_arg_name = "keywrap"
+    guest_propname = "keywrap"
+
+    def cipher_find_inst_cb(self, *args, **kwargs):
+        cliarg = "cipher"  # keywrap[0-9]*
+        list_propname = "cipher"
+        cb = self._make_find_inst_cb(cliarg, list_propname)
+        return cb(*args, **kwargs)
+
+    @classmethod
+    def _init_class(cls, **kwargs):
+        VirtCLIParser._init_class(**kwargs)
+        cls.add_arg("cipher[0-9]*.name", "name", can_comma=True,
+                find_inst_cb=cls.cipher_find_inst_cb)
+        cls.add_arg("cipher[0-9]*.state", "state", can_comma=True,
+                find_inst_cb=cls.cipher_find_inst_cb)
+
+
 ######################
 # --features parsing #
 ######################
--- a/virtinst/domain/init.py
+++ b/virtinst/domain/init.py
@ -16,6 +16,7 @@ from .os import DomainOs
 from .pm import DomainPm
 from .resource import DomainResource
 from .seclabel import DomainSeclabel
+from .keywrap import DomainKeyWrap
 from .sysinfo import DomainSysinfo
 from .vcpus import DomainVCPUs
 from .xmlnsqemu import DomainXMLNSQemu
--- a/virtinst/domain/keywrap.py
+++ b/virtinst/domain/keywrap.py
@ -0,0 +1,19 @@
+from ..xmlbuilder import XMLBuilder, XMLProperty, XMLChildProperty
+
+
+class _KeyWrap(XMLBuilder):
+
+    XML_NAME = "cipher"
+    _XML_PROP_ORDER = ["name", "state"]
+
+    name = XMLProperty("./@name")
+    state = XMLProperty("./@state", is_onoff=True)
+
+
+class DomainKeyWrap(XMLBuilder):
+    """
+    Class for generating <keywrap> XML
+    """
+    XML_NAME = "keywrap"
+
+    cipher = XMLChildProperty(_KeyWrap)
--- a/virtinst/guest.py
+++ b/virtinst/guest.py
@ -213,7 +213,7 @@ class Guest(XMLBuilder):
        "vcpu_cpuset", "vcpulist", "numatune", "resource", "sysinfo",
        "bootloader", "os", "idmap", "features", "cpu", "clock",
        "on_poweroff", "on_reboot", "on_crash",
-        "pm", "emulator", "devices", "launchSecurity", "seclabels"]
+        "pm", "emulator", "devices", "launchSecurity", "seclabels", "keywrap"]

    def __init__(self, *args, **kwargs):
        XMLBuilder.__init__(self, *args, **kwargs)
@ -294,6 +294,7 @@ class Guest(XMLBuilder):

    vcpulist = XMLChildProperty(DomainVCPUs, is_single=True)
    seclabels = XMLChildProperty(DomainSeclabel)
+    keywrap = XMLChildProperty(DomainKeyWrap, is_single=True)
    os = XMLChildProperty(DomainOs, is_single=True)
    features = XMLChildProperty(DomainFeatures, is_single=True)
    clock = XMLChildProperty(DomainClock, is_single=True)