Merge "libvirt: Introduce disk encryption config classes"

2018-01-22 22:21:43 +00:00 · 2018-01-22 22:21:43 +00:00 · d42db643e8
parent b39c39017f 6b0afca571
commit d42db643e8
2 changed files with 106 additions and 0 deletions
--- a/nova/tests/unit/virt/libvirt/test_config.py
+++ b/nova/tests/unit/virt/libvirt/test_config.py
@ -18,6 +18,7 @@ from oslo_utils import units
 from nova.objects import fields as obj_fields
 from nova import test
 from nova.tests.unit import matchers
+from nova.tests import uuidsentinel as uuids
 from nova.virt.libvirt import config


@ -790,6 +791,62 @@ class LibvirtConfigGuestDiskTest(LibvirtConfigBaseTest):
        obj.parse_dom(xmldoc)
        self.assertEqual(obj.mirror.ready, "yes")

+    def test_config_disk_encryption_format(self):
+        d = config.LibvirtConfigGuestDisk()
+        e = config.LibvirtConfigGuestDiskEncryption()
+        s = config.LibvirtConfigGuestDiskEncryptionSecret()
+
+        d.driver_name = "qemu"
+        d.driver_format = "qcow2"
+        d.driver_cache = "none"
+        d.driver_io = "native"
+        d.source_type = "file"
+        d.source_path = "/tmp/hello.qcow2"
+        d.target_dev = "/dev/hda"
+        d.target_bus = "ide"
+        d.serial = uuids.serial
+        d.boot_order = "1"
+        e.format = "luks"
+        s.type = "passphrase"
+        s.uuid = uuids.secret
+        e.secret = s
+        d.encryption = e
+
+        xml = d.to_xml()
+        expected_xml = """
+            <disk type="file" device="disk">
+              <driver name="qemu" type="qcow2" cache="none" io="native"/>
+              <source file="/tmp/hello.qcow2"/>
+              <target bus="ide" dev="/dev/hda"/>
+              <serial>%s</serial>
+              <boot order="1"/>
+              <encryption format='luks'>
+                <secret type='passphrase' uuid='%s'/>
+              </encryption>
+            </disk>""" % (uuids.serial, uuids.secret)
+        self.assertXmlEqual(expected_xml, xml)
+
+    def test_config_disk_encryption_parse(self):
+        xml = """
+<disk type="file" device="disk">
+  <driver name="qemu" type="qcow2" cache="none" io="native"/>
+  <source file="/tmp/hello.qcow2"/>
+  <target bus="ide" dev="/dev/hda"/>
+  <serial>%s</serial>
+  <boot order="1"/>
+  <encryption format='luks'>
+    <secret type='passphrase' uuid='%s'/>
+  </encryption>
+</disk>""" % (uuids.serial, uuids.secret)
+
+        xmldoc = etree.fromstring(xml)
+        d = config.LibvirtConfigGuestDisk()
+        d.parse_dom(xmldoc)
+
+        self.assertEqual(d.encryption.format, "luks")
+        self.assertEqual(d.encryption.secret.type, "passphrase")
+        self.assertEqual(d.encryption.secret.uuid, uuids.secret)
+
    def test_config_boot_order_parse(self):
        xml = """
            <disk type="file" device="disk">
--- a/nova/virt/libvirt/config.py
+++ b/nova/virt/libvirt/config.py
@ -716,6 +716,7 @@ class LibvirtConfigGuestDisk(LibvirtConfigGuestDevice):
        self.device_addr = None
        self.boot_order = None
        self.mirror = None
+        self.encryption = None

    def format_dom(self):
        dev = super(LibvirtConfigGuestDisk, self).format_dom()
@ -826,6 +827,9 @@ class LibvirtConfigGuestDisk(LibvirtConfigGuestDevice):
        if self.device_addr:
            dev.append(self.device_addr.format_dom())

+        if self.encryption:
+            dev.append(self.encryption.format_dom())
+
        return dev

    def parse_dom(self, xmldoc):
@ -882,6 +886,10 @@ class LibvirtConfigGuestDisk(LibvirtConfigGuestDevice):
                m = LibvirtConfigGuestDiskMirror()
                m.parse_dom(c)
                self.mirror = m
+            elif c.tag == 'encryption':
+                e = LibvirtConfigGuestDiskEncryption()
+                e.parse_dom(c)
+                self.encryption = e


 class LibvirtConfigGuestDiskBackingStore(LibvirtConfigObject):
@ -1107,6 +1115,47 @@ class LibvirtConfigGuestFilesys(LibvirtConfigGuestDevice):
                self.target_dir = c.get('dir')


+class LibvirtConfigGuestDiskEncryptionSecret(LibvirtConfigObject):
+    def __init__(self, **kwargs):
+        super(LibvirtConfigGuestDiskEncryptionSecret, self).__init__(**kwargs)
+        self.type = None
+        self.uuid = None
+
+    def parse_dom(self, xmldoc):
+        self.type = xmldoc.get('type')
+        self.uuid = xmldoc.get('uuid')
+
+    def format_dom(self):
+        obj = etree.Element("secret")
+        obj.set("type", self.type)
+        obj.set("uuid", self.uuid)
+        return obj
+
+
+class LibvirtConfigGuestDiskEncryption(LibvirtConfigObject):
+    """https://libvirt.org/formatstorageencryption.html
+    """
+    def __init__(self, **kwargs):
+        super(LibvirtConfigGuestDiskEncryption, self).__init__(**kwargs)
+        self.format = None
+        self.secret = None
+
+    def parse_dom(self, xmldoc):
+        self.format = xmldoc.get('format')
+        for c in xmldoc.getchildren():
+            if c.tag == 'secret':
+                m = LibvirtConfigGuestDiskEncryptionSecret()
+                m.parse_dom(c)
+                self.secret = m
+
+    def format_dom(self):
+        obj = etree.Element("encryption")
+        obj.set("format", self.format)
+        obj.append(self.secret.format_dom())
+
+        return obj
+
+
 class LibvirtConfigGuestDiskMirror(LibvirtConfigObject):

    def __init__(self, **kwargs):