From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Stefan Reiter Date: Wed, 10 Feb 2021 11:07:06 +0100 Subject: [PATCH] PBS: add master key support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit this requires a new enough libproxmox-backup-qemu0, and allows querying from the PVE side to avoid QMP calls with unsupported parameters. Signed-off-by: Fabian Grünbichler Signed-off-by: Stefan Reiter Signed-off-by: Thomas Lamprecht --- block/monitor/block-hmp-cmds.c | 1 + pve-backup.c | 3 +++ qapi/block-core.json | 7 +++++++ 3 files changed, 11 insertions(+) diff --git a/block/monitor/block-hmp-cmds.c b/block/monitor/block-hmp-cmds.c index ef45552e3b..4c799f00d9 100644 --- a/block/monitor/block-hmp-cmds.c +++ b/block/monitor/block-hmp-cmds.c @@ -1039,6 +1039,7 @@ void coroutine_fn hmp_backup(Monitor *mon, const QDict *qdict) false, NULL, // PBS password false, NULL, // PBS keyfile false, NULL, // PBS key_password + false, NULL, // PBS master_keyfile false, NULL, // PBS fingerprint false, NULL, // PBS backup-id false, 0, // PBS backup-time diff --git a/pve-backup.c b/pve-backup.c index 323014744c..9f6c04a512 100644 --- a/pve-backup.c +++ b/pve-backup.c @@ -533,6 +533,7 @@ UuidInfo coroutine_fn *qmp_backup( bool has_password, const char *password, bool has_keyfile, const char *keyfile, bool has_key_password, const char *key_password, + bool has_master_keyfile, const char *master_keyfile, bool has_fingerprint, const char *fingerprint, bool has_backup_id, const char *backup_id, bool has_backup_time, int64_t backup_time, @@ -681,6 +682,7 @@ UuidInfo coroutine_fn *qmp_backup( has_password ? password : NULL, has_keyfile ? keyfile : NULL, has_key_password ? key_password : NULL, + has_master_keyfile ? master_keyfile : NULL, has_compress ? compress : true, has_encrypt ? encrypt : has_keyfile, has_fingerprint ? fingerprint : NULL, @@ -1044,5 +1046,6 @@ ProxmoxSupportStatus *qmp_query_proxmox_support(Error **errp) ret->pbs_dirty_bitmap_savevm = true; ret->pbs_dirty_bitmap_migration = true; ret->query_bitmap_info = true; + ret->pbs_masterkey = true; return ret; } diff --git a/qapi/block-core.json b/qapi/block-core.json index f0399bf249..13e03ca154 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -817,6 +817,8 @@ # # @key-password: password for keyfile (optional for format 'pbs') # +# @master-keyfile: PEM-formatted master public keyfile (optional for format 'pbs') +# # @fingerprint: server cert fingerprint (optional for format 'pbs') # # @backup-id: backup ID (required for format 'pbs') @@ -836,6 +838,7 @@ '*password': 'str', '*keyfile': 'str', '*key-password': 'str', + '*master-keyfile': 'str', '*fingerprint': 'str', '*backup-id': 'str', '*backup-time': 'int', @@ -888,6 +891,9 @@ # migration cap if this is false/unset may lead # to crashes on migration! # +# @pbs-masterkey: True if the QMP backup call supports the 'master_keyfile' +# parameter. +# # @pbs-library-version: Running version of libproxmox-backup-qemu0 library. # ## @@ -896,6 +902,7 @@ 'query-bitmap-info': 'bool', 'pbs-dirty-bitmap-savevm': 'bool', 'pbs-dirty-bitmap-migration': 'bool', + 'pbs-masterkey': 'bool', 'pbs-library-version': 'str' } } ##