[v3,0/3] Add secret_keyring object

Message ID	20200518202804.3761-1-alex-krasikov@yandex-team.ru
Headers	show Return-Path: <SRS0=vczr=7A=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EFFFD2081A Precedence: bulk From: Alexey Krasikov <alex-krasikov@yandex-team.ru> To: berrange@redhat.com, qemu-devel@nongnu.org Subject: [PATCH v3 0/3] Add secret_keyring object Date: Mon, 18 May 2020 23:28:01 +0300 Message-Id: <20200518202804.3761-1-alex-krasikov@yandex-team.ru> Received-SPF: pass client-ip=95.108.205.193; envelope-from=alex-krasikov@yandex-team.ru; helo=forwardcorp1o.mail.yandex.net Cc: yc-core@yandex-team.ru Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	Add secret_keyring object \| expand [v3,0/3] Add secret_keyring object [v3,1/3] crypto/secret: move main logic from 'secret' to 'secret_common'. [v3,2/3] crypto/linux_keyring: add 'secret_keyring' secret object. [v3,3/3] test-crypto-secret: add 'secret_keyring' object tests.

Message ID

20200518202804.3761-1-alex-krasikov@yandex-team.ru

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EFFFD2081A
Precedence: bulk
From: Alexey Krasikov <alex-krasikov@yandex-team.ru>
To: berrange@redhat.com,
	qemu-devel@nongnu.org
Subject: [PATCH v3 0/3] Add secret_keyring object
Date: Mon, 18 May 2020 23:28:01 +0300
Message-Id: <20200518202804.3761-1-alex-krasikov@yandex-team.ru>
Received-SPF: pass client-ip=95.108.205.193;
	envelope-from=alex-krasikov@yandex-team.ru;
	helo=forwardcorp1o.mail.yandex.net
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
	DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
	RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001,
	URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: yc-core@yandex-team.ru
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

Add secret_keyring object | expand

Message

Alexey Krasikov May 18, 2020, 8:28 p.m. UTC

Add the ability to store encryption keys in the Linux keyring
facility.

For that, factor out common parts from secret to a new abstract class
secret_common, and introduce new user-creatable secret_keyring class
inheriting from it.
Use '--enable-keyring/--disable-keyring' configuration parameters
to provide this feature.

Example:

$QEMU -object secret_keyring,id=sec0,serial=0x15968230

Alexey Krasikov (3):
  crypto/secret: move main logic from 'secret' to 'secret_common'.
  crypto/linux_keyring: add 'secret_keyring' secret object.
  test-crypto-secret: add 'secret_keyring' object tests.

 configure                       |  63 +++++
 crypto/Makefile.objs            |   2 +
 crypto/secret.c                 | 351 +--------------------------
 crypto/secret_common.c          | 405 ++++++++++++++++++++++++++++++++
 crypto/secret_keyring.c         | 141 +++++++++++
 include/crypto/secret.h         |  20 +-
 include/crypto/secret_common.h  |  68 ++++++
 include/crypto/secret_keyring.h |  45 ++++
 tests/Makefile.include          |   4 +
 tests/test-crypto-secret.c      | 154 ++++++++++++
 10 files changed, 892 insertions(+), 361 deletions(-)
 create mode 100644 crypto/secret_common.c
 create mode 100644 crypto/secret_keyring.c
 create mode 100644 include/crypto/secret_common.h
 create mode 100644 include/crypto/secret_keyring.h