* [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support
@ 2017-01-03 18:27 Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers Daniel P. Berrange
` (15 more replies)
0 siblings, 16 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
This series is a continuation of previous work to support LUKS in
QEMU. The existing merged code supports LUKS as a standalone
driver which can be layered over/under any other QEMU block device
driver. This works well when using LUKS over protocol drivers (file,
rbd, iscsi, etc, etc), but has some downsides when combined with
format drivers like qcow2.
If you layer LUKS under qcow2 (eg qcow2 -> luks -> file) then you
cannot get any information about the qcow2 file without first
decrypting it, as both the header and payload are encrypted.
If you layer LUKS over qcow2 (eg luks -> qcow2 -> file) then you
cannot distinguish between a qcow2 file where the guest has done
LUKS encryption from a qcow2 file which qemu has done encryption.
More seriously, when encrypting sectors the guest virtual sector
is used as the input for deriving the initialization vectors.
When internal snapshots are used, this means that multiple sectors
in the qcow2 file may be encrypted with the same initialization
vector. This is a security weakness when combined with certain
cryptographic modes.
Integrating LUKS natively into qcow2 allows us to combine the
best aspects of both layering strategies above. In particular
the header remains unecrypted, but initialization vectors are
generated using physical sector numbers preserving security
when snapshots are used. This is a change from previous postings
of this work, where the IVs were (incorrectly) generated based
on the virtual disk sector.
In a previous posting of this work, Fam had suggested that we
do integration by layering luks over qcow2, but having QEMU
block layer automatically create the luks driver above qcow2
based on the qcow2 header crypt_method field. This is not
possible though, because such a scheme would suffer from the
problem of IVs being generated from the virtual disk sector
instead of physical disk sector. So having LUKS specific
code in the qcow2 block driver is unavoidable. In comparison
to the previous posting though, the amount of code in qcow2.c
has been reduced by allowing re-use of code from block/crypto.c
for handling QemuOpts -> QAPI conversion. So extra lines of
code in qcow2 to support LUKS is < 200.
I have also split the changes to qcow2 up into 2 patches. The
first patch simply introduces use of the QCryptoBlock framework
to qcow2 for the existing (deprecated) AES-CBC encryption method.
The second patch wires up the LUKS support for qcow2. This makes
it clearer which parts of the changes are related to plain code
refactoring, vs enabling the new features. Specifically we can
now see that the LUKS enablement in qcow2 has this footprint:
block/qcow2-cluster.c | 4 +-
block/qcow2-refcount.c | 10 +++++
block/qcow2.c | 236 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------------
block/qcow2.h | 9 ++++
4 files changed, 224 insertions(+), 35 deletions(-)
Main changes since previous posting
- Make sure iotests work for qcow v1
- Fix bugs in qcow v1 conversion to QCryptoBlock which
caused segv with legacy AES encryption
- Split qcow2 conversion into two parts, one converting
to QCryptoBlock just for legacy AES, one adding LUKS
support
- Enable more iotests for qcow to exercise legacy AES
code path
- Refactor generic LUKS block driver to allow code
sharing with the qcow2 LUKS integration
- Switch to use physical sector when generating
initialization vectors for LUKS with qcow2 to
avoid security weakness with snapshots.
Daniel P. Berrange (15):
block: expose crypto option names / defs to other drivers
block: add ability to set a prefix for opt names
qcow: document another weakness of qcow AES encryption
qcow: require image size to be > 1 for new images
iotests: skip 042 with qcow which dosn't support zero sized images
iotests: skip 048 with qcow which doesn't support resize
iotests: fix 097 when run with qcow
qcow: make encrypt_sectors encrypt in place
qcow: convert QCow to use QCryptoBlock for encryption
qcow2: make qcow2_encrypt_sectors encrypt in place
qcow2: convert QCow2 to use QCryptoBlock for encryption
qcow2: add support for LUKS encryption format
iotests: enable tests 134 and 158 to work with qcow (v1)
block: rip out all traces of password prompting
block: remove all encryption handling APIs
block.c | 77 +--------
block/crypto.c | 166 ++++++++++++-------
block/crypto.h | 102 ++++++++++++
block/qapi.c | 2 +-
block/qcow.c | 207 +++++++++++-------------
block/qcow2-cluster.c | 56 +------
block/qcow2-refcount.c | 10 ++
block/qcow2.c | 385 +++++++++++++++++++++++++++++++++++----------
block/qcow2.h | 17 +-
blockdev.c | 37 +----
docs/specs/qcow2.txt | 99 ++++++++++++
hmp.c | 31 ----
include/block/block.h | 3 -
include/block/block_int.h | 1 -
include/monitor/monitor.h | 7 -
include/qapi/error.h | 1 -
include/qemu/osdep.h | 2 -
monitor.c | 68 --------
qapi-schema.json | 10 +-
qapi/block-core.json | 28 +++-
qapi/common.json | 5 +-
qemu-img.c | 31 ----
qemu-img.texi | 9 ++
qemu-io.c | 20 ---
qmp.c | 12 +-
tests/qemu-iotests/042 | 2 +-
tests/qemu-iotests/048 | 2 +-
tests/qemu-iotests/049 | 2 +-
tests/qemu-iotests/049.out | 4 +-
tests/qemu-iotests/082.out | 243 ++++++++++++++++++++++++++++
tests/qemu-iotests/087 | 83 +++++++++-
tests/qemu-iotests/087.out | 28 +++-
tests/qemu-iotests/097 | 10 +-
tests/qemu-iotests/097.out | 125 +--------------
tests/qemu-iotests/134 | 20 ++-
tests/qemu-iotests/134.out | 10 +-
tests/qemu-iotests/158 | 21 ++-
tests/qemu-iotests/158.out | 14 +-
tests/qemu-iotests/173 | 126 +++++++++++++++
tests/qemu-iotests/173.out | 119 ++++++++++++++
tests/qemu-iotests/174 | 76 +++++++++
tests/qemu-iotests/174.out | 19 +++
tests/qemu-iotests/175 | 85 ++++++++++
tests/qemu-iotests/175.out | 26 +++
tests/qemu-iotests/group | 3 +
util/oslib-posix.c | 66 --------
util/oslib-win32.c | 24 ---
47 files changed, 1613 insertions(+), 881 deletions(-)
create mode 100644 block/crypto.h
create mode 100755 tests/qemu-iotests/173
create mode 100644 tests/qemu-iotests/173.out
create mode 100755 tests/qemu-iotests/174
create mode 100644 tests/qemu-iotests/174.out
create mode 100755 tests/qemu-iotests/175
create mode 100644 tests/qemu-iotests/175.out
--
2.9.3
^ permalink raw reply [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-03 19:46 ` Eric Blake
2017-01-16 19:42 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 02/15] block: add ability to set a prefix for opt names Daniel P. Berrange
` (14 subsequent siblings)
15 siblings, 2 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
The block/crypto.c defines a set of QemuOpts that provide
parameters for encryption. This will also be needed by
the qcow/qcow2 integration, so expose the relevant pieces
in a new block/crypto.h header.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/crypto.c | 61 +++++++--------------------------------
block/crypto.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 102 insertions(+), 50 deletions(-)
create mode 100644 block/crypto.h
diff --git a/block/crypto.c b/block/crypto.c
index 7aa7eb5..d281de6 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -26,14 +26,7 @@
#include "qapi/opts-visitor.h"
#include "qapi-visit.h"
#include "qapi/error.h"
-
-#define BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET "key-secret"
-#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG "cipher-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE "cipher-mode"
-#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG "ivgen-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG "ivgen-hash-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_HASH_ALG "hash-alg"
-#define BLOCK_CRYPTO_OPT_LUKS_ITER_TIME "iter-time"
+#include "block/crypto.h"
typedef struct BlockCrypto BlockCrypto;
@@ -135,11 +128,7 @@ static QemuOptsList block_crypto_runtime_opts_luks = {
.name = "crypto",
.head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head),
.desc = {
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET,
- .type = QEMU_OPT_STRING,
- .help = "ID of the secret that provides the encryption key",
- },
+ BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
{ /* end of list */ }
},
};
@@ -154,47 +143,19 @@ static QemuOptsList block_crypto_create_opts_luks = {
.type = QEMU_OPT_SIZE,
.help = "Virtual disk size"
},
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET,
- .type = QEMU_OPT_STRING,
- .help = "ID of the secret that provides the encryption key",
- },
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG,
- .type = QEMU_OPT_STRING,
- .help = "Name of encryption cipher algorithm",
- },
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE,
- .type = QEMU_OPT_STRING,
- .help = "Name of encryption cipher mode",
- },
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG,
- .type = QEMU_OPT_STRING,
- .help = "Name of IV generator algorithm",
- },
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG,
- .type = QEMU_OPT_STRING,
- .help = "Name of IV generator hash algorithm",
- },
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_HASH_ALG,
- .type = QEMU_OPT_STRING,
- .help = "Name of encryption hash algorithm",
- },
- {
- .name = BLOCK_CRYPTO_OPT_LUKS_ITER_TIME,
- .type = QEMU_OPT_NUMBER,
- .help = "Time to spend in PBKDF in milliseconds",
- },
+ BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME,
{ /* end of list */ }
},
};
-static QCryptoBlockOpenOptions *
+QCryptoBlockOpenOptions *
block_crypto_open_opts_init(QCryptoBlockFormat format,
QemuOpts *opts,
Error **errp)
@@ -240,7 +201,7 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
}
-static QCryptoBlockCreateOptions *
+QCryptoBlockCreateOptions *
block_crypto_create_opts_init(QCryptoBlockFormat format,
QemuOpts *opts,
Error **errp)
diff --git a/block/crypto.h b/block/crypto.h
new file mode 100644
index 0000000..e42f20e
--- /dev/null
+++ b/block/crypto.h
@@ -0,0 +1,91 @@
+/*
+ * QEMU block full disk encryption
+ *
+ * Copyright (c) 2015-2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef BLOCK_CRYPTO_H__
+#define BLOCK_CRYPTO_H__
+
+#define BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET "key-secret"
+#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG "cipher-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE "cipher-mode"
+#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG "ivgen-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG "ivgen-hash-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_HASH_ALG "hash-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_ITER_TIME "iter-time"
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET \
+ { \
+ .name = BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET, \
+ .type = QEMU_OPT_STRING, \
+ .help = "ID of the secret that provides the keyslot passphrase", \
+ }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG \
+ { \
+ .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG, \
+ .type = QEMU_OPT_STRING, \
+ .help = "Name of encryption cipher algorithm", \
+ }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE \
+ { \
+ .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE, \
+ .type = QEMU_OPT_STRING, \
+ .help = "Name of encryption cipher mode", \
+ }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG \
+ { \
+ .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG, \
+ .type = QEMU_OPT_STRING, \
+ .help = "Name of IV generator algorithm", \
+ }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG \
+ { \
+ .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG, \
+ .type = QEMU_OPT_STRING, \
+ .help = "Name of IV generator hash algorithm", \
+ }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG \
+ { \
+ .name = BLOCK_CRYPTO_OPT_LUKS_HASH_ALG, \
+ .type = QEMU_OPT_STRING, \
+ .help = "Name of encryption hash algorithm", \
+ }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME \
+ { \
+ .name = BLOCK_CRYPTO_OPT_LUKS_ITER_TIME, \
+ .type = QEMU_OPT_NUMBER, \
+ .help = "Time to spend in PBKDF in milliseconds", \
+ }
+
+QCryptoBlockCreateOptions *
+block_crypto_create_opts_init(QCryptoBlockFormat format,
+ QemuOpts *opts,
+ Error **errp);
+
+QCryptoBlockOpenOptions *
+block_crypto_open_opts_init(QCryptoBlockFormat format,
+ QemuOpts *opts,
+ Error **errp);
+
+#endif /* BLOCK_CRYPTO_H__ */
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 02/15] block: add ability to set a prefix for opt names
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 19:31 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 03/15] qcow: document another weakness of qcow AES encryption Daniel P. Berrange
` (13 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
When integrating the crypto support with qcow/qcow2, we don't
want to use the bare LUKS option names "hash-alg", "key-secret",
etc. We want to namespace them "luks-hash-alg", "luks-key-secret"
so that they don't clash with any general qcow options at a later
date.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/crypto.c | 110 +++++++++++++++++++++++++++++++++++++++++++++++++--------
block/crypto.h | 42 +++++++++++-----------
2 files changed, 118 insertions(+), 34 deletions(-)
diff --git a/block/crypto.c b/block/crypto.c
index d281de6..1037c70 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -128,7 +128,7 @@ static QemuOptsList block_crypto_runtime_opts_luks = {
.name = "crypto",
.head = QTAILQ_HEAD_INITIALIZER(block_crypto_runtime_opts_luks.head),
.desc = {
- BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
{ /* end of list */ }
},
};
@@ -143,31 +143,101 @@ static QemuOptsList block_crypto_create_opts_luks = {
.type = QEMU_OPT_SIZE,
.help = "Virtual disk size"
},
- BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET,
- BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG,
- BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE,
- BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG,
- BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG,
- BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG,
- BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME,
+ BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(""),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(""),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(""),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(""),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(""),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(""),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(""),
{ /* end of list */ }
},
};
+static QemuOptsList empty_opts = {
+ .name = "crypto-empty",
+ .merge_lists = false,
+ .head = QTAILQ_HEAD_INITIALIZER(empty_opts.head),
+ .desc = {
+ /* no elements => accept any params */
+ { /* end of list */ }
+ },
+};
+
+
+struct BlockCryptoCopyData {
+ QemuOpts *opts;
+ const char *prefix;
+};
+
+static int block_crypto_copy_value(void *opaque, const char *name,
+ const char *value, Error **errp)
+{
+ struct BlockCryptoCopyData *data = opaque;
+
+ if (g_str_has_prefix(name, data->prefix)) {
+ Error *local_err = NULL;
+ const char *newname = name + strlen(data->prefix);
+
+ qemu_opt_set(data->opts, newname, value, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+/*
+ * Create a copy of @opts containing only the fields with
+ * a prefix of @prefix, stripping the prefix in the returned
+ * opts
+ */
+static QemuOpts *
+block_crypto_copy_opts(QemuOpts *opts,
+ const char *prefix,
+ Error **errp)
+{
+ struct BlockCryptoCopyData data = {
+ .opts = qemu_opts_create(&empty_opts, NULL, false, errp),
+ .prefix = prefix
+ };
+ if (!data.opts) {
+ return NULL;
+ }
+
+ if (qemu_opt_foreach(opts, block_crypto_copy_value, &data, errp) != 0) {
+ qemu_opts_del(data.opts);
+ return NULL;
+ }
+
+ return data.opts;
+}
QCryptoBlockOpenOptions *
block_crypto_open_opts_init(QCryptoBlockFormat format,
QemuOpts *opts,
+ const char *prefix,
Error **errp)
{
- Visitor *v;
+ Visitor *v = NULL;
QCryptoBlockOpenOptions *ret = NULL;
Error *local_err = NULL;
+ QemuOpts *newopts = NULL;
ret = g_new0(QCryptoBlockOpenOptions, 1);
ret->format = format;
- v = opts_visitor_new(opts);
+ if (prefix != NULL) {
+ newopts = block_crypto_copy_opts(opts, prefix, &local_err);
+ if (local_err) {
+ goto out;
+ }
+ v = opts_visitor_new(newopts);
+ } else {
+ v = opts_visitor_new(opts);
+ }
visit_start_struct(v, NULL, NULL, 0, &local_err);
if (local_err) {
@@ -196,6 +266,7 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
qapi_free_QCryptoBlockOpenOptions(ret);
ret = NULL;
}
+ qemu_opts_del(newopts);
visit_free(v);
return ret;
}
@@ -204,16 +275,26 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
QCryptoBlockCreateOptions *
block_crypto_create_opts_init(QCryptoBlockFormat format,
QemuOpts *opts,
+ const char *prefix,
Error **errp)
{
- Visitor *v;
+ Visitor *v = NULL;
QCryptoBlockCreateOptions *ret = NULL;
Error *local_err = NULL;
+ QemuOpts *newopts = NULL;
ret = g_new0(QCryptoBlockCreateOptions, 1);
ret->format = format;
- v = opts_visitor_new(opts);
+ if (prefix != NULL) {
+ newopts = block_crypto_copy_opts(opts, prefix, &local_err);
+ if (local_err) {
+ goto out;
+ }
+ v = opts_visitor_new(newopts);
+ } else {
+ v = opts_visitor_new(opts);
+ }
visit_start_struct(v, NULL, NULL, 0, &local_err);
if (local_err) {
@@ -242,6 +323,7 @@ block_crypto_create_opts_init(QCryptoBlockFormat format,
qapi_free_QCryptoBlockCreateOptions(ret);
ret = NULL;
}
+ qemu_opts_del(newopts);
visit_free(v);
return ret;
}
@@ -268,7 +350,7 @@ static int block_crypto_open_generic(QCryptoBlockFormat format,
goto cleanup;
}
- open_opts = block_crypto_open_opts_init(format, opts, errp);
+ open_opts = block_crypto_open_opts_init(format, opts, NULL, errp);
if (!open_opts) {
goto cleanup;
}
@@ -312,7 +394,7 @@ static int block_crypto_create_generic(QCryptoBlockFormat format,
.filename = filename,
};
- create_opts = block_crypto_create_opts_init(format, opts, errp);
+ create_opts = block_crypto_create_opts_init(format, opts, NULL, errp);
if (!create_opts) {
return -1;
}
diff --git a/block/crypto.h b/block/crypto.h
index e42f20e..e70e2f0 100644
--- a/block/crypto.h
+++ b/block/crypto.h
@@ -29,51 +29,51 @@
#define BLOCK_CRYPTO_OPT_LUKS_HASH_ALG "hash-alg"
#define BLOCK_CRYPTO_OPT_LUKS_ITER_TIME "iter-time"
-#define BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET \
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET(prefix) \
{ \
- .name = BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET, \
+ .name = prefix BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET, \
.type = QEMU_OPT_STRING, \
.help = "ID of the secret that provides the keyslot passphrase", \
}
-#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG \
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG(prefix) \
{ \
- .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG, \
+ .name = prefix BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG, \
.type = QEMU_OPT_STRING, \
.help = "Name of encryption cipher algorithm", \
}
-#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE \
- { \
- .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE, \
- .type = QEMU_OPT_STRING, \
- .help = "Name of encryption cipher mode", \
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE(prefix) \
+ { \
+ .name = prefix BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE, \
+ .type = QEMU_OPT_STRING, \
+ .help = "Name of encryption cipher mode", \
}
-#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG \
- { \
- .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG, \
- .type = QEMU_OPT_STRING, \
- .help = "Name of IV generator algorithm", \
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG(prefix) \
+ { \
+ .name = prefix BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG, \
+ .type = QEMU_OPT_STRING, \
+ .help = "Name of IV generator algorithm", \
}
-#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG \
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG(prefix) \
{ \
- .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG, \
+ .name = prefix BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG, \
.type = QEMU_OPT_STRING, \
.help = "Name of IV generator hash algorithm", \
}
-#define BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG \
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG(prefix) \
{ \
- .name = BLOCK_CRYPTO_OPT_LUKS_HASH_ALG, \
+ .name = prefix BLOCK_CRYPTO_OPT_LUKS_HASH_ALG, \
.type = QEMU_OPT_STRING, \
.help = "Name of encryption hash algorithm", \
}
-#define BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME \
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME(prefix) \
{ \
- .name = BLOCK_CRYPTO_OPT_LUKS_ITER_TIME, \
+ .name = prefix BLOCK_CRYPTO_OPT_LUKS_ITER_TIME, \
.type = QEMU_OPT_NUMBER, \
.help = "Time to spend in PBKDF in milliseconds", \
}
@@ -81,11 +81,13 @@
QCryptoBlockCreateOptions *
block_crypto_create_opts_init(QCryptoBlockFormat format,
QemuOpts *opts,
+ const char *prefix,
Error **errp);
QCryptoBlockOpenOptions *
block_crypto_open_opts_init(QCryptoBlockFormat format,
QemuOpts *opts,
+ const char *prefix,
Error **errp);
#endif /* BLOCK_CRYPTO_H__ */
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 03/15] qcow: document another weakness of qcow AES encryption
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 02/15] block: add ability to set a prefix for opt names Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 19:37 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 04/15] qcow: require image size to be > 1 for new images Daniel P. Berrange
` (12 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
Document that use of guest virtual sector numbers as the basis for
the initialization vectors is a potential weakness, when combined
with internal snapshots or multiple images using the same passphrase.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
qemu-img.texi | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/qemu-img.texi b/qemu-img.texi
index 174aae3..8efcf89 100644
--- a/qemu-img.texi
+++ b/qemu-img.texi
@@ -554,6 +554,15 @@ change the passphrase to protect data in any qcow images. The files must
be cloned, using a different encryption passphrase in the new file. The
original file must then be securely erased using a program like shred,
though even this is ineffective with many modern storage technologies.
+@item Initialization vectors used to encrypt sectors are based on the
+guest virtual sector number, instead of the host physical sector. When
+a disk image has multiple internal snapshots this means that data in
+multiple physical sectors is encrypted with the same initialization
+vector. With the CBC mode, this opens the possibility of watermarking
+attacks if the attack can collect multiple sectors encrypted with the
+same IV and some predictable data. Having multiple qcow2 images with
+the same passphrase also exposes this weakness since the passphrase
+is directly used as the key.
@end itemize
Use of qcow / qcow2 encryption is thus strongly discouraged. Users are
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 04/15] qcow: require image size to be > 1 for new images
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (2 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 03/15] qcow: document another weakness of qcow AES encryption Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 19:41 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 05/15] iotests: skip 042 with qcow which dosn't support zero sized images Daniel P. Berrange
` (11 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
The qcow driver refuses to open images which are less than
2 bytes in size, but will happily create such images. Add
a check in the create path to avoid this discrepancy.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qcow.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/block/qcow.c b/block/qcow.c
index 7540f43..8133fda 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -799,6 +799,12 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp)
/* Read out options */
total_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0),
BDRV_SECTOR_SIZE);
+ if (total_size <= 1) {
+ error_setg(errp, "Image size is too small (must be at least 2 bytes)");
+ ret = -EINVAL;
+ goto cleanup;
+ }
+
backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) {
flags |= BLOCK_FLAG_ENCRYPT;
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 05/15] iotests: skip 042 with qcow which dosn't support zero sized images
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (3 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 04/15] qcow: require image size to be > 1 for new images Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 19:42 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 06/15] iotests: skip 048 with qcow which doesn't support resize Daniel P. Berrange
` (10 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
Test 042 is designed to verify operation with zero sized images.
Such images are not supported with qcow (v1), so this test has
always failed.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
tests/qemu-iotests/042 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/qemu-iotests/042 b/tests/qemu-iotests/042
index 351b283..a53e7cb 100755
--- a/tests/qemu-iotests/042
+++ b/tests/qemu-iotests/042
@@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
. ./common.rc
. ./common.filter
-_supported_fmt qcow2 qcow qed
+_supported_fmt qcow2 qed
_supported_proto file
_supported_os Linux
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 06/15] iotests: skip 048 with qcow which doesn't support resize
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (4 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 05/15] iotests: skip 042 with qcow which dosn't support zero sized images Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 19:48 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow Daniel P. Berrange
` (9 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
Test 048 is designed to verify data preservation during an
image resize. The qcow (v1) format impl has never supported
resize so always fails.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
tests/qemu-iotests/048 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/qemu-iotests/048 b/tests/qemu-iotests/048
index 203c04f..9ed04a0 100755
--- a/tests/qemu-iotests/048
+++ b/tests/qemu-iotests/048
@@ -46,7 +46,7 @@ _compare()
. ./common.filter
. ./common.pattern
-_supported_fmt raw qcow qcow2 qed luks
+_supported_fmt raw qcow2 qed luks
_supported_proto file
_supported_os Linux
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (5 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 06/15] iotests: skip 048 with qcow which doesn't support resize Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 20:04 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 08/15] qcow: make encrypt_sectors encrypt in place Daniel P. Berrange
` (8 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
The previous commit:
commit a3e1505daec31ef56f0489f8c8fff1b8e4ca92bd
Author: Eric Blake <eblake@redhat.com>
Date: Mon Dec 5 09:49:34 2016 -0600
qcow2: Don't strand clusters near 2G intervals during commit
extended the 097 test case so that it did two passes, once
with an internal snapshot, once without.
qcow (v1) does not support internal snapshots, so this change
broke test 097 when run against qcow.
This splits 097 in two, creating a new 173 that tests the
internal snapshot codepath, effectively putting 097 back
to its content before the above commit.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
tests/qemu-iotests/097 | 10 +---
tests/qemu-iotests/097.out | 125 ++------------------------------------------
tests/qemu-iotests/173 | 126 +++++++++++++++++++++++++++++++++++++++++++++
tests/qemu-iotests/173.out | 119 ++++++++++++++++++++++++++++++++++++++++++
tests/qemu-iotests/group | 1 +
5 files changed, 251 insertions(+), 130 deletions(-)
create mode 100755 tests/qemu-iotests/173
create mode 100644 tests/qemu-iotests/173.out
diff --git a/tests/qemu-iotests/097 b/tests/qemu-iotests/097
index 4c33e80..1d28aff 100755
--- a/tests/qemu-iotests/097
+++ b/tests/qemu-iotests/097
@@ -56,26 +56,19 @@ _supported_os Linux
# 3: Two-layer backing chain, commit to lower backing file
# (in this case, the top image will implicitly stay unchanged)
#
-# Each pass is run twice, since qcow2 has different code paths for cleaning
-# an image depending on whether it has a snapshot.
-#
# 020 already tests committing, so this only tests whether image chains are
# working properly and that all images above the base are emptied; therefore,
# no complicated patterns are necessary. Check near the 2G mark, as qcow2
# has been buggy at that boundary in the past.
for i in 0 1 2 3; do
-for j in 0 1; do
echo
-echo "=== Test pass $i.$j ==="
+echo "=== Test pass $i ==="
echo
TEST_IMG="$TEST_IMG.base" _make_test_img 2100M
TEST_IMG="$TEST_IMG.itmd" _make_test_img -b "$TEST_IMG.base" 2100M
_make_test_img -b "$TEST_IMG.itmd" 2100M
-if [ $j -eq 0 ]; then
- $QEMU_IMG snapshot -c snap "$TEST_IMG"
-fi
$QEMU_IO -c 'write -P 1 0x7ffd0000 192k' "$TEST_IMG.base" | _filter_qemu_io
$QEMU_IO -c 'write -P 2 0x7ffe0000 128k' "$TEST_IMG.itmd" | _filter_qemu_io
@@ -121,7 +114,6 @@ $QEMU_IMG map "$TEST_IMG.itmd" | _filter_qemu_img_map
$QEMU_IMG map "$TEST_IMG" | _filter_qemu_img_map
done
-done
# success, all done
diff --git a/tests/qemu-iotests/097.out b/tests/qemu-iotests/097.out
index 8106cc9..81fc225 100644
--- a/tests/qemu-iotests/097.out
+++ b/tests/qemu-iotests/097.out
@@ -1,6 +1,6 @@
QA output created by 097
-=== Test pass 0.0 ===
+=== Test pass 0 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
@@ -29,66 +29,7 @@ Offset Length File
0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
-=== Test pass 0.1 ===
-
-Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
-Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
-wrote 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 131072/131072 bytes at offset 2147352576
-128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Image committed.
-read 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147287040
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147352576
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Offset Length File
-0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
-
-=== Test pass 1.0 ===
-
-Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
-Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
-wrote 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 131072/131072 bytes at offset 2147352576
-128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Image committed.
-read 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147287040
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147352576
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Offset Length File
-0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
-0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
-
-=== Test pass 1.1 ===
+=== Test pass 1 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
@@ -118,7 +59,7 @@ Offset Length File
0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
-=== Test pass 2.0 ===
+=== Test pass 2 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
@@ -148,65 +89,7 @@ Offset Length File
0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
-=== Test pass 2.1 ===
-
-Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
-Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
-wrote 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 131072/131072 bytes at offset 2147352576
-128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Image committed.
-read 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147287040
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147352576
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Offset Length File
-0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
-0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
-
-=== Test pass 3.0 ===
-
-Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
-Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
-wrote 196608/196608 bytes at offset 2147287040
-192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 131072/131072 bytes at offset 2147352576
-128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-wrote 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Image committed.
-read 65536/65536 bytes at offset 2147287040
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147352576
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-read 65536/65536 bytes at offset 2147418112
-64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
-Offset Length File
-0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
-Offset Length File
-0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
-0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
-0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
-
-=== Test pass 3.1 ===
+=== Test pass 3 ===
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
diff --git a/tests/qemu-iotests/173 b/tests/qemu-iotests/173
new file mode 100755
index 0000000..9a70a87
--- /dev/null
+++ b/tests/qemu-iotests/173
@@ -0,0 +1,126 @@
+#!/bin/bash
+#
+# Commit changes into backing chains and empty the top image if the
+# backing image is not explicitly specified.
+#
+# Variant of 097, which includes snapshots to test different codepath
+# in qcow2
+#
+# Copyright (C) 2014 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# creator
+owner=mreitz@redhat.com
+
+seq="$(basename $0)"
+echo "QA output created by $seq"
+
+here="$PWD"
+status=1 # failure is the default!
+
+_cleanup()
+{
+ _cleanup_test_img
+ _rm_test_img "$TEST_IMG.itmd"
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+. ./common.pattern
+
+# Any format supporting backing files and bdrv_make_empty
+_supported_fmt qcow2
+_supported_proto file
+_supported_os Linux
+
+
+# Four passes:
+# 0: Two-layer backing chain, commit to upper backing file (implicitly)
+# (in this case, the top image will be emptied)
+# 1: Two-layer backing chain, commit to upper backing file (explicitly)
+# (in this case, the top image will implicitly stay unchanged)
+# 2: Two-layer backing chain, commit to upper backing file (implicitly with -d)
+# (in this case, the top image will explicitly stay unchanged)
+# 3: Two-layer backing chain, commit to lower backing file
+# (in this case, the top image will implicitly stay unchanged)
+#
+# 020 already tests committing, so this only tests whether image chains are
+# working properly and that all images above the base are emptied; therefore,
+# no complicated patterns are necessary. Check near the 2G mark, as qcow2
+# has been buggy at that boundary in the past.
