qcrypto/core: add generic infrastructure for crypto options amendment

This will be used first to implement luks keyslot management.

block_crypto_amend_opts_init will be used to convert
qemu-img cmdline to QCryptoBlockAmendOptions

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200608094030.670121-2-mlevitsk@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
This commit is contained in:
Maxim Levitsky 2020-06-25 14:55:36 +02:00 committed by Max Reitz
parent d2a839ede8
commit 43cbd06df2
6 changed files with 95 additions and 0 deletions

View File

@ -202,6 +202,23 @@ block_crypto_create_opts_init(QDict *opts, Error **errp)
return ret;
}
QCryptoBlockAmendOptions *
block_crypto_amend_opts_init(QDict *opts, Error **errp)
{
Visitor *v;
QCryptoBlockAmendOptions *ret;
v = qobject_input_visitor_new_flat_confused(opts, errp);
if (!v) {
return NULL;
}
visit_type_QCryptoBlockAmendOptions(v, NULL, &ret, errp);
visit_free(v);
return ret;
}
static int block_crypto_open_generic(QCryptoBlockFormat format,
QemuOptsList *opts_spec,

View File

@ -91,6 +91,9 @@
QCryptoBlockCreateOptions *
block_crypto_create_opts_init(QDict *opts, Error **errp);
QCryptoBlockAmendOptions *
block_crypto_amend_opts_init(QDict *opts, Error **errp);
QCryptoBlockOpenOptions *
block_crypto_open_opts_init(QDict *opts, Error **errp);

View File

@ -150,6 +150,35 @@ qcrypto_block_calculate_payload_offset(QCryptoBlockCreateOptions *create_opts,
return crypto != NULL;
}
int qcrypto_block_amend_options(QCryptoBlock *block,
QCryptoBlockReadFunc readfunc,
QCryptoBlockWriteFunc writefunc,
void *opaque,
QCryptoBlockAmendOptions *options,
bool force,
Error **errp)
{
if (options->format != block->format) {
error_setg(errp,
"Cannot amend encryption format");
return -1;
}
if (!block->driver->amend) {
error_setg(errp,
"Crypto format %s doesn't support format options amendment",
QCryptoBlockFormat_str(block->format));
return -1;
}
return block->driver->amend(block,
readfunc,
writefunc,
opaque,
options,
force,
errp);
}
QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
Error **errp)

View File

@ -62,6 +62,14 @@ struct QCryptoBlockDriver {
void *opaque,
Error **errp);
int (*amend)(QCryptoBlock *block,
QCryptoBlockReadFunc readfunc,
QCryptoBlockWriteFunc writefunc,
void *opaque,
QCryptoBlockAmendOptions *options,
bool force,
Error **errp);
int (*get_info)(QCryptoBlock *block,
QCryptoBlockInfo *info,
Error **errp);

View File

@ -144,6 +144,28 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
void *opaque,
Error **errp);
/**
* qcrypto_block_amend_options:
* @block: the block encryption object
*
* @readfunc: callback for reading data from the volume header
* @writefunc: callback for writing data to the volume header
* @opaque: data to pass to @readfunc and @writefunc
* @options: the new/amended encryption options
* @force: hint for the driver to allow unsafe operation
* @errp: error pointer
*
* Changes the crypto options of the encryption format
*
*/
int qcrypto_block_amend_options(QCryptoBlock *block,
QCryptoBlockReadFunc readfunc,
QCryptoBlockWriteFunc writefunc,
void *opaque,
QCryptoBlockAmendOptions *options,
bool force,
Error **errp);
/**
* qcrypto_block_calculate_payload_offset:

View File

@ -309,3 +309,19 @@
'base': 'QCryptoBlockInfoBase',
'discriminator': 'format',
'data': { 'luks': 'QCryptoBlockInfoLUKS' } }
##
# @QCryptoBlockAmendOptions:
#
# The options that are available for all encryption formats
# when amending encryption settings
#
# Since: 5.1
##
{ 'union': 'QCryptoBlockAmendOptions',
'base': 'QCryptoBlockOptionsBase',
'discriminator': 'format',
'data': {
} }