[libvirt] [PATCH v5 14/16] qemu: Get capabilities to use iscsi password-secret argument

John Ferlan Thu, 05 Oct 2017 06:50:03 -0700

Add the capability to use the blockdev-add query-qmp-schema option
to find the 'password-secret' parameter that will allow the iSCSI
code to use the master secret object to encrypt the secret for an
and only need to provide the object id of the secret on the command
line thus obsfuscating the passphrase.


Signed-off-by: John Ferlan <jfer...@redhat.com>
---
 src/qemu/qemu_capabilities.c                      | 2 ++
 src/qemu/qemu_capabilities.h                      | 1 +
 tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml  | 1 +
 tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml | 1 +
 tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml | 1 +
 tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml   | 1 +
 tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml  | 1 +
 7 files changed, 8 insertions(+)

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index f9028157f1..3e9cc6d112 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -443,6 +443,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
               /* 270 */
               "vxhs",
               "virtio-blk.num-queues",
+              "iscsi.password-secret",
     );
 
 
@@ -1804,6 +1805,7 @@ static struct virQEMUCapsStringFlags 
virQEMUCapsQMPSchemaQueries[] = {
     { "blockdev-add/arg-type/options/+gluster/debug-level", 
QEMU_CAPS_GLUSTER_DEBUG_LEVEL},
     { "blockdev-add/arg-type/+gluster/debug", QEMU_CAPS_GLUSTER_DEBUG_LEVEL},
     { "blockdev-add/arg-type/+vxhs", QEMU_CAPS_VXHS},
+    { "blockdev-add/arg-type/+iscsi/password-secret", 
QEMU_CAPS_ISCSI_PASSWORD_SECRET },
 };
 
 struct virQEMUCapsObjectTypeProps {
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 2d16e5b0ef..e07891932d 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -429,6 +429,7 @@ typedef enum {
     /* 270 */
     QEMU_CAPS_VXHS, /* -drive file.driver=vxhs via query-qmp-schema */
     QEMU_CAPS_VIRTIO_BLK_NUM_QUEUES, /* virtio-blk-*.num-queues */
+    QEMU_CAPS_ISCSI_PASSWORD_SECRET, /* -drive 
file.driver=iscsi,...,password-secret= */
 
     QEMU_CAPS_LAST /* this must always be the last item */
 } virQEMUCapsFlags;
diff --git a/tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml 
b/tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml
index 2546ebdd9d..00697a6c87 100644
--- a/tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml
+++ b/tests/qemucapabilitiesdata/caps_2.10.0.s390x.xml
@@ -141,6 +141,7 @@
   <flag name='virtio-gpu.max_outputs'/>
   <flag name='vxhs'/>
   <flag name='virtio-blk.num-queues'/>
+  <flag name='iscsi.password-secret'/>
   <version>2010000</version>
   <kvmVersion>0</kvmVersion>
   <package></package>
diff --git a/tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml 
b/tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml
index 10a182e185..6623b820f7 100644
--- a/tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.10.0.x86_64.xml
@@ -224,6 +224,7 @@
   <flag name='virtio-gpu.max_outputs'/>
   <flag name='vxhs'/>
   <flag name='virtio-blk.num-queues'/>
+  <flag name='iscsi.password-secret'/>
   <version>2010000</version>
   <kvmVersion>0</kvmVersion>
   <package> (v2.10.0)</package>
diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml 
b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
index 786cea8eab..e2bba89d40 100644
--- a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
@@ -173,6 +173,7 @@
   <flag name='chardev-reconnect'/>
   <flag name='virtio-gpu.max_outputs'/>
   <flag name='virtio-blk.num-queues'/>
+  <flag name='iscsi.password-secret'/>
   <version>2009000</version>
   <kvmVersion>0</kvmVersion>
   <package> (v2.9.0)</package>
diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml 
b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
index 896ed503c3..4dc9ad5b56 100644
--- a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
@@ -138,6 +138,7 @@
   <flag name='chardev-reconnect'/>
   <flag name='virtio-gpu.max_outputs'/>
   <flag name='virtio-blk.num-queues'/>
+  <flag name='iscsi.password-secret'/>
   <version>2009000</version>
   <kvmVersion>0</kvmVersion>
   <package></package>
diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml 
b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
index e3ff127270..5cfdc352d6 100644
--- a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
@@ -221,6 +221,7 @@
   <flag name='chardev-reconnect'/>
   <flag name='virtio-gpu.max_outputs'/>
   <flag name='virtio-blk.num-queues'/>
+  <flag name='iscsi.password-secret'/>
   <version>2009000</version>
   <kvmVersion>0</kvmVersion>
   <package> (v2.9.0)</package>
-- 
2.13.6

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v5 14/16] qemu: Get capabilities to use iscsi password-secret argument

Reply via email to