+for i in 0 1 2 3; do
+
+echo
+echo "=== Test pass $i ==="
+echo
+
+TEST_IMG="$TEST_IMG.base" _make_test_img 2100M
+TEST_IMG="$TEST_IMG.itmd" _make_test_img -b "$TEST_IMG.base" 2100M
+_make_test_img -b "$TEST_IMG.itmd" 2100M
+$QEMU_IMG snapshot -c snap "$TEST_IMG"
+
+$QEMU_IO -c 'write -P 1 0x7ffd0000 192k' "$TEST_IMG.base" | _filter_qemu_io
+$QEMU_IO -c 'write -P 2 0x7ffe0000 128k' "$TEST_IMG.itmd" | _filter_qemu_io
+$QEMU_IO -c 'write -P 3 0x7fff0000 64k' "$TEST_IMG" | _filter_qemu_io
+
+if [ $i -lt 3 ]; then
+ if [ $i == 0 ]; then
+ # -b "$TEST_IMG.itmd" should be the default (that is, committing to the
+ # first backing file in the chain)
+ $QEMU_IMG commit "$TEST_IMG"
+ elif [ $i == 1 ]; then
+ # explicitly specify the commit target (this should imply -d)
+ $QEMU_IMG commit -b "$TEST_IMG.itmd" "$TEST_IMG"
+ else
+ # do not explicitly specify the commit target, but use -d to leave the
+ # top image unchanged
+ $QEMU_IMG commit -d "$TEST_IMG"
+ fi
+
+ # Bottom should be unchanged
+ $QEMU_IO -c 'read -P 1 0x7ffd0000 192k' "$TEST_IMG.base" | _filter_qemu_io
+
+ # Intermediate should contain changes from top
+ $QEMU_IO -c 'read -P 1 0x7ffd0000 64k' "$TEST_IMG.itmd" | _filter_qemu_io
+ $QEMU_IO -c 'read -P 2 0x7ffe0000 64k' "$TEST_IMG.itmd" | _filter_qemu_io
+ $QEMU_IO -c 'read -P 3 0x7fff0000 64k' "$TEST_IMG.itmd" | _filter_qemu_io
+
+ # And in pass 0, the top image should be empty, whereas in both other passes
+ # it should be unchanged (which is both checked by qemu-img map)
+else
+ $QEMU_IMG commit -b "$TEST_IMG.base" "$TEST_IMG"
+
+ # Bottom should contain all changes
+ $QEMU_IO -c 'read -P 1 0x7ffd0000 64k' "$TEST_IMG.base" | _filter_qemu_io
+ $QEMU_IO -c 'read -P 2 0x7ffe0000 64k' "$TEST_IMG.base" | _filter_qemu_io
+ $QEMU_IO -c 'read -P 3 0x7fff0000 64k' "$TEST_IMG.base" | _filter_qemu_io
+
+ # Both top and intermediate should be unchanged
+fi
+
+$QEMU_IMG map "$TEST_IMG.base" | _filter_qemu_img_map
+$QEMU_IMG map "$TEST_IMG.itmd" | _filter_qemu_img_map
+$QEMU_IMG map "$TEST_IMG" | _filter_qemu_img_map
+
+done
+
+
+# success, all done
+echo "*** done"
+rm -f $seq.full
+status=0
diff --git a/tests/qemu-iotests/173.out b/tests/qemu-iotests/173.out
new file mode 100644
index 0000000..5d16a11
--- /dev/null
+++ b/tests/qemu-iotests/173.out
@@ -0,0 +1,119 @@
+QA output created by 173
+
+=== Test pass 0 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+
+=== Test pass 1 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
+0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
+
+=== Test pass 2 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
+0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
+
+=== Test pass 3 ===
+
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=2202009600
+Formatting 'TEST_DIR/t.IMGFMT.itmd', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.base
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=2202009600 backing_file=TEST_DIR/t.IMGFMT.itmd
+wrote 196608/196608 bytes at offset 2147287040
+192 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 131072/131072 bytes at offset 2147352576
+128 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+wrote 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Image committed.
+read 65536/65536 bytes at offset 2147287040
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147352576
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 65536/65536 bytes at offset 2147418112
+64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+Offset Length File
+0x7ffd0000 0x30000 TEST_DIR/t.IMGFMT.base
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x20000 TEST_DIR/t.IMGFMT.itmd
+Offset Length File
+0x7ffd0000 0x10000 TEST_DIR/t.IMGFMT.base
+0x7ffe0000 0x10000 TEST_DIR/t.IMGFMT.itmd
+0x7fff0000 0x10000 TEST_DIR/t.IMGFMT
+*** done
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
index 866c1a0..f5d7bc8 100644
--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
@@ -165,3 +165,4 @@
170 rw auto quick
171 rw auto quick
172 auto
+173 rw auto backing
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 08/15] qcow: make encrypt_sectors encrypt in place
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (6 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 20:25 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 09/15] qcow: convert QCow to use QCryptoBlock for encryption Daniel P. Berrange
` (7 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
Instead of requiring separate input/output buffers for
encrypting data, change encrypt_sectors() to assume
use of a single buffer, encrypting in place. One current
caller all uses the same buffer for input/output already
and the other two callers are easily converted todo so.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qcow.c | 36 +++++++++++-------------------------
1 file changed, 11 insertions(+), 25 deletions(-)
diff --git a/block/qcow.c b/block/qcow.c
index 8133fda..bc9fa2f 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -310,11 +310,10 @@ static int qcow_set_key(BlockDriverState *bs, const char *key)
}
/* The crypt function is compatible with the linux cryptoloop
- algorithm for < 4 GB images. NOTE: out_buf == in_buf is
- supported */
+ algorithm for < 4 GB images. */
static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
- uint8_t *out_buf, const uint8_t *in_buf,
- int nb_sectors, bool enc, Error **errp)
+ uint8_t *buf, int nb_sectors, bool enc,
+ Error **errp)
{
union {
uint64_t ll[2];
@@ -333,14 +332,12 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
}
if (enc) {
ret = qcrypto_cipher_encrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
512,
errp);
} else {
ret = qcrypto_cipher_decrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
512,
errp);
}
@@ -348,8 +345,7 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
return -1;
}
sector_num++;
- in_buf += 512;
- out_buf += 512;
+ buf += 512;
}
return 0;
}
@@ -469,13 +465,12 @@ static uint64_t get_cluster_offset(BlockDriverState *bs,
uint64_t start_sect;
assert(s->cipher);
start_sect = (offset & ~(s->cluster_size - 1)) >> 9;
- memset(s->cluster_data + 512, 0x00, 512);
+ memset(s->cluster_data, 0x00, 512);
for(i = 0; i < s->cluster_sectors; i++) {
if (i < n_start || i >= n_end) {
Error *err = NULL;
if (encrypt_sectors(s, start_sect + i,
- s->cluster_data,
- s->cluster_data + 512, 1,
+ s->cluster_data, 1,
true, &err) < 0) {
error_free(err);
errno = EIO;
@@ -653,7 +648,7 @@ static coroutine_fn int qcow_co_readv(BlockDriverState *bs, int64_t sector_num,
}
if (bs->encrypted) {
assert(s->cipher);
- if (encrypt_sectors(s, sector_num, buf, buf,
+ if (encrypt_sectors(s, sector_num, buf,
n, false, &err) < 0) {
goto fail;
}
@@ -688,9 +683,7 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
BDRVQcowState *s = bs->opaque;
int index_in_cluster;
uint64_t cluster_offset;
- const uint8_t *src_buf;
int ret = 0, n;
- uint8_t *cluster_data = NULL;
struct iovec hd_iov;
QEMUIOVector hd_qiov;
uint8_t *buf;
@@ -728,21 +721,15 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
if (bs->encrypted) {
Error *err = NULL;
assert(s->cipher);
- if (!cluster_data) {
- cluster_data = g_malloc0(s->cluster_size);
- }
- if (encrypt_sectors(s, sector_num, cluster_data, buf,
+ if (encrypt_sectors(s, sector_num, buf,
n, true, &err) < 0) {
error_free(err);
ret = -EIO;
break;
}
- src_buf = cluster_data;
- } else {
- src_buf = buf;
}
- hd_iov.iov_base = (void *)src_buf;
+ hd_iov.iov_base = (void *)buf;
hd_iov.iov_len = n * 512;
qemu_iovec_init_external(&hd_qiov, &hd_iov, 1);
qemu_co_mutex_unlock(&s->lock);
@@ -764,7 +751,6 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
if (qiov->niov > 1) {
qemu_vfree(orig_buf);
}
- g_free(cluster_data);
return ret;
}
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 09/15] qcow: convert QCow to use QCryptoBlock for encryption
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (7 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 08/15] qcow: make encrypt_sectors encrypt in place Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-16 21:16 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 10/15] qcow2: make qcow2_encrypt_sectors encrypt in place Daniel P. Berrange
` (6 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
This converts the qcow2 driver to make use of the QCryptoBlock
APIs for encrypting image content. This is only wired up to
permit use of the legacy QCow encryption format. Users who wish
to have the strong LUKS format should switch to qcow2 instead.
With this change it is now required to use the QCryptoSecret
object for providing passwords, instead of the current block
password APIs / interactive prompting.
$QEMU \
-object secret,id=sec0,filename=/home/berrange/encrypted.pw \
-drive file=/home/berrange/encrypted.qcow,aes-key-secret=sec0
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/crypto.c | 10 +++
block/crypto.h | 9 +++
block/qcow.c | 184 +++++++++++++++++++++++----------------------------
qapi/block-core.json | 17 ++++-
4 files changed, 117 insertions(+), 103 deletions(-)
diff --git a/block/crypto.c b/block/crypto.c
index 1037c70..915ba70 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -250,6 +250,11 @@ block_crypto_open_opts_init(QCryptoBlockFormat format,
v, &ret->u.luks, &local_err);
break;
+ case Q_CRYPTO_BLOCK_FORMAT_QCOW:
+ visit_type_QCryptoBlockOptionsQCow_members(
+ v, &ret->u.qcow, &local_err);
+ break;
+
default:
error_setg(&local_err, "Unsupported block format %d", format);
break;
@@ -307,6 +312,11 @@ block_crypto_create_opts_init(QCryptoBlockFormat format,
v, &ret->u.luks, &local_err);
break;
+ case Q_CRYPTO_BLOCK_FORMAT_QCOW:
+ visit_type_QCryptoBlockOptionsQCow_members(
+ v, &ret->u.qcow, &local_err);
+ break;
+
default:
error_setg(&local_err, "Unsupported block format %d", format);
break;
diff --git a/block/crypto.h b/block/crypto.h
index e70e2f0..1d64676 100644
--- a/block/crypto.h
+++ b/block/crypto.h
@@ -21,6 +21,15 @@
#ifndef BLOCK_CRYPTO_H__
#define BLOCK_CRYPTO_H__
+#define BLOCK_CRYPTO_OPT_QCOW_KEY_SECRET "key-secret"
+
+#define BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET(prefix) \
+ { \
+ .name = prefix BLOCK_CRYPTO_OPT_QCOW_KEY_SECRET, \
+ .type = QEMU_OPT_STRING, \
+ .help = "ID of the secret that provides the AES encryption key", \
+ }
+
#define BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET "key-secret"
#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG "cipher-alg"
#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE "cipher-mode"
diff --git a/block/qcow.c b/block/qcow.c
index bc9fa2f..6232ad8 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -31,8 +31,9 @@
#include "qemu/bswap.h"
#include <zlib.h>
#include "qapi/qmp/qerror.h"
-#include "crypto/cipher.h"
+#include "crypto/block.h"
#include "migration/migration.h"
+#include "block/crypto.h"
/**************************************************************/
/* QEMU COW block driver with compression and encryption support */
@@ -77,7 +78,7 @@ typedef struct BDRVQcowState {
uint8_t *cluster_cache;
uint8_t *cluster_data;
uint64_t cluster_cache_offset;
- QCryptoCipher *cipher; /* NULL if no key yet */
+ QCryptoBlock *crypto; /* Disk encryption format driver */
uint32_t crypt_method_header;
CoMutex lock;
Error *migration_blocker;
@@ -97,6 +98,15 @@ static int qcow_probe(const uint8_t *buf, int buf_size, const char *filename)
return 0;
}
+static QemuOptsList qcow_runtime_opts = {
+ .name = "qcow",
+ .head = QTAILQ_HEAD_INITIALIZER(qcow_runtime_opts.head),
+ .desc = {
+ BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
+ { /* end of list */ }
+ },
+};
+
static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
Error **errp)
{
@@ -104,6 +114,18 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
unsigned int len, i, shift;
int ret;
QCowHeader header;
+ QemuOpts *opts = NULL;
+ Error *local_err = NULL;
+ QCryptoBlockOpenOptions *crypto_opts = NULL;
+ unsigned int cflags = 0;
+
+ opts = qemu_opts_create(&qcow_runtime_opts, NULL, 0, &error_abort);
+ qemu_opts_absorb_qdict(opts, options, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ ret = -EINVAL;
+ goto fail;
+ }
ret = bdrv_pread(bs->file, 0, &header, sizeof(header));
if (ret < 0) {
@@ -148,17 +170,6 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
goto fail;
}
- if (header.crypt_method > QCOW_CRYPT_AES) {
- error_setg(errp, "invalid encryption method in qcow header");
- ret = -EINVAL;
- goto fail;
- }
- if (!qcrypto_cipher_supports(QCRYPTO_CIPHER_ALG_AES_128,
- QCRYPTO_CIPHER_MODE_CBC)) {
- error_setg(errp, "AES cipher not available");
- ret = -EINVAL;
- goto fail;
- }
s->crypt_method_header = header.crypt_method;
if (s->crypt_method_header) {
if (bdrv_uses_whitelist() &&
@@ -174,8 +185,31 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
ret = -ENOSYS;
goto fail;
}
+ if (s->crypt_method_header == QCOW_CRYPT_AES) {
+ crypto_opts = block_crypto_open_opts_init(
+ Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ ret = -EINVAL;
+ goto fail;
+ }
+ if (flags & BDRV_O_NO_IO) {
+ cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
+ }
+ s->crypto = qcrypto_block_open(crypto_opts, NULL, NULL,
+ cflags, errp);
+ if (!s->crypto) {
+ ret = -EINVAL;
+ goto fail;
+ }
+ } else {
+ error_setg(errp, "invalid encryption method in qcow header");
+ ret = -EINVAL;
+ goto fail;
+ }
bs->encrypted = true;
+ bs->valid_key = true;
}
s->cluster_bits = header.cluster_bits;
s->cluster_size = 1 << s->cluster_bits;
@@ -254,6 +288,7 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
bdrv_get_device_or_node_name(bs));
migrate_add_blocker(s->migration_blocker);
+ qapi_free_QCryptoBlockOpenOptions(crypto_opts);
qemu_co_mutex_init(&s->lock);
return 0;
@@ -262,6 +297,7 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
qemu_vfree(s->l2_cache);
g_free(s->cluster_cache);
g_free(s->cluster_data);
+ qapi_free_QCryptoBlockOpenOptions(crypto_opts);
return ret;
}
@@ -274,81 +310,6 @@ static int qcow_reopen_prepare(BDRVReopenState *state,
return 0;
}
-static int qcow_set_key(BlockDriverState *bs, const char *key)
-{
- BDRVQcowState *s = bs->opaque;
- uint8_t keybuf[16];
- int len, i;
- Error *err;
-
- memset(keybuf, 0, 16);
- len = strlen(key);
- if (len > 16)
- len = 16;
- /* XXX: we could compress the chars to 7 bits to increase
- entropy */
- for(i = 0;i < len;i++) {
- keybuf[i] = key[i];
- }
- assert(bs->encrypted);
-
- qcrypto_cipher_free(s->cipher);
- s->cipher = qcrypto_cipher_new(
- QCRYPTO_CIPHER_ALG_AES_128,
- QCRYPTO_CIPHER_MODE_CBC,
- keybuf, G_N_ELEMENTS(keybuf),
- &err);
-
- if (!s->cipher) {
- /* XXX would be nice if errors in this method could
- * be properly propagate to the caller. Would need
- * the bdrv_set_key() API signature to be fixed. */
- error_free(err);
- return -1;
- }
- return 0;
-}
-
-/* The crypt function is compatible with the linux cryptoloop
- algorithm for < 4 GB images. */
-static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
- uint8_t *buf, int nb_sectors, bool enc,
- Error **errp)
-{
- union {
- uint64_t ll[2];
- uint8_t b[16];
- } ivec;
- int i;
- int ret;
-
- for(i = 0; i < nb_sectors; i++) {
- ivec.ll[0] = cpu_to_le64(sector_num);
- ivec.ll[1] = 0;
- if (qcrypto_cipher_setiv(s->cipher,
- ivec.b, G_N_ELEMENTS(ivec.b),
- errp) < 0) {
- return -1;
- }
- if (enc) {
- ret = qcrypto_cipher_encrypt(s->cipher,
- buf, buf,
- 512,
- errp);
- } else {
- ret = qcrypto_cipher_decrypt(s->cipher,
- buf, buf,
- 512,
- errp);
- }
- if (ret < 0) {
- return -1;
- }
- sector_num++;
- buf += 512;
- }
- return 0;
-}
/* 'allocate' is:
*
@@ -463,15 +424,16 @@ static uint64_t get_cluster_offset(BlockDriverState *bs,
if (bs->encrypted &&
(n_end - n_start) < s->cluster_sectors) {
uint64_t start_sect;
- assert(s->cipher);
+ assert(s->crypto);
start_sect = (offset & ~(s->cluster_size - 1)) >> 9;
memset(s->cluster_data, 0x00, 512);
for(i = 0; i < s->cluster_sectors; i++) {
if (i < n_start || i >= n_end) {
Error *err = NULL;
- if (encrypt_sectors(s, start_sect + i,
- s->cluster_data, 1,
- true, &err) < 0) {
+ if (qcrypto_block_encrypt(s->crypto, start_sect + i,
+ s->cluster_data,
+ BDRV_SECTOR_SIZE,
+ &err) < 0) {
error_free(err);
errno = EIO;
return -1;
@@ -516,7 +478,7 @@ static int64_t coroutine_fn qcow_co_get_block_status(BlockDriverState *bs,
if (!cluster_offset) {
return 0;
}
- if ((cluster_offset & QCOW_OFLAG_COMPRESSED) || s->cipher) {
+ if ((cluster_offset & QCOW_OFLAG_COMPRESSED) || s->crypto) {
return BDRV_BLOCK_DATA;
}
cluster_offset |= (index_in_cluster << BDRV_SECTOR_BITS);
@@ -647,9 +609,9 @@ static coroutine_fn int qcow_co_readv(BlockDriverState *bs, int64_t sector_num,
break;
}
if (bs->encrypted) {
- assert(s->cipher);
- if (encrypt_sectors(s, sector_num, buf,
- n, false, &err) < 0) {
+ assert(s->crypto);
+ if (qcrypto_block_decrypt(s->crypto, sector_num, buf,
+ n * BDRV_SECTOR_SIZE, &err) < 0) {
goto fail;
}
}
@@ -720,9 +682,9 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
}
if (bs->encrypted) {
Error *err = NULL;
- assert(s->cipher);
- if (encrypt_sectors(s, sector_num, buf,
- n, true, &err) < 0) {
+ assert(s->crypto);
+ if (qcrypto_block_encrypt(s->crypto, sector_num, buf,
+ n * BDRV_SECTOR_SIZE, &err) < 0) {
error_free(err);
ret = -EIO;
break;
@@ -759,8 +721,8 @@ static void qcow_close(BlockDriverState *bs)
{
BDRVQcowState *s = bs->opaque;
- qcrypto_cipher_free(s->cipher);
- s->cipher = NULL;
+ qcrypto_block_free(s->crypto);
+ s->crypto = NULL;
g_free(s->l1_table);
qemu_vfree(s->l2_cache);
g_free(s->cluster_cache);
@@ -781,6 +743,8 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp)
Error *local_err = NULL;
int ret;
BlockBackend *qcow_blk;
+ QCryptoBlockCreateOptions *crypto_opts = NULL;
+ QCryptoBlock *crypto = NULL;
/* Read out options */
total_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0),
@@ -847,6 +811,20 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp)
header.l1_table_offset = cpu_to_be64(header_size);
if (flags & BLOCK_FLAG_ENCRYPT) {
header.crypt_method = cpu_to_be32(QCOW_CRYPT_AES);
+
+ crypto_opts = block_crypto_create_opts_init(
+ Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ ret = -EINVAL;
+ goto exit;
+ }
+
+ crypto = qcrypto_block_create(crypto_opts, NULL, NULL, NULL, errp);
+ if (!crypto) {
+ ret = -EINVAL;
+ goto exit;
+ }
} else {
header.crypt_method = cpu_to_be32(QCOW_CRYPT_NONE);
}
@@ -881,6 +859,8 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp)
exit:
blk_unref(qcow_blk);
cleanup:
+ qcrypto_block_free(crypto);
+ qapi_free_QCryptoBlockCreateOptions(crypto_opts);
g_free(backing_file);
return ret;
}
@@ -1022,6 +1002,7 @@ static QemuOptsList qcow_create_opts = {
.help = "Encrypt the image",
.def_value_str = "off"
},
+ BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
{ /* end of list */ }
}
};
@@ -1041,7 +1022,6 @@ static BlockDriver bdrv_qcow = {
.bdrv_co_writev = qcow_co_writev,
.bdrv_co_get_block_status = qcow_co_get_block_status,
- .bdrv_set_key = qcow_set_key,
.bdrv_make_empty = qcow_make_empty,
.bdrv_co_pwritev_compressed = qcow_co_pwritev_compressed,
.bdrv_get_info = qcow_get_info,
diff --git a/qapi/block-core.json b/qapi/block-core.json
index 6b42216..c2b70e8 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1887,6 +1887,21 @@
'mode': 'Qcow2OverlapCheckMode' } }
##
+# @BlockdevOptionsQcow:
+#
+# Driver specific block device options for qcow.
+#
+# @aes-key-secret: #optional ID of the "secret" object providing the
+# AES decryption key.
+#
+# Since: 2.9
+##
+{ 'struct': 'BlockdevOptionsQcow',
+ 'base': 'BlockdevOptionsGenericCOWFormat',
+ 'data': { '*aes-key-secret': 'str' } }
+
+
+##
# @BlockdevOptionsQcow2:
#
# Driver specific block device options for qcow2.
@@ -2403,7 +2418,7 @@
'null-co': 'BlockdevOptionsNull',
'parallels': 'BlockdevOptionsGenericFormat',
'qcow2': 'BlockdevOptionsQcow2',
- 'qcow': 'BlockdevOptionsGenericCOWFormat',
+ 'qcow': 'BlockdevOptionsQcow',
'qed': 'BlockdevOptionsGenericCOWFormat',
'quorum': 'BlockdevOptionsQuorum',
'raw': 'BlockdevOptionsRaw',
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 10/15] qcow2: make qcow2_encrypt_sectors encrypt in place
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (8 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 09/15] qcow: convert QCow to use QCryptoBlock for encryption Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
` (5 subsequent siblings)
15 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
Instead of requiring separate input/output buffers for
encrypting data, change qcow2_encrypt_sectors() to assume
use of a single buffer, encrypting in place. The current
callers all used the same buffer for input/output already.
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qcow2-cluster.c | 17 ++++++-----------
block/qcow2.c | 4 ++--
block/qcow2.h | 3 +--
3 files changed, 9 insertions(+), 15 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 928c1e2..907e869 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -346,11 +346,9 @@ static int count_contiguous_clusters_by_type(int nb_clusters,
}
/* The crypt function is compatible with the linux cryptoloop
- algorithm for < 4 GB images. NOTE: out_buf == in_buf is
- supported */
+ algorithm for < 4 GB images. */
int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
- uint8_t *out_buf, const uint8_t *in_buf,
- int nb_sectors, bool enc,
+ uint8_t *buf, int nb_sectors, bool enc,
Error **errp)
{
union {
@@ -370,14 +368,12 @@ int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
}
if (enc) {
ret = qcrypto_cipher_encrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
512,
errp);
} else {
ret = qcrypto_cipher_decrypt(s->cipher,
- in_buf,
- out_buf,
+ buf, buf,
512,
errp);
}
@@ -385,8 +381,7 @@ int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
return -1;
}
sector_num++;
- in_buf += 512;
- out_buf += 512;
+ buf += 512;
}
return 0;
}
@@ -434,7 +429,7 @@ static int coroutine_fn do_perform_cow(BlockDriverState *bs,
assert(s->cipher);
assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
assert((bytes & ~BDRV_SECTOR_MASK) == 0);
- if (qcow2_encrypt_sectors(s, sector, iov.iov_base, iov.iov_base,
+ if (qcow2_encrypt_sectors(s, sector, iov.iov_base,
bytes >> BDRV_SECTOR_BITS, true, &err) < 0) {
ret = -EIO;
error_free(err);
diff --git a/block/qcow2.c b/block/qcow2.c
index 96fb8a8..3c14c86 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1530,7 +1530,7 @@ static coroutine_fn int qcow2_co_preadv(BlockDriverState *bs, uint64_t offset,
assert((cur_bytes & (BDRV_SECTOR_SIZE - 1)) == 0);
Error *err = NULL;
if (qcow2_encrypt_sectors(s, offset >> BDRV_SECTOR_BITS,
- cluster_data, cluster_data,
+ cluster_data,
cur_bytes >> BDRV_SECTOR_BITS,
false, &err) < 0) {
error_free(err);
@@ -1626,7 +1626,7 @@ static coroutine_fn int qcow2_co_pwritev(BlockDriverState *bs, uint64_t offset,
qemu_iovec_to_buf(&hd_qiov, 0, cluster_data, hd_qiov.size);
if (qcow2_encrypt_sectors(s, offset >> BDRV_SECTOR_BITS,
- cluster_data, cluster_data,
+ cluster_data,
cur_bytes >>BDRV_SECTOR_BITS,
true, &err) < 0) {
error_free(err);
diff --git a/block/qcow2.h b/block/qcow2.h
index 1823414..033d8c0 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -530,8 +530,7 @@ int qcow2_grow_l1_table(BlockDriverState *bs, uint64_t min_size,
int qcow2_write_l1_entry(BlockDriverState *bs, int l1_index);
int qcow2_decompress_cluster(BlockDriverState *bs, uint64_t cluster_offset);
int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
- uint8_t *out_buf, const uint8_t *in_buf,
- int nb_sectors, bool enc, Error **errp);
+ uint8_t *buf, int nb_sectors, bool enc, Error **errp);
int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset,
unsigned int *bytes, uint64_t *cluster_offset);
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (9 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 10/15] qcow2: make qcow2_encrypt_sectors encrypt in place Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-18 18:13 ` Max Reitz
2017-01-21 19:07 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format Daniel P. Berrange
` (4 subsequent siblings)
15 siblings, 2 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
This converts the qcow2 driver to make use of the QCryptoBlock
APIs for encrypting image content, using the legacyy QCow2 AES
scheme.
With this change it is now required to use the QCryptoSecret
object for providing passwords, instead of the current block
password APIs / interactive prompting.
