diff --git a/share/etc/oned.conf b/share/etc/oned.conf
index dbb9f1062df..8f914b58fa8 100644
--- a/share/etc/oned.conf
+++ b/share/etc/oned.conf
@@ -993,6 +993,7 @@ INHERIT_IMAGE_ATTR = "ISCSI_USER"
INHERIT_IMAGE_ATTR = "ISCSI_USAGE"
INHERIT_IMAGE_ATTR = "ISCSI_HOST"
INHERIT_IMAGE_ATTR = "ISCSI_IQN"
+INHERIT_IMAGE_ATTR = "LUKS_SECRET"
INHERIT_DATASTORE_ATTR = "GLUSTER_HOST"
INHERIT_DATASTORE_ATTR = "GLUSTER_VOLUME"
diff --git a/src/datastore_mad/remotes/fs/cp b/src/datastore_mad/remotes/fs/cp
index e52d042dab7..626913e692b 100755
--- a/src/datastore_mad/remotes/fs/cp
+++ b/src/datastore_mad/remotes/fs/cp
@@ -167,4 +167,6 @@ else
FORMAT=$($QEMU_IMG info $DST | grep "^file format:" | awk '{print $3}' || :)
fi
+[[ "$FORMAT" = "luks" ]] && FORMAT="raw"
+
echo "$DST $FORMAT"
diff --git a/src/datastore_mad/remotes/libfs.sh b/src/datastore_mad/remotes/libfs.sh
index 21c7a280139..8537ebe7961 100644
--- a/src/datastore_mad/remotes/libfs.sh
+++ b/src/datastore_mad/remotes/libfs.sh
@@ -77,9 +77,13 @@ function image_size_required {
OUT=$($QEMU_IMG info "${1}" 2>&1)
if [ $? -ne 0 ]; then
- REQUIRED=$(echo "${OUT}" | \
- grep 'expecting at least [0-9]* bytes' | \
- sed -e 's/.*expecting at least \([0-9]*\) bytes.*/\1/')
+ if file "${1}" | grep -q 'LUKS encrypted file'; then
+ REQUIRED="$(du -sb ${2} | cut -f1)"
+ else
+ REQUIRED=$(echo "${OUT}" | \
+ grep 'expecting at least [0-9]* bytes' | \
+ sed -e 's/.*expecting at least \([0-9]*\) bytes.*/\1/')
+ fi
fi
echo "${REQUIRED:-65536}"
@@ -292,7 +296,7 @@ function fs_size {
# if unknown image type, maybe we haven't downloaded
# enough bytes; check if qemu-img info doesn't complain
# on least than expected bytes and redownload more bytes
- NEW_HEAD_SIZE=$(image_size_required "${IMAGE}")
+ NEW_HEAD_SIZE=$(image_size_required "${IMAGE}" "${SRC}")
if [ -n "${NEW_HEAD_SIZE}" ] && [ "${NEW_HEAD_SIZE}" != "${HEAD_SIZE}" ]; then
continue # redownload more bytes
else
@@ -305,7 +309,7 @@ function fs_size {
# raw images requires special handling, as there is no image header
# with size available and we can't predict image virtual size just
# from a part of the file
- if [ "${TYPE}" = 'raw' ]; then
+ if [ "${TYPE}" = 'raw' ] || "${TYPE}" = 'luks' ]; then
$UTILS_PATH/downloader.sh ${DOWNLOADER_ARGS} --nodecomp -c "${HEAD_SIZE}" "${SRC}" - >"${IMAGE}" 2>/dev/null
error=$?
