From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Fam Zheng <famz@redhat.com>
Subject: [Qemu-devel] [PATCH v3 26/26] block: remove support for legecy AES qcow/qcow2 encryption
Date: Mon, 15 Feb 2016 16:10:59 +0000 [thread overview]
Message-ID: <1455552659-14000-27-git-send-email-berrange@redhat.com> (raw)
In-Reply-To: <1455552659-14000-1-git-send-email-berrange@redhat.com>
Refuse to use images with the legacy AES-CBC encryption
format in the system emulators. They are still fully
supported in the qemu-img, qemu-io & qemu-nbd tools in
order to allow data to be liberated and for compatibility
with older QEMU versions. Continued support in these tools
is not a notable burden with the new FDE framework.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block.c | 12 +++++-------
block/qcow.c | 8 ++++++++
block/qcow2.c | 8 ++++++++
include/block/block.h | 1 +
tests/qemu-iotests/049.out | 3 ---
tests/qemu-iotests/087.out | 12 ------------
tests/qemu-iotests/134.out | 12 ------------
7 files changed, 22 insertions(+), 34 deletions(-)
diff --git a/block.c b/block.c
index c291f1a..039b75f 100644
--- a/block.c
+++ b/block.c
@@ -313,6 +313,11 @@ static int bdrv_is_whitelisted(BlockDriver *drv, bool read_only)
return 0;
}
+bool bdrv_uses_whitelist(void)
+{
+ return use_bdrv_whitelist;
+}
+
typedef struct CreateCo {
BlockDriver *drv;
char *filename;
@@ -1023,13 +1028,6 @@ static int bdrv_open_common(BlockDriverState *bs, BdrvChild *file,
goto free_and_fail;
}
- if (bs->encrypted) {
- error_report("Encrypted images are deprecated");
- error_printf("Support for them will be removed in a future release.\n"
- "You can use 'qemu-img convert' to convert your image"
- " to an unencrypted one.\n");
- }
-
ret = refresh_total_sectors(bs, bs->total_sectors);
if (ret < 0) {
error_setg_errno(errp, -ret, "Could not refresh total sector count");
diff --git a/block/qcow.c b/block/qcow.c
index 988078f..d7be1b2 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -181,6 +181,14 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
s->crypt_method_header = header.crypt_method;
if (s->crypt_method_header) {
if (s->crypt_method_header == QCOW_CRYPT_AES) {
+ if (bdrv_uses_whitelist()) {
+ error_setg(errp,
+ "Use of AES-CBC encrypted qcow images is no longer "
+ "supported. Please use the qcow2 LUKS format instead.");
+ ret = -ENOSYS;
+ goto fail;
+ }
+
ov = opts_visitor_new(opts);
crypto_opts = g_new0(QCryptoBlockOpenOptions, 1);
diff --git a/block/qcow2.c b/block/qcow2.c
index 1f8ea9b..8ed7f47 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1203,6 +1203,14 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
s->crypt_method_header = header.crypt_method;
if (s->crypt_method_header) {
+ if (bdrv_uses_whitelist() &&
+ s->crypt_method_header == QCOW_CRYPT_AES) {
+ error_setg(errp,
+ "Use of AES-CBC encrypted qcow2 images is no longer "
+ "supported. Please use the qcow2 LUKS format instead.");
+ ret = -ENOSYS;
+ goto fail;
+ }
bs->encrypted = 1;
}
diff --git a/include/block/block.h b/include/block/block.h
index 7d7f126..46950b8 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -191,6 +191,7 @@ void bdrv_io_limits_update_group(BlockDriverState *bs, const char *group);
void bdrv_init(void);
void bdrv_init_with_whitelist(void);
+bool bdrv_uses_whitelist(void);
BlockDriver *bdrv_find_protocol(const char *filename,
bool allow_protocol_prefix,
Error **errp);
diff --git a/tests/qemu-iotests/049.out b/tests/qemu-iotests/049.out
index c9f0bc5..e0bedc0 100644
--- a/tests/qemu-iotests/049.out
+++ b/tests/qemu-iotests/049.out
@@ -187,9 +187,6 @@ qemu-img create -f qcow2 -o encryption=off TEST_DIR/t.qcow2 64M
Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16
qemu-img create -f qcow2 --object secret,id=sec0,data=123456 -o encryption=on,key-secret=sec0 TEST_DIR/t.qcow2 64M
-qemu-img: Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=on cluster_size=65536 lazy_refcounts=off refcount_bits=16 key-secret=sec0
== Check lazy_refcounts option (only with v3) ==
diff --git a/tests/qemu-iotests/087.out b/tests/qemu-iotests/087.out
index 6582dda..b8842d5 100644
--- a/tests/qemu-iotests/087.out
+++ b/tests/qemu-iotests/087.out
@@ -38,17 +38,11 @@ QMP_VERSION
=== Encrypted image ===
-qemu-img: Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on key-secret=sec0
Testing: -S
QMP_VERSION
{"return": {}}
{"return": {}}
-Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
