mirrors/qemu
0
0
Fork 0
mirror of https://github.com/qemu/qemu.git synced 2024-12-15 23:43:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
d0112eb415
qemu/qapi
History
Hyman Huang d0112eb415 block: Support detached LUKS header creation using blockdev-create 
Firstly, enable the ability to choose the block device containing
a detachable LUKS header by adding the 'header' parameter to
BlockdevCreateOptionsLUKS.

Secondly, when formatting the LUKS volume with a detachable header,
truncate the payload volume to length without a header size.

Using the qmp blockdev command, create the LUKS volume with a
detachable header as follows:

1. add the secret to lock/unlock the cipher stored in the
   detached LUKS header
$ virsh qemu-monitor-command vm '{"execute":"object-add",
> "arguments":{"qom-type": "secret", "id": "sec0", "data": "foo"}}'

2. create a header img with 0 size
$ virsh qemu-monitor-command vm '{"execute":"blockdev-create",
> "arguments":{"job-id":"job0", "options":{"driver":"file",
> "filename":"/path/to/detached_luks_header.img", "size":0 }}}'

3. add protocol blockdev node for header
$ virsh qemu-monitor-command vm '{"execute":"blockdev-add",
> "arguments": {"driver":"file", "filename":
> "/path/to/detached_luks_header.img", "node-name":
> "detached-luks-header-storage"}}'

4. create a payload img with 0 size
$ virsh qemu-monitor-command vm '{"execute":"blockdev-create",
> "arguments":{"job-id":"job1", "options":{"driver":"file",
> "filename":"/path/to/detached_luks_payload_raw.img", "size":0}}}'

5. add protocol blockdev node for payload
$ virsh qemu-monitor-command vm '{"execute":"blockdev-add",
> "arguments": {"driver":"file", "filename":
> "/path/to/detached_luks_payload_raw.img", "node-name":
> "luks-payload-raw-storage"}}'

6. do the formatting with 128M size
$ virsh qemu-monitor-command c81_node1 '{"execute":"blockdev-create",
> "arguments":{"job-id":"job2", "options":{"driver":"luks", "header":
> "detached-luks-header-storage", "file":"luks-payload-raw-storage",
> "size":134217728, "preallocation":"full", "key-secret":"sec0" }}}'

Signed-off-by: Hyman Huang <yong.huang@smartx.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2024-02-09 12:50:37 +00:00
..
acpi.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
audio.json audio/pw: Pipewire->PipeWire case fix for user-visible text 2023-07-17 15:22:56 +04:00
authz.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
block-core.json block: Support detached LUKS header creation using blockdev-create 2024-02-09 12:50:37 +00:00
block-export.json qapi: Elide "Potential additional modes" from generated docs 2024-02-03 09:20:01 +01:00
block.json qapi: Reformat recent doc comments to conform to current conventions 2023-07-26 14:51:36 +02:00
char.json qapi: Indent tagged doc comment sections properly 2024-01-26 07:04:53 +01:00
common.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
compat.json qapi: Belatedly update CompatPolicy documentation for unstable 2023-10-19 07:02:29 +02:00
control.json docs/interop: Convert qmp-spec.txt to rST 2023-05-22 10:21:01 +02:00
crypto.json crypto: Introduce SM4 symmetric cipher algorithm 2024-02-09 12:47:55 +00:00
cryptodev.json spelling: information 2023-06-09 23:38:16 +03:00
cxl.json qapi: Reformat recent doc comments to conform to current conventions 2023-07-26 14:51:36 +02:00
dump.json dump: Add command interface for kdump-raw formats 2023-11-02 18:40:37 +04:00
error.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
introspect.json qapi: Drop redundant documentation of inherited members 2024-02-03 09:19:25 +01:00
job.json blockjob: introduce block-job-change QMP command 2023-10-31 18:20:25 +01:00
machine-common.json CPU topology: extend with s390 specifics 2023-10-20 07:16:53 +02:00
machine-target.json qapi,risc-v: add query-cpu-model-expansion 2023-11-07 11:06:01 +10:00
machine.json qapi: Indent tagged doc comment sections properly 2024-01-26 07:04:53 +01:00
meson.build CPU topology: extend with s390 specifics 2023-10-20 07:16:53 +02:00
migration.json qapi/migration.json: Fix the member name for MigrationCapability 2024-01-30 21:20:20 +03:00
misc-target.json qapi: Drop redundant documentation of conditional 2024-02-03 09:19:55 +01:00
misc.json qapi: Indent tagged doc comment sections properly 2024-01-26 07:04:53 +01:00
net.json qapi: Fix mangled "Returns" sections in documentation 2024-01-26 07:04:53 +01:00
opts-visitor.c cutils: Adjust signature of parse_uint[_full] 2023-06-02 12:27:19 -05:00
pci.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
pragma.json qapi/pragma.json: Improve the comment about the lists of QAPI rule exceptions 2023-11-15 11:09:17 +03:00
qapi-clone-visitor.c qapi: Make visitor functions taking Error ** return bool, not void 2020-07-10 15:18:08 +02:00
qapi-dealloc-visitor.c qapi: Make visitor functions taking Error ** return bool, not void 2020-07-10 15:18:08 +02:00
qapi-forward-visitor.c qapi: remove needless include 2022-03-22 14:46:18 +04:00
qapi-schema.json CPU topology: extend with s390 specifics 2023-10-20 07:16:53 +02:00
qapi-type-helpers.c monitor: introduce HumanReadableText and HMP support 2021-11-02 15:55:13 +00:00
qapi-util.c qapi: Fix dangling references to docs/devel/qapi-code-gen.txt 2024-01-26 07:04:53 +01:00
qapi-visit-core.c qapi: Factor out compat_policy_input_ok() 2021-10-29 21:27:20 +02:00
qdev.json qapi: Fix mangled "Returns" sections in documentation 2024-01-26 07:04:53 +01:00
qmp-dispatch.c monitor: only run coroutine commands in qemu_aio_context 2024-01-26 11:16:58 +01:00
qmp-event.c Replace qemu_gettimeofday() with g_get_real_time() 2022-04-06 10:50:37 +02:00
qmp-registry.c qapi: Generalize command policy checking 2021-10-29 18:24:46 +02:00
qobject-input-visitor.c include: add qemu/keyval.h 2022-04-21 17:03:51 +04:00
qobject-output-visitor.c qapi: Extend -compat to set policy for unstable interfaces 2021-10-29 21:28:01 +02:00
qom.json qapi: Fix mangled "Returns" sections in documentation 2024-01-26 07:04:53 +01:00
rdma.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
replay.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
rocker.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
run-state.json qapi: Remove deprecated 'singlestep' member of StatusInfo 2024-01-19 11:38:32 +01:00
sockets.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
stats.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
string-input-visitor.c qapi, qemu-options: make all parsing visitors parse boolean options the same 2020-11-04 12:00:40 -05:00
string-output-visitor.c string-output-visitor: Fix (pseudo) struct handling 2024-01-26 11:16:58 +01:00
tpm.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
trace-events qapi: Generalize struct member policy checking 2021-10-29 18:23:09 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
trace.json qapi: Reformat recent doc comments to conform to current conventions 2023-07-26 14:51:36 +02:00
transaction.json qapi: Reformat doc comments to conform to current conventions 2023-05-10 10:01:01 +02:00
ui.json Make Pixman an optional dependency 2023-11-07 19:00:03 +08:00
virtio.json qdev: add IOThreadVirtQueueMappingList property type 2023-12-21 22:49:28 +01:00
yank.json qapi: Indent tagged doc comment sections properly 2024-01-26 07:04:53 +01:00