$QEMU \
-object secret,id=sec0,filename=/home/berrange/encrypted.pw \
-drive file=/home/berrange/encrypted.qcow2,aes-key-secret=sec0
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qcow2-cluster.c | 47 +----------
block/qcow2.c | 190 +++++++++++++++++++++++++++++----------------
block/qcow2.h | 5 +-
qapi/block-core.json | 7 +-
tests/qemu-iotests/049 | 2 +-
tests/qemu-iotests/049.out | 4 +-
tests/qemu-iotests/082.out | 27 +++++++
tests/qemu-iotests/087 | 28 ++++++-
tests/qemu-iotests/087.out | 6 +-
tests/qemu-iotests/134 | 18 +++--
tests/qemu-iotests/134.out | 10 +--
tests/qemu-iotests/158 | 19 +++--
tests/qemu-iotests/158.out | 14 +---
13 files changed, 219 insertions(+), 158 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 907e869..a2103dc 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -345,47 +345,6 @@ static int count_contiguous_clusters_by_type(int nb_clusters,
return i;
}
-/* The crypt function is compatible with the linux cryptoloop
- algorithm for < 4 GB images. */
-int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num,
- uint8_t *buf, int nb_sectors, bool enc,
- Error **errp)
-{
- union {
- uint64_t ll[2];
- uint8_t b[16];
- } ivec;
- int i;
- int ret;
-
- for(i = 0; i < nb_sectors; i++) {
- ivec.ll[0] = cpu_to_le64(sector_num);
- ivec.ll[1] = 0;
- if (qcrypto_cipher_setiv(s->cipher,
- ivec.b, G_N_ELEMENTS(ivec.b),
- errp) < 0) {
- return -1;
- }
- if (enc) {
- ret = qcrypto_cipher_encrypt(s->cipher,
- buf, buf,
- 512,
- errp);
- } else {
- ret = qcrypto_cipher_decrypt(s->cipher,
- buf, buf,
- 512,
- errp);
- }
- if (ret < 0) {
- return -1;
- }
- sector_num++;
- buf += 512;
- }
- return 0;
-}
-
static int coroutine_fn do_perform_cow(BlockDriverState *bs,
uint64_t src_cluster_offset,
uint64_t cluster_offset,
@@ -426,11 +385,11 @@ static int coroutine_fn do_perform_cow(BlockDriverState *bs,
Error *err = NULL;
int64_t sector = (src_cluster_offset + offset_in_cluster)
>> BDRV_SECTOR_BITS;
- assert(s->cipher);
assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
assert((bytes & ~BDRV_SECTOR_MASK) == 0);
- if (qcow2_encrypt_sectors(s, sector, iov.iov_base,
- bytes >> BDRV_SECTOR_BITS, true, &err) < 0) {
+ assert(s->crypto);
+ if (qcrypto_block_encrypt(s->crypto, sector, iov.iov_base,
+ bytes, &err) < 0) {
ret = -EIO;
error_free(err);
goto out;
diff --git a/block/qcow2.c b/block/qcow2.c
index 3c14c86..5c9e196 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -37,6 +37,9 @@
#include "qemu/option_int.h"
#include "qemu/cutils.h"
#include "qemu/bswap.h"
+#include "qapi/opts-visitor.h"
+#include "qapi-visit.h"
+#include "block/crypto.h"
/*
Differences with QCOW:
@@ -461,6 +464,7 @@ static QemuOptsList qcow2_runtime_opts = {
.type = QEMU_OPT_NUMBER,
.help = "Clean unused cache entries after this time (in seconds)",
},
+ BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
{ /* end of list */ }
},
};
@@ -578,6 +582,7 @@ static void read_cache_sizes(BlockDriverState *bs, QemuOpts *opts,
}
}
+
typedef struct Qcow2ReopenState {
Qcow2Cache *l2_table_cache;
Qcow2Cache *refcount_block_cache;
@@ -585,6 +590,7 @@ typedef struct Qcow2ReopenState {
int overlap_check;
bool discard_passthrough[QCOW2_DISCARD_MAX];
uint64_t cache_clean_interval;
+ QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */
} Qcow2ReopenState;
static int qcow2_update_options_prepare(BlockDriverState *bs,
@@ -751,6 +757,23 @@ static int qcow2_update_options_prepare(BlockDriverState *bs,
r->discard_passthrough[QCOW2_DISCARD_OTHER] =
qemu_opt_get_bool(opts, QCOW2_OPT_DISCARD_OTHER, false);
+ switch (s->crypt_method_header) {
+ case QCOW_CRYPT_NONE:
+ break;
+
+ case QCOW_CRYPT_AES:
+ r->crypto_opts = block_crypto_open_opts_init(
+ Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", errp);
+ break;
+
+ default:
+ g_assert_not_reached();
+ }
+ if (s->crypt_method_header && !r->crypto_opts) {
+ ret = -EINVAL;
+ goto fail;
+ }
+
ret = 0;
fail:
qemu_opts_del(opts);
@@ -785,6 +808,9 @@ static void qcow2_update_options_commit(BlockDriverState *bs,
s->cache_clean_interval = r->cache_clean_interval;
cache_clean_timer_init(bs, bdrv_get_aio_context(bs));
}
+
+ qapi_free_QCryptoBlockOpenOptions(s->crypto_opts);
+ s->crypto_opts = r->crypto_opts;
}
static void qcow2_update_options_abort(BlockDriverState *bs,
@@ -796,6 +822,7 @@ static void qcow2_update_options_abort(BlockDriverState *bs,
if (r->refcount_block_cache) {
qcow2_cache_destroy(bs, r->refcount_block_cache);
}
+ qapi_free_QCryptoBlockOpenOptions(r->crypto_opts);
}
static int qcow2_update_options(BlockDriverState *bs, QDict *options,
@@ -967,12 +994,6 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
ret = -EINVAL;
goto fail;
}
- if (!qcrypto_cipher_supports(QCRYPTO_CIPHER_ALG_AES_128,
- QCRYPTO_CIPHER_MODE_CBC)) {
- error_setg(errp, "AES cipher not available");
- ret = -EINVAL;
- goto fail;
- }
s->crypt_method_header = header.crypt_method;
if (s->crypt_method_header) {
if (bdrv_uses_whitelist() &&
@@ -990,6 +1011,7 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
}
bs->encrypted = true;
+ bs->valid_key = true;
}
s->l2_bits = s->cluster_bits - 3; /* L2 is always one cluster */
@@ -1122,6 +1144,24 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
goto fail;
}
+ if (s->crypt_method_header == QCOW_CRYPT_AES) {
+ unsigned int cflags = 0;
+ if (flags & BDRV_O_NO_IO) {
+ cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
+ }
+ /* XXX how do we pass the same crypto opts down to the
+ * backing file by default, so we don't have to manually
+ * provide the same key-secret property against the full
+ * backing chain
+ */
+ s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
+ cflags, errp);
+ if (!s->crypto) {
+ ret = -EINVAL;
+ goto fail;
+ }
+ }
+
/* read the backing file name */
if (header.backing_file_offset != 0) {
len = header.backing_file_size;
@@ -1217,41 +1257,6 @@ static void qcow2_refresh_limits(BlockDriverState *bs, Error **errp)
bs->bl.pdiscard_alignment = s->cluster_size;
}
-static int qcow2_set_key(BlockDriverState *bs, const char *key)
-{
- BDRVQcow2State *s = bs->opaque;
- uint8_t keybuf[16];
- int len, i;
- Error *err = NULL;
-
- memset(keybuf, 0, 16);
- len = strlen(key);
- if (len > 16)
- len = 16;
- /* XXX: we could compress the chars to 7 bits to increase
- entropy */
- for(i = 0;i < len;i++) {
- keybuf[i] = key[i];
- }
- assert(bs->encrypted);
-
- qcrypto_cipher_free(s->cipher);
- s->cipher = qcrypto_cipher_new(
- QCRYPTO_CIPHER_ALG_AES_128,
- QCRYPTO_CIPHER_MODE_CBC,
- keybuf, G_N_ELEMENTS(keybuf),
- &err);
-
- if (!s->cipher) {
- /* XXX would be nice if errors in this method could
- * be properly propagate to the caller. Would need
- * the bdrv_set_key() API signature to be fixed. */
- error_free(err);
- return -1;
- }
- return 0;
-}
-
static int qcow2_reopen_prepare(BDRVReopenState *state,
BlockReopenQueue *queue, Error **errp)
{
@@ -1367,7 +1372,7 @@ static int64_t coroutine_fn qcow2_co_get_block_status(BlockDriverState *bs,
*pnum = bytes >> BDRV_SECTOR_BITS;
if (cluster_offset != 0 && ret != QCOW2_CLUSTER_COMPRESSED &&
- !s->cipher) {
+ !s->crypto) {
index_in_cluster = sector_num & (s->cluster_sectors - 1);
cluster_offset |= (index_in_cluster << BDRV_SECTOR_BITS);
*file = bs->file->bs;
@@ -1424,7 +1429,7 @@ static coroutine_fn int qcow2_co_preadv(BlockDriverState *bs, uint64_t offset,
/* prepare next request */
cur_bytes = MIN(bytes, INT_MAX);
- if (s->cipher) {
+ if (s->crypto) {
cur_bytes = MIN(cur_bytes,
QCOW_MAX_CRYPT_CLUSTERS * s->cluster_size);
}
@@ -1493,7 +1498,7 @@ static coroutine_fn int qcow2_co_preadv(BlockDriverState *bs, uint64_t offset,
}
if (bs->encrypted) {
- assert(s->cipher);
+ assert(s->crypto);
/*
* For encrypted images, read everything into a temporary
@@ -1525,14 +1530,15 @@ static coroutine_fn int qcow2_co_preadv(BlockDriverState *bs, uint64_t offset,
goto fail;
}
if (bs->encrypted) {
- assert(s->cipher);
+ assert(s->crypto);
assert((offset & (BDRV_SECTOR_SIZE - 1)) == 0);
assert((cur_bytes & (BDRV_SECTOR_SIZE - 1)) == 0);
Error *err = NULL;
- if (qcow2_encrypt_sectors(s, offset >> BDRV_SECTOR_BITS,
+ if (qcrypto_block_decrypt(s->crypto,
+ offset >> BDRV_SECTOR_BITS,
cluster_data,
- cur_bytes >> BDRV_SECTOR_BITS,
- false, &err) < 0) {
+ cur_bytes,
+ &err) < 0) {
error_free(err);
ret = -EIO;
goto fail;
@@ -1610,7 +1616,7 @@ static coroutine_fn int qcow2_co_pwritev(BlockDriverState *bs, uint64_t offset,
if (bs->encrypted) {
Error *err = NULL;
- assert(s->cipher);
+ assert(s->crypto);
if (!cluster_data) {
cluster_data = qemu_try_blockalign(bs->file->bs,
QCOW_MAX_CRYPT_CLUSTERS
@@ -1625,10 +1631,9 @@ static coroutine_fn int qcow2_co_pwritev(BlockDriverState *bs, uint64_t offset,
QCOW_MAX_CRYPT_CLUSTERS * s->cluster_size);
qemu_iovec_to_buf(&hd_qiov, 0, cluster_data, hd_qiov.size);
- if (qcow2_encrypt_sectors(s, offset >> BDRV_SECTOR_BITS,
+ if (qcrypto_block_encrypt(s->crypto, offset >> BDRV_SECTOR_BITS,
cluster_data,
- cur_bytes >>BDRV_SECTOR_BITS,
- true, &err) < 0) {
+ cur_bytes, &err) < 0) {
error_free(err);
ret = -EIO;
goto fail;
@@ -1747,8 +1752,8 @@ static void qcow2_close(BlockDriverState *bs)
qcow2_cache_destroy(bs, s->l2_table_cache);
qcow2_cache_destroy(bs, s->refcount_block_cache);
- qcrypto_cipher_free(s->cipher);
- s->cipher = NULL;
+ qcrypto_block_free(s->crypto);
+ s->crypto = NULL;
g_free(s->unknown_header_fields);
cleanup_unknown_header_ext(bs);
@@ -1766,7 +1771,7 @@ static void qcow2_invalidate_cache(BlockDriverState *bs, Error **errp)
{
BDRVQcow2State *s = bs->opaque;
int flags = s->flags;
- QCryptoCipher *cipher = NULL;
+ QCryptoBlock *crypto = NULL;
QDict *options;
Error *local_err = NULL;
int ret;
@@ -1776,8 +1781,8 @@ static void qcow2_invalidate_cache(BlockDriverState *bs, Error **errp)
* that means we don't have to worry about reopening them here.
*/
- cipher = s->cipher;
- s->cipher = NULL;
+ crypto = s->crypto;
+ s->crypto = NULL;
qcow2_close(bs);
@@ -1798,7 +1803,7 @@ static void qcow2_invalidate_cache(BlockDriverState *bs, Error **errp)
return;
}
- s->cipher = cipher;
+ s->crypto = crypto;
}
static size_t header_ext_add(char *buf, uint32_t magic, const void *s,
@@ -2022,6 +2027,44 @@ static int qcow2_change_backing_file(BlockDriverState *bs,
return qcow2_update_header(bs);
}
+
+static int qcow2_change_encryption(BlockDriverState *bs, QemuOpts *opts,
+ Error **errp)
+{
+ BDRVQcow2State *s = bs->opaque;
+ QCryptoBlockCreateOptions *cryptoopts = NULL;
+ QCryptoBlock *crypto = NULL;
+ int ret = -EINVAL;
+
+ cryptoopts = block_crypto_create_opts_init(
+ Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", errp);
+ if (!cryptoopts) {
+ ret = -EINVAL;
+ goto out;
+ }
+ s->crypt_method_header = QCOW_CRYPT_AES;
+
+ crypto = qcrypto_block_create(cryptoopts,
+ NULL, NULL,
+ bs, errp);
+ if (!crypto) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ ret = qcow2_update_header(bs);
+ if (ret < 0) {
+ error_setg_errno(errp, -ret, "Could not write encryption header");
+ goto out;
+ }
+
+ out:
+ qcrypto_block_free(crypto);
+ qapi_free_QCryptoBlockCreateOptions(cryptoopts);
+ return ret;
+}
+
+
static int preallocate(BlockDriverState *bs)
{
uint64_t bytes;
@@ -2214,11 +2257,8 @@ static int qcow2_create2(const char *filename, int64_t total_size,
.header_length = cpu_to_be32(sizeof(*header)),
};
- if (flags & BLOCK_FLAG_ENCRYPT) {
- header->crypt_method = cpu_to_be32(QCOW_CRYPT_AES);
- } else {
- header->crypt_method = cpu_to_be32(QCOW_CRYPT_NONE);
- }
+ /* We'll update this to correct value later */
+ header->crypt_method = cpu_to_be32(QCOW_CRYPT_NONE);
if (flags & BLOCK_FLAG_LAZY_REFCOUNTS) {
header->compatible_features |=
@@ -2296,6 +2336,14 @@ static int qcow2_create2(const char *filename, int64_t total_size,
}
}
+ /* Want encryption? There you go. */
+ if (flags & BLOCK_FLAG_ENCRYPT) {
+ ret = qcow2_change_encryption(blk_bs(blk), opts, errp);
+ if (ret < 0) {
+ goto out;
+ }
+ }
+
/* And if we're supposed to preallocate metadata, do that now */
if (prealloc != PREALLOC_MODE_OFF) {
BDRVQcow2State *s = blk_bs(blk)->opaque;
@@ -2311,11 +2359,17 @@ static int qcow2_create2(const char *filename, int64_t total_size,
blk_unref(blk);
blk = NULL;
- /* Reopen the image without BDRV_O_NO_FLUSH to flush it before returning */
+ /* Reopen the image without BDRV_O_NO_FLUSH to flush it before returning.
+ * Using BDRV_O_NO_IO, since encryption is now setup we don't want to
+ * have to setup decryption context. We're not doing any I/O on the top
+ * level BlockDriverState, only lower layers, where BDRV_O_NO_IO does
+ * not have effect.
+ */
options = qdict_new();
qdict_put(options, "driver", qstring_from_str("qcow2"));
blk = blk_new_open(filename, NULL, options,
- BDRV_O_RDWR | BDRV_O_NO_BACKING, &local_err);
+ BDRV_O_RDWR | BDRV_O_NO_BACKING | BDRV_O_NO_IO,
+ &local_err);
if (blk == NULL) {
error_propagate(errp, local_err);
ret = -EIO;
@@ -3134,9 +3188,9 @@ static int qcow2_amend_options(BlockDriverState *bs, QemuOpts *opts,
backing_format = qemu_opt_get(opts, BLOCK_OPT_BACKING_FMT);
} else if (!strcmp(desc->name, BLOCK_OPT_ENCRYPT)) {
encrypt = qemu_opt_get_bool(opts, BLOCK_OPT_ENCRYPT,
- !!s->cipher);
+ !!s->crypto);
- if (encrypt != !!s->cipher) {
+ if (encrypt != !!s->crypto) {
error_report("Changing the encryption flag is not supported");
return -ENOTSUP;
}
@@ -3372,6 +3426,7 @@ static QemuOptsList qcow2_create_opts = {
.help = "Width of a reference count entry in bits",
.def_value_str = "16"
},
+ BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
{ /* end of list */ }
}
};
@@ -3389,7 +3444,6 @@ BlockDriver bdrv_qcow2 = {
.bdrv_create = qcow2_create,
.bdrv_has_zero_init = bdrv_has_zero_init_1,
.bdrv_co_get_block_status = qcow2_co_get_block_status,
- .bdrv_set_key = qcow2_set_key,
.bdrv_co_preadv = qcow2_co_preadv,
.bdrv_co_pwritev = qcow2_co_pwritev,
diff --git a/block/qcow2.h b/block/qcow2.h
index 033d8c0..f4cb171 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -25,7 +25,7 @@
#ifndef BLOCK_QCOW2_H
#define BLOCK_QCOW2_H
-#include "crypto/cipher.h"
+#include "crypto/block.h"
#include "qemu/coroutine.h"
//#define DEBUG_ALLOC
@@ -256,7 +256,8 @@ typedef struct BDRVQcow2State {
CoMutex lock;
- QCryptoCipher *cipher; /* current cipher, NULL if no key yet */
+ QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */
+ QCryptoBlock *crypto; /* Disk encryption format driver */
uint32_t crypt_method_header;
uint64_t snapshots_offset;
int snapshots_size;
diff --git a/qapi/block-core.json b/qapi/block-core.json
index c2b70e8..2ca5674 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1935,6 +1935,9 @@
# @cache-clean-interval: #optional clean unused entries in the L2 and refcount
# caches. The interval is in seconds. The default value
# is 0 and it disables this feature (since 2.5)
+# @aes-key-secret: #optional the ID of a QCryptoSecret object providing
+# the AES decryption key (since 2.9) Mandatory except
+# when doing a metadata-only probe of the image.
#
# Since: 1.7
##
@@ -1948,8 +1951,8 @@
'*cache-size': 'int',
'*l2-cache-size': 'int',
'*refcount-cache-size': 'int',
- '*cache-clean-interval': 'int' } }
-
+ '*cache-clean-interval': 'int',
+ '*aes-key-secret': 'str' } }
##
# @BlockdevOptionsArchipelago:
diff --git a/tests/qemu-iotests/049 b/tests/qemu-iotests/049
index fff0760..7da4ac8 100755
--- a/tests/qemu-iotests/049
+++ b/tests/qemu-iotests/049
@@ -106,7 +106,7 @@ test_qemu_img create -f $IMGFMT -o preallocation=1234 "$TEST_IMG" 64M
echo "== Check encryption option =="
echo
test_qemu_img create -f $IMGFMT -o encryption=off "$TEST_IMG" 64M
-test_qemu_img create -f $IMGFMT -o encryption=on "$TEST_IMG" 64M
+test_qemu_img create -f $IMGFMT --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 "$TEST_IMG" 64M
echo "== Check lazy_refcounts option (only with v3) =="
echo
diff --git a/tests/qemu-iotests/049.out b/tests/qemu-iotests/049.out
index 4673b67..2615200 100644
--- a/tests/qemu-iotests/049.out
+++ b/tests/qemu-iotests/049.out
@@ -186,8 +186,8 @@ Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=off cluster_si
qemu-img create -f qcow2 -o encryption=off TEST_DIR/t.qcow2 64M
Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16
-qemu-img create -f qcow2 -o encryption=on TEST_DIR/t.qcow2 64M
-Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=on cluster_size=65536 lazy_refcounts=off refcount_bits=16
+qemu-img create -f qcow2 --object secret,id=sec0,data=123456 -o encryption=on,aes-key-secret=sec0 TEST_DIR/t.qcow2 64M
+Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=on cluster_size=65536 lazy_refcounts=off refcount_bits=16 aes-key-secret=sec0
== Check lazy_refcounts option (only with v3) ==
diff --git a/tests/qemu-iotests/082.out b/tests/qemu-iotests/082.out
index a952330..f8dee34 100644
--- a/tests/qemu-iotests/082.out
+++ b/tests/qemu-iotests/082.out
@@ -53,6 +53,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o ? TEST_DIR/t.qcow2 128M
@@ -66,6 +67,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k,help TEST_DIR/t.qcow2 128M
@@ -79,6 +81,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k,? TEST_DIR/t.qcow2 128M
@@ -92,6 +95,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o help,cluster_size=4k TEST_DIR/t.qcow2 128M
@@ -105,6 +109,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o ?,cluster_size=4k TEST_DIR/t.qcow2 128M
@@ -118,6 +123,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k -o help TEST_DIR/t.qcow2 128M
@@ -131,6 +137,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k -o ? TEST_DIR/t.qcow2 128M
@@ -144,6 +151,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o backing_file=TEST_DIR/t.qcow2,,help TEST_DIR/t.qcow2 128M
@@ -172,6 +180,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
Testing: create -o help
Supported options:
@@ -234,6 +243,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o ? TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -247,6 +257,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k,help TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -260,6 +271,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k,? TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -273,6 +285,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o help,cluster_size=4k TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -286,6 +299,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o ?,cluster_size=4k TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -299,6 +313,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k -o help TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -312,6 +327,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k -o ? TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -325,6 +341,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o backing_file=TEST_DIR/t.qcow2,,help TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -353,6 +370,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
Testing: convert -o help
Supported options:
@@ -412,6 +430,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o ? TEST_DIR/t.qcow2
@@ -425,6 +444,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k,help TEST_DIR/t.qcow2
@@ -438,6 +458,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k,? TEST_DIR/t.qcow2
@@ -451,6 +472,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o help,cluster_size=4k TEST_DIR/t.qcow2
@@ -464,6 +486,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o ?,cluster_size=4k TEST_DIR/t.qcow2
@@ -477,6 +500,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k -o help TEST_DIR/t.qcow2
@@ -490,6 +514,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k -o ? TEST_DIR/t.qcow2
@@ -503,6 +528,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o backing_file=TEST_DIR/t.qcow2,,help TEST_DIR/t.qcow2
@@ -533,6 +559,7 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+aes-key-secret ID of the secret that provides the AES encryption key
Testing: convert -o help
Supported options:
diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
index 9de57dd..fe30383 100755
--- a/tests/qemu-iotests/087
+++ b/tests/qemu-iotests/087
@@ -124,9 +124,18 @@ echo
echo === Encrypted image ===
echo
-_make_test_img -o encryption=on $size
+_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 $size
run_qemu -S <<EOF
{ "execute": "qmp_capabilities" }
+{ "execute": "object-add",
+ "arguments": {
+ "qom-type": "secret",
+ "id": "sec0",
+ "props": {
+ "data": "123456"
+ }
+ }
+}
{ "execute": "blockdev-add",
"arguments": {
"driver": "$IMGFMT",
@@ -134,7 +143,8 @@ run_qemu -S <<EOF
"file": {
"driver": "file",
"filename": "$TEST_IMG"
- }
+ },
+ "qcow-key-secret": "sec0"
}
}
{ "execute": "quit" }
@@ -142,6 +152,15 @@ EOF
run_qemu <<EOF
{ "execute": "qmp_capabilities" }
+{ "execute": "object-add",
+ "arguments": {
+ "qom-type": "secret",
+ "id": "sec0",
+ "props": {
+ "data": "123456"
+ }
+ }
+}
{ "execute": "blockdev-add",
"arguments": {
"driver": "$IMGFMT",
@@ -149,7 +168,8 @@ run_qemu <<EOF
"file": {
"driver": "file",
"filename": "$TEST_IMG"
- }
+ },
+ "qcow-key-secret": "sec0"
}
}
{ "execute": "quit" }
@@ -159,7 +179,7 @@ echo
echo === Missing driver ===
echo
-_make_test_img -o encryption=on $size
+_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 $size
run_qemu -S <<EOF
{ "execute": "qmp_capabilities" }
{ "execute": "blockdev-add",
diff --git a/tests/qemu-iotests/087.out b/tests/qemu-iotests/087.out
index dc6baf9..02c9e42 100644
--- a/tests/qemu-iotests/087.out
+++ b/tests/qemu-iotests/087.out
@@ -34,10 +34,11 @@ QMP_VERSION
=== Encrypted image ===
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on aes-key-secret=sec0
Testing: -S
QMP_VERSION
{"return": {}}
+{"return": {}}
{"error": {"class": "GenericError", "desc": "Use of AES-CBC encrypted IMGFMT images is no longer supported in system emulators"}}
{"return": {}}
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
@@ -45,6 +46,7 @@ QMP_VERSION
Testing:
QMP_VERSION
{"return": {}}
+{"return": {}}
{"error": {"class": "GenericError", "desc": "Use of AES-CBC encrypted IMGFMT images is no longer supported in system emulators"}}
{"return": {}}
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
@@ -52,7 +54,7 @@ QMP_VERSION
=== Missing driver ===
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on aes-key-secret=sec0
Testing: -S
QMP_VERSION
{"return": {}}
diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
index af618b8..c2458d8 100755
--- a/tests/qemu-iotests/134
+++ b/tests/qemu-iotests/134
@@ -43,23 +43,31 @@ _supported_os Linux
size=128M
-IMGOPTS="encryption=on" _make_test_img $size
+
+SECRET="secret,id=sec0,data=astrochicken"
+SECRETALT="secret,id=sec0,data=platypus"
+
+_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
+
+IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,qcow-key-secret=sec0"
+
+QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
echo
echo "== reading whole image =="
-echo "astrochicken" | $QEMU_IO -c "read 0 $size" "$TEST_IMG" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
echo
echo "== rewriting whole image =="
-echo "astrochicken" | $QEMU_IO -c "write -P 0xa 0 $size" "$TEST_IMG" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
echo
echo "== verify pattern =="
-echo "astrochicken" | $QEMU_IO -c "read -P 0xa 0 $size" "$TEST_IMG" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
echo
echo "== verify pattern failure with wrong password =="
-echo "platypus" | $QEMU_IO -c "read -P 0xa 0 $size" "$TEST_IMG" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
# success, all done
diff --git a/tests/qemu-iotests/134.out b/tests/qemu-iotests/134.out
index 6493704..60b7052 100644
--- a/tests/qemu-iotests/134.out
+++ b/tests/qemu-iotests/134.out
@@ -1,27 +1,19 @@
QA output created by 134
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on aes-key-secret=sec0
== reading whole image ==
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== rewriting whole image ==
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
wrote 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== verify pattern ==
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== verify pattern failure with wrong password ==
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
Pattern verification failed at offset 0, 134217728 bytes
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
diff --git a/tests/qemu-iotests/158 b/tests/qemu-iotests/158
index a6cdd6d..2d1c015 100755
--- a/tests/qemu-iotests/158
+++ b/tests/qemu-iotests/158
@@ -44,34 +44,39 @@ _supported_os Linux
size=128M
TEST_IMG_BASE=$TEST_IMG.base
+SECRET="secret,id=sec0,data=astrochicken"
TEST_IMG_SAVE=$TEST_IMG
TEST_IMG=$TEST_IMG_BASE
echo "== create base =="
-IMGOPTS="encryption=on" _make_test_img $size
+_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
TEST_IMG=$TEST_IMG_SAVE
+IMGSPECBASE="driver=$IMGFMT,file.filename=$TEST_IMG_BASE,qcow-key-secret=sec0"
+IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,backing.driver=$IMGFMT,backing.file.filename=$TEST_IMG_BASE,backing.qcow-key-secret=sec0,qcow-key-secret=sec0"
+QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
+
echo
echo "== writing whole image =="
-echo "astrochicken" | $QEMU_IO -c "write -P 0xa 0 $size" "$TEST_IMG_BASE" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
echo
echo "== verify pattern =="
-echo "astrochicken" | $QEMU_IO -c "read -P 0xa 0 $size" "$TEST_IMG_BASE" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
echo "== create overlay =="
-IMGOPTS="encryption=on" _make_test_img -b "$TEST_IMG_BASE" $size
+_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" -b "$TEST_IMG_BASE" $size
echo
echo "== writing part of a cluster =="
-echo "astrochicken" | $QEMU_IO -c "write -P 0xe 0 1024" "$TEST_IMG" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "write -P 0xe 0 1024" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
echo
echo "== verify pattern =="
-echo "astrochicken" | $QEMU_IO -c "read -P 0xe 0 1024" "$TEST_IMG" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "read -P 0xe 0 1024" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
echo
echo "== verify pattern =="
-echo "astrochicken" | $QEMU_IO -c "read -P 0xa 1024 64512" "$TEST_IMG" | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "read -P 0xa 1024 64512" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
# success, all done
diff --git a/tests/qemu-iotests/158.out b/tests/qemu-iotests/158.out
index b3f37e2..9b203b2 100644
--- a/tests/qemu-iotests/158.out
+++ b/tests/qemu-iotests/158.out
@@ -1,36 +1,26 @@
QA output created by 158
== create base ==
-Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=134217728 encryption=on
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=134217728 encryption=on aes-key-secret=sec0
== writing whole image ==
-Disk image 'TEST_DIR/t.qcow2.base' is encrypted.
-password:
wrote 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== verify pattern ==
-Disk image 'TEST_DIR/t.qcow2.base' is encrypted.
-password:
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== create overlay ==
-Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 backing_file=TEST_DIR/t.IMGFMT.base encryption=on
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 backing_file=TEST_DIR/t.IMGFMT.base encryption=on aes-key-secret=sec0
== writing part of a cluster ==
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
wrote 1024/1024 bytes at offset 0
1 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== verify pattern ==
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
read 1024/1024 bytes at offset 0
1 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
== verify pattern ==
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
read 64512/64512 bytes at offset 1024
63 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
*** done
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (10 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-21 18:57 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 13/15] iotests: enable tests 134 and 158 to work with qcow (v1) Daniel P. Berrange
` (3 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
This adds support for using LUKS as an encryption format
with the qcow2 file. The use of the existing 'encryption=on'
parameter is replaced by a new parameter 'encryption-format'
which takes the values 'aes' or 'luks'. e.g.
# qemu-img create --object secret,data=123456,id=sec0 \
-f qcow2 -o encryption-format=luks,luks-key-secret=sec0 \
test.qcow2 10G
results in the creation of an image using the LUKS format.
Use of the legacy 'encryption=on' parameter still results
in creation of the old qcow2 AES format, and is equivalent
to the new 'encryption-format=aes'. e.g. the following are
equivalent:
# qemu-img create --object secret,data=123456,id=sec0 \
-f qcow2 -o encryption=on,aes-key-secret=sec0 \
test.qcow2 10G
# qemu-img create --object secret,data=123456,id=sec0 \
-f qcow2 -o encryption-format=aes,aes-key-secret=sec0 \
test.qcow2 10G
With the LUKS format it is necessary to store the LUKS
partition header and key material in the QCow2 file. This
data can be many MB in size, so cannot go into the QCow2
header region directly. Thus the spec defines a FDE
(Full Disk Encryption) header extension that specifies
the offset of a set of clusters to hold the FDE headers,
as well as the length of that region. The LUKS header is
thus stored in these extra allocated clusters before the
main image payload.
Aside from all the cryptographic differences implied by
use of the LUKS format, there is one further key difference
between the use of legacy AES and LUKS encryption in qcow2.
For LUKS, the initialiazation vectors are generated using
the host physical sector as the input, rather than the
guest virtual sector. This guarantees unique initialization
vectors for all sectors when qcow2 internal snapshots are
used, thus giving stronger protection against watermarking
attacks.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qcow2-cluster.c | 4 +-
block/qcow2-refcount.c | 10 ++
block/qcow2.c | 236 ++++++++++++++++++++++++++++++++++++++-------
block/qcow2.h | 9 ++
docs/specs/qcow2.txt | 99 +++++++++++++++++++
qapi/block-core.json | 6 +-
tests/qemu-iotests/049 | 2 +-
tests/qemu-iotests/082.out | 216 +++++++++++++++++++++++++++++++++++++++++
tests/qemu-iotests/087 | 65 ++++++++++++-
tests/qemu-iotests/087.out | 22 ++++-
tests/qemu-iotests/134 | 4 +-
tests/qemu-iotests/158 | 8 +-
tests/qemu-iotests/174 | 76 +++++++++++++++
tests/qemu-iotests/174.out | 19 ++++
tests/qemu-iotests/175 | 85 ++++++++++++++++
tests/qemu-iotests/175.out | 26 +++++
tests/qemu-iotests/group | 2 +
17 files changed, 840 insertions(+), 49 deletions(-)
create mode 100755 tests/qemu-iotests/174
create mode 100644 tests/qemu-iotests/174.out
create mode 100755 tests/qemu-iotests/175
create mode 100644 tests/qemu-iotests/175.out
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index a2103dc..866b122 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -383,7 +383,9 @@ static int coroutine_fn do_perform_cow(BlockDriverState *bs,
if (bs->encrypted) {
Error *err = NULL;
- int64_t sector = (src_cluster_offset + offset_in_cluster)
+ int64_t sector = (s->crypt_physical_offset ?
