[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 2/3] crypto/linux_keyring: add 'secret_keyring' secret obj
From: |
Daniel P . Berrangé |
Subject: |
Re: [PATCH v3 2/3] crypto/linux_keyring: add 'secret_keyring' secret object. |
Date: |
Thu, 21 May 2020 12:10:52 +0100 |
User-agent: |
Mutt/1.13.4 (2020-02-15) |
On Mon, May 18, 2020 at 11:28:03PM +0300, Alexey Krasikov wrote:
> Add the ability for the secret object to obtain secret data from the
> Linux in-kernel key managment and retention facility, as an extra option
> to the existing ones: reading from a file or passing directly as a
> string.
>
> The secret is identified by the key serial number. The upper layers
> need to instantiate the key and make sure the QEMU process has access
> permissions to read it.
>
> Signed-off-by: Alexey Krasikov <address@hidden>
> ---
> configure | 38 ++++++++
> crypto/Makefile.objs | 1 +
> crypto/secret_keyring.c | 148 ++++++++++++++++++++++++++++++++
> include/crypto/secret_keyring.h | 52 +++++++++++
> 4 files changed, 239 insertions(+)
> create mode 100644 crypto/secret_keyring.c
> create mode 100644 include/crypto/secret_keyring.h
>
> diff --git a/configure b/configure
> index 0d69c360c0..1bae5ec0a1 100755
> --- a/configure
> +++ b/configure
> ##########################################
> # End of CC checks
> @@ -6733,6 +6766,7 @@ echo "default devices $default_devices"
> echo "plugin support $plugins"
> echo "fuzzing support $fuzzing"
> echo "gdb $gdb_bin"
> +echo "Linux keyring support $secret_keyring"
Remove the word "support" here and vertically align the value
with the line above, otherwise the configure output summary
looks odd.
With that fixed,
Reviewed-by: Daniel P. Berrangé <address@hidden>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|