[virt-tools-list] [virt-manager PATCH] cli: Add --keywrap cipher[0-9]*.name=aes|des, cipher[0-9]*.state=on|off
Athina Plaskasoviti
athina.plaskasoviti at gmail.com
Sun Jul 21 13:37:37 UTC 2019
XML Mapping:
<domain>
...
<keywrap>
<cipher name="X" state="X"/>
</keywrap>
...
</domain>
Signed-off-by: Athina Plaskasoviti <athina.plaskasoviti at gmail.com>
---
.../virt-install-singleton-config-2.xml | 6 +++++
tests/clitest.py | 1 +
virtinst/cli.py | 27 +++++++++++++++++++
virtinst/domain/__init__.py | 1 +
virtinst/domain/keywrap.py | 19 +++++++++++++
virtinst/guest.py | 3 ++-
6 files changed, 56 insertions(+), 1 deletion(-)
create mode 100644 virtinst/domain/keywrap.py
diff --git a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml
index cf03abec..048f5327 100644
--- a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml
+++ b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml
@@ -211,6 +211,9 @@
<seclabel type="dynamic" model="dac">
<label>012:345</label>
</seclabel>
+ <keywrap>
+ <cipher name="aes" state="on"/>
+ </keywrap>
<on_lockfailure>ignore</on_lockfailure>
<cputune>
<vcpupin vcpu="0" cpuset="0-3"/>
@@ -432,6 +435,9 @@
<seclabel type="dynamic" model="dac">
<label>012:345</label>
</seclabel>
+ <keywrap>
+ <cipher name="aes" state="on"/>
+ </keywrap>
<on_lockfailure>ignore</on_lockfailure>
<cputune>
<vcpupin vcpu="0" cpuset="0-3"/>
diff --git a/tests/clitest.py b/tests/clitest.py
index c3d0297d..fc648f1d 100644
--- a/tests/clitest.py
+++ b/tests/clitest.py
@@ -520,6 +520,7 @@ cache.mode=emulate,cache.level=3
--idmap uid_start=0,uid_target=1000,uid_count=10,gid_start=0,gid_target=1000,gid_count=10
--seclabel type=static,label='system_u:object_r:svirt_image_t:s0:c100,c200',relabel=yes,baselabel=baselabel
--seclabel type=dynamic,label=012:345
+--keywrap cipher0.name=aes,cipher0.state=on
--numatune 1-3,4,mode=strict,\
memnode0.cellid=1,memnode0.mode=strict,memnode0.nodeset=2
--memtune hard_limit=10,soft_limit=20,swap_hard_limit=30,min_guarantee=40
diff --git a/virtinst/cli.py b/virtinst/cli.py
index 77d38c69..7b1fc63b 100644
--- a/virtinst/cli.py
+++ b/virtinst/cli.py
@@ -776,6 +776,10 @@ def add_guest_xml_options(geng):
geng.add_argument("--seclabel", "--security", action="append",
help=_("Set domain seclabel configuration."))
+ ParserKeyWrap.register()
+ geng.add_argument("--keywrap", action="append",
+ help=_("Set guest to perform the S390 cryptographic key management operations."))
+
ParserCputune.register()
geng.add_argument("--cputune", action="append",
help=_("Tune CPU parameters for the domain process."))
@@ -2397,6 +2401,29 @@ class ParserSeclabel(VirtCLIParser):
cls.add_arg("baselabel", "baselabel", can_comma=True)
+######################
+# --keywrap parsing #
+######################
+
+class ParserKeyWrap(VirtCLIParser):
+ cli_arg_name = "keywrap"
+ guest_propname = "keywrap"
+
+ def cipher_find_inst_cb(self, *args, **kwargs):
+ cliarg = "cipher" # keywrap[0-9]*
+ list_propname = "cipher"
+ cb = self._make_find_inst_cb(cliarg, list_propname)
+ return cb(*args, **kwargs)
+
+ @classmethod
+ def _init_class(cls, **kwargs):
+ VirtCLIParser._init_class(**kwargs)
+ cls.add_arg("cipher[0-9]*.name", "name", can_comma=True,
+ find_inst_cb=cls.cipher_find_inst_cb)
+ cls.add_arg("cipher[0-9]*.state", "state", can_comma=True,
+ find_inst_cb=cls.cipher_find_inst_cb)
+
+
######################
# --features parsing #
######################
diff --git a/virtinst/domain/__init__.py b/virtinst/domain/__init__.py
index b7157c9c..fe9bef3d 100644
--- a/virtinst/domain/__init__.py
+++ b/virtinst/domain/__init__.py
@@ -16,6 +16,7 @@ from .os import DomainOs
from .pm import DomainPm
from .resource import DomainResource
from .seclabel import DomainSeclabel
+from .keywrap import DomainKeyWrap
from .sysinfo import DomainSysinfo
from .vcpus import DomainVCPUs
from .xmlnsqemu import DomainXMLNSQemu
diff --git a/virtinst/domain/keywrap.py b/virtinst/domain/keywrap.py
new file mode 100644
index 00000000..b3a70442
--- /dev/null
+++ b/virtinst/domain/keywrap.py
@@ -0,0 +1,19 @@
+from ..xmlbuilder import XMLBuilder, XMLProperty, XMLChildProperty
+
+
+class _KeyWrap(XMLBuilder):
+
+ XML_NAME = "cipher"
+ _XML_PROP_ORDER = ["name", "state"]
+
+ name = XMLProperty("./@name")
+ state = XMLProperty("./@state", is_onoff=True)
+
+
+class DomainKeyWrap(XMLBuilder):
+ """
+ Class for generating <keywrap> XML
+ """
+ XML_NAME = "keywrap"
+
+ cipher = XMLChildProperty(_KeyWrap)
diff --git a/virtinst/guest.py b/virtinst/guest.py
index f0fcfe7d..c7deff8a 100644
--- a/virtinst/guest.py
+++ b/virtinst/guest.py
@@ -213,7 +213,7 @@ class Guest(XMLBuilder):
"vcpu_cpuset", "vcpulist", "numatune", "resource", "sysinfo",
"bootloader", "os", "idmap", "features", "cpu", "clock",
"on_poweroff", "on_reboot", "on_crash",
- "pm", "emulator", "devices", "launchSecurity", "seclabels"]
+ "pm", "emulator", "devices", "launchSecurity", "seclabels", "keywrap"]
def __init__(self, *args, **kwargs):
XMLBuilder.__init__(self, *args, **kwargs)
@@ -294,6 +294,7 @@ class Guest(XMLBuilder):
vcpulist = XMLChildProperty(DomainVCPUs, is_single=True)
seclabels = XMLChildProperty(DomainSeclabel)
+ keywrap = XMLChildProperty(DomainKeyWrap, is_single=True)
os = XMLChildProperty(DomainOs, is_single=True)
features = XMLChildProperty(DomainFeatures, is_single=True)
clock = XMLChildProperty(DomainClock, is_single=True)
--
2.20.1
More information about the virt-tools-list
mailing list