diff options
Diffstat (limited to 'qapi')
| -rw-r--r-- | qapi/block-core.json | 124 | ||||
| -rw-r--r-- | qapi/block.json | 16 | ||||
| -rw-r--r-- | qapi/crypto.json | 146 | ||||
| -rw-r--r-- | qapi/event.json | 4 | ||||
| -rw-r--r-- | qapi/introspect.json | 12 | ||||
| -rw-r--r-- | qapi/opts-visitor.c | 3 | ||||
| -rw-r--r-- | qapi/qapi-util.c | 1 | ||||
| -rw-r--r-- | qapi/qapi-visit-core.c | 1 | ||||
| -rw-r--r-- | qapi/qmp-dispatch.c | 1 | ||||
| -rw-r--r-- | qapi/qmp-input-visitor.c | 1 | ||||
| -rw-r--r-- | qapi/string-input-visitor.c | 1 |
11 files changed, 237 insertions, 73 deletions
diff --git a/qapi/block-core.json b/qapi/block-core.json index 9bf1b22b72..1d09079cc1 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -242,11 +242,12 @@ # @drv: the name of the block format used to open the backing device. As of # 0.14.0 this can be: 'blkdebug', 'bochs', 'cloop', 'cow', 'dmg', # 'file', 'file', 'ftp', 'ftps', 'host_cdrom', 'host_device', -# 'http', 'https', 'nbd', 'parallels', 'qcow', +# 'http', 'https', 'luks', 'nbd', 'parallels', 'qcow', # 'qcow2', 'raw', 'tftp', 'vdi', 'vmdk', 'vpc', 'vvfat' # 2.2: 'archipelago' added, 'cow' dropped # 2.3: 'host_floppy' deprecated # 2.5: 'host_floppy' dropped +# 2.6: 'luks' added # # @backing_file: #optional the name of the backing file (for copy-on-write) # @@ -1614,7 +1615,6 @@ # # Includes cache-related options for block devices # -# @writeback: #optional enables writeback mode for any caches (default: true) # @direct: #optional enables use of O_DIRECT (bypass the host page cache; # default: false) # @no-flush: #optional ignore any flush requests for the device (default: @@ -1623,8 +1623,7 @@ # Since: 1.7 ## { 'struct': 'BlockdevCacheOptions', - 'data': { '*writeback': 'bool', - '*direct': 'bool', + 'data': { '*direct': 'bool', '*no-flush': 'bool' } } ## @@ -1639,62 +1638,11 @@ { 'enum': 'BlockdevDriver', 'data': [ 'archipelago', 'blkdebug', 'blkverify', 'bochs', 'cloop', 'dmg', 'file', 'ftp', 'ftps', 'host_cdrom', 'host_device', - 'http', 'https', 'null-aio', 'null-co', 'parallels', + 'http', 'https', 'luks', 'null-aio', 'null-co', 'parallels', 'qcow', 'qcow2', 'qed', 'quorum', 'raw', 'tftp', 'vdi', 'vhdx', 'vmdk', 'vpc', 'vvfat' ] } ## -# @BlockdevOptionsBase -# -# Options that are available for all block devices, independent of the block -# driver. -# -# @driver: block driver name -# @id: #optional id by which the new block device can be referred to. -# This option is only allowed on the top level of blockdev-add. -# A BlockBackend will be created by blockdev-add if and only if -# this option is given. -# @node-name: #optional the name of a block driver state node (Since 2.0). -# This option is required on the top level of blockdev-add if -# the @id option is not given there. -# @discard: #optional discard-related options (default: ignore) -# @cache: #optional cache-related options -# @aio: #optional AIO backend (default: threads) -# @rerror: #optional how to handle read errors on the device -# (default: report) -# @werror: #optional how to handle write errors on the device -# (default: enospc) -# @read-only: #optional whether the block device should be read-only -# (default: