| Message ID | 1459345997-1610-3-git-send-email-berrange@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 30.03.2016 15:53, Daniel P. Berrange wrote: > The LUKS block driver tests will require the ability to specify > encryption secrets with block devices. This requires using the > --object argument to qemu-img/qemu-io to create a 'secret' > object. > > When the IMGKEYSECRET env variable is set, it provides the > password to be associated with a secret called 'keysec0' > > Signed-off-by: Daniel P. Berrange <berrange@redhat.com> > --- > tests/qemu-iotests/common | 1 + > tests/qemu-iotests/common.config | 6 ++++++ > tests/qemu-iotests/common.filter | 3 ++- > tests/qemu-iotests/common.rc | 16 +++++++++++++--- > 4 files changed, 22 insertions(+), 4 deletions(-) Is there a reason why you didn't implement the same logic in _qemu_img_wrapper as in _qemu_io_wrapper? This works, but it appears a bit overcomplicated to me. Reviewed-by: Max Reitz <mreitz@redhat.com>
On Wed, Mar 30, 2016 at 05:51:16PM +0200, Max Reitz wrote: > On 30.03.2016 15:53, Daniel P. Berrange wrote: > > The LUKS block driver tests will require the ability to specify > > encryption secrets with block devices. This requires using the > > --object argument to qemu-img/qemu-io to create a 'secret' > > object. > > > > When the IMGKEYSECRET env variable is set, it provides the > > password to be associated with a secret called 'keysec0' > > > > Signed-off-by: Daniel P. Berrange <berrange@redhat.com> > > --- > > tests/qemu-iotests/common | 1 + > > tests/qemu-iotests/common.config | 6 ++++++ > > tests/qemu-iotests/common.filter | 3 ++- > > tests/qemu-iotests/common.rc | 16 +++++++++++++--- > > 4 files changed, 22 insertions(+), 4 deletions(-) > > Is there a reason why you didn't implement the same logic in > _qemu_img_wrapper as in _qemu_io_wrapper? Mostly because the --image-opts syntax isn't used with the 'create' command for qemu-img. I guess I could have trie to detect which command was being run and set the args accordingly. > This works, but it appears a bit overcomplicated to me. > > Reviewed-by: Max Reitz <mreitz@redhat.com> Regards, Daniel
diff --git a/tests/qemu-iotests/common b/tests/qemu-iotests/common index fe3b1a0..e87287c 100644 --- a/tests/qemu-iotests/common +++ b/tests/qemu-iotests/common @@ -53,6 +53,7 @@ export QEMU_IO_OPTIONS="" export CACHEMODE_IS_DEFAULT=true export QEMU_OPTIONS="-nodefaults" export VALGRIND_QEMU= +export IMGKEYSECRET= export IMGOPTSSYNTAX=false for r diff --git a/tests/qemu-iotests/common.config b/tests/qemu-iotests/common.config index 6d4c829..5ec40d3 100644 --- a/tests/qemu-iotests/common.config +++ b/tests/qemu-iotests/common.config @@ -126,6 +126,9 @@ _qemu_io_wrapper() local QEMU_IO_ARGS="$QEMU_IO_OPTIONS" if [ "$IMGOPTSSYNTAX" = "true" ]; then QEMU_IO_ARGS="--image-opts $QEMU_IO_ARGS" + if [ -n "$IMGKEYSECRET" ]; then + QEMU_IO_ARGS="--object secret,id=keysec0,data=$IMGKEYSECRET $QEMU_IO_ARGS" + fi fi local RETVAL ( @@ -161,6 +164,9 @@ export QEMU_NBD=_qemu_nbd_wrapper QEMU_IMG_EXTRA_ARGS= if [ "$IMGOPTSSYNTAX" = "true" ]; then QEMU_IMG_EXTRA_ARGS="--image-opts $QEMU_IMG_EXTRA_ARGS" + if [ -n "$IMGKEYSECRET" ]; then + QEMU_IMG_EXTRA_ARGS="--object secret,id=keysec0,data=$IMGKEYSECRET $QEMU_IMG_EXTRA_ARGS" + fi fi export QEMU_IMG_EXTRA_ARGS diff --git a/tests/qemu-iotests/common.filter b/tests/qemu-iotests/common.filter index 84b7434..cbd3607 100644 --- a/tests/qemu-iotests/common.filter +++ b/tests/qemu-iotests/common.filter @@ -198,7 +198,8 @@ _filter_img_create() -e "s# block_state_zero=\\(on\\|off\\)##g" \ -e "s# log_size=[0-9]\\+##g" \ -e "s/archipelago:a/TEST_DIR\//g" \ - -e "s# refcount_bits=[0-9]\\+##g" + -e "s# refcount_bits=[0-9]\\+##g" \ + -e "s# key-secret=[a-zA-Z0-9]\\+##g" } _filter_img_info() diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc index d8a832d..355dbb2 100644 --- a/tests/qemu-iotests/common.rc +++ b/tests/qemu-iotests/common.rc @@ -129,6 +129,7 @@ _make_test_img() local img_name="" local use_backing=0 local backing_file="" + local object_options="" if [ -n "$TEST_IMG_FILE" ]; then img_name=$TEST_IMG_FILE @@ -139,6 +140,10 @@ _make_test_img() if [ -n "$IMGOPTS" ]; then optstr=$(_optstr_add "$optstr" "$IMGOPTS") fi + if [ -n "$IMGKEYSECRET" ]; then + object_options="--object secret,id=keysec0,data=$IMGKEYSECRET" + optstr=$(_optstr_add "$optstr" "key-secret=keysec0") + fi if [ "$1" = "-b" ]; then use_backing=1 @@ -156,9 +161,9 @@ _make_test_img() # XXX(hch): have global image options? ( if [ $use_backing = 1 ]; then - $QEMU_IMG create -f $IMGFMT $extra_img_options -b "$backing_file" "$img_name" $image_size 2>&1 + $QEMU_IMG create $object_options -f $IMGFMT $extra_img_options -b "$backing_file" "$img_name" $image_size 2>&1 else - $QEMU_IMG create -f $IMGFMT $extra_img_options "$img_name" $image_size 2>&1 + $QEMU_IMG create $object_options -f $IMGFMT $extra_img_options "$img_name" $image_size 2>&1 fi ) | _filter_img_create @@ -222,7 +227,12 @@ _check_test_img() { ( if [ "$IMGOPTSSYNTAX" = "true" ]; then - $QEMU_IMG check --image-opts "$@" "$TEST_IMG" 2>&1 + object_options= + if [ -n "$IMGKEYSECRET" ]; then + object_options="--object secret,id=keysec0,data=$IMGKEYSECRET" + fi + + $QEMU_IMG check $object_options --image-opts "$@" "$TEST_IMG" 2>&1 else $QEMU_IMG check "$@" -f $IMGFMT "$TEST_IMG" 2>&1 fi
The LUKS block driver tests will require the ability to specify encryption secrets with block devices. This requires using the --object argument to qemu-img/qemu-io to create a 'secret' object. When the IMGKEYSECRET env variable is set, it provides the password to be associated with a secret called 'keysec0' Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- tests/qemu-iotests/common | 1 + tests/qemu-iotests/common.config | 6 ++++++ tests/qemu-iotests/common.filter | 3 ++- tests/qemu-iotests/common.rc | 16 +++++++++++++--- 4 files changed, 22 insertions(+), 4 deletions(-)