+ (cluster_offset + offset_in_cluster) :
+ (src_cluster_offset + offset_in_cluster))
>> BDRV_SECTOR_BITS;
assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
assert((bytes & ~BDRV_SECTOR_MASK) == 0);
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index cbfb3fe..afa4636 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -1843,6 +1843,16 @@ static int calculate_refcounts(BlockDriverState *bs, BdrvCheckResult *res,
return ret;
}
+ /* encryption */
+ if (s->crypto_header.length) {
+ ret = inc_refcounts(bs, res, refcount_table, nb_clusters,
+ s->crypto_header.offset,
+ s->crypto_header.length);
+ if (ret < 0) {
+ return ret;
+ }
+ }
+
return check_refblocks(bs, res, fix, rebuild, refcount_table, nb_clusters);
}
diff --git a/block/qcow2.c b/block/qcow2.c
index 5c9e196..b354914 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -66,6 +66,7 @@ typedef struct {
#define QCOW2_EXT_MAGIC_END 0
#define QCOW2_EXT_MAGIC_BACKING_FORMAT 0xE2792ACA
#define QCOW2_EXT_MAGIC_FEATURE_TABLE 0x6803f857
+#define QCOW2_EXT_MAGIC_CRYPTO_HEADER 0x0537be77
static int qcow2_probe(const uint8_t *buf, int buf_size, const char *filename)
{
@@ -80,6 +81,73 @@ static int qcow2_probe(const uint8_t *buf, int buf_size, const char *filename)
}
+static ssize_t qcow2_crypto_hdr_read_func(QCryptoBlock *block, size_t offset,
+ uint8_t *buf, size_t buflen,
+ Error **errp, void *opaque)
+{
+ BlockDriverState *bs = opaque;
+ BDRVQcow2State *s = bs->opaque;
+ ssize_t ret;
+
+ if ((offset + buflen) > s->crypto_header.length) {
+ error_setg(errp, "Request for data outside of extension header");
+ return -1;
+ }
+
+ ret = bdrv_pread(bs->file,
+ s->crypto_header.offset + offset, buf, buflen);
+ if (ret < 0) {
+ error_setg_errno(errp, -ret, "Could not read encryption header");
+ return -1;
+ }
+ return ret;
+}
+
+
+static ssize_t qcow2_crypto_hdr_init_func(QCryptoBlock *block, size_t headerlen,
+ Error **errp, void *opaque)
+{
+ BlockDriverState *bs = opaque;
+ BDRVQcow2State *s = bs->opaque;
+ int64_t ret;
+
+ ret = qcow2_alloc_clusters(bs, headerlen);
+ if (ret < 0) {
+ error_setg_errno(errp, -ret,
+ "Cannot allocate cluster for LUKS header size %zu",
+ headerlen);
+ return -1;
+ }
+
+ s->crypto_header.length = headerlen;
+ s->crypto_header.offset = ret;
+ return ret;
+}
+
+
+static ssize_t qcow2_crypto_hdr_write_func(QCryptoBlock *block, size_t offset,
+ const uint8_t *buf, size_t buflen,
+ Error **errp, void *opaque)
+{
+ BlockDriverState *bs = opaque;
+ BDRVQcow2State *s = bs->opaque;
+ ssize_t ret;
+
+ if ((offset + buflen) > s->crypto_header.length) {
+ error_setg(errp, "Request for data outside of extension header");
+ return -1;
+ }
+
+ ret = bdrv_pwrite(bs->file,
+ s->crypto_header.offset + offset, buf, buflen);
+ if (ret < 0) {
+ error_setg_errno(errp, -ret, "Could not read encryption header");
+ return -1;
+ }
+ return ret;
+}
+
+
/*
* read qcow2 extension and fill bs
* start reading from start_offset
@@ -89,7 +157,7 @@ static int qcow2_probe(const uint8_t *buf, int buf_size, const char *filename)
*/
static int qcow2_read_extensions(BlockDriverState *bs, uint64_t start_offset,
uint64_t end_offset, void **p_feature_table,
- Error **errp)
+ int flags, Error **errp)
{
BDRVQcow2State *s = bs->opaque;
QCowExtension ext;
@@ -165,6 +233,45 @@ static int qcow2_read_extensions(BlockDriverState *bs, uint64_t start_offset,
}
break;
+ case QCOW2_EXT_MAGIC_CRYPTO_HEADER: {
+ unsigned int cflags = 0;
+ if (s->crypt_method_header != QCOW_CRYPT_LUKS) {
+ error_setg(errp, "CRYPTO header extension only "
+ "expected with LUKS encryption method");
+ return -EINVAL;
+ }
+ if (ext.len != sizeof(Qcow2CryptoHeaderExtension)) {
+ error_setg(errp, "CRYPTO header extension size %u, "
+ "but expected size %zu", ext.len,
+ sizeof(Qcow2CryptoHeaderExtension));
+ return -EINVAL;
+ }
+
+ ret = bdrv_pread(bs->file, offset, &s->crypto_header, ext.len);
+ if (ret < 0) {
+ error_setg_errno(errp, -ret,
+ "Unable to read CRYPTO header extension");
+ return ret;
+ }
+ be64_to_cpu(s->crypto_header.offset);
+ be64_to_cpu(s->crypto_header.length);
+
+ if (flags & BDRV_O_NO_IO) {
+ cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
+ }
+ /* XXX how do we pass the same crypto opts down to the
+ * backing file by default, so we don't have to manually
+ * provide the same key-secret property against the full
+ * backing chain
+ */
+ s->crypto = qcrypto_block_open(s->crypto_opts,
+ qcow2_crypto_hdr_read_func,
+ bs, cflags, errp);
+ if (!s->crypto) {
+ return -EINVAL;
+ }
+ s->crypt_physical_offset = true;
+ } break;
default:
/* unknown magic - save it in case we need to rewrite the header */
{
@@ -465,6 +572,7 @@ static QemuOptsList qcow2_runtime_opts = {
.help = "Clean unused cache entries after this time (in seconds)",
},
BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET("luks-"),
{ /* end of list */ }
},
};
@@ -766,6 +874,11 @@ static int qcow2_update_options_prepare(BlockDriverState *bs,
Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", errp);
break;
+ case QCOW_CRYPT_LUKS:
+ r->crypto_opts = block_crypto_open_opts_init(
+ Q_CRYPTO_BLOCK_FORMAT_LUKS, opts, "luks-", errp);
+ break;
+
default:
g_assert_not_reached();
}
@@ -956,7 +1069,7 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
if (s->incompatible_features & ~QCOW2_INCOMPAT_MASK) {
void *feature_table = NULL;
qcow2_read_extensions(bs, header.header_length, ext_end,
- &feature_table, NULL);
+ &feature_table, flags, NULL);
report_unsupported_feature(errp, feature_table,
s->incompatible_features &
~QCOW2_INCOMPAT_MASK);
@@ -988,12 +1101,6 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
s->refcount_max = UINT64_C(1) << (s->refcount_bits - 1);
s->refcount_max += s->refcount_max - 1;
- if (header.crypt_method > QCOW_CRYPT_AES) {
- error_setg(errp, "Unsupported encryption method: %" PRIu32,
- header.crypt_method);
- ret = -EINVAL;
- goto fail;
- }
s->crypt_method_header = header.crypt_method;
if (s->crypt_method_header) {
if (bdrv_uses_whitelist() &&
@@ -1138,25 +1245,37 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
/* read qcow2 extensions */
if (qcow2_read_extensions(bs, header.header_length, ext_end, NULL,
- &local_err)) {
+ flags, &local_err)) {
error_propagate(errp, local_err);
ret = -EINVAL;
goto fail;
}
- if (s->crypt_method_header == QCOW_CRYPT_AES) {
- unsigned int cflags = 0;
- if (flags & BDRV_O_NO_IO) {
- cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
- }
- /* XXX how do we pass the same crypto opts down to the
- * backing file by default, so we don't have to manually
- * provide the same key-secret property against the full
- * backing chain
- */
- s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
- cflags, errp);
- if (!s->crypto) {
+ /* qcow2_read_extension may have set up the crypto context
+ * if the crypt method needs a header region, some methods
+ * don't need header extensions, so must check here
+ */
+ if (s->crypt_method_header && !s->crypto) {
+ if (s->crypt_method_header == QCOW_CRYPT_AES) {
+ unsigned int cflags = 0;
+ if (flags & BDRV_O_NO_IO) {
+ cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
+ }
+ /* XXX how do we pass the same crypto opts down to the
+ * backing file by default, so we don't have to manually
+ * provide the same key-secret property against the full
+ * backing chain
+ */
+ s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
+ cflags, errp);
+ if (!s->crypto) {
+ ret = -EINVAL;
+ goto fail;
+ }
+ s->crypt_physical_offset = false;
+ } else if (!(flags & BDRV_O_NO_IO)) {
+ error_setg(errp, "Missing CRYPTO header for crypt method %d",
+ s->crypt_method_header);
ret = -EINVAL;
goto fail;
}
@@ -1535,7 +1654,9 @@ static coroutine_fn int qcow2_co_preadv(BlockDriverState *bs, uint64_t offset,
assert((cur_bytes & (BDRV_SECTOR_SIZE - 1)) == 0);
Error *err = NULL;
if (qcrypto_block_decrypt(s->crypto,
- offset >> BDRV_SECTOR_BITS,
+ (s->crypt_physical_offset ?
+ cluster_offset + offset_in_cluster :
+ offset) >> BDRV_SECTOR_BITS,
cluster_data,
cur_bytes,
&err) < 0) {
@@ -1631,7 +1752,10 @@ static coroutine_fn int qcow2_co_pwritev(BlockDriverState *bs, uint64_t offset,
QCOW_MAX_CRYPT_CLUSTERS * s->cluster_size);
qemu_iovec_to_buf(&hd_qiov, 0, cluster_data, hd_qiov.size);
- if (qcrypto_block_encrypt(s->crypto, offset >> BDRV_SECTOR_BITS,
+ if (qcrypto_block_encrypt(s->crypto,
+ (s->crypt_physical_offset ?
+ cluster_offset + offset_in_cluster :
+ offset) >> BDRV_SECTOR_BITS,
cluster_data,
cur_bytes, &err) < 0) {
error_free(err);
@@ -1929,6 +2053,22 @@ int qcow2_update_header(BlockDriverState *bs)
buflen -= ret;
}
+ /* Full disk encryption header pointer extension */
+ if (s->crypto_header.offset != 0) {
+ cpu_to_be64(s->crypto_header.offset);
+ cpu_to_be64(s->crypto_header.length);
+ ret = header_ext_add(buf, QCOW2_EXT_MAGIC_CRYPTO_HEADER,
+ &s->crypto_header, sizeof(s->crypto_header),
+ buflen);
+ be64_to_cpu(s->crypto_header.offset);
+ be64_to_cpu(s->crypto_header.length);
+ if (ret < 0) {
+ goto fail;
+ }
+ buf += ret;
+ buflen -= ret;
+ }
+
/* Feature table */
if (s->qcow_version >= 3) {
Qcow2Feature features[] = {
@@ -2029,23 +2169,34 @@ static int qcow2_change_backing_file(BlockDriverState *bs,
static int qcow2_change_encryption(BlockDriverState *bs, QemuOpts *opts,
- Error **errp)
+ const char *format, Error **errp)
{
BDRVQcow2State *s = bs->opaque;
QCryptoBlockCreateOptions *cryptoopts = NULL;
QCryptoBlock *crypto = NULL;
int ret = -EINVAL;
- cryptoopts = block_crypto_create_opts_init(
- Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", errp);
+ if (g_str_equal(format, "luks")) {
+ cryptoopts = block_crypto_create_opts_init(
+ Q_CRYPTO_BLOCK_FORMAT_LUKS, opts, "luks-", errp);
+ s->crypt_method_header = QCOW_CRYPT_LUKS;
+ } else if (g_str_equal(format, "aes")) {
+ cryptoopts = block_crypto_create_opts_init(
+ Q_CRYPTO_BLOCK_FORMAT_QCOW, opts, "aes-", errp);
+ s->crypt_method_header = QCOW_CRYPT_AES;
+ } else {
+ error_setg(errp, "Unknown encryption format %s", format);
+ ret = -EINVAL;
+ goto out;
+ }
if (!cryptoopts) {
ret = -EINVAL;
goto out;
}
- s->crypt_method_header = QCOW_CRYPT_AES;
crypto = qcrypto_block_create(cryptoopts,
- NULL, NULL,
+ qcow2_crypto_hdr_init_func,
+ qcow2_crypto_hdr_write_func,
bs, errp);
if (!crypto) {
ret = -EINVAL;
@@ -2134,6 +2285,7 @@ static int qcow2_create2(const char *filename, int64_t total_size,
{
int cluster_bits;
QDict *options;
+ const char *encryption_format;
/* Calculate cluster_bits */
cluster_bits = ctz32(cluster_size);
@@ -2337,8 +2489,15 @@ static int qcow2_create2(const char *filename, int64_t total_size,
}
/* Want encryption? There you go. */
- if (flags & BLOCK_FLAG_ENCRYPT) {
- ret = qcow2_change_encryption(blk_bs(blk), opts, errp);
+ encryption_format = qemu_opt_get_del(opts, QCOW2_OPT_ENCRYPTION_FORMAT);
+ if (!encryption_format &&
+ qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) {
+ encryption_format = "aes";
+ }
+
+ if (encryption_format) {
+ ret = qcow2_change_encryption(blk_bs(blk), opts, encryption_format,
+ errp);
if (ret < 0) {
goto out;
}
@@ -2404,9 +2563,6 @@ static int qcow2_create(const char *filename, QemuOpts *opts, Error **errp)
BDRV_SECTOR_SIZE);
backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
backing_fmt = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FMT);
- if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) {
- flags |= BLOCK_FLAG_ENCRYPT;
- }
cluster_size = qemu_opt_get_size_del(opts, BLOCK_OPT_CLUSTER_SIZE,
DEFAULT_CLUSTER_SIZE);
buf = qemu_opt_get_del(opts, BLOCK_OPT_PREALLOC);
@@ -3426,7 +3582,19 @@ static QemuOptsList qcow2_create_opts = {
.help = "Width of a reference count entry in bits",
.def_value_str = "16"
},
+ {
+ .name = QCOW2_OPT_ENCRYPTION_FORMAT,
+ .type = QEMU_OPT_STRING,
+ .help = "Encryption data format 'luks' (default) or 'aes'",
+ },
BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET("luks-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG("luks-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE("luks-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG("luks-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG("luks-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG("luks-"),
+ BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME("luks-"),
{ /* end of list */ }
}
};
diff --git a/block/qcow2.h b/block/qcow2.h
index f4cb171..cfa9eec 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -36,6 +36,7 @@
#define QCOW_CRYPT_NONE 0
#define QCOW_CRYPT_AES 1
+#define QCOW_CRYPT_LUKS 2
#define QCOW_MAX_CRYPT_CLUSTERS 32
#define QCOW_MAX_SNAPSHOTS 65536
@@ -97,6 +98,7 @@
#define QCOW2_OPT_L2_CACHE_SIZE "l2-cache-size"
#define QCOW2_OPT_REFCOUNT_CACHE_SIZE "refcount-cache-size"
#define QCOW2_OPT_CACHE_CLEAN_INTERVAL "cache-clean-interval"
+#define QCOW2_OPT_ENCRYPTION_FORMAT "encryption-format"
typedef struct QCowHeader {
uint32_t magic;
@@ -163,6 +165,11 @@ typedef struct QCowSnapshot {
struct Qcow2Cache;
typedef struct Qcow2Cache Qcow2Cache;
+typedef struct Qcow2CryptoHeaderExtension {
+ uint64_t offset;
+ uint64_t length;
+} QEMU_PACKED Qcow2CryptoHeaderExtension;
+
typedef struct Qcow2UnknownHeaderExtension {
uint32_t magic;
uint32_t len;
@@ -256,8 +263,10 @@ typedef struct BDRVQcow2State {
CoMutex lock;
+ Qcow2CryptoHeaderExtension crypto_header; /* QCow2 header extension */
QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */
QCryptoBlock *crypto; /* Disk encryption format driver */
+ bool crypt_physical_offset; /* Whether to use virtual or physical offset for IV */
uint32_t crypt_method_header;
uint64_t snapshots_offset;
int snapshots_size;
diff --git a/docs/specs/qcow2.txt b/docs/specs/qcow2.txt
index 80cdfd0..cc90276 100644
--- a/docs/specs/qcow2.txt
+++ b/docs/specs/qcow2.txt
@@ -45,6 +45,7 @@ The first cluster of a qcow2 image contains the file header:
32 - 35: crypt_method
0 for no encryption
1 for AES encryption
+ 2 for LUKS encryption
36 - 39: l1_size
Number of entries in the active L1 table
@@ -135,6 +136,7 @@ be stored. Each extension has a structure like the following:
0xE2792ACA - Backing file format name
0x6803f857 - Feature name table
0x23852875 - Bitmaps extension
+ 0x0537be77 - Full disk encryption header pointer
other - Unknown header extension, can be safely
ignored
@@ -207,6 +209,103 @@ The fields of the bitmaps extension are:
Offset into the image file at which the bitmap directory
starts. Must be aligned to a cluster boundary.
+== Full disk encryption header pointer ==
+
+The full disk encryption header must be present if, and only if, the
+'crypt_method' header requires metadata. Currently this is only true
+of the 'LUKS' crypt method. The header extension must be absent for
+other methods.
+
+This header provides the offset at which the crypt method can store
+its additional data, as well as the length of such data.
+
+ Byte 0 - 7: Offset into the image file at which the encryption
+ header starts in bytes. Must be aligned to a cluster
+ boundary.
+ Byte 8 - 16: Length of the written encryption header in bytes.
+ Note actual space allocated in the qcow2 file may
+ be larger than this value, since it will be rounded
+ to the nearest multiple of the cluster size. Any
+ unused bytes in the allocated space will be initialized
+ to 0.
+
+For the LUKS crypt method, the encryption header works as follows.
+
+The first 592 bytes of the header clusters will contain the LUKS
+partition header. This is then followed by the key material data areas.
+The size of the key material data areas is determined by the number of
+stripes in the key slot and key size. Refer to the LUKS format
+specification ('docs/on-disk-format.pdf' in the cryptsetup source
+package) for details of the LUKS partition header format.
+
+In the LUKS partition header, the "payload-offset" field will be
+calculated as normal for the LUKS spec. ie the size of the LUKS
+header, plus key material regions, plus padding. Its value is not
+used, however, since the qcow2 file format itself defines where
+the real payload offset is.
+
+In the LUKS key slots header, the "key-material-offset" is relative
+to the start of the LUKS header clusters in the qcow2 container,
+not the start of the qcow2 file.
+
+Logically the layout looks like
+
+ +-----------------------------+
+ | QCow2 header |
+ +-----------------------------+
+ | QCow2 header extension X |
+ +-----------------------------+
+ | QCow2 header extension FDE |
+ +-----------------------------+
+ | QCow2 header extension ... |
+ +-----------------------------+
+ | QCow2 header extension Z |
+ +-----------------------------+
+ | ....other QCow2 tables.... |
+ . .
+ . .
+ +-----------------------------+
+ | +-------------------------+ |
+ | | LUKS partition header | |
+ | +-------------------------+ |
+ | | LUKS key material 1 | |
+ | +-------------------------+ |
+ | | LUKS key material 2 | |
+ | +-------------------------+ |
+ | | LUKS key material ... | |
+ | +-------------------------+ |
+ | | LUKS key material 8 | |
+ | +-------------------------+ |
+ +-----------------------------+
+ | QCow2 cluster payload |
+ . .
+ . .
+ . .
+ | |
+ +-----------------------------+
+
+== Data encryption ==
+
+When an encryption method is requested in the header, the image payload
+data must be encrypted/decrypted on every write/read. The image headers
+and metadata is never encrypted.
+
+The algorithms used for encryption vary depending on the method
+
+ - AES:
+
+ The AES cipher, in CBC mode, with 256 bit keys.
+
+ Initialization vectors generated using plain64 method, with
+ the virtual disk sector as the input tweak.
+
+ - LUKS:
+
+ The algorithms are specified in the LUKS header.
+
+ Initialization vectors generated using the method specified
+ in the LUKS header, with the physical disk sector as the
+ input tweak.
== Host cluster management ==
diff --git a/qapi/block-core.json b/qapi/block-core.json
index 2ca5674..08bc3e4 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1938,6 +1938,9 @@
# @aes-key-secret: #optional the ID of a QCryptoSecret object providing
# the AES decryption key (since 2.9) Mandatory except
# when doing a metadata-only probe of the image.
+# @luks-key-secret: #optional the ID of a QCryptoSecret object providing
+# the LUKS keyslot passphrase (since 2.9) Mandatory
+# except when doing a metadata-only probe of the image.
#
# Since: 1.7
##
@@ -1952,7 +1955,8 @@
'*l2-cache-size': 'int',
'*refcount-cache-size': 'int',
'*cache-clean-interval': 'int',
- '*aes-key-secret': 'str' } }
+ '*aes-key-secret': 'str',
+ '*luks-key-secret': 'str' } }
##
# @BlockdevOptionsArchipelago:
diff --git a/tests/qemu-iotests/049 b/tests/qemu-iotests/049
index 7da4ac8..a16430d 100755
--- a/tests/qemu-iotests/049
+++ b/tests/qemu-iotests/049
@@ -106,7 +106,7 @@ test_qemu_img create -f $IMGFMT -o preallocation=1234 "$TEST_IMG" 64M
echo "== Check encryption option =="
echo
test_qemu_img create -f $IMGFMT -o encryption=off "$TEST_IMG" 64M
-test_qemu_img create -f $IMGFMT --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 "$TEST_IMG" 64M
+test_qemu_img create -f $IMGFMT --object secret,id=sec0,data=123456 -o encryption=on,aes-key-secret=sec0 "$TEST_IMG" 64M
echo "== Check lazy_refcounts option (only with v3) =="
echo
diff --git a/tests/qemu-iotests/082.out b/tests/qemu-iotests/082.out
index f8dee34..aa53cf7 100644
--- a/tests/qemu-iotests/082.out
+++ b/tests/qemu-iotests/082.out
@@ -53,7 +53,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o ? TEST_DIR/t.qcow2 128M
@@ -67,7 +75,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k,help TEST_DIR/t.qcow2 128M
@@ -81,7 +97,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k,? TEST_DIR/t.qcow2 128M
@@ -95,7 +119,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o help,cluster_size=4k TEST_DIR/t.qcow2 128M
@@ -109,7 +141,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o ?,cluster_size=4k TEST_DIR/t.qcow2 128M
@@ -123,7 +163,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k -o help TEST_DIR/t.qcow2 128M
@@ -137,7 +185,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o cluster_size=4k -o ? TEST_DIR/t.qcow2 128M
@@ -151,7 +207,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: create -f qcow2 -o backing_file=TEST_DIR/t.qcow2,,help TEST_DIR/t.qcow2 128M
@@ -180,7 +244,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
Testing: create -o help
Supported options:
@@ -243,7 +315,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o ? TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -257,7 +337,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k,help TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -271,7 +359,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k,? TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -285,7 +381,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o help,cluster_size=4k TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -299,7 +403,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o ?,cluster_size=4k TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -313,7 +425,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k -o help TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -327,7 +447,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o cluster_size=4k -o ? TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -341,7 +469,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: convert -O qcow2 -o backing_file=TEST_DIR/t.qcow2,,help TEST_DIR/t.qcow2 TEST_DIR/t.qcow2.base
@@ -370,7 +506,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
Testing: convert -o help
Supported options:
@@ -430,7 +574,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o ? TEST_DIR/t.qcow2
@@ -444,7 +596,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k,help TEST_DIR/t.qcow2
@@ -458,7 +618,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k,? TEST_DIR/t.qcow2
@@ -472,7 +640,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o help,cluster_size=4k TEST_DIR/t.qcow2
@@ -486,7 +662,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o ?,cluster_size=4k TEST_DIR/t.qcow2
@@ -500,7 +684,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k -o help TEST_DIR/t.qcow2
@@ -514,7 +706,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o cluster_size=4k -o ? TEST_DIR/t.qcow2
@@ -528,7 +728,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
nocow Turn off copy-on-write (valid only on btrfs)
Testing: amend -f qcow2 -o backing_file=TEST_DIR/t.qcow2,,help TEST_DIR/t.qcow2
@@ -559,7 +767,15 @@ cluster_size qcow2 cluster size
preallocation Preallocation mode (allowed values: off, metadata, falloc, full)
lazy_refcounts Postpone refcount updates
refcount_bits Width of a reference count entry in bits
+encryption-format Encryption data format 'luks' (default) or 'aes'
aes-key-secret ID of the secret that provides the AES encryption key
+luks-key-secret ID of the secret that provides the keyslot passphrase
+luks-cipher-alg Name of encryption cipher algorithm
+luks-cipher-mode Name of encryption cipher mode
+luks-ivgen-alg Name of IV generator algorithm
+luks-ivgen-hash-alg Name of IV generator hash algorithm
+luks-hash-alg Name of encryption hash algorithm
+luks-iter-time Time to spend in PBKDF in milliseconds
Testing: convert -o help
Supported options:
diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
index fe30383..6690715 100755
--- a/tests/qemu-iotests/087
+++ b/tests/qemu-iotests/087
@@ -121,10 +121,10 @@ run_qemu <<EOF
EOF
echo
-echo === Encrypted image ===
+echo === Encrypted image QCow ===
echo
-_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 $size
+_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,aes-key-secret=sec0 $size
run_qemu -S <<EOF
{ "execute": "qmp_capabilities" }
{ "execute": "object-add",
@@ -144,7 +144,7 @@ run_qemu -S <<EOF
"driver": "file",
"filename": "$TEST_IMG"
},
- "qcow-key-secret": "sec0"
+ "aes-key-secret": "sec0"
}
}
{ "execute": "quit" }
@@ -169,7 +169,62 @@ run_qemu <<EOF
"driver": "file",
"filename": "$TEST_IMG"
},
- "qcow-key-secret": "sec0"
+ "aes-key-secret": "sec0"
+ }
+ }
+{ "execute": "quit" }
+EOF
+
+echo
+echo === Encrypted image LUKS ===
+echo
+
+_make_test_img --object secret,id=sec0,data=123456 -o encryption-format=luks,luks-key-secret=sec0 $size
+run_qemu -S <<EOF
+{ "execute": "qmp_capabilities" }
+{ "execute": "object-add",
+ "arguments": {
+ "qom-type": "secret",
+ "id": "sec0",
+ "props": {
+ "data": "123456"
+ }
+ }
+}
+{ "execute": "blockdev-add",
+ "arguments": {
+ "driver": "$IMGFMT",
+ "node-name": "disk",
+ "file": {
+ "driver": "file",
+ "filename": "$TEST_IMG"
+ },
+ "luks-key-secret": "sec0"
+ }
+ }
+{ "execute": "quit" }
+EOF
+
+run_qemu <<EOF
+{ "execute": "qmp_capabilities" }
+{ "execute": "object-add",
+ "arguments": {
+ "qom-type": "secret",
+ "id": "sec0",
+ "props": {
+ "data": "123456"
+ }
+ }
+}
+{ "execute": "blockdev-add",
+ "arguments": {
+ "driver": "$IMGFMT",
+ "node-name": "disk",
+ "file": {
+ "driver": "file",
+ "filename": "$TEST_IMG"
+ },
+ "luks-key-secret": "sec0"
}
}
{ "execute": "quit" }
@@ -179,7 +234,7 @@ echo
echo === Missing driver ===
echo
-_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 $size
+_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,aes-key-secret=sec0 $size
run_qemu -S <<EOF
{ "execute": "qmp_capabilities" }
{ "execute": "blockdev-add",
diff --git a/tests/qemu-iotests/087.out b/tests/qemu-iotests/087.out
index 02c9e42..2266100 100644
--- a/tests/qemu-iotests/087.out
+++ b/tests/qemu-iotests/087.out
@@ -32,7 +32,7 @@ QMP_VERSION
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
-=== Encrypted image ===
+=== Encrypted image QCow ===
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on aes-key-secret=sec0
Testing: -S
@@ -52,6 +52,26 @@ QMP_VERSION
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
+=== Encrypted image LUKS ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption-format=luks luks-key-secret=sec0
+Testing: -S
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
+
+Testing:
+QMP_VERSION
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"return": {}}
+{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"}
+
+
=== Missing driver ===
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on aes-key-secret=sec0
diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
index c2458d8..dd080a2 100755
--- a/tests/qemu-iotests/134
+++ b/tests/qemu-iotests/134
@@ -47,9 +47,9 @@ size=128M
SECRET="secret,id=sec0,data=astrochicken"
SECRETALT="secret,id=sec0,data=platypus"
-_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
+_make_test_img --object $SECRET -o "encryption=on,aes-key-secret=sec0" $size
-IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,qcow-key-secret=sec0"
+IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,aes-key-secret=sec0"
QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
diff --git a/tests/qemu-iotests/158 b/tests/qemu-iotests/158
index 2d1c015..7a1eb5c 100755
--- a/tests/qemu-iotests/158
+++ b/tests/qemu-iotests/158
@@ -49,11 +49,11 @@ SECRET="secret,id=sec0,data=astrochicken"
TEST_IMG_SAVE=$TEST_IMG
TEST_IMG=$TEST_IMG_BASE
echo "== create base =="
-_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
+_make_test_img --object $SECRET -o "encryption=on,aes-key-secret=sec0" $size
TEST_IMG=$TEST_IMG_SAVE
-IMGSPECBASE="driver=$IMGFMT,file.filename=$TEST_IMG_BASE,qcow-key-secret=sec0"
-IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,backing.driver=$IMGFMT,backing.file.filename=$TEST_IMG_BASE,backing.qcow-key-secret=sec0,qcow-key-secret=sec0"
+IMGSPECBASE="driver=$IMGFMT,file.filename=$TEST_IMG_BASE,aes-key-secret=sec0"
+IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,backing.driver=$IMGFMT,backing.file.filename=$TEST_IMG_BASE,backing.aes-key-secret=sec0,aes-key-secret=sec0"
QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
echo
@@ -65,7 +65,7 @@ echo "== verify pattern =="
$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
echo "== create overlay =="
-_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" -b "$TEST_IMG_BASE" $size
+_make_test_img --object $SECRET -o "encryption=on,aes-key-secret=sec0" -b "$TEST_IMG_BASE" $size
echo
echo "== writing part of a cluster =="
diff --git a/tests/qemu-iotests/174 b/tests/qemu-iotests/174
new file mode 100755
index 0000000..27d4870
--- /dev/null
+++ b/tests/qemu-iotests/174
@@ -0,0 +1,76 @@
+#!/bin/bash
+#
+# Test encrypted read/write using plain bdrv_read/bdrv_write
+#
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# creator
+owner=berrange@redhat.com
+
+seq=`basename $0`
+echo "QA output created by $seq"
+
+here=`pwd`
+status=1 # failure is the default!
