Re: [PATCH RESEND v3 04/10] crypto: Introduce creation option and structure for detached LUKS header

Thu, 04 Jan 2024 06:52:22 -0800 

On Mon, Dec 25, 2023 at 01:45:06PM +0800, Hyman Huang wrote:
> Introduce 'header' field in BlockdevCreateOptionsLUKS to support
> detached LUKS header creation. Meanwhile, introduce header-related
> field in QCryptoBlock.
> 
> Signed-off-by: Hyman Huang <yong.hu...@smartx.com>
> ---
>  crypto/blockpriv.h   | 3 +++
>  qapi/block-core.json | 3 +++
>  qapi/crypto.json     | 5 ++++-
>  3 files changed, 10 insertions(+), 1 deletion(-)
> 
> diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
> index 3c7ccea504..6289aea961 100644
> --- a/crypto/blockpriv.h
> +++ b/crypto/blockpriv.h
> @@ -42,6 +42,9 @@ struct QCryptoBlock {
>      size_t niv;
>      uint64_t payload_offset; /* In bytes */
>      uint64_t sector_size; /* In bytes */
> +
> +    bool detached_header; /* True if disk has a detached LUKS header */
> +    uint64_t detached_header_size; /* LUKS header size plus key slot size */

This field can be replaced by a local variable I believe.

>  };
>  
>  struct QCryptoBlockDriver {
> diff --git a/qapi/block-core.json b/qapi/block-core.json
> index 9ac256c489..8aec179926 100644
> --- a/qapi/block-core.json
> +++ b/qapi/block-core.json
> @@ -4948,6 +4948,8 @@
>  # @file: Node to create the image format on, mandatory except when
>  #        'preallocation' is not requested
>  #
> +# @header: Detached LUKS header node to format. (since 9.0)
> +#
>  # @size: Size of the virtual disk in bytes
>  #
>  # @preallocation: Preallocation mode for the new image (since: 4.2)
> @@ -4958,6 +4960,7 @@
>  { 'struct': 'BlockdevCreateOptionsLUKS',
>    'base': 'QCryptoBlockCreateOptionsLUKS',
>    'data': { '*file':            'BlockdevRef',
> +            '*header':          'BlockdevRef',
>              'size':             'size',
>              '*preallocation':   'PreallocMode' } }
>  
> diff --git a/qapi/crypto.json b/qapi/crypto.json
> index fd3d46ebd1..6b4e86cb81 100644
> --- a/qapi/crypto.json
> +++ b/qapi/crypto.json
> @@ -195,10 +195,13 @@
>  #     decryption key.  Mandatory except when probing image for
>  #     metadata only.
>  #
> +# @detached-header: if true, disk has detached LUKS header.
> +#
>  # Since: 2.6
>  ##
>  { 'struct': 'QCryptoBlockOptionsLUKS',
> -  'data': { '*key-secret': 'str' }}
> +  'data': { '*key-secret': 'str',
> +            '*detached-header': 'bool' }}

I don't think we need this change if we pass this info as an enum flag

>  
>  ##
>  # @QCryptoBlockCreateOptionsLUKS:
> -- 
> 2.39.1
> 

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Reply via email to