[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-block] [PATCH v2 10/17] block: add generic full disk encryptio
|
From: |
Daniel P. Berrange |
|
Subject: |
Re: [Qemu-block] [PATCH v2 10/17] block: add generic full disk encryption driver |
|
Date: |
Thu, 21 Jan 2016 11:02:30 +0000 |
|
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Thu, Jan 21, 2016 at 05:12:08PM +0800, Fam Zheng wrote:
> On Wed, 01/20 17:38, Daniel P. Berrange wrote:
> > + /* XXX Should we treat size as being total physical size
> > + * of the image (ie payload + encryption header), or just
> > + * the logical size of the image (ie payload). If the latter
> > + * then we need to extend 'size' to include the header
> > + * size */
>
> The latter. :)
Ok
> > + qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, &error_abort);
> > +#define BLOCK_CRYPTO_DRIVER(name, format) \
> > + static int block_crypto_probe_ ## name(const uint8_t *buf, \
> > + int buf_size, \
> > + const char *filename) { \
> > + return block_crypto_probe_generic(format, \
> > + buf, buf_size, filename); \
> > + } \
> > + \
> > + static int block_crypto_open_ ## name(BlockDriverState *bs, \
> > + QDict *options, \
> > + int flags, \
> > + Error **errp) \
> > + { \
> > + return block_crypto_open_generic(format, \
> > + &block_crypto_runtime_opts_ ##
> > name, \
> > + bs, options, flags, errp); \
> > + } \
> > + \
> > + static int block_crypto_create_ ## name(const char *filename, \
> > + QemuOpts *opts, \
> > + Error **errp) \
> > + { \
> > + return block_crypto_create_generic(format, \
> > + filename, opts, errp); \
> > + } \
> > + \
> > + BlockDriver bdrv_crypto_ ## name = { \
> > + .format_name = #name, \
> > + .instance_size = sizeof(BlockCrypto), \
> > + .bdrv_probe = block_crypto_probe_ ## name, \
> > + .bdrv_open = block_crypto_open_ ## name, \
> > + .bdrv_close = block_crypto_close, \
> > + .bdrv_create = block_crypto_create_ ## name, \
> > + .create_opts = &block_crypto_create_opts_ ## name, \
> > + \
> > + .bdrv_co_readv = block_crypto_co_readv, \
> > + .bdrv_co_writev = block_crypto_co_writev, \
> > + .bdrv_getlength = block_crypto_getlength, \
> > + }
> > +
> > +BLOCK_CRYPTO_DRIVER(luks, Q_CRYPTO_BLOCK_FORMAT_LUKS);
>
> Personally I really prefer a preprocessed version, for the ease of grep.
I'm not sure I understand what you mean by a preprocessed version - could
you expand on that.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
- Re: [Qemu-block] [PATCH v2 04/17] crypto: add support for generating initialization vectors, (continued)
- [Qemu-block] [PATCH v2 08/17] block: add flag to indicate that no I/O will be performed, Daniel P. Berrange, 2016/01/20
- [Qemu-block] [PATCH v2 09/17] qemu-img/qemu-io: don't prompt for passwords if not required, Daniel P. Berrange, 2016/01/20
- [Qemu-block] [PATCH v2 06/17] crypto: add block encryption framework, Daniel P. Berrange, 2016/01/20
- [Qemu-block] [PATCH v2 07/17] crypto: implement the LUKS block encryption format, Daniel P. Berrange, 2016/01/20
- [Qemu-block] [PATCH v2 11/17] qcow2: make qcow2_encrypt_sectors encrypt in place, Daniel P. Berrange, 2016/01/20
- [Qemu-block] [PATCH v2 10/17] block: add generic full disk encryption driver, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 13/17] qcow: make encrypt_sectors encrypt in place, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 14/17] qcow: convert QCow to use QCryptoBlock for encryption, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 17/17] block: remove support for legecy AES qcow/qcow2 encryption, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 15/17] block: rip out all traces of password prompting, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 16/17] block: remove all encryption handling APIs, Daniel P. Berrange, 2016/01/20
[Qemu-block] [PATCH v2 12/17] qcow2: convert QCow2 to use QCryptoBlock for encryption, Daniel P. Berrange, 2016/01/20