Re: [Libguestfs] [v2v PATCH] convert: document networking dependency of "--key ID:clevis"

On Tue, Jun 28, 2022 at 01:58:56PM +0200, Laszlo Ersek wrote: > Virt-v2v enables appliance networking already, for the sake of > "unconfigure_vmware". We now have a second use case for networking: "--key > ID:clevis". Update the comment in the code. > > (Short log for libguestfs-common commit range 9e990f3e4530..0399dea30e63: > > Laszlo Ersek (12): > options: fix buffer overflow in get_keys() [CVE-2022-2211] > options: fix UUID comparison logic bug in get_keys() > mltools/tools_utils: remove unused function "key_store_to_cli" > mltools/tools_utils: allow multiple "--key" options for OCaml tools too > options: replace NULL-termination with number-of-elements in get_keys() > options: wrap each passphrase from get_keys() into a struct > options: add back-end for LUKS decryption with Clevis+Tang > options: introduce selector tpe "key_clevis" > options: generalize "--key" selector parsing for C-language utilities > mltools/tools_utils: generalize "--key" selector parsing for OCaml utils > options, mltools/tools_utils: parse "--key ID:clevis" options > options, mltools/tools_utils: add helper for network dependency > ). > > Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 > Signed-off-by: Laszlo Ersek <lersek(a)redhat.com&gt; > --- > > Notes: > The submodule commit range 9e990f3e4530..0399dea30e63 needs to be > refreshed in both the commit message and the "common" hunk, once the > libguestfs-common series is upstream. > > convert/convert.ml | 3 ++- > common | 2 +- > 2 files changed, 3 insertions(+), 2 deletions(-) > > diff --git a/convert/convert.ml b/convert/convert.ml > index 87fca7252ba3..17a75e3fad32 100644 > --- a/convert/convert.ml > +++ b/convert/convert.ml > @@ -54,11 +54,12 @@ let rec convert dir options source = > g#set_memsize (g#get_memsize () * 2); > (* Setting the number of vCPUs allows parallel mkinitrd, but make > * sure this is not too large because each vCPU consumes guest RAM. > *) > g#set_smp (min 8 (Sysconf.nr_processors_online ())); > - (* The network is only used by the unconfigure_vmware () function. *) > + (* The network is used by the unconfigure_vmware () function, and the "--key > + * ID:clevis" command line options (if any). *) > g#set_network true; > List.iter ( > fun { s_disk_id = i } -> > (* NB: Old virt-v2v used copyonread here, when it was using a > * qcow2 file as overlay. We MUST NOT use copyonread! It > diff --git a/common b/common > index 9e990f3e4530..0399dea30e63 160000 > --- a/common > +++ b/common > @@ -1 +1 @@ > -Subproject commit 9e990f3e4530df3708d176bc50e0bc68cf07d3ff > +Subproject commit 0399dea30e6353870183a07a82d05b4ec8f20ca0 Reviewed-by: Richard W.M. Jones <rjones(a)redhat.com&gt;

Phew, thanks! Rich.