Commit 051233b6 authored by Daniel P. Berrangé's avatar Daniel P. Berrangé

scripts: switch to using luks encryption with QEMU

The ability to use qcow legacy encryption is disabled with QEMU for a
long time. Switch to using luks encryption, although this is not yet
fully wired up in libvirt so the tests still (temporarily) fail.
Reviewed-by: 's avatarLaine Stump <laine@laine.org>
Signed-off-by: 's avatarDaniel P. Berrangé <berrange@redhat.com>
parent fb906a39
......@@ -412,8 +412,8 @@ sub as_xml {
$w->emptyTag("target",
dev => $disk->{dst},
$disk->{bus} ? (bus => $disk->{bus}) : ());
if ($disk->{secret}) {
$w->startTag("encryption", format => "qcow");
if ($disk->{encryption_format}) {
$w->startTag("encryption", format => $disk->{encryption_format});
$w->emptyTag("secret", type => "passphrase", uuid => $disk->{secret});
$w->endTag("encryption");
}
......
......@@ -60,6 +60,14 @@ sub format {
return $self;
}
sub encryption_format {
my $self = shift;
$self->{encformat} = shift;
return $self;
}
sub secret {
my $self = shift;
......@@ -95,13 +103,13 @@ sub as_xml {
$w->dataElement("capacity", $self->{capacity});
$w->dataElement("allocation", $self->{allocation});
if ($self->{format} || $self->{secret}) {
if ($self->{format} || $self->{encformat}) {
$w->startTag("target");
if ($self->{format}) {
$w->emptyTag("format", type => $self->{format});
}
if ($self->{secret}) {
$w->startTag("encryption", format => "qcow");
if ($self->{encformat}) {
$w->startTag("encryption", format => $self->{encformat});
$w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
$w->endTag("encryption");
}
......@@ -114,8 +122,8 @@ sub as_xml {
if ($self->{backingFormat}) {
$w->emptyTag("format", type => $self->{backingFormat});
}
if ($self->{secret}) {
$w->startTag("encryption", format => "qcow");
if ($self->{encformat}) {
$w->startTag("encryption", format => $self->{encformat});
$w->emptyTag("secret", type => "passphrase", uuid => $self->{secret});
$w->endTag("encryption");
}
......
......@@ -76,6 +76,7 @@ lives_ok(sub { $pool = $conn->create_storage_pool($poolXML) }, "pool created");
my $volXML = Sys::Virt::TCK::StorageVolBuilder->new(name => "demo.qcow2")
->capacity(1024*1024*1024)
->format("qcow2")
->encryption_format("luks")
->secret($secretUUID)
->as_xml();
......@@ -86,6 +87,7 @@ lives_ok(sub { $vol = $pool->create_volume($volXML) }, "volume created");
my $xml = $tck->generic_domain(name => "tck")
->disk(format => { name => "qemu", type => "qcow2" },
encryption_format => "luks",
secret => $secretUUID,
type => "file",
src => $disk,
......
......@@ -54,7 +54,11 @@ my $conn = Sys::Virt->new(address => "test:///default");
my $b = Sys::Virt::TCK::DomainBuilder->new(conn => $conn, domain => "xen", ostype => 'hvm')
->with_acpi->memory(500*1025)->vcpu(3)
->disk(format => { name => "qemu", type => "qcow2" }, type => 'block', src => "/dev/hda1", dst => "/dev/xvda", bus => "xen", secret => "0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f")
->disk(format => { name => "qemu", type => "qcow2" },
type => 'block', src => "/dev/hda1",
dst => "/dev/xvda", bus => "xen",
secret => "0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f",
encryption_format => "qcow")
->seclabel(model => "selinux", relabel => "flat", type => "hybrid", baselabel => "system_u:system_r:svirt_t:s0")
->as_xml;
......
......@@ -37,6 +37,7 @@ chomp $xml;
my $b = Sys::Virt::TCK::StorageVolBuilder->new()
->capacity(1000000)->allocation(1000000)
->format("qcow2")
->encryption_format("qcow")
->secret("0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f")
->as_xml;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment