[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 67/69] block: add support for encryption secrets in b
From: |
Kevin Wolf |
Subject: |
[Qemu-devel] [PULL 67/69] block: add support for encryption secrets in block I/O tests |
Date: |
Thu, 12 May 2016 16:35:47 +0200 |
From: "Daniel P. Berrange" <address@hidden>
The LUKS block driver tests will require the ability to specify
encryption secrets with block devices. This requires using the
--object argument to qemu-img/qemu-io to create a 'secret'
object.
When the IMGKEYSECRET env variable is set, it provides the
password to be associated with a secret called 'keysec0'
The _qemu_img_wrapper function isn't modified as that needs
to cope with differing syntax for subcommands, so can't be
made to use the image opts syntax unconditionally.
Signed-off-by: Daniel P. Berrange <address@hidden>
Message-id: address@hidden
Signed-off-by: Max Reitz <address@hidden>
---
tests/qemu-iotests/common | 1 +
tests/qemu-iotests/common.config | 6 ++++++
tests/qemu-iotests/common.filter | 3 ++-
tests/qemu-iotests/common.rc | 9 +++++++--
4 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/tests/qemu-iotests/common b/tests/qemu-iotests/common
index fe3b1a0..e87287c 100644
--- a/tests/qemu-iotests/common
+++ b/tests/qemu-iotests/common
@@ -53,6 +53,7 @@ export QEMU_IO_OPTIONS=""
export CACHEMODE_IS_DEFAULT=true
export QEMU_OPTIONS="-nodefaults"
export VALGRIND_QEMU=
+export IMGKEYSECRET=
export IMGOPTSSYNTAX=false
for r
diff --git a/tests/qemu-iotests/common.config b/tests/qemu-iotests/common.config
index ea698da..f6384fb 100644
--- a/tests/qemu-iotests/common.config
+++ b/tests/qemu-iotests/common.config
@@ -126,6 +126,9 @@ _qemu_io_wrapper()
local QEMU_IO_ARGS="$QEMU_IO_OPTIONS"
if [ "$IMGOPTSSYNTAX" = "true" ]; then
QEMU_IO_ARGS="--image-opts $QEMU_IO_ARGS"
+ if [ -n "$IMGKEYSECRET" ]; then
+ QEMU_IO_ARGS="--object secret,id=keysec0,data=$IMGKEYSECRET
$QEMU_IO_ARGS"
+ fi
fi
local RETVAL
(
@@ -161,6 +164,9 @@ export QEMU_NBD=_qemu_nbd_wrapper
QEMU_IMG_EXTRA_ARGS=
if [ "$IMGOPTSSYNTAX" = "true" ]; then
QEMU_IMG_EXTRA_ARGS="--image-opts $QEMU_IMG_EXTRA_ARGS"
+ if [ -n "$IMGKEYSECRET" ]; then
+ QEMU_IMG_EXTRA_ARGS="--object secret,id=keysec0,data=$IMGKEYSECRET
$QEMU_IMG_EXTRA_ARGS"
+ fi
fi
export QEMU_IMG_EXTRA_ARGS
diff --git a/tests/qemu-iotests/common.filter b/tests/qemu-iotests/common.filter
index 72f77fa..7853dbb 100644
--- a/tests/qemu-iotests/common.filter
+++ b/tests/qemu-iotests/common.filter
@@ -98,7 +98,8 @@ _filter_img_create()
-e "s# block_state_zero=\\(on\\|off\\)##g" \
-e "s# log_size=[0-9]\\+##g" \
-e "s/archipelago:a/TEST_DIR\//g" \
- -e "s# refcount_bits=[0-9]\\+##g"
+ -e "s# refcount_bits=[0-9]\\+##g" \
+ -e "s# key-secret=[a-zA-Z0-9]\\+##g"
}
_filter_img_info()
diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc
index 080f1bc..164792d 100644
--- a/tests/qemu-iotests/common.rc
+++ b/tests/qemu-iotests/common.rc
@@ -129,6 +129,7 @@ _make_test_img()
local img_name=""
local use_backing=0
local backing_file=""
+ local object_options=""
if [ -n "$TEST_IMG_FILE" ]; then
img_name=$TEST_IMG_FILE
@@ -139,6 +140,10 @@ _make_test_img()
if [ -n "$IMGOPTS" ]; then
optstr=$(_optstr_add "$optstr" "$IMGOPTS")
fi
+ if [ -n "$IMGKEYSECRET" ]; then
+ object_options="--object secret,id=keysec0,data=$IMGKEYSECRET"
+ optstr=$(_optstr_add "$optstr" "key-secret=keysec0")
+ fi
if [ "$1" = "-b" ]; then
use_backing=1
@@ -156,9 +161,9 @@ _make_test_img()
# XXX(hch): have global image options?
(
if [ $use_backing = 1 ]; then
- $QEMU_IMG create -f $IMGFMT $extra_img_options -b "$backing_file"
"$img_name" $image_size 2>&1
+ $QEMU_IMG create $object_options -f $IMGFMT $extra_img_options -b
"$backing_file" "$img_name" $image_size 2>&1
else
- $QEMU_IMG create -f $IMGFMT $extra_img_options "$img_name" $image_size
2>&1
+ $QEMU_IMG create $object_options -f $IMGFMT $extra_img_options
"$img_name" $image_size 2>&1
fi
) | _filter_img_create
--
1.8.3.1
- [Qemu-devel] [PULL 59/69] qmp: add monitor command to add/remove a child, (continued)
- [Qemu-devel] [PULL 59/69] qmp: add monitor command to add/remove a child, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 36/69] xen_disk: Switch to byte-based aio block access, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 42/69] m25p80: Switch to byte-based block access, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 69/69] qemu-iotests: iotests: fail hard if not run via "check", Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 43/69] atapi: Switch to byte-based block access, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 45/69] qemu-img: Switch to byte-based block access, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 52/69] block: Invalidate all children, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 55/69] iotests: fix the redirection order in 083, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 64/69] qemu-io: Add 'write -f' to test FUA flag, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 66/69] block: add support for --image-opts in block I/O tests, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 67/69] block: add support for encryption secrets in block I/O tests,
Kevin Wolf <=
- [Qemu-devel] [PULL 41/69] sd: Switch to byte-based block access, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 56/69] qemu-img: check block status of backing file when converting., Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 53/69] block: Drop superfluous invalidating bs->file from drivers, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 57/69] Add new block driver interface to add/delete a BDS's child, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 54/69] block: Inactivate all children, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 65/69] qemu-io: Add 'write -z -u' to test MAY_UNMAP flag, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 62/69] qemu-io: Use bool for command line flags, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 58/69] quorum: implement bdrv_add_child() and bdrv_del_child(), Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 61/69] qemu-io: Make 'open' subcommand more like command line, Kevin Wolf, 2016/05/12
- [Qemu-devel] [PULL 60/69] qemu-io: Add missing option documentation, Kevin Wolf, 2016/05/12