Gang Wei has posted comments on this change.
Change subject: enigne:Trusted Compute Pools - Open Attestation integration
with oVirt engine proposal
......................................................................
Patch Set 2: (7 inline comments)
respond to comments in patchset 2
....................................................
File
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/attestationbroker/AttestationService.java
Line 72: }
Line 73:
Line 74: public boolean validateHostIsTrusted(VDS vds) {
Line 75: Set<String> hosts = new HashSet<String>();
Line 76: hosts.add(vds.gethost_name());
Done
Line 77: List<AttestationValue> valueList = attestHosts(hosts);
Line 78: if (valueList.get(0).getTrustLevel() ==
AttestationResultEnum.TRUSTED) {
Line 79: return true;
Line 80: } else {
Line 74: public boolean validateHostIsTrusted(VDS vds) {
Line 75: Set<String> hosts = new HashSet<String>();
Line 76: hosts.add(vds.gethost_name());
Line 77: List<AttestationValue> valueList = attestHosts(hosts);
Line 78: if (valueList.get(0).getTrustLevel() ==
AttestationResultEnum.TRUSTED) {
Done
Line 79: return true;
Line 80: } else {
Line 81: return false;
Line 82: }
Line 98: log.debug("return attested result:" + strResponse);
Line 99: if (statusCode == 200) {
Line 100: values = parsePostedResp(strResponse);
Line 101: } else {
Line 102: String fault = strResponse;
Done
Line 103: log.error("attestation error:" + fault);
Line 104: }
Line 105: } catch (JsonParseException e) {
Line 106: log.error(
....................................................
File
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/attestationbroker/AttestationValue.java
Line 5:
Line 6: public class AttestationValue {
Line 7:
Line 8: private String hostName;
Line 9: private AttestationResultEnum trustLevel;
yes, a host can only be trusted/untrusted.
Line 10:
Line 11: public AttestationValue() {
Line 12: trustLevel = AttestationResultEnum.UNKNOWN;
Line 13: }
....................................................
File
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitVdsOnUpCommand.java
Line 70: super(parameters);
Line 71: setVds(parameters.getVds());
Line 72: }
Line 73:
Line 74: private boolean validateHost() {
Done
Line 75: if
(AttestationService.getInstance().validateHostIsTrusted(getVds())) {
Line 76: return true;
Line 77: } else {
Line 78: setNonOperational(NonOperationalReason.GENERAL, null);
Line 74: private boolean validateHost() {
Line 75: if
(AttestationService.getInstance().validateHostIsTrusted(getVds())) {
Line 76: return true;
Line 77: } else {
Line 78: setNonOperational(NonOperationalReason.GENERAL, null);
Done
Line 79: return false;
Line 80: }
Line 81: }
Line 82:
....................................................
File
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/Config.java
Line 39: *
Line 40: * @return an absolute path for AttestaionTruststore
Line 41: */
Line 42: public static String resolveAttestationTrustStorePath() {
Line 43: return ConfigUtil.resolvePath(resolveCABasePath(),
Config.<String> GetValue(ConfigValues.AttestationTruststore));
Done
Line 44: }
Line 45:
--
To view, visit http://gerrit.ovirt.org/14605
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I8ce3448a821c74521d277f92f2c8d63ba0accfed
Gerrit-PatchSet: 2
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Dave Chen <[email protected]>
Gerrit-Reviewer: Dave Chen <[email protected]>
Gerrit-Reviewer: Doron Fediuck <[email protected]>
Gerrit-Reviewer: Eli Mesika <[email protected]>
Gerrit-Reviewer: Emily Zhang <[email protected]>
Gerrit-Reviewer: Gang Wei <[email protected]>
Gerrit-Reviewer: Omer Frenkel <[email protected]>
Gerrit-Reviewer: Tal Nisan <[email protected]>
Gerrit-Reviewer: Yair Zaslavsky <[email protected]>
Gerrit-Reviewer: ofri masad <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
