From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Stefan Reiter Date: Wed, 10 Feb 2021 11:07:06 +0100 Subject: [PATCH] PBS: add master key support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit this requires a new enough libproxmox-backup-qemu0, and allows querying from the PVE side to avoid QMP calls with unsupported parameters. Signed-off-by: Fabian Grünbichler Signed-off-by: Stefan Reiter Signed-off-by: Thomas Lamprecht [FE: adapt to QAPI change dropping redundant has_*] Signed-off-by: Fiona Ebner --- block/monitor/block-hmp-cmds.c | 1 + pve-backup.c | 3 +++ qapi/block-core.json | 7 +++++++ 3 files changed, 11 insertions(+) diff --git a/block/monitor/block-hmp-cmds.c b/block/monitor/block-hmp-cmds.c index 56f39b14d4..f852c70611 100644 --- a/block/monitor/block-hmp-cmds.c +++ b/block/monitor/block-hmp-cmds.c @@ -1053,6 +1053,7 @@ void coroutine_fn hmp_backup(Monitor *mon, const QDict *qdict) NULL, // PBS password NULL, // PBS keyfile NULL, // PBS key_password + NULL, // PBS master_keyfile NULL, // PBS fingerprint NULL, // PBS backup-id false, 0, // PBS backup-time diff --git a/pve-backup.c b/pve-backup.c index 4536650b24..0d8bf1c332 100644 --- a/pve-backup.c +++ b/pve-backup.c @@ -531,6 +531,7 @@ UuidInfo coroutine_fn *qmp_backup( const char *password, const char *keyfile, const char *key_password, + const char *master_keyfile, const char *fingerprint, const char *backup_id, bool has_backup_time, int64_t backup_time, @@ -679,6 +680,7 @@ UuidInfo coroutine_fn *qmp_backup( password, keyfile, key_password, + master_keyfile, has_compress ? compress : true, has_encrypt ? encrypt : !!keyfile, fingerprint, @@ -1038,5 +1040,6 @@ ProxmoxSupportStatus *qmp_query_proxmox_support(Error **errp) ret->pbs_dirty_bitmap_savevm = true; ret->pbs_dirty_bitmap_migration = true; ret->query_bitmap_info = true; + ret->pbs_masterkey = true; return ret; } diff --git a/qapi/block-core.json b/qapi/block-core.json index 93d924ef79..568feb63ad 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -908,6 +908,8 @@ # # @key-password: password for keyfile (optional for format 'pbs') # +# @master-keyfile: PEM-formatted master public keyfile (optional for format 'pbs') +# # @fingerprint: server cert fingerprint (optional for format 'pbs') # # @backup-id: backup ID (required for format 'pbs') @@ -927,6 +929,7 @@ '*password': 'str', '*keyfile': 'str', '*key-password': 'str', + '*master-keyfile': 'str', '*fingerprint': 'str', '*backup-id': 'str', '*backup-time': 'int', @@ -979,6 +982,9 @@ # migration cap if this is false/unset may lead # to crashes on migration! # +# @pbs-masterkey: True if the QMP backup call supports the 'master_keyfile' +# parameter. +# # @pbs-library-version: Running version of libproxmox-backup-qemu0 library. # ## @@ -987,6 +993,7 @@ 'query-bitmap-info': 'bool', 'pbs-dirty-bitmap-savevm': 'bool', 'pbs-dirty-bitmap-migration': 'bool', + 'pbs-masterkey': 'bool', 'pbs-library-version': 'str' } } ##