+
+_cleanup()
+{
+ _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt qcow2
+_supported_proto generic
+_supported_os Linux
+
+
+size=128M
+
+SECRET="secret,id=sec0,data=astrochicken"
+SECRETALT="secret,id=sec0,data=platypus"
+
+_make_test_img --object $SECRET -o "encryption-format=luks,luks-key-secret=sec0" $size
+
+IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,luks-key-secret=sec0"
+
+QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
+
+echo
+echo "== reading whole image =="
+$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== rewriting whole image =="
+$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern =="
+$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern failure with wrong password =="
+$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+
+# success, all done
+echo "*** done"
+rm -f $seq.full
+status=0
diff --git a/tests/qemu-iotests/174.out b/tests/qemu-iotests/174.out
new file mode 100644
index 0000000..c96d0e4
--- /dev/null
+++ b/tests/qemu-iotests/174.out
@@ -0,0 +1,19 @@
+QA output created by 174
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption-format=luks luks-key-secret=sec0
+
+== reading whole image ==
+read 134217728/134217728 bytes at offset 0
+128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== rewriting whole image ==
+wrote 134217728/134217728 bytes at offset 0
+128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern ==
+read 134217728/134217728 bytes at offset 0
+128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern failure with wrong password ==
+can't open: Invalid password, cannot unlock any keyslot
+no file open, try 'help open'
+*** done
diff --git a/tests/qemu-iotests/175 b/tests/qemu-iotests/175
new file mode 100755
index 0000000..f8a629d
--- /dev/null
+++ b/tests/qemu-iotests/175
@@ -0,0 +1,85 @@
+#!/bin/bash
+#
+# Test encrypted read/write using backing files
+#
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+# creator
+owner=berrange@redhat.com
+
+seq=`basename $0`
+echo "QA output created by $seq"
+
+here=`pwd`
+status=1 # failure is the default!
+
+_cleanup()
+{
+ _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt qcow2
+_supported_proto generic
+_supported_os Linux
+
+
+size=128M
+TEST_IMG_BASE=$TEST_IMG.base
+SECRET="secret,id=sec0,data=astrochicken"
+
+TEST_IMG_SAVE=$TEST_IMG
+TEST_IMG=$TEST_IMG_BASE
+echo "== create base =="
+_make_test_img --object $SECRET -o "encryption-format=luks,luks-key-secret=sec0" $size
+TEST_IMG=$TEST_IMG_SAVE
+
+IMGSPECBASE="driver=$IMGFMT,file.filename=$TEST_IMG_BASE,luks-key-secret=sec0"
+IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,backing.driver=$IMGFMT,backing.file.filename=$TEST_IMG_BASE,backing.luks-key-secret=sec0,luks-key-secret=sec0"
+QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
+
+echo
+echo "== writing whole image =="
+$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern =="
+$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPECBASE | _filter_qemu_io | _filter_testdir
+
+echo "== create overlay =="
+_make_test_img --object $SECRET -o "encryption-format=luks,luks-key-secret=sec0" -b "$TEST_IMG_BASE" $size
+
+echo
+echo "== writing part of a cluster =="
+$QEMU_IO --object $SECRET -c "write -P 0xe 0 1024" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+echo
+echo "== verify pattern =="
+$QEMU_IO --object $SECRET -c "read -P 0xe 0 1024" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+echo
+echo "== verify pattern =="
+$QEMU_IO --object $SECRET -c "read -P 0xa 1024 64512" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+
+
+# success, all done
+echo "*** done"
+rm -f $seq.full
+status=0
diff --git a/tests/qemu-iotests/175.out b/tests/qemu-iotests/175.out
new file mode 100644
index 0000000..7846d8a
--- /dev/null
+++ b/tests/qemu-iotests/175.out
@@ -0,0 +1,26 @@
+QA output created by 175
+== create base ==
+Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=134217728 encryption-format=luks luks-key-secret=sec0
+
+== writing whole image ==
+wrote 134217728/134217728 bytes at offset 0
+128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern ==
+read 134217728/134217728 bytes at offset 0
+128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+== create overlay ==
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 backing_file=TEST_DIR/t.IMGFMT.base encryption-format=luks luks-key-secret=sec0
+
+== writing part of a cluster ==
+wrote 1024/1024 bytes at offset 0
+1 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern ==
+read 1024/1024 bytes at offset 0
+1 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+
+== verify pattern ==
+read 64512/64512 bytes at offset 1024
+63 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+*** done
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
index f5d7bc8..dd510d0 100644
--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
@@ -166,3 +166,5 @@
171 rw auto quick
172 auto
173 rw auto backing
+174 rw auto quick
+175 rw auto quick
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 13/15] iotests: enable tests 134 and 158 to work with qcow (v1)
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (11 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format Daniel P. Berrange
@ 2017-01-03 18:27 ` Daniel P. Berrange
2017-01-21 19:12 ` Max Reitz
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 14/15] block: rip out all traces of password prompting Daniel P. Berrange
` (2 subsequent siblings)
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:27 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
The 138 and 158 iotests exercise the legacy qcow2 aes encryption
code path. With a few simple tweaks they can exercise the same
feature in qcow (v1).
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
tests/qemu-iotests/134 | 10 +++++-----
tests/qemu-iotests/158 | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
index dd080a2..23b7834 100755
--- a/tests/qemu-iotests/134
+++ b/tests/qemu-iotests/134
@@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
. ./common.rc
. ./common.filter
-_supported_fmt qcow2
+_supported_fmt qcow qcow2
_supported_proto generic
_supported_os Linux
@@ -55,19 +55,19 @@ QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
echo
echo "== reading whole image =="
-$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
echo
echo "== rewriting whole image =="
-$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
echo
echo "== verify pattern =="
-$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
echo
echo "== verify pattern failure with wrong password =="
-$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
# success, all done
diff --git a/tests/qemu-iotests/158 b/tests/qemu-iotests/158
index 7a1eb5c..2b53d9f 100755
--- a/tests/qemu-iotests/158
+++ b/tests/qemu-iotests/158
@@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
. ./common.rc
. ./common.filter
-_supported_fmt qcow2
+_supported_fmt qcow qcow2
_supported_proto generic
_supported_os Linux
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 14/15] block: rip out all traces of password prompting
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (12 preceding siblings ...)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 13/15] iotests: enable tests 134 and 158 to work with qcow (v1) Daniel P. Berrange
@ 2017-01-03 18:28 ` Daniel P. Berrange
2017-01-21 19:17 ` Max Reitz
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 15/15] block: remove all encryption handling APIs Daniel P. Berrange
2017-01-25 15:58 ` [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Max Reitz
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:28 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
Now that qcow & qcow2 are wired up to get encryption keys
via the QCryptoSecret object, nothing is relying on the
interactive prompting for passwords. All the code related
to password prompting can thus be ripped out.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
hmp.c | 31 ---------------------
include/monitor/monitor.h | 7 -----
include/qemu/osdep.h | 2 --
monitor.c | 68 -----------------------------------------------
qapi-schema.json | 10 +------
qemu-img.c | 31 ---------------------
qemu-io.c | 20 --------------
qmp.c | 12 +--------
util/oslib-posix.c | 66 ---------------------------------------------
util/oslib-win32.c | 24 -----------------
10 files changed, 2 insertions(+), 269 deletions(-)
diff --git a/hmp.c b/hmp.c
index b869617..a1fe64e 100644
--- a/hmp.c
+++ b/hmp.c
@@ -1070,37 +1070,12 @@ void hmp_ringbuf_read(Monitor *mon, const QDict *qdict)
g_free(data);
}
-static void hmp_cont_cb(void *opaque, int err)
-{
- if (!err) {
- qmp_cont(NULL);
- }
-}
-
-static bool key_is_missing(const BlockInfo *bdev)
-{
- return (bdev->inserted && bdev->inserted->encryption_key_missing);
-}
-
void hmp_cont(Monitor *mon, const QDict *qdict)
{
- BlockInfoList *bdev_list, *bdev;
Error *err = NULL;
- bdev_list = qmp_query_block(NULL);
- for (bdev = bdev_list; bdev; bdev = bdev->next) {
- if (key_is_missing(bdev->value)) {
- monitor_read_block_device_key(mon, bdev->value->device,
- hmp_cont_cb, NULL);
- goto out;
- }
- }
-
qmp_cont(&err);
hmp_handle_error(mon, &err);
-
-out:
- qapi_free_BlockInfoList(bdev_list);
}
void hmp_system_wakeup(Monitor *mon, const QDict *qdict)
@@ -1536,12 +1511,6 @@ void hmp_change(Monitor *mon, const QDict *qdict)
qmp_blockdev_change_medium(true, device, false, NULL, target,
!!arg, arg, !!read_only, read_only_mode,
&err);
- if (err &&
- error_get_class(err) == ERROR_CLASS_DEVICE_ENCRYPTED) {
- error_free(err);
- monitor_read_block_device_key(mon, device, NULL, NULL);
- return;
- }
}
hmp_handle_error(mon, &err);
diff --git a/include/monitor/monitor.h b/include/monitor/monitor.h
index 8cc532e..2183aac 100644
--- a/include/monitor/monitor.h
+++ b/include/monitor/monitor.h
@@ -22,13 +22,6 @@ void monitor_cleanup(void);
int monitor_suspend(Monitor *mon);
void monitor_resume(Monitor *mon);
-int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
- BlockCompletionFunc *completion_cb,
- void *opaque);
-int monitor_read_block_device_key(Monitor *mon, const char *device,
- BlockCompletionFunc *completion_cb,
- void *opaque);
-
int monitor_get_fd(Monitor *mon, const char *fdname, Error **errp);
int monitor_fd_param(Monitor *mon, const char *fdname, Error **errp);
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 689f253..d79e9a5 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -396,8 +396,6 @@ void qemu_set_tty_echo(int fd, bool echo);
void os_mem_prealloc(int fd, char *area, size_t sz, Error **errp);
-int qemu_read_password(char *buf, int buf_size);
-
/**
* qemu_get_pid_name:
* @pid: pid of a process
diff --git a/monitor.c b/monitor.c
index 0841d43..7e3a855 100644
--- a/monitor.c
+++ b/monitor.c
@@ -4033,74 +4033,6 @@ void monitor_cleanup(void)
qemu_mutex_unlock(&monitor_lock);
}
-static void bdrv_password_cb(void *opaque, const char *password,
- void *readline_opaque)
-{
- Monitor *mon = opaque;
- BlockDriverState *bs = readline_opaque;
- int ret = 0;
- Error *local_err = NULL;
-
- bdrv_add_key(bs, password, &local_err);
- if (local_err) {
- error_report_err(local_err);
- ret = -EPERM;
- }
- if (mon->password_completion_cb)
- mon->password_completion_cb(mon->password_opaque, ret);
-
- monitor_read_command(mon, 1);
-}
-
-int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
- BlockCompletionFunc *completion_cb,
- void *opaque)
-{
- int err;
-
- monitor_printf(mon, "%s (%s) is encrypted.\n", bdrv_get_device_name(bs),
- bdrv_get_encrypted_filename(bs));
-
- mon->password_completion_cb = completion_cb;
- mon->password_opaque = opaque;
-
- err = monitor_read_password(mon, bdrv_password_cb, bs);
-
- if (err && completion_cb)
- completion_cb(opaque, err);
-
- return err;
-}
-
-int monitor_read_block_device_key(Monitor *mon, const char *device,
- BlockCompletionFunc *completion_cb,
- void *opaque)
-{
- Error *err = NULL;
- BlockBackend *blk;
-
- blk = blk_by_name(device);
- if (!blk) {
- monitor_printf(mon, "Device not found %s\n", device);
- return -1;
- }
- if (!blk_bs(blk)) {
- monitor_printf(mon, "Device '%s' has no medium\n", device);
- return -1;
- }
-
- bdrv_add_key(blk_bs(blk), NULL, &err);
- if (err) {
- error_free(err);
- return monitor_read_bdrv_key_start(mon, blk_bs(blk), completion_cb, opaque);
- }
-
- if (completion_cb) {
- completion_cb(opaque, 0);
- }
- return 0;
-}
-
QemuOptsList qemu_mon_opts = {
.name = "mon",
.implied_opt_name = "chardev",
diff --git a/qapi-schema.json b/qapi-schema.json
index a0d3b5d..e04ae55 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1686,8 +1686,6 @@
# Since: 0.14.0
#
# Returns: If successful, nothing
-# If QEMU was started with an encrypted block device and a key has
-# not yet been set, DeviceEncrypted.
#
# Notes: This command will succeed if the guest is currently running. It
# will also succeed if the guest is in the "inmigrate" state; in
@@ -1886,8 +1884,7 @@
# o This command is stateless, this means that commands that depend
# on state information (such as getfd) might not work
#
-# o Commands that prompt the user for data (eg. 'cont' when the block
-# device is encrypted) don't currently work
+# o Commands that prompt the user for data don't currently work
##
{ 'command': 'human-monitor-command',
'data': {'command-line': 'str', '*cpu-index': 'int'},
@@ -2140,11 +2137,6 @@
#
# Returns: Nothing on success.
# If @device is not a valid block device, DeviceNotFound
-# If the new block device is encrypted, DeviceEncrypted. Note that
-# if this error is returned, the device has been opened successfully
-# and an additional call to @block_passwd is required to set the
-# device's password. The behavior of reads and writes to the block
-# device between when these calls are executed is undefined.
#
# Notes: This interface is deprecated, and it is strongly recommended that you
# avoid using it. For changing block devices, use
diff --git a/qemu-img.c b/qemu-img.c
index 6949b73..fd3a502 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -243,29 +243,6 @@ static int print_block_option_help(const char *filename, const char *fmt)
}
-static int img_open_password(BlockBackend *blk, const char *filename,
- int flags, bool quiet)
-{
- BlockDriverState *bs;
- char password[256];
-
- bs = blk_bs(blk);
- if (bdrv_is_encrypted(bs) && bdrv_key_required(bs) &&
- !(flags & BDRV_O_NO_IO)) {
- qprintf(quiet, "Disk image '%s' is encrypted.\n", filename);
- if (qemu_read_password(password, sizeof(password)) < 0) {
- error_report("No password given");
- return -1;
- }
- if (bdrv_set_key(bs, password) < 0) {
- error_report("invalid password");
- return -1;
- }
- }
- return 0;
-}
-
-
static BlockBackend *img_open_opts(const char *optstr,
QemuOpts *opts, int flags, bool writethrough,
bool quiet)
@@ -281,10 +258,6 @@ static BlockBackend *img_open_opts(const char *optstr,
}
blk_set_enable_write_cache(blk, !writethrough);
- if (img_open_password(blk, optstr, flags, quiet) < 0) {
- blk_unref(blk);
- return NULL;
- }
return blk;
}
@@ -308,10 +281,6 @@ static BlockBackend *img_open_file(const char *filename,
}
blk_set_enable_write_cache(blk, !writethrough);
- if (img_open_password(blk, filename, flags, quiet) < 0) {
- blk_unref(blk);
- return NULL;
- }
return blk;
}
diff --git a/qemu-io.c b/qemu-io.c
index 23a229f..d9dd239 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -56,7 +56,6 @@ static const cmdinfo_t close_cmd = {
static int openfile(char *name, int flags, bool writethrough, QDict *opts)
{
Error *local_err = NULL;
- BlockDriverState *bs;
if (qemuio_blk) {
error_report("file open already, try 'help close'");
@@ -71,28 +70,9 @@ static int openfile(char *name, int flags, bool writethrough, QDict *opts)
return 1;
}
- bs = blk_bs(qemuio_blk);
- if (bdrv_is_encrypted(bs) && bdrv_key_required(bs)) {
- char password[256];
- printf("Disk image '%s' is encrypted.\n", name);
- if (qemu_read_password(password, sizeof(password)) < 0) {
- error_report("No password given");
- goto error;
- }
- if (bdrv_set_key(bs, password) < 0) {
- error_report("invalid password");
- goto error;
- }
- }
-
blk_set_enable_write_cache(qemuio_blk, !writethrough);
return 0;
-
- error:
- blk_unref(qemuio_blk);
- qemuio_blk = NULL;
- return 1;
}
static void open_help(void)
diff --git a/qmp.c b/qmp.c
index 0028f0b..7d3ddc4 100644
--- a/qmp.c
+++ b/qmp.c
@@ -163,10 +163,8 @@ SpiceInfo *qmp_query_spice(Error **errp)
void qmp_cont(Error **errp)
{
- Error *local_err = NULL;
BlockBackend *blk;
- BlockDriverState *bs;
- BdrvNextIterator it;
+ Error *local_err = NULL;
/* if there is a dump in background, we should wait until the dump
* finished */
@@ -186,14 +184,6 @@ void qmp_cont(Error **errp)
blk_iostatus_reset(blk);
}
- for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
- bdrv_add_key(bs, NULL, &local_err);
- if (local_err) {
- error_propagate(errp, local_err);
- return;
- }
- }
-
/* Continuing after completed migration. Images have been inactivated to
* allow the destination to take control. Need to get control back now. */
if (runstate_check(RUN_STATE_FINISH_MIGRATE) ||
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index f631464..35012b9 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -369,72 +369,6 @@ void os_mem_prealloc(int fd, char *area, size_t memory, Error **errp)
}
-static struct termios oldtty;
-
-static void term_exit(void)
-{
- tcsetattr(0, TCSANOW, &oldtty);
-}
-
-static void term_init(void)
-{
- struct termios tty;
-
- tcgetattr(0, &tty);
- oldtty = tty;
-
- tty.c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP
- |INLCR|IGNCR|ICRNL|IXON);
- tty.c_oflag |= OPOST;
- tty.c_lflag &= ~(ECHO|ECHONL|ICANON|IEXTEN);
- tty.c_cflag &= ~(CSIZE|PARENB);
- tty.c_cflag |= CS8;
- tty.c_cc[VMIN] = 1;
- tty.c_cc[VTIME] = 0;
-
- tcsetattr(0, TCSANOW, &tty);
-
- atexit(term_exit);
-}
-
-int qemu_read_password(char *buf, int buf_size)
-{
- uint8_t ch;
- int i, ret;
-
- printf("password: ");
- fflush(stdout);
- term_init();
- i = 0;
- for (;;) {
- ret = read(0, &ch, 1);
- if (ret == -1) {
- if (errno == EAGAIN || errno == EINTR) {
- continue;
- } else {
- break;
- }
- } else if (ret == 0) {
- ret = -1;
- break;
- } else {
- if (ch == '\r' ||
- ch == '\n') {
- ret = 0;
- break;
- }
- if (i < (buf_size - 1)) {
- buf[i++] = ch;
- }
- }
- }
- term_exit();
- buf[i] = '\0';
- printf("\n");
- return ret;
-}
-
-
char *qemu_get_pid_name(pid_t pid)
{
char *name = NULL;
diff --git a/util/oslib-win32.c b/util/oslib-win32.c
index d09863c..5dc4072 100644
--- a/util/oslib-win32.c
+++ b/util/oslib-win32.c
@@ -551,30 +551,6 @@ void os_mem_prealloc(int fd, char *area, size_t memory, Error **errp)
}
-/* XXX: put correct support for win32 */
-int qemu_read_password(char *buf, int buf_size)
-{
- int c, i;
-
- printf("Password: ");
- fflush(stdout);
- i = 0;
- for (;;) {
- c = getchar();
- if (c < 0) {
- buf[i] = '\0';
- return -1;
- } else if (c == '\n') {
- break;
- } else if (i < (buf_size - 1)) {
- buf[i++] = c;
- }
- }
- buf[i] = '\0';
- return 0;
-}
-
-
char *qemu_get_pid_name(pid_t pid)
{
/* XXX Implement me */
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* [Qemu-devel] [PATCH v1 15/15] block: remove all encryption handling APIs
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (13 preceding siblings ...)
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 14/15] block: rip out all traces of password prompting Daniel P. Berrange
@ 2017-01-03 18:28 ` Daniel P. Berrange
2017-01-21 19:22 ` Max Reitz
2017-01-25 15:58 ` [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Max Reitz
15 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-03 18:28 UTC (permalink / raw)
To: qemu-devel; +Cc: Kevin Wolf, Max Reitz, qemu-block, Daniel P. Berrange
Now that all encryption keys must be provided upfront via
the QCryptoSecret API and associated block driver properties
there is no need for any explicit encryption handling APIs
in the block layer. Encryption can be handled transparently
within the block driver. We only retain an API for querying
whether an image is encrypted or not, since that is a
potentially useful piece of metadata to report to the user.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block.c | 77 +----------------------------------------------
block/crypto.c | 1 -
block/qapi.c | 2 +-
block/qcow.c | 1 -
block/qcow2.c | 1 -
blockdev.c | 37 ++---------------------
include/block/block.h | 3 --
include/block/block_int.h | 1 -
include/qapi/error.h | 1 -
qapi/common.json | 5 +--
10 files changed, 5 insertions(+), 124 deletions(-)
diff --git a/block.c b/block.c
index 39ddea3..27cca49 100644
--- a/block.c
+++ b/block.c
@@ -1865,15 +1865,7 @@ static BlockDriverState *bdrv_open_inherit(const char *filename,
goto close_and_fail;
}
- if (!bdrv_key_required(bs)) {
- bdrv_parent_cb_change_media(bs, true);
- } else if (!runstate_check(RUN_STATE_PRELAUNCH)
- && !runstate_check(RUN_STATE_INMIGRATE)
- && !runstate_check(RUN_STATE_PAUSED)) { /* HACK */
- error_setg(errp,
- "Guest must be stopped for opening of encrypted image");
- goto close_and_fail;
- }
+ bdrv_parent_cb_change_media(bs, true);
QDECREF(options);
@@ -2354,7 +2346,6 @@ static void bdrv_close(BlockDriverState *bs)
bs->backing_format[0] = '\0';
bs->total_sectors = 0;
bs->encrypted = false;
- bs->valid_key = false;
bs->sg = false;
QDECREF(bs->options);
QDECREF(bs->explicit_options);
@@ -2723,72 +2714,6 @@ bool bdrv_is_encrypted(BlockDriverState *bs)
return bs->encrypted;
}
-bool bdrv_key_required(BlockDriverState *bs)
-{
- BdrvChild *backing = bs->backing;
-
- if (backing && backing->bs->encrypted && !backing->bs->valid_key) {
- return true;
- }
- return (bs->encrypted && !bs->valid_key);
-}
-
-int bdrv_set_key(BlockDriverState *bs, const char *key)
-{
- int ret;
- if (bs->backing && bs->backing->bs->encrypted) {
- ret = bdrv_set_key(bs->backing->bs, key);
- if (ret < 0)
- return ret;
- if (!bs->encrypted)
- return 0;
- }
- if (!bs->encrypted) {
- return -EINVAL;
- } else if (!bs->drv || !bs->drv->bdrv_set_key) {
- return -ENOMEDIUM;
- }
- ret = bs->drv->bdrv_set_key(bs, key);
- if (ret < 0) {
- bs->valid_key = false;
- } else if (!bs->valid_key) {
- /* call the change callback now, we skipped it on open */
- bs->valid_key = true;
- bdrv_parent_cb_change_media(bs, true);
- }
- return ret;
-}
-
-/*
- * Provide an encryption key for @bs.
- * If @key is non-null:
- * If @bs is not encrypted, fail.
- * Else if the key is invalid, fail.
- * Else set @bs's key to @key, replacing the existing key, if any.
- * If @key is null:
- * If @bs is encrypted and still lacks a key, fail.
- * Else do nothing.
- * On failure, store an error object through @errp if non-null.
- */
-void bdrv_add_key(BlockDriverState *bs, const char *key, Error **errp)
-{
- if (key) {
- if (!bdrv_is_encrypted(bs)) {
- error_setg(errp, "Node '%s' is not encrypted",
- bdrv_get_device_or_node_name(bs));
- } else if (bdrv_set_key(bs, key) < 0) {
- error_setg(errp, QERR_INVALID_PASSWORD);
- }
- } else {
- if (bdrv_key_required(bs)) {
- error_set(errp, ERROR_CLASS_DEVICE_ENCRYPTED,
- "'%s' (%s) is encrypted",
- bdrv_get_device_or_node_name(bs),
- bdrv_get_encrypted_filename(bs));
- }
- }
-}
-
const char *bdrv_get_format_name(BlockDriverState *bs)
{
return bs->drv ? bs->drv->format_name : NULL;
diff --git a/block/crypto.c b/block/crypto.c
index 915ba70..2c4279c 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -380,7 +380,6 @@ static int block_crypto_open_generic(QCryptoBlockFormat format,
}
bs->encrypted = true;
- bs->valid_key = true;
ret = 0;
cleanup:
diff --git a/block/qapi.c b/block/qapi.c
index a62e862..68cab56 100644
--- a/block/qapi.c
+++ b/block/qapi.c
@@ -45,7 +45,7 @@ BlockDeviceInfo *bdrv_block_device_info(BlockBackend *blk,
info->ro = bs->read_only;
info->drv = g_strdup(bs->drv->format_name);
info->encrypted = bs->encrypted;
- info->encryption_key_missing = bdrv_key_required(bs);
+ info->encryption_key_missing = false;
info->cache = g_new(BlockdevCacheInfo, 1);
*info->cache = (BlockdevCacheInfo) {
diff --git a/block/qcow.c b/block/qcow.c
index 6232ad8..397ab85 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -209,7 +209,6 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags,
goto fail;
}
bs->encrypted = true;
- bs->valid_key = true;
}
s->cluster_bits = header.cluster_bits;
s->cluster_size = 1 << s->cluster_bits;
diff --git a/block/qcow2.c b/block/qcow2.c
index b354914..25442f4 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1118,7 +1118,6 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
}
bs->encrypted = true;
- bs->valid_key = true;
}
s->l2_bits = s->cluster_bits - 3; /* L2 is always one cluster */
diff --git a/blockdev.c b/blockdev.c
index 245e1e1..dfeba0c 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -587,10 +587,6 @@ static BlockBackend *blockdev_init(const char *file, QDict *bs_opts,
bs->detect_zeroes = detect_zeroes;
- if (bdrv_key_required(bs)) {
- autostart = 0;
- }
-
block_acct_init(blk_get_stats(blk), account_invalid, account_failed);
if (!parse_stats_intervals(blk_get_stats(blk), interval_list, errp)) {
@@ -2244,24 +2240,8 @@ void qmp_block_passwd(bool has_device, const char *device,
bool has_node_name, const char *node_name,
const char *password, Error **errp)
{
- Error *local_err = NULL;
- BlockDriverState *bs;
- AioContext *aio_context;
-
- bs = bdrv_lookup_bs(has_device ? device : NULL,
- has_node_name ? node_name : NULL,
- &local_err);
- if (local_err) {
- error_propagate(errp, local_err);
- return;
- }
-
- aio_context = bdrv_get_aio_context(bs);
- aio_context_acquire(aio_context);
-
- bdrv_add_key(bs, password, errp);
-
- aio_context_release(aio_context);
+ error_setg_errno(errp, -ENOSYS,
+ "Setting block passwords directly is no longer supported");
}
/*
@@ -2556,12 +2536,6 @@ void qmp_blockdev_change_medium(bool has_device, const char *device,
goto fail;
}
- bdrv_add_key(medium_bs, NULL, &err);
- if (err) {
- error_propagate(errp, err);
- goto fail;
- }
-
rc = do_open_tray(has_device ? device : NULL,
has_id ? id : NULL,
false, &err);
@@ -3832,13 +3806,6 @@ void qmp_blockdev_add(BlockdevOptions *options, Error **errp)
QTAILQ_INSERT_TAIL(&monitor_bdrv_states, bs, monitor_list);
- if (bs && bdrv_key_required(bs)) {
- QTAILQ_REMOVE(&monitor_bdrv_states, bs, monitor_list);
- bdrv_unref(bs);
- error_setg(errp, "blockdev-add doesn't support encrypted devices");
- goto fail;
- }
-
fail:
visit_free(v);
}
diff --git a/include/block/block.h b/include/block/block.h
index 49bb0b2..c56be99 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -412,9 +412,6 @@ BlockDriverState *bdrv_next(BdrvNextIterator *it);
BlockDriverState *bdrv_next_monitor_owned(BlockDriverState *bs);
bool bdrv_is_encrypted(BlockDriverState *bs);
-bool bdrv_key_required(BlockDriverState *bs);
-int bdrv_set_key(BlockDriverState *bs, const char *key);
-void bdrv_add_key(BlockDriverState *bs, const char *key, Error **errp);
void bdrv_iterate_format(void (*it)(void *opaque, const char *name),
void *opaque);
const char *bdrv_get_node_name(const BlockDriverState *bs);
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 83a423c..75717b1 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -435,7 +435,6 @@ struct BlockDriverState {
int open_flags; /* flags used to open the file, re-used for re-open */
bool read_only; /* if true, the media is read only */
bool encrypted; /* if true, the media is encrypted */
- bool valid_key; /* if true, a valid encryption key has been set */
bool sg; /* if true, the device is a /dev/sg* */
bool probed; /* if true, format was probed rather than specified */
diff --git a/include/qapi/error.h b/include/qapi/error.h
index 0576659..a083d95 100644
--- a/include/qapi/error.h
+++ b/include/qapi/error.h
@@ -125,7 +125,6 @@
typedef enum ErrorClass {
ERROR_CLASS_GENERIC_ERROR = QAPI_ERROR_CLASS_GENERICERROR,
ERROR_CLASS_COMMAND_NOT_FOUND = QAPI_ERROR_CLASS_COMMANDNOTFOUND,
- ERROR_CLASS_DEVICE_ENCRYPTED = QAPI_ERROR_CLASS_DEVICEENCRYPTED,
ERROR_CLASS_DEVICE_NOT_ACTIVE = QAPI_ERROR_CLASS_DEVICENOTACTIVE,
ERROR_CLASS_DEVICE_NOT_FOUND = QAPI_ERROR_CLASS_DEVICENOTFOUND,
ERROR_CLASS_KVM_MISSING_CAP = QAPI_ERROR_CLASS_KVMMISSINGCAP,
diff --git a/qapi/common.json b/qapi/common.json
index 624a861..d4b5fb1 100644
--- a/qapi/common.json
+++ b/qapi/common.json
@@ -12,9 +12,6 @@
#
# @CommandNotFound: the requested command has not been found
#
-# @DeviceEncrypted: the requested operation can't be fulfilled because the
-# selected device is encrypted
-#
# @DeviceNotActive: a device has failed to be become active
#
# @DeviceNotFound: the requested device has not been found
@@ -26,7 +23,7 @@
##
{ 'enum': 'QapiErrorClass',
# Keep this in sync with ErrorClass in error.h
- 'data': [ 'GenericError', 'CommandNotFound', 'DeviceEncrypted',
+ 'data': [ 'GenericError', 'CommandNotFound',
'DeviceNotActive', 'DeviceNotFound', 'KVMMissingCap' ] }
##
--
2.9.3
^ permalink raw reply related [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers Daniel P. Berrange
@ 2017-01-03 19:46 ` Eric Blake
2017-01-16 19:42 ` Max Reitz
1 sibling, 0 replies; 47+ messages in thread
From: Eric Blake @ 2017-01-03 19:46 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block, Max Reitz
[-- Attachment #1: Type: text/plain, Size: 739 bytes --]
On 01/03/2017 12:27 PM, Daniel P. Berrange wrote:
> The block/crypto.c defines a set of QemuOpts that provide
> parameters for encryption. This will also be needed by
> the qcow/qcow2 integration, so expose the relevant pieces
> in a new block/crypto.h header.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/crypto.c | 61 +++++++--------------------------------
> block/crypto.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 102 insertions(+), 50 deletions(-)
> create mode 100644 block/crypto.h
>
Reviewed-by: Eric Blake <eblake@redhat.com>
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 02/15] block: add ability to set a prefix for opt names
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 02/15] block: add ability to set a prefix for opt names Daniel P. Berrange
@ 2017-01-16 19:31 ` Max Reitz
2017-01-24 12:15 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-16 19:31 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1653 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> When integrating the crypto support with qcow/qcow2, we don't
> want to use the bare LUKS option names "hash-alg", "key-secret",
> etc. We want to namespace them "luks-hash-alg", "luks-key-secret"
> so that they don't clash with any general qcow options at a later
> date.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/crypto.c | 110 +++++++++++++++++++++++++++++++++++++++++++++++++--------
> block/crypto.h | 42 +++++++++++-----------
> 2 files changed, 118 insertions(+), 34 deletions(-)
>
> diff --git a/block/crypto.c b/block/crypto.c
> index d281de6..1037c70 100644
> --- a/block/crypto.c
> +++ b/block/crypto.c
[...]
