qemu: Move code to add encryption options for swtpm_setup into function

author Stefan Berger <stefanb@linux.ibm.com>

Mon, 1 Nov 2021 17:23:39 +0000 (13:23 -0400)

committer Michal Privoznik <mprivozn@redhat.com>

Tue, 2 Nov 2021 09:34:39 +0000 (10:34 +0100)
author Stefan Berger <stefanb@linux.ibm.com>
Mon, 1 Nov 2021 17:23:39 +0000 (13:23 -0400)
committer Michal Privoznik <mprivozn@redhat.com>
Tue, 2 Nov 2021 09:34:39 +0000 (10:34 +0100)
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c

index 5a05273100668ef5dd8515d1eedf89e88ea0ddeb..18b882ff1d3383898b80e4c3c2aff5b042a9274c 100644 (file)
--- a/src/qemu/qemu_tpm.c
+++ b/src/qemu/qemu_tpm.c
@@ -422,6 +422,42 @@ qemuTPMCreateConfigFiles(const char *swtpm_setup)
  }
  
  
+/*
+ * Add encryption parameters to swtpm_setup command line.
+ *
+ * @cmd: virCommand to add options to
+ * @swtpm_setup: swtpm_setup tool path
+ * @secretuuid: The secret's uuid; may be NULL
+ */
+static int
+qemuTPMVirCommandAddEncryption(virCommand *cmd,
+                               const char *swtpm_setup,
+                               const unsigned char *secretuuid)
+{
+    int pwdfile_fd;
+
+    if (!secretuuid)
+        return 0;
+
+    if (!virTPMSwtpmSetupCapsGet(VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) {
+        virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
+            _("%s does not support passing a passphrase using a file "
+              "descriptor"), swtpm_setup);
+        return -1;
+    }
+
+    if ((pwdfile_fd = qemuTPMSetupEncryption(secretuuid, cmd)) < 0)
+        return -1;
+
+    virCommandAddArg(cmd, "--pwdfile-fd");
+    virCommandAddArgFormat(cmd, "%d", pwdfile_fd);
+    virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL);
+    virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
+
+    return 0;
+}
+
+
  /*
   * qemuTPMEmulatorRunSetup
   *
@@ -458,7 +494,6 @@ qemuTPMEmulatorRunSetup(const char *storagepath,
      char uuid[VIR_UUID_STRING_BUFLEN];
      g_autofree char *vmid = NULL;
      g_autofree char *swtpm_setup = virTPMGetSwtpmSetup();
-    VIR_AUTOCLOSE pwdfile_fd = -1;
  
      if (!swtpm_setup)
          return -1;
@@ -495,23 +530,8 @@ qemuTPMEmulatorRunSetup(const char *storagepath,
          break;
      }
  
-    if (secretuuid) {
-        if (!virTPMSwtpmSetupCapsGet(
-                VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) {
-            virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
-                _("%s does not support passing a passphrase using a file "
-                  "descriptor"), swtpm_setup);
-            return -1;
-        }
-        if ((pwdfile_fd = qemuTPMSetupEncryption(secretuuid, cmd)) < 0)
-            return -1;
-
-        virCommandAddArg(cmd, "--pwdfile-fd");
-        virCommandAddArgFormat(cmd, "%d", pwdfile_fd);
-        virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL);
-        virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
-        pwdfile_fd = -1;
-    }
+    if (qemuTPMVirCommandAddEncryption(cmd, swtpm_setup, secretuuid) < 0)
+        return -1;
  
      if (!incomingMigration) {
          virCommandAddArgList(cmd,
author	Stefan Berger <stefanb@linux.ibm.com>
	Mon, 1 Nov 2021 17:23:39 +0000 (13:23 -0400)
committer	Michal Privoznik <mprivozn@redhat.com>
	Tue, 2 Nov 2021 09:34:39 +0000 (10:34 +0100)