{"return": {}}
{"return": {}}
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
@@ -57,9 +51,6 @@ Testing:
QMP_VERSION
{"return": {}}
{"return": {}}
-Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
{"return": {}}
{"return": {}}
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
@@ -67,9 +58,6 @@ You can use 'qemu-img convert' to convert your image to an unencrypted one.
=== Missing driver ===
-qemu-img: Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on key-secret=sec0
Testing: -S
QMP_VERSION
diff --git a/tests/qemu-iotests/134.out b/tests/qemu-iotests/134.out
index 30e3f58..db58c8d 100644
--- a/tests/qemu-iotests/134.out
+++ b/tests/qemu-iotests/134.out
@@ -1,27 +1,15 @@
QA output created by 134
-qemu-img: Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on key-secret=sec0
== reading whole image ==
-Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== rewriting whole image ==
-Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
wrote 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== verify pattern ==
-Encrypted images are deprecated
-Support for them will be removed in a future release.
-You can use 'qemu-img convert' to convert your image to an unencrypted one.
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
--
2.5.0
prev parent reply other threads:[~2016-02-15 16:12 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-15 16:10 [Qemu-devel] [PATCH v3 00/26] Support LUKS encryption in block devices Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 01/26] crypto: add cryptographic random byte source Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 02/26] crypto: add support for PBKDF2 algorithm Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 03/26] crypto: add support for generating initialization vectors Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 04/26] crypto: add support for anti-forensic split algorithm Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 05/26] crypto: skip testing of unsupported cipher algorithms Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 06/26] crypto: add support for the cast5-128 cipher algorithm Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 07/26] crypto: add support for the serpent " Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 08/26] crypto: add support for the twofish " Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 09/26] crypto: import an implementation of the XTS cipher mode Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 10/26] crypto: refactor code for dealing with AES cipher Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 11/26] crypto: wire up XTS mode for cipher APIs Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 12/26] crypto: add block encryption framework Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 13/26] crypto: implement the LUKS block encryption format Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 14/26] block: add flag to indicate that no I/O will be performed Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 15/26] qemu-img/qemu-io: don't prompt for passwords if not required Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 16/26] tests: redirect stderr to stdout for iotests Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 17/26] tests: refactor python I/O tests helper main method Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 18/26] tests: add output filter to python I/O tests helper Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 19/26] block: add generic full disk encryption driver Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 20/26] qcow2: make qcow2_encrypt_sectors encrypt in place Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 21/26] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 22/26] qcow: make encrypt_sectors encrypt in place Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 23/26] qcow: convert QCow to use QCryptoBlock for encryption Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 24/26] block: rip out all traces of password prompting Daniel P. Berrange
2016-02-15 16:10 ` [Qemu-devel] [PATCH v3 25/26] block: remove all encryption handling APIs Daniel P. Berrange
2016-02-15 16:10 ` Daniel P. Berrange [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1455552659-14000-27-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=famz@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.