> +static int block_crypto_copy_value(void *opaque, const char *name,
> + const char *value, Error **errp)
> +{
> + struct BlockCryptoCopyData *data = opaque;
> +
> + if (g_str_has_prefix(name, data->prefix)) {
> + Error *local_err = NULL;
> + const char *newname = name + strlen(data->prefix);
strstart() would be shorter:
const char *newname;
if (strstart(name, data->prefix, &newname)) {
/* ... */
}
> +
> + qemu_opt_set(data->opts, newname, value, &local_err);
> + if (local_err) {
> + error_propagate(errp, local_err);
> + return 1;
I'd prefer -1, because 0/1 looks more like false/true to me, which in
turn looks like failure/success.
Both optional suggestions, so either way:
Reviewed-by: Max Reitz <mreitz@redhat.com>
> + }
> + }
> +
> + return 0;
> +}
[...]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 03/15] qcow: document another weakness of qcow AES encryption
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 03/15] qcow: document another weakness of qcow AES encryption Daniel P. Berrange
@ 2017-01-16 19:37 ` Max Reitz
2017-01-24 12:11 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-16 19:37 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1978 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> Document that use of guest virtual sector numbers as the basis for
> the initialization vectors is a potential weakness, when combined
> with internal snapshots or multiple images using the same passphrase.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> qemu-img.texi | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/qemu-img.texi b/qemu-img.texi
> index 174aae3..8efcf89 100644
> --- a/qemu-img.texi
> +++ b/qemu-img.texi
> @@ -554,6 +554,15 @@ change the passphrase to protect data in any qcow images. The files must
> be cloned, using a different encryption passphrase in the new file. The
> original file must then be securely erased using a program like shred,
> though even this is ineffective with many modern storage technologies.
> +@item Initialization vectors used to encrypt sectors are based on the
> +guest virtual sector number, instead of the host physical sector. When
> +a disk image has multiple internal snapshots this means that data in
> +multiple physical sectors is encrypted with the same initialization
> +vector. With the CBC mode, this opens the possibility of watermarking
> +attacks if the attack can collect multiple sectors encrypted with the
> +same IV and some predictable data. Having multiple qcow2 images with
> +the same passphrase also exposes this weakness since the passphrase
> +is directly used as the key.
> @end itemize
In the output manpage, this itemize looks pretty broken to me:
@item foo
bar baz
is formatted as:
-<foo>
bar baz
Which may be used intentionally, but it certainly isn't here.
It should probably be written as:
@item
foo bar baz
which becomes
- foo bar baz
(which is what the other itemize in qemu-img.texi does)
Do you want to fix that in this series?
Max
>
> Use of qcow / qcow2 encryption is thus strongly discouraged. Users are
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 04/15] qcow: require image size to be > 1 for new images
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 04/15] qcow: require image size to be > 1 for new images Daniel P. Berrange
@ 2017-01-16 19:41 ` Max Reitz
2017-01-24 12:14 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-16 19:41 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1306 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> The qcow driver refuses to open images which are less than
> 2 bytes in size, but will happily create such images. Add
> a check in the create path to avoid this discrepancy.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/qcow.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/block/qcow.c b/block/qcow.c
> index 7540f43..8133fda 100644
> --- a/block/qcow.c
> +++ b/block/qcow.c
> @@ -799,6 +799,12 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp)
> /* Read out options */
> total_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0),
> BDRV_SECTOR_SIZE);
> + if (total_size <= 1) {
> + error_setg(errp, "Image size is too small (must be at least 2 bytes)");
> + ret = -EINVAL;
> + goto cleanup;
> + }
> +
Given the ROUND_UP() before, I can't see how total_size can be 1, but I
can see how it can be 0. Since that is covered by this condition:
Reviewed-by: Max Reitz <mreitz@redhat.com>
> backing_file = qemu_opt_get_del(opts, BLOCK_OPT_BACKING_FILE);
> if (qemu_opt_get_bool_del(opts, BLOCK_OPT_ENCRYPT, false)) {
> flags |= BLOCK_FLAG_ENCRYPT;
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 05/15] iotests: skip 042 with qcow which dosn't support zero sized images
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 05/15] iotests: skip 042 with qcow which dosn't support zero sized images Daniel P. Berrange
@ 2017-01-16 19:42 ` Max Reitz
0 siblings, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-16 19:42 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 402 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> Test 042 is designed to verify operation with zero sized images.
> Such images are not supported with qcow (v1), so this test has
> always failed.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> tests/qemu-iotests/042 | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Max Reitz <mreitz@redhat.com>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers Daniel P. Berrange
2017-01-03 19:46 ` Eric Blake
@ 2017-01-16 19:42 ` Max Reitz
1 sibling, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-16 19:42 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 622 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> The block/crypto.c defines a set of QemuOpts that provide
> parameters for encryption. This will also be needed by
> the qcow/qcow2 integration, so expose the relevant pieces
> in a new block/crypto.h header.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/crypto.c | 61 +++++++--------------------------------
> block/crypto.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 102 insertions(+), 50 deletions(-)
> create mode 100644 block/crypto.h
Reviewed-by: Max Reitz <mreitz@redhat.com>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 06/15] iotests: skip 048 with qcow which doesn't support resize
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 06/15] iotests: skip 048 with qcow which doesn't support resize Daniel P. Berrange
@ 2017-01-16 19:48 ` Max Reitz
0 siblings, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-16 19:48 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 402 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> Test 048 is designed to verify data preservation during an
> image resize. The qcow (v1) format impl has never supported
> resize so always fails.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> tests/qemu-iotests/048 | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Max Reitz <mreitz@redhat.com>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow Daniel P. Berrange
@ 2017-01-16 20:04 ` Max Reitz
2017-01-17 9:59 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-16 20:04 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1416 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> The previous commit:
>
> commit a3e1505daec31ef56f0489f8c8fff1b8e4ca92bd
> Author: Eric Blake <eblake@redhat.com>
> Date: Mon Dec 5 09:49:34 2016 -0600
>
> qcow2: Don't strand clusters near 2G intervals during commit
>
> extended the 097 test case so that it did two passes, once
> with an internal snapshot, once without.
>
> qcow (v1) does not support internal snapshots, so this change
> broke test 097 when run against qcow.
>
> This splits 097 in two, creating a new 173 that tests the
> internal snapshot codepath, effectively putting 097 back
> to its content before the above commit.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> tests/qemu-iotests/097 | 10 +---
> tests/qemu-iotests/097.out | 125 ++------------------------------------------
> tests/qemu-iotests/173 | 126 +++++++++++++++++++++++++++++++++++++++++++++
> tests/qemu-iotests/173.out | 119 ++++++++++++++++++++++++++++++++++++++++++
> tests/qemu-iotests/group | 1 +
> 5 files changed, 251 insertions(+), 130 deletions(-)
> create mode 100755 tests/qemu-iotests/173
> create mode 100644 tests/qemu-iotests/173.out
I don't think the effort is worth it, considering that probably
literally nobody is still using qcow -- or so I hope, at least.
Anyway:
Reviewed-by: Max Reitz <mreitz@redhat.com>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 08/15] qcow: make encrypt_sectors encrypt in place
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 08/15] qcow: make encrypt_sectors encrypt in place Daniel P. Berrange
@ 2017-01-16 20:25 ` Max Reitz
2017-01-24 12:21 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-16 20:25 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 5859 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> Instead of requiring separate input/output buffers for
> encrypting data, change encrypt_sectors() to assume
> use of a single buffer, encrypting in place. One current
> caller all uses the same buffer for input/output already
-all?
> and the other two callers are easily converted todo so.
s/todo/to do/
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/qcow.c | 36 +++++++++++-------------------------
> 1 file changed, 11 insertions(+), 25 deletions(-)
>
> diff --git a/block/qcow.c b/block/qcow.c
> index 8133fda..bc9fa2f 100644
> --- a/block/qcow.c
> +++ b/block/qcow.c
> @@ -310,11 +310,10 @@ static int qcow_set_key(BlockDriverState *bs, const char *key)
> }
>
> /* The crypt function is compatible with the linux cryptoloop
> - algorithm for < 4 GB images. NOTE: out_buf == in_buf is
> - supported */
> + algorithm for < 4 GB images. */
> static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
> - uint8_t *out_buf, const uint8_t *in_buf,
> - int nb_sectors, bool enc, Error **errp)
> + uint8_t *buf, int nb_sectors, bool enc,
> + Error **errp)
> {
> union {
> uint64_t ll[2];
> @@ -333,14 +332,12 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
> }
> if (enc) {
> ret = qcrypto_cipher_encrypt(s->cipher,
> - in_buf,
> - out_buf,
> + buf, buf,
> 512,
> errp);
> } else {
> ret = qcrypto_cipher_decrypt(s->cipher,
> - in_buf,
> - out_buf,
> + buf, buf,
> 512,
> errp);
> }
> @@ -348,8 +345,7 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
> return -1;
> }
> sector_num++;
> - in_buf += 512;
> - out_buf += 512;
> + buf += 512;
> }
> return 0;
> }
> @@ -469,13 +465,12 @@ static uint64_t get_cluster_offset(BlockDriverState *bs,
> uint64_t start_sect;
> assert(s->cipher);
> start_sect = (offset & ~(s->cluster_size - 1)) >> 9;
> - memset(s->cluster_data + 512, 0x00, 512);
> + memset(s->cluster_data, 0x00, 512);
> for(i = 0; i < s->cluster_sectors; i++) {
> if (i < n_start || i >= n_end) {
> Error *err = NULL;
> if (encrypt_sectors(s, start_sect + i,
> - s->cluster_data,
> - s->cluster_data + 512, 1,
> + s->cluster_data, 1,
> true, &err) < 0) {
> error_free(err);
> errno = EIO;
After the first iteration of the surrounding for () loop,
s->cluster_data is unlikely to still be filled with zeros -- but I
suspect the code intended to always write encrypted zeros.
> @@ -653,7 +648,7 @@ static coroutine_fn int qcow_co_readv(BlockDriverState *bs, int64_t sector_num,
> }
> if (bs->encrypted) {
> assert(s->cipher);
> - if (encrypt_sectors(s, sector_num, buf, buf,
> + if (encrypt_sectors(s, sector_num, buf,
> n, false, &err) < 0) {
> goto fail;
> }
> @@ -688,9 +683,7 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
> BDRVQcowState *s = bs->opaque;
> int index_in_cluster;
> uint64_t cluster_offset;
> - const uint8_t *src_buf;
> int ret = 0, n;
> - uint8_t *cluster_data = NULL;
> struct iovec hd_iov;
> QEMUIOVector hd_qiov;
> uint8_t *buf;
> @@ -728,21 +721,15 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
> if (bs->encrypted) {
> Error *err = NULL;
> assert(s->cipher);
> - if (!cluster_data) {
> - cluster_data = g_malloc0(s->cluster_size);
> - }
> - if (encrypt_sectors(s, sector_num, cluster_data, buf,
> + if (encrypt_sectors(s, sector_num, buf,
If qiov->niov == 1, buf is not copied from the I/O vector but just the
I/O vector base itself. Then, this will modify the data pointed to by
that vector. I don't think that is a good idea.
Max
> n, true, &err) < 0) {
> error_free(err);
> ret = -EIO;
> break;
> }
> - src_buf = cluster_data;
> - } else {
> - src_buf = buf;
> }
>
> - hd_iov.iov_base = (void *)src_buf;
> + hd_iov.iov_base = (void *)buf;
> hd_iov.iov_len = n * 512;
> qemu_iovec_init_external(&hd_qiov, &hd_iov, 1);
> qemu_co_mutex_unlock(&s->lock);
> @@ -764,7 +751,6 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
> if (qiov->niov > 1) {
> qemu_vfree(orig_buf);
> }
> - g_free(cluster_data);
>
> return ret;
> }
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 09/15] qcow: convert QCow to use QCryptoBlock for encryption
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 09/15] qcow: convert QCow to use QCryptoBlock for encryption Daniel P. Berrange
@ 2017-01-16 21:16 ` Max Reitz
0 siblings, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-16 21:16 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1004 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> This converts the qcow2 driver to make use of the QCryptoBlock
> APIs for encrypting image content. This is only wired up to
> permit use of the legacy QCow encryption format. Users who wish
> to have the strong LUKS format should switch to qcow2 instead.
>
> With this change it is now required to use the QCryptoSecret
> object for providing passwords, instead of the current block
> password APIs / interactive prompting.
>
> $QEMU \
> -object secret,id=sec0,filename=/home/berrange/encrypted.pw \
> -drive file=/home/berrange/encrypted.qcow,aes-key-secret=sec0
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/crypto.c | 10 +++
> block/crypto.h | 9 +++
> block/qcow.c | 184 +++++++++++++++++++++++----------------------------
> qapi/block-core.json | 17 ++++-
> 4 files changed, 117 insertions(+), 103 deletions(-)
Reviewed-by: Max Reitz <mreitz@redhat.com>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow
2017-01-16 20:04 ` Max Reitz
@ 2017-01-17 9:59 ` Daniel P. Berrange
2017-01-18 12:44 ` Max Reitz
0 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-17 9:59 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Mon, Jan 16, 2017 at 09:04:31PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > The previous commit:
> >
> > commit a3e1505daec31ef56f0489f8c8fff1b8e4ca92bd
> > Author: Eric Blake <eblake@redhat.com>
> > Date: Mon Dec 5 09:49:34 2016 -0600
> >
> > qcow2: Don't strand clusters near 2G intervals during commit
> >
> > extended the 097 test case so that it did two passes, once
> > with an internal snapshot, once without.
> >
> > qcow (v1) does not support internal snapshots, so this change
> > broke test 097 when run against qcow.
> >
> > This splits 097 in two, creating a new 173 that tests the
> > internal snapshot codepath, effectively putting 097 back
> > to its content before the above commit.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > tests/qemu-iotests/097 | 10 +---
> > tests/qemu-iotests/097.out | 125 ++------------------------------------------
> > tests/qemu-iotests/173 | 126 +++++++++++++++++++++++++++++++++++++++++++++
> > tests/qemu-iotests/173.out | 119 ++++++++++++++++++++++++++++++++++++++++++
> > tests/qemu-iotests/group | 1 +
> > 5 files changed, 251 insertions(+), 130 deletions(-)
> > create mode 100755 tests/qemu-iotests/173
> > create mode 100644 tests/qemu-iotests/173.out
>
> I don't think the effort is worth it, considering that probably
> literally nobody is still using qcow -- or so I hope, at least.
The reason I fixed this was because I wanted to be able to verify my
refactoring to qcow didn't break anything else. It is much easier if
I can just run "check -qcow" and not have to worry about which failures
are just test bugs, vs genuine code bugs I've created. IOW, as long as
qcow.c exists in the code base, IMHO, we should make sure the iotests
continue to pass
On that point, IMHO, it would be beneficial if we had some CI system
that was setup to run the iotests on all new changes, across all the
different disk formats we expect the iotests to work on. We get far
too many regressions with iotests breaking and no one noticing right
now :-(
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow
2017-01-17 9:59 ` Daniel P. Berrange
@ 2017-01-18 12:44 ` Max Reitz
0 siblings, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-18 12:44 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: qemu-devel, Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 2592 bytes --]
On 17.01.2017 10:59, Daniel P. Berrange wrote:
> On Mon, Jan 16, 2017 at 09:04:31PM +0100, Max Reitz wrote:
>> On 03.01.2017 19:27, Daniel P. Berrange wrote:
>>> The previous commit:
>>>
>>> commit a3e1505daec31ef56f0489f8c8fff1b8e4ca92bd
>>> Author: Eric Blake <eblake@redhat.com>
>>> Date: Mon Dec 5 09:49:34 2016 -0600
>>>
>>> qcow2: Don't strand clusters near 2G intervals during commit
>>>
>>> extended the 097 test case so that it did two passes, once
>>> with an internal snapshot, once without.
>>>
>>> qcow (v1) does not support internal snapshots, so this change
>>> broke test 097 when run against qcow.
>>>
>>> This splits 097 in two, creating a new 173 that tests the
>>> internal snapshot codepath, effectively putting 097 back
>>> to its content before the above commit.
>>>
>>> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
>>> ---
>>> tests/qemu-iotests/097 | 10 +---
>>> tests/qemu-iotests/097.out | 125 ++------------------------------------------
>>> tests/qemu-iotests/173 | 126 +++++++++++++++++++++++++++++++++++++++++++++
>>> tests/qemu-iotests/173.out | 119 ++++++++++++++++++++++++++++++++++++++++++
>>> tests/qemu-iotests/group | 1 +
>>> 5 files changed, 251 insertions(+), 130 deletions(-)
>>> create mode 100755 tests/qemu-iotests/173
>>> create mode 100644 tests/qemu-iotests/173.out
>>
>> I don't think the effort is worth it, considering that probably
>> literally nobody is still using qcow -- or so I hope, at least.
>
> The reason I fixed this was because I wanted to be able to verify my
> refactoring to qcow didn't break anything else. It is much easier if
> I can just run "check -qcow" and not have to worry about which failures
> are just test bugs, vs genuine code bugs I've created. IOW, as long as
> qcow.c exists in the code base, IMHO, we should make sure the iotests
> continue to pass
Right, what I meant is that I don't think it's worth fixing tests for
qcow. If they don't work and it isn't qcow that's broken (but just the
test requiring something that qcow does not have), just removing it from
the _supported_fmt list is usually sufficient in my opinion.
> On that point, IMHO, it would be beneficial if we had some CI system
> that was setup to run the iotests on all new changes, across all the
> different disk formats we expect the iotests to work on. We get far
> too many regressions with iotests breaking and no one noticing right
> now :-(
Indeed, but that would require all of the iotests consistently passing
first...
Max
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
@ 2017-01-18 18:13 ` Max Reitz
2017-01-19 9:39 ` Daniel P. Berrange
2017-01-21 19:07 ` Max Reitz
1 sibling, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-18 18:13 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 9121 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> This converts the qcow2 driver to make use of the QCryptoBlock
> APIs for encrypting image content, using the legacyy QCow2 AES
> scheme.
>
> With this change it is now required to use the QCryptoSecret
> object for providing passwords, instead of the current block
> password APIs / interactive prompting.
>
> $QEMU \
> -object secret,id=sec0,filename=/home/berrange/encrypted.pw \
> -drive file=/home/berrange/encrypted.qcow2,aes-key-secret=sec0
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/qcow2-cluster.c | 47 +----------
> block/qcow2.c | 190 +++++++++++++++++++++++++++++----------------
> block/qcow2.h | 5 +-
> qapi/block-core.json | 7 +-
> tests/qemu-iotests/049 | 2 +-
> tests/qemu-iotests/049.out | 4 +-
> tests/qemu-iotests/082.out | 27 +++++++
> tests/qemu-iotests/087 | 28 ++++++-
> tests/qemu-iotests/087.out | 6 +-
> tests/qemu-iotests/134 | 18 +++--
> tests/qemu-iotests/134.out | 10 +--
> tests/qemu-iotests/158 | 19 +++--
> tests/qemu-iotests/158.out | 14 +---
> 13 files changed, 219 insertions(+), 158 deletions(-)
[...]
> diff --git a/block/qcow2.c b/block/qcow2.c
> index 3c14c86..5c9e196 100644
> --- a/block/qcow2.c
> +++ b/block/qcow2.c
[...]
> @@ -1122,6 +1144,24 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
> goto fail;
> }
>
> + if (s->crypt_method_header == QCOW_CRYPT_AES) {
> + unsigned int cflags = 0;
> + if (flags & BDRV_O_NO_IO) {
> + cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
> + }
> + /* XXX how do we pass the same crypto opts down to the
I think a TODO instead of an XXX would have been sufficient, but it's
your call.
> + * backing file by default, so we don't have to manually
> + * provide the same key-secret property against the full
> + * backing chain
> + */
> + s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
> + cflags, errp);
> + if (!s->crypto) {
> + ret = -EINVAL;
> + goto fail;
> + }
[...]
> @@ -2022,6 +2027,44 @@ static int qcow2_change_backing_file(BlockDriverState *bs,
> return qcow2_update_header(bs);
> }
>
> +
> +static int qcow2_change_encryption(BlockDriverState *bs, QemuOpts *opts,
> + Error **errp)
I think this name is not quite appropriate, since this doesn't change
the format of the file if it is already encrypted (and it will not
encrypt any existing data).
Maybe set_up instead of change?
(qcow2_change_backing_file()'s name is good because it will actually
work if there already is a different backing file.)
> +{
> + BDRVQcow2State *s = bs->opaque;
> + QCryptoBlockCreateOptions *cryptoopts = NULL;
> + QCryptoBlock *crypto = NULL;
> + int ret = -EINVAL;
[...]
> diff --git a/block/qcow2.h b/block/qcow2.h
> index 033d8c0..f4cb171 100644
> --- a/block/qcow2.h
> +++ b/block/qcow2.h
> @@ -25,7 +25,7 @@
> #ifndef BLOCK_QCOW2_H
> #define BLOCK_QCOW2_H
>
> -#include "crypto/cipher.h"
> +#include "crypto/block.h"
> #include "qemu/coroutine.h"
>
> //#define DEBUG_ALLOC
> @@ -256,7 +256,8 @@ typedef struct BDRVQcow2State {
>
> CoMutex lock;
>
> - QCryptoCipher *cipher; /* current cipher, NULL if no key yet */
> + QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */
> + QCryptoBlock *crypto; /* Disk encryption format driver */
> uint32_t crypt_method_header;
> uint64_t snapshots_offset;
> int snapshots_size;
> diff --git a/qapi/block-core.json b/qapi/block-core.json
> index c2b70e8..2ca5674 100644
> --- a/qapi/block-core.json
> +++ b/qapi/block-core.json
> @@ -1935,6 +1935,9 @@
> # @cache-clean-interval: #optional clean unused entries in the L2 and refcount
> # caches. The interval is in seconds. The default value
> # is 0 and it disables this feature (since 2.5)
> +# @aes-key-secret: #optional the ID of a QCryptoSecret object providing
> +# the AES decryption key (since 2.9) Mandatory except
Missing full stop after the closing parenthesis.
Also, it's mandatory only for encrypted images. I know it's obvious but
that's not what it says here.
> +# when doing a metadata-only probe of the image.
> #
> # Since: 1.7
> ##
> @@ -1948,8 +1951,8 @@
> '*cache-size': 'int',
> '*l2-cache-size': 'int',
> '*refcount-cache-size': 'int',
> - '*cache-clean-interval': 'int' } }
> -
> + '*cache-clean-interval': 'int',
> + '*aes-key-secret': 'str' } }
>
> ##
> # @BlockdevOptionsArchipelago:
> diff --git a/tests/qemu-iotests/049 b/tests/qemu-iotests/049
> index fff0760..7da4ac8 100755
> --- a/tests/qemu-iotests/049
> +++ b/tests/qemu-iotests/049
> @@ -106,7 +106,7 @@ test_qemu_img create -f $IMGFMT -o preallocation=1234 "$TEST_IMG" 64M
> echo "== Check encryption option =="
> echo
> test_qemu_img create -f $IMGFMT -o encryption=off "$TEST_IMG" 64M
> -test_qemu_img create -f $IMGFMT -o encryption=on "$TEST_IMG" 64M
> +test_qemu_img create -f $IMGFMT --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 "$TEST_IMG" 64M
s/qcow-key-secret/aes-key-secret/
>
> echo "== Check lazy_refcounts option (only with v3) =="
> echo
[...]
> diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
> index 9de57dd..fe30383 100755
> --- a/tests/qemu-iotests/087
> +++ b/tests/qemu-iotests/087
> @@ -124,9 +124,18 @@ echo
> echo === Encrypted image ===
> echo
>
> -_make_test_img -o encryption=on $size
> +_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 $size
> run_qemu -S <<EOF
> { "execute": "qmp_capabilities" }
> +{ "execute": "object-add",
> + "arguments": {
> + "qom-type": "secret",
> + "id": "sec0",
> + "props": {
> + "data": "123456"
> + }
> + }
> +}
> { "execute": "blockdev-add",
> "arguments": {
> "driver": "$IMGFMT",
> @@ -134,7 +143,8 @@ run_qemu -S <<EOF
> "file": {
> "driver": "file",
> "filename": "$TEST_IMG"
> - }
> + },
> + "qcow-key-secret": "sec0"
Same here,
> }
> }
> { "execute": "quit" }
> @@ -142,6 +152,15 @@ EOF
>
> run_qemu <<EOF
> { "execute": "qmp_capabilities" }
> +{ "execute": "object-add",
> + "arguments": {
> + "qom-type": "secret",
> + "id": "sec0",
> + "props": {
> + "data": "123456"
> + }
> + }
> +}
> { "execute": "blockdev-add",
> "arguments": {
> "driver": "$IMGFMT",
> @@ -149,7 +168,8 @@ run_qemu <<EOF
> "file": {
> "driver": "file",
> "filename": "$TEST_IMG"
> - }
> + },
> + "qcow-key-secret": "sec0"
here,
> }
> }
> { "execute": "quit" }
> @@ -159,7 +179,7 @@ echo
> echo === Missing driver ===
> echo
>
> -_make_test_img -o encryption=on $size
> +_make_test_img --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 $size
here,
> run_qemu -S <<EOF
> { "execute": "qmp_capabilities" }
> { "execute": "blockdev-add",
[...]
> diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
> index af618b8..c2458d8 100755
> --- a/tests/qemu-iotests/134
> +++ b/tests/qemu-iotests/134
> @@ -43,23 +43,31 @@ _supported_os Linux
>
>
> size=128M
> -IMGOPTS="encryption=on" _make_test_img $size
> +
> +SECRET="secret,id=sec0,data=astrochicken"
> +SECRETALT="secret,id=sec0,data=platypus"
> +
> +_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
here,
> +
> +IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,qcow-key-secret=sec0"
here,
> +
> +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
[...]
> diff --git a/tests/qemu-iotests/158 b/tests/qemu-iotests/158
> index a6cdd6d..2d1c015 100755
> --- a/tests/qemu-iotests/158
> +++ b/tests/qemu-iotests/158
> @@ -44,34 +44,39 @@ _supported_os Linux
>
> size=128M
> TEST_IMG_BASE=$TEST_IMG.base
> +SECRET="secret,id=sec0,data=astrochicken"
>
> TEST_IMG_SAVE=$TEST_IMG
> TEST_IMG=$TEST_IMG_BASE
> echo "== create base =="
> -IMGOPTS="encryption=on" _make_test_img $size
> +_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
here,
> TEST_IMG=$TEST_IMG_SAVE
>
> +IMGSPECBASE="driver=$IMGFMT,file.filename=$TEST_IMG_BASE,qcow-key-secret=sec0"
> +IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,backing.driver=$IMGFMT,backing.file.filename=$TEST_IMG_BASE,backing.qcow-key-secret=sec0,qcow-key-secret=sec0"
and here.
Max
> +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
> +
[...]
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption
2017-01-18 18:13 ` Max Reitz
@ 2017-01-19 9:39 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-19 9:39 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Wed, Jan 18, 2017 at 07:13:19PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > This converts the qcow2 driver to make use of the QCryptoBlock
> > APIs for encrypting image content, using the legacyy QCow2 AES
> > scheme.
> >
> > With this change it is now required to use the QCryptoSecret
> > object for providing passwords, instead of the current block
> > password APIs / interactive prompting.
> >
> > $QEMU \
> > -object secret,id=sec0,filename=/home/berrange/encrypted.pw \
> > -drive file=/home/berrange/encrypted.qcow2,aes-key-secret=sec0
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > block/qcow2-cluster.c | 47 +----------
> > block/qcow2.c | 190 +++++++++++++++++++++++++++++----------------
> > block/qcow2.h | 5 +-
> > qapi/block-core.json | 7 +-
> > tests/qemu-iotests/049 | 2 +-
> > tests/qemu-iotests/049.out | 4 +-
> > tests/qemu-iotests/082.out | 27 +++++++
> > tests/qemu-iotests/087 | 28 ++++++-
> > tests/qemu-iotests/087.out | 6 +-
> > tests/qemu-iotests/134 | 18 +++--
> > tests/qemu-iotests/134.out | 10 +--
> > tests/qemu-iotests/158 | 19 +++--
> > tests/qemu-iotests/158.out | 14 +---
> > 13 files changed, 219 insertions(+), 158 deletions(-)
>
> [...]
>
> > diff --git a/block/qcow2.c b/block/qcow2.c
> > index 3c14c86..5c9e196 100644
> > --- a/block/qcow2.c
> > +++ b/block/qcow2.c
>
> [...]
>
> > @@ -1122,6 +1144,24 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
> > goto fail;
> > }
> >
> > + if (s->crypt_method_header == QCOW_CRYPT_AES) {
> > + unsigned int cflags = 0;
> > + if (flags & BDRV_O_NO_IO) {
> > + cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
> > + }
> > + /* XXX how do we pass the same crypto opts down to the
>
> I think a TODO instead of an XXX would have been sufficient, but it's
> your call.
Sure, I can put TODO.