if [ $error -ne 0 ]; then
diff --git a/src/mad/sh/scripts_common.sh b/src/mad/sh/scripts_common.sh
index c44aed6a8c2..57e08dac8f8 100644
--- a/src/mad/sh/scripts_common.sh
+++ b/src/mad/sh/scripts_common.sh
@@ -807,6 +807,7 @@ function get_source_xml {
# * CEPH_HOST
# * CEPH_SECRET
# * CEPH_USER
+# * LUKS_SECRET
# * ISCSI_HOST
# * ISCSI_USAGE
# * ISCSI_USER
@@ -872,6 +873,7 @@ function get_disk_information {
$DISK_XPATH/CEPH_HOST \
$DISK_XPATH/CEPH_SECRET \
$DISK_XPATH/CEPH_USER \
+ $DISK_XPATH/LUKS_SECRET \
$DISK_XPATH/ISCSI_HOST \
$DISK_XPATH/ISCSI_USAGE \
$DISK_XPATH/ISCSI_USER \
@@ -916,6 +918,7 @@ function get_disk_information {
CEPH_HOST="${XPATH_ELEMENTS[j++]}"
CEPH_SECRET="${XPATH_ELEMENTS[j++]}"
CEPH_USER="${XPATH_ELEMENTS[j++]}"
+ LUKS_SECRET="${XPATH_ELEMENTS[j++]}"
ISCSI_HOST="${XPATH_ELEMENTS[j++]}"
ISCSI_USAGE="${XPATH_ELEMENTS[j++]}"
ISCSI_USER="${XPATH_ELEMENTS[j++]}"
@@ -953,6 +956,12 @@ function get_disk_information {
NAME="$SOURCE"
+ if [ -n "$LUKS_SECRET" ]; then
+ LUKS="
+ \
+ "
+ fi
+
case "$TYPE" in
block)
TYPE_SOURCE="dev"
diff --git a/src/vmm/LibVirtDriverKVM.cc b/src/vmm/LibVirtDriverKVM.cc
index fa687905a6e..b12f40a755b 100644
--- a/src/vmm/LibVirtDriverKVM.cc
+++ b/src/vmm/LibVirtDriverKVM.cc
@@ -458,6 +458,7 @@ int LibVirtDriver::deployment_description_kvm(
string sheepdog_host = "";
string gluster_host = "";
string gluster_volume = "";
+ string luks_secret = "";
string total_bytes_sec = "";
string total_bytes_sec_max_length = "";
@@ -906,6 +907,8 @@ int LibVirtDriver::deployment_description_kvm(
gluster_host = disk[i]->vector_value("GLUSTER_HOST");
gluster_volume = disk[i]->vector_value("GLUSTER_VOLUME");
+ luks_secret = disk[i]->vector_value("LUKS_SECRET");
+
sheepdog_host = disk[i]->vector_value("SHEEPDOG_HOST");
total_bytes_sec = disk[i]->vector_value("TOTAL_BYTES_SEC");
@@ -1161,6 +1164,14 @@ int LibVirtDriver::deployment_description_kvm(
file <<"/>\n";
+ // ---- luks secret for target ----
+ if ( !luks_secret.empty())
+ {
+ file << "\t\t\t\n"
+ << "\t\t\t\t\n"
+ << "\t\t\t\n";
+ }
// ---- boot order for this device ----
diff --git a/src/vmm_mad/remotes/kvm/attach_disk b/src/vmm_mad/remotes/kvm/attach_disk
index e6bbe5a6bd5..8ce0c6b8d5b 100755
--- a/src/vmm_mad/remotes/kvm/attach_disk
+++ b/src/vmm_mad/remotes/kvm/attach_disk
@@ -99,6 +99,7 @@ XML+=""
XML+=""
[ -n "${ORDER}" ] && XML+=" "
[ "${READONLY}" = 'yes' ] && XML+=""
+[ -n "${LUKS}" ] && XML+="${LUKS}"
if [ -n "${TOTAL_BYTES_SEC}${READ_BYTES_SEC}${WRITE_BYTES_SEC}" ] || \
[ -n "${TOTAL_BYTES_SEC_MAX}${READ_BYTES_SEC_MAX}${WRITE_BYTES_SEC_MAX}" ] || \