false) -# @stats-account-invalid: #optional whether to include invalid -# operations when computing last access statistics -# (default: true) (Since 2.5) -# @stats-account-failed: #optional whether to include failed -# operations when computing latency and last -# access statistics (default: true) (Since 2.5) -# @stats-intervals: #optional list of intervals for collecting I/O -# statistics, in seconds (default: none) (Since 2.5) -# @detect-zeroes: #optional detect and optimize zero writes (Since 2.1) -# (default: off) -# -# Since: 1.7 -## -{ 'struct': 'BlockdevOptionsBase', - 'data': { 'driver': 'BlockdevDriver', - '*id': 'str', - '*node-name': 'str', - '*discard': 'BlockdevDiscardOptions', - '*cache': 'BlockdevCacheOptions', - '*aio': 'BlockdevAioOptions', - '*rerror': 'BlockdevOnError', - '*werror': 'BlockdevOnError', - '*read-only': 'bool', - '*stats-account-invalid': 'bool', - '*stats-account-failed': 'bool', - '*stats-intervals': ['int'], - '*detect-zeroes': 'BlockdevDetectZeroesOptions' } } - -## # @BlockdevOptionsFile # # Driver specific block device options for the file backend and similar @@ -1757,6 +1705,22 @@ 'data': { 'file': 'BlockdevRef' } } ## +# @BlockdevOptionsLUKS +# +# Driver specific block device options for LUKS. +# +# @key-secret: #optional the ID of a QCryptoSecret object providing +# the decryption key (since 2.6). Mandatory except when +# doing a metadata-only probe of the image. +# +# Since: 2.6 +## +{ 'struct': 'BlockdevOptionsLUKS', + 'base': 'BlockdevOptionsGenericFormat', + 'data': { '*key-secret': 'str' } } + + +## # @BlockdevOptionsGenericCOWFormat # # Driver specific block device options for image format that have no option @@ -2070,12 +2034,55 @@ ## # @BlockdevOptions # -# Options for creating a block device. +# Options for creating a block device. Many options are available for all +# block devices, independent of the block driver: +# +# @driver: block driver name +# @id: #optional id by which the new block device can be referred to. +# This option is only allowed on the top level of blockdev-add. +# A BlockBackend will be created by blockdev-add if and only if +# this option is given. +# @node-name: #optional the name of a block driver state node (Since 2.0). +# This option is required on the top level of blockdev-add if +# the @id option is not given there. +# @discard: #optional discard-related options (default: ignore) +# @cache: #optional cache-related options +# @aio: #optional AIO backend (default: threads) +# @rerror: #optional how to handle read errors on the device +# (default: report) +# @werror: #optional how to handle write errors on the device +# (default: enospc) +# @read-only: #optional whether the block device should be read-only +# (default: false) +# @stats-account-invalid: #optional whether to include invalid +# operations when computing last access statistics +# (default: true) (Since 2.5) +# @stats-account-failed: #optional whether to include failed +# operations when computing latency and last +# access statistics (default: true) (Since 2.5) +# @stats-intervals: #optional list of intervals for collecting I/O +# statistics, in seconds (default: none) (Since 