> > + * backing file by default, so we don't have to manually
> > + * provide the same key-secret property against the full
> > + * backing chain
> > + */
> > + s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
> > + cflags, errp);
> > + if (!s->crypto) {
> > + ret = -EINVAL;
> > + goto fail;
> > + }
>
> [...]
>
> > @@ -2022,6 +2027,44 @@ static int qcow2_change_backing_file(BlockDriverState *bs,
> > return qcow2_update_header(bs);
> > }
> >
> > +
> > +static int qcow2_change_encryption(BlockDriverState *bs, QemuOpts *opts,
> > + Error **errp)
>
> I think this name is not quite appropriate, since this doesn't change
> the format of the file if it is already encrypted (and it will not
> encrypt any existing data).
>
> Maybe set_up instead of change?
Yep, will change to that
> > diff --git a/block/qcow2.h b/block/qcow2.h
> > index 033d8c0..f4cb171 100644
> > --- a/block/qcow2.h
> > +++ b/block/qcow2.h
> > @@ -25,7 +25,7 @@
> > #ifndef BLOCK_QCOW2_H
> > #define BLOCK_QCOW2_H
> >
> > -#include "crypto/cipher.h"
> > +#include "crypto/block.h"
> > #include "qemu/coroutine.h"
> >
> > //#define DEBUG_ALLOC
> > @@ -256,7 +256,8 @@ typedef struct BDRVQcow2State {
> >
> > CoMutex lock;
> >
> > - QCryptoCipher *cipher; /* current cipher, NULL if no key yet */
> > + QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */
> > + QCryptoBlock *crypto; /* Disk encryption format driver */
> > uint32_t crypt_method_header;
> > uint64_t snapshots_offset;
> > int snapshots_size;
> > diff --git a/qapi/block-core.json b/qapi/block-core.json
> > index c2b70e8..2ca5674 100644
> > --- a/qapi/block-core.json
> > +++ b/qapi/block-core.json
> > @@ -1935,6 +1935,9 @@
> > # @cache-clean-interval: #optional clean unused entries in the L2 and refcount
> > # caches. The interval is in seconds. The default value
> > # is 0 and it disables this feature (since 2.5)
> > +# @aes-key-secret: #optional the ID of a QCryptoSecret object providing
> > +# the AES decryption key (since 2.9) Mandatory except
>
> Missing full stop after the closing parenthesis.
>
> Also, it's mandatory only for encrypted images. I know it's obvious but
> that's not what it says here.
True, I'll clarify
>
> > +# when doing a metadata-only probe of the image.
> > #
> > # Since: 1.7
> > ##
> > @@ -1948,8 +1951,8 @@
> > '*cache-size': 'int',
> > '*l2-cache-size': 'int',
> > '*refcount-cache-size': 'int',
> > - '*cache-clean-interval': 'int' } }
> > -
> > + '*cache-clean-interval': 'int',
> > + '*aes-key-secret': 'str' } }
> >
> > ##
> > # @BlockdevOptionsArchipelago:
> > diff --git a/tests/qemu-iotests/049 b/tests/qemu-iotests/049
> > index fff0760..7da4ac8 100755
> > --- a/tests/qemu-iotests/049
> > +++ b/tests/qemu-iotests/049
> > @@ -106,7 +106,7 @@ test_qemu_img create -f $IMGFMT -o preallocation=1234 "$TEST_IMG" 64M
> > echo "== Check encryption option =="
> > echo
> > test_qemu_img create -f $IMGFMT -o encryption=off "$TEST_IMG" 64M
> > -test_qemu_img create -f $IMGFMT -o encryption=on "$TEST_IMG" 64M
> > +test_qemu_img create -f $IMGFMT --object secret,id=sec0,data=123456 -o encryption=on,qcow-key-secret=sec0 "$TEST_IMG" 64M
>
> s/qcow-key-secret/aes-key-secret/
Opps, that change accidentally got squashed into the next patch instead
of this one.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format Daniel P. Berrange
@ 2017-01-21 18:57 ` Max Reitz
2017-01-24 13:58 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-21 18:57 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 27177 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> This adds support for using LUKS as an encryption format
> with the qcow2 file. The use of the existing 'encryption=on'
> parameter is replaced by a new parameter 'encryption-format'
> which takes the values 'aes' or 'luks'. e.g.
>
> # qemu-img create --object secret,data=123456,id=sec0 \
> -f qcow2 -o encryption-format=luks,luks-key-secret=sec0 \
> test.qcow2 10G
>
> results in the creation of an image using the LUKS format.
> Use of the legacy 'encryption=on' parameter still results
> in creation of the old qcow2 AES format, and is equivalent
> to the new 'encryption-format=aes'. e.g. the following are
> equivalent:
>
> # qemu-img create --object secret,data=123456,id=sec0 \
> -f qcow2 -o encryption=on,aes-key-secret=sec0 \
> test.qcow2 10G
>
> # qemu-img create --object secret,data=123456,id=sec0 \
> -f qcow2 -o encryption-format=aes,aes-key-secret=sec0 \
> test.qcow2 10G
>
> With the LUKS format it is necessary to store the LUKS
> partition header and key material in the QCow2 file. This
> data can be many MB in size, so cannot go into the QCow2
> header region directly. Thus the spec defines a FDE
> (Full Disk Encryption) header extension that specifies
> the offset of a set of clusters to hold the FDE headers,
> as well as the length of that region. The LUKS header is
> thus stored in these extra allocated clusters before the
> main image payload.
>
> Aside from all the cryptographic differences implied by
> use of the LUKS format, there is one further key difference
> between the use of legacy AES and LUKS encryption in qcow2.
> For LUKS, the initialiazation vectors are generated using
> the host physical sector as the input, rather than the
> guest virtual sector. This guarantees unique initialization
> vectors for all sectors when qcow2 internal snapshots are
> used, thus giving stronger protection against watermarking
> attacks.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/qcow2-cluster.c | 4 +-
> block/qcow2-refcount.c | 10 ++
> block/qcow2.c | 236 ++++++++++++++++++++++++++++++++++++++-------
> block/qcow2.h | 9 ++
> docs/specs/qcow2.txt | 99 +++++++++++++++++++
I'd personally rather have specification changes separate from the
implementation.
> qapi/block-core.json | 6 +-
> tests/qemu-iotests/049 | 2 +-
> tests/qemu-iotests/082.out | 216 +++++++++++++++++++++++++++++++++++++++++
> tests/qemu-iotests/087 | 65 ++++++++++++-
> tests/qemu-iotests/087.out | 22 ++++-
> tests/qemu-iotests/134 | 4 +-
> tests/qemu-iotests/158 | 8 +-
> tests/qemu-iotests/174 | 76 +++++++++++++++
> tests/qemu-iotests/174.out | 19 ++++
> tests/qemu-iotests/175 | 85 ++++++++++++++++
> tests/qemu-iotests/175.out | 26 +++++
> tests/qemu-iotests/group | 2 +
> 17 files changed, 840 insertions(+), 49 deletions(-)
> create mode 100755 tests/qemu-iotests/174
> create mode 100644 tests/qemu-iotests/174.out
> create mode 100755 tests/qemu-iotests/175
> create mode 100644 tests/qemu-iotests/175.out
Also, in order to help reviewing by making this patch less scary (840
insertions are kind of... Urgh.), it would make sense to add these two
tests in one or two separate patches.
> diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
> index a2103dc..866b122 100644
> --- a/block/qcow2-cluster.c
> +++ b/block/qcow2-cluster.c
> @@ -383,7 +383,9 @@ static int coroutine_fn do_perform_cow(BlockDriverState *bs,
>
> if (bs->encrypted) {
> Error *err = NULL;
> - int64_t sector = (src_cluster_offset + offset_in_cluster)
> + int64_t sector = (s->crypt_physical_offset ?
> + (cluster_offset + offset_in_cluster) :
> + (src_cluster_offset + offset_in_cluster))
> >> BDRV_SECTOR_BITS;
> assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
> assert((bytes & ~BDRV_SECTOR_MASK) == 0);
> diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
> index cbfb3fe..afa4636 100644
> --- a/block/qcow2-refcount.c
> +++ b/block/qcow2-refcount.c
[...]
> @@ -80,6 +81,73 @@ static int qcow2_probe(const uint8_t *buf, int buf_size, const char *filename)
[...]
> +static ssize_t qcow2_crypto_hdr_init_func(QCryptoBlock *block, size_t headerlen,
> + Error **errp, void *opaque)
> +{
> + BlockDriverState *bs = opaque;
> + BDRVQcow2State *s = bs->opaque;
> + int64_t ret;
> +
> + ret = qcow2_alloc_clusters(bs, headerlen);
> + if (ret < 0) {
> + error_setg_errno(errp, -ret,
> + "Cannot allocate cluster for LUKS header size %zu",
> + headerlen);
> + return -1;
> + }
> +
> + s->crypto_header.length = headerlen;
> + s->crypto_header.offset = ret;
The specification says any unused space in the last cluster has to be
set to zero. This isn't done here.
I don't have a preference whether you write zeroes to the range in
question here or whether you simply relax the specification to say that
anything beyond crypto_header.length is undefined.
> + return ret;
> +}
> +
> +
> +static ssize_t qcow2_crypto_hdr_write_func(QCryptoBlock *block, size_t offset,
> + const uint8_t *buf, size_t buflen,
> + Error **errp, void *opaque)
> +{
> + BlockDriverState *bs = opaque;
> + BDRVQcow2State *s = bs->opaque;
> + ssize_t ret;
> +
> + if ((offset + buflen) > s->crypto_header.length) {
> + error_setg(errp, "Request for data outside of extension header");
> + return -1;
> + }
> +
> + ret = bdrv_pwrite(bs->file,
> + s->crypto_header.offset + offset, buf, buflen);
Theoretically, there should be a qcow2_pre_write_overlap_check() here.
But in theory, qcow2_check_metadata_overlap() should also check overlaps
with this new block of metadata.
I'll leave it up to you as the discussion about the future of those
overlap checks is still up in the air. I really don't have a preference
on what to do in this patch.
> + if (ret < 0) {
> + error_setg_errno(errp, -ret, "Could not read encryption header");
> + return -1;
> + }
> + return ret;
> +}
> +
> +
> /*
> * read qcow2 extension and fill bs
> * start reading from start_offset
[...]
> @@ -165,6 +233,45 @@ static int qcow2_read_extensions(BlockDriverState *bs, uint64_t start_offset,
> }
> break;
>
> + case QCOW2_EXT_MAGIC_CRYPTO_HEADER: {
> + unsigned int cflags = 0;
> + if (s->crypt_method_header != QCOW_CRYPT_LUKS) {
> + error_setg(errp, "CRYPTO header extension only "
> + "expected with LUKS encryption method");
> + return -EINVAL;
> + }
> + if (ext.len != sizeof(Qcow2CryptoHeaderExtension)) {
> + error_setg(errp, "CRYPTO header extension size %u, "
> + "but expected size %zu", ext.len,
> + sizeof(Qcow2CryptoHeaderExtension));
> + return -EINVAL;
> + }
> +
> + ret = bdrv_pread(bs->file, offset, &s->crypto_header, ext.len);
> + if (ret < 0) {
> + error_setg_errno(errp, -ret,
> + "Unable to read CRYPTO header extension");
> + return ret;
> + }
> + be64_to_cpu(s->crypto_header.offset);
> + be64_to_cpu(s->crypto_header.length);
Shouldn't you use the result somehow (or use be64_to_cpus)...?
Also, you should check the validity of s->crypto_header.offset here,
i.e. whether it is indeed aligned to a cluster boundary.
> +
> + if (flags & BDRV_O_NO_IO) {
> + cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
> + }
> + /* XXX how do we pass the same crypto opts down to the
Just as in the previous patch, a TODO would probably be sufficient here.
> + * backing file by default, so we don't have to manually
> + * provide the same key-secret property against the full
> + * backing chain
> + */
> + s->crypto = qcrypto_block_open(s->crypto_opts,
> + qcow2_crypto_hdr_read_func,
> + bs, cflags, errp);
> + if (!s->crypto) {
> + return -EINVAL;
> + }
> + s->crypt_physical_offset = true;
I think this should be set depending on the crypt_method_header (i.e. in
qcow2_open()), not depending on whether this extension exists or not.
> + } break;
I'd put an empty line here (because all the other cases do so).
> default:
> /* unknown magic - save it in case we need to rewrite the header */
> {
[...]
> @@ -988,12 +1101,6 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
> s->refcount_max = UINT64_C(1) << (s->refcount_bits - 1);
> s->refcount_max += s->refcount_max - 1;
>
> - if (header.crypt_method > QCOW_CRYPT_AES) {
> - error_setg(errp, "Unsupported encryption method: %" PRIu32,
> - header.crypt_method);
> - ret = -EINVAL;
> - goto fail;
> - }
> s->crypt_method_header = header.crypt_method;
> if (s->crypt_method_header) {
> if (bdrv_uses_whitelist() &&
You could put the assignment of crypt_physical_offset into this block
(at its bottom where bs->encrypted is set).
> @@ -1138,25 +1245,37 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
>
> /* read qcow2 extensions */
> if (qcow2_read_extensions(bs, header.header_length, ext_end, NULL,
> - &local_err)) {
> + flags, &local_err)) {
> error_propagate(errp, local_err);
> ret = -EINVAL;
> goto fail;
> }
>
> - if (s->crypt_method_header == QCOW_CRYPT_AES) {
> - unsigned int cflags = 0;
> - if (flags & BDRV_O_NO_IO) {
> - cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
> - }
> - /* XXX how do we pass the same crypto opts down to the
> - * backing file by default, so we don't have to manually
> - * provide the same key-secret property against the full
> - * backing chain
> - */
> - s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
> - cflags, errp);
> - if (!s->crypto) {
> + /* qcow2_read_extension may have set up the crypto context
> + * if the crypt method needs a header region, some methods
> + * don't need header extensions, so must check here
> + */
> + if (s->crypt_method_header && !s->crypto) {
> + if (s->crypt_method_header == QCOW_CRYPT_AES) {
> + unsigned int cflags = 0;
> + if (flags & BDRV_O_NO_IO) {
> + cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
> + }
> + /* XXX how do we pass the same crypto opts down to the
The XXX-vs-TODO thing again, even though here it's pre-existing...
> + * backing file by default, so we don't have to manually
> + * provide the same key-secret property against the full
> + * backing chain
> + */
> + s->crypto = qcrypto_block_open(s->crypto_opts, NULL, NULL,
> + cflags, errp);
> + if (!s->crypto) {
> + ret = -EINVAL;
> + goto fail;
> + }
> + s->crypt_physical_offset = false;
> + } else if (!(flags & BDRV_O_NO_IO)) {
> + error_setg(errp, "Missing CRYPTO header for crypt method %d",
> + s->crypt_method_header);
> ret = -EINVAL;
> goto fail;
> }
[...]
> @@ -1929,6 +2053,22 @@ int qcow2_update_header(BlockDriverState *bs)
> buflen -= ret;
> }
>
> + /* Full disk encryption header pointer extension */
> + if (s->crypto_header.offset != 0) {
> + cpu_to_be64(s->crypto_header.offset);
> + cpu_to_be64(s->crypto_header.length);
Should be cpu_to_be64s() or you should store the result somewhere.
> + ret = header_ext_add(buf, QCOW2_EXT_MAGIC_CRYPTO_HEADER,
> + &s->crypto_header, sizeof(s->crypto_header),
> + buflen);
> + be64_to_cpu(s->crypto_header.offset);
> + be64_to_cpu(s->crypto_header.length);
The same with be64_to_cpus().
> + if (ret < 0) {
> + goto fail;
> + }
> + buf += ret;
> + buflen -= ret;
> + }
> +
> /* Feature table */
> if (s->qcow_version >= 3) {
> Qcow2Feature features[] = {
[...]
> @@ -3426,7 +3582,19 @@ static QemuOptsList qcow2_create_opts = {
> .help = "Width of a reference count entry in bits",
> .def_value_str = "16"
> },
> + {
> + .name = QCOW2_OPT_ENCRYPTION_FORMAT,
> + .type = QEMU_OPT_STRING,
> + .help = "Encryption data format 'luks' (default) or 'aes'",
In what way is LUKS the default? No encryption is the default; and the
default encryption is the old AES-CBC because that is what you get when
specifying encryption=on.
I would agree if you replaced "default" by "recommended". In addition,
the help text for the "encryption" option should probably now simply say:
"Deprecated, use the " QCOW2_OPT_ENCRYPTION_FORMAT " option instead"
(Otherwise, it would have to explain that the encryption you get is the
plain old qcow2 AES encryption, which is strongly not recommended, and
that you have to use encryption-format to get LUKS, which is what you want.)
> + },
> BLOCK_CRYPTO_OPT_DEF_QCOW_KEY_SECRET("aes-"),
> + BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET("luks-"),
> + BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG("luks-"),
> + BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE("luks-"),
> + BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG("luks-"),
> + BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG("luks-"),
> + BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG("luks-"),
> + BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME("luks-"),
> { /* end of list */ }
> }
> };
[...]
> diff --git a/docs/specs/qcow2.txt b/docs/specs/qcow2.txt
> index 80cdfd0..cc90276 100644
> --- a/docs/specs/qcow2.txt
> +++ b/docs/specs/qcow2.txt
[...]
> @@ -207,6 +209,103 @@ The fields of the bitmaps extension are:
> Offset into the image file at which the bitmap directory
> starts. Must be aligned to a cluster boundary.
>
> +== Full disk encryption header pointer ==
> +
> +The full disk encryption header must be present if, and only if, the
> +'crypt_method' header requires metadata. Currently this is only true
> +of the 'LUKS' crypt method. The header extension must be absent for
> +other methods.
> +
> +This header provides the offset at which the crypt method can store
> +its additional data, as well as the length of such data.
> +
> + Byte 0 - 7: Offset into the image file at which the encryption
> + header starts in bytes. Must be aligned to a cluster
> + boundary.
> + Byte 8 - 16: Length of the written encryption header in bytes.
s/16/15/
> + Note actual space allocated in the qcow2 file may
> + be larger than this value, since it will be rounded
> + to the nearest multiple of the cluster size. Any
> + unused bytes in the allocated space will be initialized
> + to 0.
> +
> +For the LUKS crypt method, the encryption header works as follows.
> +
> +The first 592 bytes of the header clusters will contain the LUKS
> +partition header. This is then followed by the key material data areas.
> +The size of the key material data areas is determined by the number of
> +stripes in the key slot and key size. Refer to the LUKS format
> +specification ('docs/on-disk-format.pdf' in the cryptsetup source
> +package) for details of the LUKS partition header format.
> +
> +In the LUKS partition header, the "payload-offset" field will be
> +calculated as normal for the LUKS spec. ie the size of the LUKS
> +header, plus key material regions, plus padding. Its value is not
> +used, however, since the qcow2 file format itself defines where
> +the real payload offset is.
> +
> +In the LUKS key slots header, the "key-material-offset" is relative
> +to the start of the LUKS header clusters in the qcow2 container,
> +not the start of the qcow2 file.
> +
> +Logically the layout looks like
> +
> + +-----------------------------+
> + | QCow2 header |
> + +-----------------------------+
> + | QCow2 header extension X |
> + +-----------------------------+
> + | QCow2 header extension FDE |
> + +-----------------------------+
> + | QCow2 header extension ... |
> + +-----------------------------+
> + | QCow2 header extension Z |
> + +-----------------------------+
> + | ....other QCow2 tables.... |
This makes it look like as if all the header extensions are in their own
specific cluster, which they are not.
> + . .
> + . .
> + +-----------------------------+
> + | +-------------------------+ |
> + | | LUKS partition header | |
> + | +-------------------------+ |
> + | | LUKS key material 1 | |
> + | +-------------------------+ |
> + | | LUKS key material 2 | |
> + | +-------------------------+ |
> + | | LUKS key material ... | |
> + | +-------------------------+ |
> + | | LUKS key material 8 | |
> + | +-------------------------+ |
> + +-----------------------------+
> + | QCow2 cluster payload |
> + . .
> + . .
> + . .
> + | |
> + +-----------------------------+
[...]
> diff --git a/qapi/block-core.json b/qapi/block-core.json
> index 2ca5674..08bc3e4 100644
> --- a/qapi/block-core.json
> +++ b/qapi/block-core.json
> @@ -1938,6 +1938,9 @@
> # @aes-key-secret: #optional the ID of a QCryptoSecret object providing
> # the AES decryption key (since 2.9) Mandatory except
> # when doing a metadata-only probe of the image.
> +# @luks-key-secret: #optional the ID of a QCryptoSecret object providing
> +# the LUKS keyslot passphrase (since 2.9) Mandatory
Missing full stop after the closing parenthesis.
> +# except when doing a metadata-only probe of the image.
> #
> # Since: 1.7
> ##
[...]
> diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
> index fe30383..6690715 100755
> --- a/tests/qemu-iotests/087
> +++ b/tests/qemu-iotests/087
[...]
> @@ -169,7 +169,62 @@ run_qemu <<EOF
> "driver": "file",
> "filename": "$TEST_IMG"
> },
> - "qcow-key-secret": "sec0"
> + "aes-key-secret": "sec0"
> + }
> + }
> +{ "execute": "quit" }
> +EOF
> +
> +echo
> +echo === Encrypted image LUKS ===
> +echo
> +
> +_make_test_img --object secret,id=sec0,data=123456 -o encryption-format=luks,luks-key-secret=sec0 $size
> +run_qemu -S <<EOF
> +{ "execute": "qmp_capabilities" }
> +{ "execute": "object-add",
> + "arguments": {
> + "qom-type": "secret",
> + "id": "sec0",
> + "props": {
> + "data": "123456"
> + }
> + }
> +}
> +{ "execute": "blockdev-add",
> + "arguments": {
> + "driver": "$IMGFMT",
> + "node-name": "disk",
> + "file": {
> + "driver": "file",
> + "filename": "$TEST_IMG"
> + },
> + "luks-key-secret": "sec0"
> + }
> + }
> +{ "execute": "quit" }
> +EOF
> +
> +run_qemu <<EOF
I think we can drop one of the duplicated test cases with and without -S
now. The reason for having two originally was, as far as I can remember,
to test that you could blockdev-add encrypted images when the VM was not
paused. However, that is no longer the case since we are no longer
relying on that old infrastructure (as of this series at least).
> +{ "execute": "qmp_capabilities" }
> +{ "execute": "object-add",
> + "arguments": {
> + "qom-type": "secret",
> + "id": "sec0",
> + "props": {
> + "data": "123456"
> + }
> + }
> +}
> +{ "execute": "blockdev-add",
> + "arguments": {
> + "driver": "$IMGFMT",
> + "node-name": "disk",
> + "file": {
> + "driver": "file",
> + "filename": "$TEST_IMG"
> + },
> + "luks-key-secret": "sec0"
> }
> }
> { "execute": "quit" }
[...]
> diff --git a/tests/qemu-iotests/174 b/tests/qemu-iotests/174
> new file mode 100755
> index 0000000..27d4870
> --- /dev/null
> +++ b/tests/qemu-iotests/174
> @@ -0,0 +1,76 @@
> +#!/bin/bash
> +#
> +# Test encrypted read/write using plain bdrv_read/bdrv_write
> +#
> +# Copyright (C) 2015 Red Hat, Inc.
*2017
> +#
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 2 of the License, or
> +# (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +#
> +
> +# creator
> +owner=berrange@redhat.com
> +
> +seq=`basename $0`
> +echo "QA output created by $seq"
> +
> +here=`pwd`
> +status=1 # failure is the default!
> +
> +_cleanup()
> +{
> + _cleanup_test_img
> +}
> +trap "_cleanup; exit \$status" 0 1 2 3 15
> +
> +# get standard environment, filters and checks
> +. ./common.rc
> +. ./common.filter
> +
> +_supported_fmt qcow2
> +_supported_proto generic
> +_supported_os Linux
> +
> +
> +size=128M
> +
> +SECRET="secret,id=sec0,data=astrochicken"
> +SECRETALT="secret,id=sec0,data=platypus"
> +
> +_make_test_img --object $SECRET -o "encryption-format=luks,luks-key-secret=sec0" $size
> +
> +IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,luks-key-secret=sec0"
> +
> +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
> +
> +echo
> +echo "== reading whole image =="
> +$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
Shouldn't "read -P 0 0 $size" work here, too?
> +
> +echo
> +echo "== rewriting whole image =="
> +$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
> +
> +echo
> +echo "== verify pattern =="
> +$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
But do you really want to read and write 128 MB...? I mean, even on an
HDD, it will only take a couple of seconds at most, but won't 16 or 32
MB suffice? That way, it should always take less than a second.
> +
> +echo
> +echo "== verify pattern failure with wrong password =="
> +$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
> +
> +
> +# success, all done
> +echo "*** done"
> +rm -f $seq.full
> +status=0
> diff --git a/tests/qemu-iotests/174.out b/tests/qemu-iotests/174.out
> new file mode 100644
> index 0000000..c96d0e4
> --- /dev/null
> +++ b/tests/qemu-iotests/174.out
> @@ -0,0 +1,19 @@
> +QA output created by 174
> +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption-format=luks luks-key-secret=sec0
> +
> +== reading whole image ==
> +read 134217728/134217728 bytes at offset 0
> +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
> +
> +== rewriting whole image ==
> +wrote 134217728/134217728 bytes at offset 0
> +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
> +
> +== verify pattern ==
> +read 134217728/134217728 bytes at offset 0
> +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
> +
> +== verify pattern failure with wrong password ==
> +can't open: Invalid password, cannot unlock any keyslot
Well, that's not quite a pattern failure. It's the result we want, but
you should probably change the heading for this test case.
> +no file open, try 'help open'
> +*** done
> diff --git a/tests/qemu-iotests/175 b/tests/qemu-iotests/175
> new file mode 100755
> index 0000000..f8a629d
> --- /dev/null
> +++ b/tests/qemu-iotests/175
> @@ -0,0 +1,85 @@
> +#!/bin/bash
> +#
> +# Test encrypted read/write using backing files
> +#
> +# Copyright (C) 2015 Red Hat, Inc.
*2017
> +#
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 2 of the License, or
> +# (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +#
> +
> +# creator
> +owner=berrange@redhat.com
> +
> +seq=`basename $0`
> +echo "QA output created by $seq"
> +
> +here=`pwd`
> +status=1 # failure is the default!
> +
> +_cleanup()
> +{
> + _cleanup_test_img
> +}
> +trap "_cleanup; exit \$status" 0 1 2 3 15
> +
> +# get standard environment, filters and checks
> +. ./common.rc
> +. ./common.filter
> +
> +_supported_fmt qcow2
> +_supported_proto generic
> +_supported_os Linux
> +
> +
> +size=128M
Same as in last test, I'm not sure 128 MB are actually necessary.
> +TEST_IMG_BASE=$TEST_IMG.base
Hmmm, does this work with spaces in $TEST_IMG?
> +SECRET="secret,id=sec0,data=astrochicken"
How about using different secrets for the base and the overlay?
Max
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
2017-01-18 18:13 ` Max Reitz
@ 2017-01-21 19:07 ` Max Reitz
2017-01-24 12:33 ` Daniel P. Berrange
1 sibling, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-21 19:07 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 2075 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> This converts the qcow2 driver to make use of the QCryptoBlock
> APIs for encrypting image content, using the legacyy QCow2 AES
> scheme.
>
> With this change it is now required to use the QCryptoSecret
> object for providing passwords, instead of the current block
> password APIs / interactive prompting.
>
> $QEMU \
> -object secret,id=sec0,filename=/home/berrange/encrypted.pw \
> -drive file=/home/berrange/encrypted.qcow2,aes-key-secret=sec0
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/qcow2-cluster.c | 47 +----------
> block/qcow2.c | 190 +++++++++++++++++++++++++++++----------------
> block/qcow2.h | 5 +-
> qapi/block-core.json | 7 +-
> tests/qemu-iotests/049 | 2 +-
> tests/qemu-iotests/049.out | 4 +-
> tests/qemu-iotests/082.out | 27 +++++++
> tests/qemu-iotests/087 | 28 ++++++-
> tests/qemu-iotests/087.out | 6 +-
> tests/qemu-iotests/134 | 18 +++--
> tests/qemu-iotests/134.out | 10 +--
> tests/qemu-iotests/158 | 19 +++--
> tests/qemu-iotests/158.out | 14 +---
> 13 files changed, 219 insertions(+), 158 deletions(-)
[...]
> diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
> index af618b8..c2458d8 100755
> --- a/tests/qemu-iotests/134
> +++ b/tests/qemu-iotests/134
> @@ -43,23 +43,31 @@ _supported_os Linux
>
>
> size=128M
> -IMGOPTS="encryption=on" _make_test_img $size
> +
> +SECRET="secret,id=sec0,data=astrochicken"
> +SECRETALT="secret,id=sec0,data=platypus"
> +
> +_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
> +
> +IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,qcow-key-secret=sec0"
> +
> +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
While I agree that it makes sense to have this variable, we
unfortunately do not have it. Yet. ;-)
It should be defined somewhere and it should probably actually contain
all non-format options (such as the cache mode).
Max
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 13/15] iotests: enable tests 134 and 158 to work with qcow (v1)
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 13/15] iotests: enable tests 134 and 158 to work with qcow (v1) Daniel P. Berrange
@ 2017-01-21 19:12 ` Max Reitz
0 siblings, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-21 19:12 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 2674 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> The 138 and 158 iotests exercise the legacy qcow2 aes encryption
> code path. With a few simple tweaks they can exercise the same
> feature in qcow (v1).
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> tests/qemu-iotests/134 | 10 +++++-----
> tests/qemu-iotests/158 | 2 +-
> 2 files changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
> index dd080a2..23b7834 100755
> --- a/tests/qemu-iotests/134
> +++ b/tests/qemu-iotests/134
> @@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
> . ./common.rc
> . ./common.filter
>
> -_supported_fmt qcow2
> +_supported_fmt qcow qcow2
> _supported_proto generic
> _supported_os Linux
>
> @@ -55,19 +55,19 @@ QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
>
> echo
> echo "== reading whole image =="
> -$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
> +$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
>
> echo
> echo "== rewriting whole image =="
> -$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
> +$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
>
> echo
> echo "== verify pattern =="
> -$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
> +$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
>
> echo
> echo "== verify pattern failure with wrong password =="
> -$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
> +$QEMU_IO --object $SECRETALT -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir | _filter_imgfmt
What is this necessary for? The qemu-io output does not contain the
image format, as far as I can see.
