On Fri, 2019-10-04 at 19:42 +0200, Max Reitz wrote: > On 13.09.19 00:30, Maxim Levitsky wrote: > > Now you can specify which slot to put the encryption key to > > Plus add 'active' option which will let user erase the key secret > > instead of adding it. > > Check that active=true it when creating. > > > > Signed-off-by: Maxim Levitsky <mlevi...@redhat.com> > > --- > > block/crypto.c | 2 ++ > > block/crypto.h | 16 +++++++++++ > > block/qcow2.c | 2 ++ > > crypto/block-luks.c | 26 +++++++++++++++--- > > qapi/crypto.json | 19 ++++++++++++++ > > tests/qemu-iotests/082.out | 54 ++++++++++++++++++++++++++++++++++++++ > > 6 files changed, 115 insertions(+), 4 deletions(-) > > (Just doing a cursory RFC-style review) > > I think we also want to reject unlock-secret if it’s given for creation; Agree, I'll do this in the next version.
> and I suppose it’d be more important to print which slots are OK than > the slot the user has given. (It isn’t like we shouldn’t print that > slot index, but it’s more likely the user knows that than what the > limits are. I think.) I don't really understand what you mean here :-( Since this is qmp interface, I can't really print anything from it, other that error messages. > > Max > Best regards, Maxim Levitsky