2.5) +# @detect-zeroes: #optional detect and optimize zero writes (Since 2.1) +# (default: off) +# +# Remaining options are determined by the block driver. # # Since: 1.7 ## { 'union': 'BlockdevOptions', - 'base': 'BlockdevOptionsBase', + 'base': { 'driver': 'BlockdevDriver', + '*id': 'str', + '*node-name': 'str', + '*discard': 'BlockdevDiscardOptions', + '*cache': 'BlockdevCacheOptions', + '*aio': 'BlockdevAioOptions', + '*rerror': 'BlockdevOnError', + '*werror': 'BlockdevOnError', + '*read-only': 'bool', + '*stats-account-invalid': 'bool', + '*stats-account-failed': 'bool', + '*stats-intervals': ['int'], + '*detect-zeroes': 'BlockdevDetectZeroesOptions' }, 'discriminator': 'driver', 'data': { 'archipelago':'BlockdevOptionsArchipelago', @@ -2093,6 +2100,7 @@ 'http': 'BlockdevOptionsFile', 'https': 'BlockdevOptionsFile', # TODO iscsi: Wait for structured options + 'luks': 'BlockdevOptionsLUKS', # TODO nbd: Should take InetSocketAddress for 'host'? # TODO nfs: Wait for structured options 'null-aio': 'BlockdevOptionsNull', diff --git a/qapi/block.json b/qapi/block.json index 58e6b301bf..937337dce5 100644 --- a/qapi/block.json +++ b/qapi/block.json @@ -196,3 +196,19 @@ ## { 'event': 'DEVICE_TRAY_MOVED', 'data': { 'device': 'str', 'tray-open': 'bool' } } + +## +# @QuorumOpType +# +# An enumeration of the quorum operation types +# +# @read: read operation +# +# @write: write operation +# +# @flush: flush operation +# +# Since: 2.6 +## +{ 'enum': 'QuorumOpType', + 'data': [ 'read', 'write', 'flush' ] } diff --git a/qapi/crypto.json b/qapi/crypto.json index 4bd690fcfb..760d0c0577 100644 --- a/qapi/crypto.json +++ b/qapi/crypto.json @@ -59,11 +59,22 @@ # @aes-192: AES with 192 bit / 24 byte keys # @aes-256: AES with 256 bit / 32 byte keys # @des-rfb: RFB specific variant of single DES. Do not use except in VNC. +# @cast5-128: Cast5 with 128 bit / 16 byte keys +# @serpent-128: Serpent with 128 bit / 16 byte keys +# @serpent-192: Serpent with 192 bit / 24 byte keys +# @serpent-256: Serpent with 256 bit / 32 byte keys +# @twofish-128: Twofish with 128 bit / 16 byte keys +# @twofish-192: Twofish with 192 bit / 24 byte keys +# @twofish-256: Twofish with 256 bit / 32 byte keys # Since: 2.6 ## { 'enum': 'QCryptoCipherAlgorithm', 'prefix': 'QCRYPTO_CIPHER_ALG', - 'data': ['aes-128', 'aes-192', 'aes-256', 'des-rfb']} + 'data': ['aes-128', 'aes-192', 'aes-256', + 'des-rfb', + 'cast5-128', + 'serpent-128', 'serpent-192', 'serpent-256', + 'twofish-128', 'twofish-192', 'twofish-256']} ## @@ -73,8 +84,139 @@ # # @ecb: Electronic Code Book # @cbc: Cipher Block Chaining +# @xts: XEX with tweaked code book and ciphertext stealing # Since: 2.6 ## { 'enum': 'QCryptoCipherMode', 'prefix': 'QCRYPTO_CIPHER_MODE', - 'data': ['ecb', 'cbc']} + 'data': ['ecb', 'cbc', 'xts']} + + +## +# QCryptoIVGenAlgorithm: +# +# The supported algorithms for generating initialization +# vectors for full disk encryption. The 'plain' generator +# should not be used for disks with sector numbers larger +# than 2^32, except where compatibility with pre-existing +# Linux dm-crypt volumes is required. +# +# @plain: 64-bit sector number truncated to 32-bits +# @plain64: 64-bit sector number +# @essiv: 64-bit sector number encrypted with a hash of the encryption key +# Since: 2.6 +## +{ 'enum': 'QCryptoIVGenAlgorithm', + 'prefix': 'QCRYPTO_IVGEN_ALG', + 'data': ['plain', 'plain64', 'essiv']} + +## +# QCryptoBlockFormat: +# +# The supported full disk encryption formats +# +# @qcow: QCow/QCow2 built-in AES-CBC encryption. Use only +# for liberating data from old images. +# @luks: LUKS encryption format. Recommended for new images +# +# Since: 2.6 +## +{ 'enum': 'QCryptoBlockFormat', +# 'prefix': 'QCRYPTO_BLOCK_FORMAT', + 'data': ['qcow', 'luks']} + +## +# QCryptoBlockOptionsBase: +# +# The common options that apply to all full disk +# encryption formats +# +# @format: the encryption format +# +# Since: 2.6 +## +{ 'struct': 'QCryptoBlockOptionsBase', + 'data': { 'format': 'QCryptoBlockFormat' }} + +## +# QCryptoBlockOptionsQCow: +# +# The options that apply to QCow/QCow2 AES-CBC encryption format +# +# @key-secret: #optional the ID of a QCryptoSecret object providing the +# decryption key. Mandatory except when probing image for +# metadata only. +# +# Since: 2.6 +## +{ 'struct': 'QCryptoBlockOptionsQCow', + 'data': { '*key-secret': 'str' }} + +## +# QCryptoBlockOptionsLUKS: +# +# The options that apply to LUKS encryption format +# +# @key-secret: #optional the ID of a QCryptoSecret object providing the +# decryption key. Mandatory except when probing image for +# metadata only. +# Since: 2.6 +## +{ 'struct': 'QCryptoBlockOptionsLUKS', + 'data': { '*key-secret': 'str' }} + + +## +# QCryptoBlockCreateOptionsLUKS: +# +# The options that apply to LUKS encryption format initialization +# +# @cipher-alg: #optional the cipher algorithm for data encryption +# Currently defaults to 'aes'. +# @cipher-mode: #optional the cipher mode for data encryption +# Currently defaults to 'cbc' +# @ivgen-alg: #optional the initialization vector generator +# Currently defaults to 'essiv' +# @ivgen-hash-alg: #optional the initialization vector generator hash +# Currently defaults to 'sha256' +# @hash-alg: #optional the master key hash algorithm +# Currently defaults to 'sha256' +# Since: 2.6 +## +{ 'struct': 'QCryptoBlockCreateOptionsLUKS', + 'base': 'QCryptoBlockOptionsLUKS', + 'data': { '*cipher-alg': 'QCryptoCipherAlgorithm', + '*cipher-mode': 'QCryptoCipherMode', + '*ivgen-alg': 'QCryptoIVGenAlgorithm', + '*ivgen-hash-alg': 'QCryptoHashAlgorithm', + '*hash-alg': 'QCryptoHashAlgorithm'}} + + +## +# QCryptoBlockOpenOptions: +# +# The options that are available for all encryption formats +# when opening an existing volume +# +# Since: 2.6 +## +{ 'union': 'QCryptoBlockOpenOptions', + 'base': 'QCryptoBlockOptionsBase', + 'discriminator': 'format', + 'data': { 'qcow': 'QCryptoBlockOptionsQCow', + 'luks': 'QCryptoBlockOptionsLUKS' } } + + +## +# QCryptoBlockCreateOptions: +# +# The options that are available for all encryption formats +# when initializing a new volume +# +# Since: 2.6 +## +{ 'union': 'QCryptoBlockCreateOptions', + 'base': 'QCryptoBlockOptionsBase', + 'discriminator': 'format', + 'data': { 'qcow': 'QCryptoBlockOptionsQCow', + 'luks': 'QCryptoBlockCreateOptionsLUKS' } } diff --git a/qapi/event.json b/qapi/event.json index 