On Sat, Jan 21, 2017 at 08:22:53PM +0100, Max Reitz wrote: > On 03.01.2017 19:28, Daniel P. Berrange wrote: > > Now that all encryption keys must be provided upfront via > > the QCryptoSecret API and associated block driver properties > > there is no need for any explicit encryption handling APIs > > in the block layer. Encryption can be handled transparently > > within the block driver. We only retain an API for querying > > whether an image is encrypted or not, since that is a > > potentially useful piece of metadata to report to the user. > > > > Signed-off-by: Daniel P. Berrange <berra...@redhat.com> > > --- > > block.c | 77 > > +---------------------------------------------- > > block/crypto.c | 1 - > > block/qapi.c | 2 +- > > block/qcow.c | 1 - > > block/qcow2.c | 1 - > > blockdev.c | 37 ++--------------------- > > include/block/block.h | 3 -- > > include/block/block_int.h | 1 - > > include/qapi/error.h | 1 - > > qapi/common.json | 5 +-- > > 10 files changed, 5 insertions(+), 124 deletions(-) > > It would probably make sense to replace the description of > BlockDeviceInfo's @encryption_key_missing in qapi/block-core.json by > "Deprecated; always false".
Oh yes, that makes sense. > > + error_setg_errno(errp, -ENOSYS, > > + "Setting block passwords directly is no longer > > supported"); > > A plain error_setg() without _errno should be sufficient. Will change it. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|