storage: Allow creation of a LUKS using logical volume

https://bugzilla.redhat.com/show_bug.cgi?id=1427049

Use virStorageBackendCreateVolUsingQemuImg to apply the LUKS information
to the logical volume just created.  As part of the processing of the
lvcreate command add 2MB to the capacity to account for the LUKS header
when it's determined that the volume desires to use encryption.

diff --git a/src/storage/storage_backend_logical.c b/src/storage/storage_backend_logical.c
index 93f4e0a595683590452fdb2f80b72928bcf38a8d..5df30de29d17a363a02bd468a173c7a8a21e1adb 100644 (file)
--- a/src/storage/storage_backend_logical.c
+++ b/src/storage/storage_backend_logical.c
@@ -942,13 +942,14 @@ virStorageBackendLogicalLVCreate(virStorageVolDefPtr vol,
                                  virStoragePoolDefPtr def)
 {
     int ret;
+    unsigned long long capacity = vol->target.capacity;
     virCommandPtr cmd = NULL;
 
     cmd = virCommandNewArgList(LVCREATE,
                                "--name", vol->name,
                                NULL);
     virCommandAddArg(cmd, "-L");
-    if (vol->target.capacity != vol->target.allocation) {
+    if (capacity != vol->target.allocation) {
         virCommandAddArgFormat(cmd, "%lluK",
                                VIR_DIV_UP(vol->target.allocation
                                           ? vol->target.allocation : 1, 1024));
@@ -956,8 +957,14 @@ virStorageBackendLogicalLVCreate(virStorageVolDefPtr vol,
         virCommandAddArg(cmd, "--virtualsize");
         vol->target.sparse = true;
     }
-    virCommandAddArgFormat(cmd, "%lluK", VIR_DIV_UP(vol->target.capacity,
-                                                    1024));
+
+    /* If we're going to encrypt using LUKS, then we could need up to
+     * an extra 2MB for the LUKS header - so account for that now */
+    if (vol->target.encryption &&
+        vol->target.encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS)
+        capacity += 2 * 1024 * 1024;
+    virCommandAddArgFormat(cmd, "%lluK", VIR_DIV_UP(capacity, 1024));
+
     if (virStorageSourceHasBacking(&vol->target))
         virCommandAddArgList(cmd, "-s", vol->target.backingStore->path, NULL);
     else
@@ -979,13 +986,6 @@ virStorageBackendLogicalCreateVol(virConnectPtr conn,
     virErrorPtr err;
     struct stat sb;
 
-    if (vol->target.encryption != NULL) {
-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                       "%s", _("storage pool does not support encrypted "
-                               "volumes"));
-        return -1;
-    }
-
     vol->type = VIR_STORAGE_VOL_BLOCK;
 
     VIR_FREE(vol->target.path);
@@ -996,6 +996,10 @@ virStorageBackendLogicalCreateVol(virConnectPtr conn,
     if (virStorageBackendLogicalLVCreate(vol, def) < 0)
         return -1;
 
+    if (vol->target.encryption &&
+        virStorageBackendCreateVolUsingQemuImg(conn, pool, vol, NULL, 0) < 0)
+        goto error;
+
     if ((fd = virStorageBackendVolOpen(vol->target.path, &sb,
                                        VIR_STORAGE_VOL_OPEN_DEFAULT)) < 0)
         goto error;