1a45a6cb26..8642052ebc 100644 --- a/qapi/event.json +++ b/qapi/event.json @@ -325,6 +325,8 @@ # # Emitted to report a corruption of a Quorum file # +# @type: quorum operation type (Since 2.6) +# # @error: #optional, error message. Only present on failure. This field # contains a human-readable error message. There are no semantics other # than that the block layer reported an error and clients should not @@ -339,7 +341,7 @@ # Since: 2.0 ## { 'event': 'QUORUM_REPORT_BAD', - 'data': { '*error': 'str', 'node-name': 'str', + 'data': { 'type': 'QuorumOpType', '*error': 'str', 'node-name': 'str', 'sector-num': 'int', 'sectors-count': 'int' } } ## diff --git a/qapi/introspect.json b/qapi/introspect.json index 9e9369e160..3fd81fb540 100644 --- a/qapi/introspect.json +++ b/qapi/introspect.json @@ -75,16 +75,6 @@ 'command', 'event' ] } ## -# @SchemaInfoBase -# -# Members common to any @SchemaInfo. -# -# Since: 2.5 -## -{ 'struct': 'SchemaInfoBase', - 'data': { 'name': 'str', 'meta-type': 'SchemaMetaType' } } - -## # @SchemaInfo # # @name: the entity's name, inherited from @base. @@ -103,7 +93,7 @@ # Since: 2.5 ## { 'union': 'SchemaInfo', - 'base': 'SchemaInfoBase', + 'base': { 'name': 'str', 'meta-type': 'SchemaMetaType' }, 'discriminator': 'meta-type', 'data': { 'builtin': 'SchemaInfoBuiltin', diff --git a/qapi/opts-visitor.c b/qapi/opts-visitor.c index 73e4acea7b..602f2609cc 100644 --- a/qapi/opts-visitor.c +++ b/qapi/opts-visitor.c @@ -11,7 +11,8 @@ */ #include "qemu/osdep.h" -#include "qemu-common.h" +#include "qapi/error.h" +#include "qemu/cutils.h" #include "qapi/qmp/qerror.h" #include "qapi/opts-visitor.h" #include "qemu/queue.h" diff --git a/qapi/qapi-util.c b/qapi/qapi-util.c index 8afb12eb43..818730a660 100644 --- a/qapi/qapi-util.c +++ b/qapi/qapi-util.c @@ -11,6 +11,7 @@ */ #include "qemu/osdep.h" +#include "qapi/error.h" #include "qemu-common.h" #include "qapi/util.h" diff --git a/qapi/qapi-visit-core.c b/qapi/qapi-visit-core.c index 856606b253..fa680c9991 100644 --- a/qapi/qapi-visit-core.c +++ b/qapi/qapi-visit-core.c @@ -13,6 +13,7 @@ */ #include "qemu/osdep.h" +#include "qapi/error.h" #include "qemu-common.h" #include "qapi/qmp/qobject.h" #include "qapi/qmp/qerror.h" diff --git a/qapi/qmp-dispatch.c b/qapi/qmp-dispatch.c index 8f27c3456d..510a1aead8 100644 --- a/qapi/qmp-dispatch.c +++ b/qapi/qmp-dispatch.c @@ -12,6 +12,7 @@ */ #include "qemu/osdep.h" +#include "qapi/error.h" #include "qapi/qmp/types.h" #include "qapi/qmp/dispatch.h" #include "qapi/qmp/json-parser.h" diff --git a/qapi/qmp-input-visitor.c b/qapi/qmp-input-visitor.c index e6598327c3..7cd1b777a0 100644 --- a/qapi/qmp-input-visitor.c +++ b/qapi/qmp-input-visitor.c @@ -13,6 +13,7 @@ */ #include "qemu/osdep.h" +#include "qapi/error.h" #include "qapi/qmp-input-visitor.h" #include "qapi/visitor-impl.h" #include "qemu/queue.h" diff --git a/qapi/string-input-visitor.c b/qapi/string-input-visitor.c index 59eb5dc4e3..ab129536e4 100644 --- a/qapi/string-input-visitor.c +++ b/qapi/string-input-visitor.c @@ -11,6 +11,7 @@ */ #include "qemu/osdep.h" +#include "qapi/error.h" #include "qemu-common.h" #include "qapi/string-input-visitor.h" #include "qapi/visitor-impl.h" |