Under the premise of "can't hurt", though:
Reviewed-by: Max Reitz <mreitz@redhat.com>
>
>
> # success, all done
> diff --git a/tests/qemu-iotests/158 b/tests/qemu-iotests/158
> index 7a1eb5c..2b53d9f 100755
> --- a/tests/qemu-iotests/158
> +++ b/tests/qemu-iotests/158
> @@ -37,7 +37,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15
> . ./common.rc
> . ./common.filter
>
> -_supported_fmt qcow2
> +_supported_fmt qcow qcow2
> _supported_proto generic
> _supported_os Linux
>
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 14/15] block: rip out all traces of password prompting
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 14/15] block: rip out all traces of password prompting Daniel P. Berrange
@ 2017-01-21 19:17 ` Max Reitz
0 siblings, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-21 19:17 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1013 bytes --]
On 03.01.2017 19:28, Daniel P. Berrange wrote:
> Now that qcow & qcow2 are wired up to get encryption keys
> via the QCryptoSecret object, nothing is relying on the
> interactive prompting for passwords. All the code related
> to password prompting can thus be ripped out.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> hmp.c | 31 ---------------------
> include/monitor/monitor.h | 7 -----
> include/qemu/osdep.h | 2 --
> monitor.c | 68 -----------------------------------------------
> qapi-schema.json | 10 +------
> qemu-img.c | 31 ---------------------
> qemu-io.c | 20 --------------
> qmp.c | 12 +--------
> util/oslib-posix.c | 66 ---------------------------------------------
> util/oslib-win32.c | 24 -----------------
> 10 files changed, 2 insertions(+), 269 deletions(-)
Nice. :-)
Reviewed-by: Max Reitz <mreitz@redhat.com>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 15/15] block: remove all encryption handling APIs
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 15/15] block: remove all encryption handling APIs Daniel P. Berrange
@ 2017-01-21 19:22 ` Max Reitz
2017-01-24 12:49 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-21 19:22 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 2451 bytes --]
On 03.01.2017 19:28, Daniel P. Berrange wrote:
> Now that all encryption keys must be provided upfront via
> the QCryptoSecret API and associated block driver properties
> there is no need for any explicit encryption handling APIs
> in the block layer. Encryption can be handled transparently
> within the block driver. We only retain an API for querying
> whether an image is encrypted or not, since that is a
> potentially useful piece of metadata to report to the user.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block.c | 77 +----------------------------------------------
> block/crypto.c | 1 -
> block/qapi.c | 2 +-
> block/qcow.c | 1 -
> block/qcow2.c | 1 -
> blockdev.c | 37 ++---------------------
> include/block/block.h | 3 --
> include/block/block_int.h | 1 -
> include/qapi/error.h | 1 -
> qapi/common.json | 5 +--
> 10 files changed, 5 insertions(+), 124 deletions(-)
It would probably make sense to replace the description of
BlockDeviceInfo's @encryption_key_missing in qapi/block-core.json by
"Deprecated; always false".
[...]
> diff --git a/blockdev.c b/blockdev.c
> index 245e1e1..dfeba0c 100644
> --- a/blockdev.c
> +++ b/blockdev.c
[...]
> @@ -2244,24 +2240,8 @@ void qmp_block_passwd(bool has_device, const char *device,
> bool has_node_name, const char *node_name,
> const char *password, Error **errp)
> {
> - Error *local_err = NULL;
> - BlockDriverState *bs;
> - AioContext *aio_context;
> -
> - bs = bdrv_lookup_bs(has_device ? device : NULL,
> - has_node_name ? node_name : NULL,
> - &local_err);
> - if (local_err) {
> - error_propagate(errp, local_err);
> - return;
> - }
> -
> - aio_context = bdrv_get_aio_context(bs);
> - aio_context_acquire(aio_context);
> -
> - bdrv_add_key(bs, password, errp);
> -
> - aio_context_release(aio_context);
> + error_setg_errno(errp, -ENOSYS,
> + "Setting block passwords directly is no longer supported");
A plain error_setg() without _errno should be sufficient.
> }
>
I'll leave it up to you whether you want to follow the suggestions I've
given, so:
Reviewed-by: Max Reitz <mreitz@redhat.com>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 03/15] qcow: document another weakness of qcow AES encryption
2017-01-16 19:37 ` Max Reitz
@ 2017-01-24 12:11 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-24 12:11 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Mon, Jan 16, 2017 at 08:37:57PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > Document that use of guest virtual sector numbers as the basis for
> > the initialization vectors is a potential weakness, when combined
> > with internal snapshots or multiple images using the same passphrase.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > qemu-img.texi | 9 +++++++++
> > 1 file changed, 9 insertions(+)
> >
> > diff --git a/qemu-img.texi b/qemu-img.texi
> > index 174aae3..8efcf89 100644
> > --- a/qemu-img.texi
> > +++ b/qemu-img.texi
> > @@ -554,6 +554,15 @@ change the passphrase to protect data in any qcow images. The files must
> > be cloned, using a different encryption passphrase in the new file. The
> > original file must then be securely erased using a program like shred,
> > though even this is ineffective with many modern storage technologies.
> > +@item Initialization vectors used to encrypt sectors are based on the
> > +guest virtual sector number, instead of the host physical sector. When
> > +a disk image has multiple internal snapshots this means that data in
> > +multiple physical sectors is encrypted with the same initialization
> > +vector. With the CBC mode, this opens the possibility of watermarking
> > +attacks if the attack can collect multiple sectors encrypted with the
> > +same IV and some predictable data. Having multiple qcow2 images with
> > +the same passphrase also exposes this weakness since the passphrase
> > +is directly used as the key.
> > @end itemize
>
> In the output manpage, this itemize looks pretty broken to me:
>
> @item foo
> bar baz
>
> is formatted as:
>
> -<foo>
> bar baz
>
> Which may be used intentionally, but it certainly isn't here.
>
> It should probably be written as:
>
> @item
> foo bar baz
>
> which becomes
>
> - foo bar baz
>
> (which is what the other itemize in qemu-img.texi does)
>
> Do you want to fix that in this series?
Yes, will do.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 04/15] qcow: require image size to be > 1 for new images
2017-01-16 19:41 ` Max Reitz
@ 2017-01-24 12:14 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-24 12:14 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Mon, Jan 16, 2017 at 08:41:15PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > The qcow driver refuses to open images which are less than
> > 2 bytes in size, but will happily create such images. Add
> > a check in the create path to avoid this discrepancy.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > block/qcow.c | 6 ++++++
> > 1 file changed, 6 insertions(+)
> >
> > diff --git a/block/qcow.c b/block/qcow.c
> > index 7540f43..8133fda 100644
> > --- a/block/qcow.c
> > +++ b/block/qcow.c
> > @@ -799,6 +799,12 @@ static int qcow_create(const char *filename, QemuOpts *opts, Error **errp)
> > /* Read out options */
> > total_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0),
> > BDRV_SECTOR_SIZE);
> > + if (total_size <= 1) {
> > + error_setg(errp, "Image size is too small (must be at least 2 bytes)");
> > + ret = -EINVAL;
> > + goto cleanup;
> > + }
> > +
>
> Given the ROUND_UP() before, I can't see how total_size can be 1, but I
> can see how it can be 0. Since that is covered by this condition:
>
> Reviewed-by: Max Reitz <mreitz@redhat.com>
I'll switch to == 0 none the less
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 02/15] block: add ability to set a prefix for opt names
2017-01-16 19:31 ` Max Reitz
@ 2017-01-24 12:15 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-24 12:15 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Mon, Jan 16, 2017 at 08:31:55PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > When integrating the crypto support with qcow/qcow2, we don't
> > want to use the bare LUKS option names "hash-alg", "key-secret",
> > etc. We want to namespace them "luks-hash-alg", "luks-key-secret"
> > so that they don't clash with any general qcow options at a later
> > date.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > block/crypto.c | 110 +++++++++++++++++++++++++++++++++++++++++++++++++--------
> > block/crypto.h | 42 +++++++++++-----------
> > 2 files changed, 118 insertions(+), 34 deletions(-)
> >
> > diff --git a/block/crypto.c b/block/crypto.c
> > index d281de6..1037c70 100644
> > --- a/block/crypto.c
> > +++ b/block/crypto.c
>
> [...]
>
> > +static int block_crypto_copy_value(void *opaque, const char *name,
> > + const char *value, Error **errp)
> > +{
> > + struct BlockCryptoCopyData *data = opaque;
> > +
> > + if (g_str_has_prefix(name, data->prefix)) {
> > + Error *local_err = NULL;
> > + const char *newname = name + strlen(data->prefix);
>
> strstart() would be shorter:
>
> const char *newname;
>
> if (strstart(name, data->prefix, &newname)) {
> /* ... */
> }
Ah, didn't know that function existed.
>
> > +
> > + qemu_opt_set(data->opts, newname, value, &local_err);
> > + if (local_err) {
> > + error_propagate(errp, local_err);
> > + return 1;
>
> I'd prefer -1, because 0/1 looks more like false/true to me, which in
> turn looks like failure/success.
Yes, that makes more sense.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 08/15] qcow: make encrypt_sectors encrypt in place
2017-01-16 20:25 ` Max Reitz
@ 2017-01-24 12:21 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-24 12:21 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Mon, Jan 16, 2017 at 09:25:55PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > Instead of requiring separate input/output buffers for
> > encrypting data, change encrypt_sectors() to assume
> > use of a single buffer, encrypting in place. One current
> > caller all uses the same buffer for input/output already
>
> -all?
>
> > and the other two callers are easily converted todo so.
>
> s/todo/to do/
>
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > block/qcow.c | 36 +++++++++++-------------------------
> > 1 file changed, 11 insertions(+), 25 deletions(-)
> >
> > diff --git a/block/qcow.c b/block/qcow.c
> > index 8133fda..bc9fa2f 100644
> > --- a/block/qcow.c
> > +++ b/block/qcow.c
> > @@ -310,11 +310,10 @@ static int qcow_set_key(BlockDriverState *bs, const char *key)
> > }
> >
> > /* The crypt function is compatible with the linux cryptoloop
> > - algorithm for < 4 GB images. NOTE: out_buf == in_buf is
> > - supported */
> > + algorithm for < 4 GB images. */
> > static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
> > - uint8_t *out_buf, const uint8_t *in_buf,
> > - int nb_sectors, bool enc, Error **errp)
> > + uint8_t *buf, int nb_sectors, bool enc,
> > + Error **errp)
> > {
> > union {
> > uint64_t ll[2];
> > @@ -333,14 +332,12 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
> > }
> > if (enc) {
> > ret = qcrypto_cipher_encrypt(s->cipher,
> > - in_buf,
> > - out_buf,
> > + buf, buf,
> > 512,
> > errp);
> > } else {
> > ret = qcrypto_cipher_decrypt(s->cipher,
> > - in_buf,
> > - out_buf,
> > + buf, buf,
> > 512,
> > errp);
> > }
> > @@ -348,8 +345,7 @@ static int encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
> > return -1;
> > }
> > sector_num++;
> > - in_buf += 512;
> > - out_buf += 512;
> > + buf += 512;
> > }
> > return 0;
> > }
> > @@ -469,13 +465,12 @@ static uint64_t get_cluster_offset(BlockDriverState *bs,
> > uint64_t start_sect;
> > assert(s->cipher);
> > start_sect = (offset & ~(s->cluster_size - 1)) >> 9;
> > - memset(s->cluster_data + 512, 0x00, 512);
> > + memset(s->cluster_data, 0x00, 512);
> > for(i = 0; i < s->cluster_sectors; i++) {
> > if (i < n_start || i >= n_end) {
> > Error *err = NULL;
> > if (encrypt_sectors(s, start_sect + i,
> > - s->cluster_data,
> > - s->cluster_data + 512, 1,
> > + s->cluster_data, 1,
> > true, &err) < 0) {
> > error_free(err);
> > errno = EIO;
>
> After the first iteration of the surrounding for () loop,
> s->cluster_data is unlikely to still be filled with zeros -- but I
> suspect the code intended to always write encrypted zeros.
Yep, we must push the memset down a level.
> > @@ -653,7 +648,7 @@ static coroutine_fn int qcow_co_readv(BlockDriverState *bs, int64_t sector_num,
> > }
> > if (bs->encrypted) {
> > assert(s->cipher);
> > - if (encrypt_sectors(s, sector_num, buf, buf,
> > + if (encrypt_sectors(s, sector_num, buf,
> > n, false, &err) < 0) {
> > goto fail;
> > }
> > @@ -688,9 +683,7 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
> > BDRVQcowState *s = bs->opaque;
> > int index_in_cluster;
> > uint64_t cluster_offset;
> > - const uint8_t *src_buf;
> > int ret = 0, n;
> > - uint8_t *cluster_data = NULL;
> > struct iovec hd_iov;
> > QEMUIOVector hd_qiov;
> > uint8_t *buf;
> > @@ -728,21 +721,15 @@ static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t sector_num,
> > if (bs->encrypted) {
> > Error *err = NULL;
> > assert(s->cipher);
> > - if (!cluster_data) {
> > - cluster_data = g_malloc0(s->cluster_size);
> > - }
> > - if (encrypt_sectors(s, sector_num, cluster_data, buf,
> > + if (encrypt_sectors(s, sector_num, buf,
>
> If qiov->niov == 1, buf is not copied from the I/O vector but just the
> I/O vector base itself. Then, this will modify the data pointed to by
> that vector. I don't think that is a good idea.
Opps, yes, that is a bad idea. I'll force copying when bs->encrypted == true,
regardless of qiov->niov value.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption
2017-01-21 19:07 ` Max Reitz
@ 2017-01-24 12:33 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-24 12:33 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Sat, Jan 21, 2017 at 08:07:57PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > This converts the qcow2 driver to make use of the QCryptoBlock
> > APIs for encrypting image content, using the legacyy QCow2 AES
> > scheme.
> >
> > With this change it is now required to use the QCryptoSecret
> > object for providing passwords, instead of the current block
> > password APIs / interactive prompting.
> >
> > $QEMU \
> > -object secret,id=sec0,filename=/home/berrange/encrypted.pw \
> > -drive file=/home/berrange/encrypted.qcow2,aes-key-secret=sec0
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > block/qcow2-cluster.c | 47 +----------
> > block/qcow2.c | 190 +++++++++++++++++++++++++++++----------------
> > block/qcow2.h | 5 +-
> > qapi/block-core.json | 7 +-
> > tests/qemu-iotests/049 | 2 +-
> > tests/qemu-iotests/049.out | 4 +-
> > tests/qemu-iotests/082.out | 27 +++++++
> > tests/qemu-iotests/087 | 28 ++++++-
> > tests/qemu-iotests/087.out | 6 +-
> > tests/qemu-iotests/134 | 18 +++--
> > tests/qemu-iotests/134.out | 10 +--
> > tests/qemu-iotests/158 | 19 +++--
> > tests/qemu-iotests/158.out | 14 +---
> > 13 files changed, 219 insertions(+), 158 deletions(-)
>
> [...]
>
> > diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
> > index af618b8..c2458d8 100755
> > --- a/tests/qemu-iotests/134
> > +++ b/tests/qemu-iotests/134
> > @@ -43,23 +43,31 @@ _supported_os Linux
> >
> >
> > size=128M
> > -IMGOPTS="encryption=on" _make_test_img $size
> > +
> > +SECRET="secret,id=sec0,data=astrochicken"
> > +SECRETALT="secret,id=sec0,data=platypus"
> > +
> > +_make_test_img --object $SECRET -o "encryption=on,qcow-key-secret=sec0" $size
> > +
> > +IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,qcow-key-secret=sec0"
> > +
> > +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
>
> While I agree that it makes sense to have this variable, we
> unfortunately do not have it. Yet. ;-)
>
> It should be defined somewhere and it should probably actually contain
> all non-format options (such as the cache mode).
Yes, that was what I had originally, but somehow I lost it during a
rebase somewhere...
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 15/15] block: remove all encryption handling APIs
2017-01-21 19:22 ` Max Reitz
@ 2017-01-24 12:49 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-24 12:49 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Sat, Jan 21, 2017 at 08:22:53PM +0100, Max Reitz wrote:
> On 03.01.2017 19:28, Daniel P. Berrange wrote:
> > Now that all encryption keys must be provided upfront via
> > the QCryptoSecret API and associated block driver properties
> > there is no need for any explicit encryption handling APIs
> > in the block layer. Encryption can be handled transparently
> > within the block driver. We only retain an API for querying
> > whether an image is encrypted or not, since that is a
> > potentially useful piece of metadata to report to the user.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > block.c | 77 +----------------------------------------------
> > block/crypto.c | 1 -
> > block/qapi.c | 2 +-
> > block/qcow.c | 1 -
> > block/qcow2.c | 1 -
> > blockdev.c | 37 ++---------------------
> > include/block/block.h | 3 --
> > include/block/block_int.h | 1 -
> > include/qapi/error.h | 1 -
> > qapi/common.json | 5 +--
> > 10 files changed, 5 insertions(+), 124 deletions(-)
>
> It would probably make sense to replace the description of
> BlockDeviceInfo's @encryption_key_missing in qapi/block-core.json by
> "Deprecated; always false".
Oh yes, that makes sense.
> > + error_setg_errno(errp, -ENOSYS,
> > + "Setting block passwords directly is no longer supported");
>
> A plain error_setg() without _errno should be sufficient.
Will change it.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format
2017-01-21 18:57 ` Max Reitz
@ 2017-01-24 13:58 ` Daniel P. Berrange
2017-01-25 15:45 ` Max Reitz
0 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-24 13:58 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Sat, Jan 21, 2017 at 07:57:45PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > This adds support for using LUKS as an encryption format
> > with the qcow2 file. The use of the existing 'encryption=on'
> > parameter is replaced by a new parameter 'encryption-format'
> > which takes the values 'aes' or 'luks'. e.g.
> >
> > # qemu-img create --object secret,data=123456,id=sec0 \
> > -f qcow2 -o encryption-format=luks,luks-key-secret=sec0 \
> > test.qcow2 10G
> >
> > results in the creation of an image using the LUKS format.
> > Use of the legacy 'encryption=on' parameter still results
> > in creation of the old qcow2 AES format, and is equivalent
> > to the new 'encryption-format=aes'. e.g. the following are
> > equivalent:
> >
> > # qemu-img create --object secret,data=123456,id=sec0 \
> > -f qcow2 -o encryption=on,aes-key-secret=sec0 \
> > test.qcow2 10G
> >
> > # qemu-img create --object secret,data=123456,id=sec0 \
> > -f qcow2 -o encryption-format=aes,aes-key-secret=sec0 \
> > test.qcow2 10G
> >
> > With the LUKS format it is necessary to store the LUKS
> > partition header and key material in the QCow2 file. This
> > data can be many MB in size, so cannot go into the QCow2
> > header region directly. Thus the spec defines a FDE
> > (Full Disk Encryption) header extension that specifies
> > the offset of a set of clusters to hold the FDE headers,
> > as well as the length of that region. The LUKS header is
> > thus stored in these extra allocated clusters before the
> > main image payload.
> >
> > Aside from all the cryptographic differences implied by
> > use of the LUKS format, there is one further key difference
> > between the use of legacy AES and LUKS encryption in qcow2.
> > For LUKS, the initialiazation vectors are generated using
> > the host physical sector as the input, rather than the
> > guest virtual sector. This guarantees unique initialization
> > vectors for all sectors when qcow2 internal snapshots are
> > used, thus giving stronger protection against watermarking
> > attacks.
> >
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> > block/qcow2-cluster.c | 4 +-
> > block/qcow2-refcount.c | 10 ++
> > block/qcow2.c | 236 ++++++++++++++++++++++++++++++++++++++-------
> > block/qcow2.h | 9 ++
> > docs/specs/qcow2.txt | 99 +++++++++++++++++++
>
> I'd personally rather have specification changes separate from the
> implementation.
>
> > qapi/block-core.json | 6 +-
> > tests/qemu-iotests/049 | 2 +-
> > tests/qemu-iotests/082.out | 216 +++++++++++++++++++++++++++++++++++++++++
> > tests/qemu-iotests/087 | 65 ++++++++++++-
> > tests/qemu-iotests/087.out | 22 ++++-
> > tests/qemu-iotests/134 | 4 +-
> > tests/qemu-iotests/158 | 8 +-
> > tests/qemu-iotests/174 | 76 +++++++++++++++
> > tests/qemu-iotests/174.out | 19 ++++
> > tests/qemu-iotests/175 | 85 ++++++++++++++++
> > tests/qemu-iotests/175.out | 26 +++++
> > tests/qemu-iotests/group | 2 +
> > 17 files changed, 840 insertions(+), 49 deletions(-)
> > create mode 100755 tests/qemu-iotests/174
> > create mode 100644 tests/qemu-iotests/174.out
> > create mode 100755 tests/qemu-iotests/175
> > create mode 100644 tests/qemu-iotests/175.out
>
> Also, in order to help reviewing by making this patch less scary (840
> insertions are kind of... Urgh.), it would make sense to add these two
> tests in one or two separate patches.
Ok, will split it in three - spec change, code change and test
additions.
> > @@ -80,6 +81,73 @@ static int qcow2_probe(const uint8_t *buf, int buf_size, const char *filename)
>
> [...]
>
> > +static ssize_t qcow2_crypto_hdr_init_func(QCryptoBlock *block, size_t headerlen,
> > + Error **errp, void *opaque)
> > +{
> > + BlockDriverState *bs = opaque;
> > + BDRVQcow2State *s = bs->opaque;
> > + int64_t ret;
> > +
> > + ret = qcow2_alloc_clusters(bs, headerlen);
> > + if (ret < 0) {
> > + error_setg_errno(errp, -ret,
> > + "Cannot allocate cluster for LUKS header size %zu",
> > + headerlen);
> > + return -1;
> > + }
> > +
> > + s->crypto_header.length = headerlen;
> > + s->crypto_header.offset = ret;
>
> The specification says any unused space in the last cluster has to be
> set to zero. This isn't done here.
>
> I don't have a preference whether you write zeroes to the range in
> question here or whether you simply relax the specification to say that
> anything beyond crypto_header.length is undefined.
I'll explicitly fill it with zeros.
> > +static ssize_t qcow2_crypto_hdr_write_func(QCryptoBlock *block, size_t offset,
> > + const uint8_t *buf, size_t buflen,
> > + Error **errp, void *opaque)
> > +{
> > + BlockDriverState *bs = opaque;
> > + BDRVQcow2State *s = bs->opaque;
> > + ssize_t ret;
> > +
> > + if ((offset + buflen) > s->crypto_header.length) {
> > + error_setg(errp, "Request for data outside of extension header");
> > + return -1;
> > + }
> > +
> > + ret = bdrv_pwrite(bs->file,
> > + s->crypto_header.offset + offset, buf, buflen);
>
> Theoretically, there should be a qcow2_pre_write_overlap_check() here.
> But in theory, qcow2_check_metadata_overlap() should also check overlaps
> with this new block of metadata.
>
> I'll leave it up to you as the discussion about the future of those
> overlap checks is still up in the air. I really don't have a preference
> on what to do in this patch.
Ok, i'll leave as is for now.
> > @@ -165,6 +233,45 @@ static int qcow2_read_extensions(BlockDriverState *bs, uint64_t start_offset,
> > }
> > break;
> >
> > + case QCOW2_EXT_MAGIC_CRYPTO_HEADER: {
> > + unsigned int cflags = 0;
> > + if (s->crypt_method_header != QCOW_CRYPT_LUKS) {
> > + error_setg(errp, "CRYPTO header extension only "
> > + "expected with LUKS encryption method");
> > + return -EINVAL;
> > + }
> > + if (ext.len != sizeof(Qcow2CryptoHeaderExtension)) {
> > + error_setg(errp, "CRYPTO header extension size %u, "
> > + "but expected size %zu", ext.len,
> > + sizeof(Qcow2CryptoHeaderExtension));
> > + return -EINVAL;
> > + }
> > +
> > + ret = bdrv_pread(bs->file, offset, &s->crypto_header, ext.len);
> > + if (ret < 0) {
> > + error_setg_errno(errp, -ret,
> > + "Unable to read CRYPTO header extension");
> > + return ret;
> > + }
> > + be64_to_cpu(s->crypto_header.offset);
> > + be64_to_cpu(s->crypto_header.length);
>
> Shouldn't you use the result somehow (or use be64_to_cpus)...?
Sigh, yes, intention was to modify in-place
> Also, you should check the validity of s->crypto_header.offset here,
> i.e. whether it is indeed aligned to a cluster boundary.
Ok, wil add that.
>
> > +
> > + if (flags & BDRV_O_NO_IO) {
> > + cflags |= QCRYPTO_BLOCK_OPEN_NO_IO;
> > + }
> > + /* XXX how do we pass the same crypto opts down to the
>
> Just as in the previous patch, a TODO would probably be sufficient here.
Yes
> > + * backing file by default, so we don't have to manually
> > + * provide the same key-secret property against the full
> > + * backing chain
> > + */
> > + s->crypto = qcrypto_block_open(s->crypto_opts,
> > + qcow2_crypto_hdr_read_func,
> > + bs, cflags, errp);
> > + if (!s->crypto) {
> > + return -EINVAL;
> > + }
> > + s->crypt_physical_offset = true;
>
> I think this should be set depending on the crypt_method_header (i.e. in
> qcow2_open()), not depending on whether this extension exists or not.
Yes, makes sense.
> > @@ -988,12 +1101,6 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
> > s->refcount_max = UINT64_C(1) << (s->refcount_bits - 1);
> > s->refcount_max += s->refcount_max - 1;
> >
> > - if (header.crypt_method > QCOW_CRYPT_AES) {
> > - error_setg(errp, "Unsupported encryption method: %" PRIu32,
> > - header.crypt_method);
> > - ret = -EINVAL;
> > - goto fail;
> > - }
> > s->crypt_method_header = header.crypt_method;
> > if (s->crypt_method_header) {
> > if (bdrv_uses_whitelist() &&
>
> You could put the assignment of crypt_physical_offset into this block
> (at its bottom where bs->encrypted is set).
Yep will do.
> > @@ -1929,6 +2053,22 @@ int qcow2_update_header(BlockDriverState *bs)
> > buflen -= ret;
> > }
> >
> > + /* Full disk encryption header pointer extension */
> > + if (s->crypto_header.offset != 0) {
> > + cpu_to_be64(s->crypto_header.offset);
> > + cpu_to_be64(s->crypto_header.length);
>
> Should be cpu_to_be64s() or you should store the result somewhere.
>
> > + ret = header_ext_add(buf, QCOW2_EXT_MAGIC_CRYPTO_HEADER,
> > + &s->crypto_header, sizeof(s->crypto_header),
> > + buflen);
> > + be64_to_cpu(s->crypto_header.offset);
> > + be64_to_cpu(s->crypto_header.length);
>
> The same with be64_to_cpus().
Yes intention was obviously to modify in-place.
> > @@ -3426,7 +3582,19 @@ static QemuOptsList qcow2_create_opts = {
> > .help = "Width of a reference count entry in bits",
> > .def_value_str = "16"
> > },
> > + {
> > + .name = QCOW2_OPT_ENCRYPTION_FORMAT,
> > + .type = QEMU_OPT_STRING,
> > + .help = "Encryption data format 'luks' (default) or 'aes'",
>
> In what way is LUKS the default? No encryption is the default; and the
> default encryption is the old AES-CBC because that is what you get when
> specifying encryption=on.
This is left-over language from a previous approach.
> I would agree if you replaced "default" by "recommended". In addition,
> the help text for the "encryption" option should probably now simply say:
>
> "Deprecated, use the " QCOW2_OPT_ENCRYPTION_FORMAT " option instead"
Yes, will do that.
> > diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
> > index fe30383..6690715 100755
> > --- a/tests/qemu-iotests/087
> > +++ b/tests/qemu-iotests/087
>
> [...]
>
> > @@ -169,7 +169,62 @@ run_qemu <<EOF
> > "driver": "file",
> > "filename": "$TEST_IMG"
> > },
> > - "qcow-key-secret": "sec0"
> > + "aes-key-secret": "sec0"
> > + }
> > + }
> > +{ "execute": "quit" }
> > +EOF
> > +
> > +echo
> > +echo === Encrypted image LUKS ===
> > +echo
> > +
> > +_make_test_img --object secret,id=sec0,data=123456 -o encryption-format=luks,luks-key-secret=sec0 $size
> > +run_qemu -S <<EOF
> > +{ "execute": "qmp_capabilities" }
> > +{ "execute": "object-add",
> > + "arguments": {
> > + "qom-type": "secret",
> > + "id": "sec0",
> > + "props": {
> > + "data": "123456"
> > + }
> > + }
> > +}
> > +{ "execute": "blockdev-add",
> > + "arguments": {
> > + "driver": "$IMGFMT",
> > + "node-name": "disk",
> > + "file": {
> > + "driver": "file",
> > + "filename": "$TEST_IMG"
> > + },
> > + "luks-key-secret": "sec0"
> > + }
> > + }
> > +{ "execute": "quit" }
> > +EOF
> > +
> > +run_qemu <<EOF
>
> I think we can drop one of the duplicated test cases with and without -S
> now. The reason for having two originally was, as far as I can remember,
> to test that you could blockdev-add encrypted images when the VM was not
> paused. However, that is no longer the case since we are no longer
> relying on that old infrastructure (as of this series at least).
Yes, and in fact I can drop the existing one for qcow2 AES in the
earlier patch where I remove prompting for passwords.
> > diff --git a/tests/qemu-iotests/174 b/tests/qemu-iotests/174
> > new file mode 100755
> > index 0000000..27d4870
> > --- /dev/null
> > +++ b/tests/qemu-iotests/174
> > +_supported_fmt qcow2
> > +_supported_proto generic
> > +_supported_os Linux
> > +
> > +
> > +size=128M
> > +
> > +SECRET="secret,id=sec0,data=astrochicken"
> > +SECRETALT="secret,id=sec0,data=platypus"
> > +
> > +_make_test_img --object $SECRET -o "encryption-format=luks,luks-key-secret=sec0" $size
> > +
> > +IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,luks-key-secret=sec0"
> > +
> > +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
> > +
> > +echo
> > +echo "== reading whole image =="
> > +$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
>
> Shouldn't "read -P 0 0 $size" work here, too?
The underlying disk image contents will be zeros, but we'll then decrypt
those zeros and get random garbage.
We could only use -P 0 if we explicitly fill with encrypted-zeros.
> > +echo
> > +echo "== rewriting whole image =="
> > +$QEMU_IO --object $SECRET -c "write -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
> > +
> > +echo
> > +echo "== verify pattern =="
> > +$QEMU_IO --object $SECRET -c "read -P 0xa 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
>
> But do you really want to read and write 128 MB...? I mean, even on an
> HDD, it will only take a couple of seconds at most, but won't 16 or 32
> MB suffice? That way, it should always take less than a second.
I'll drop it to 16 MB, but this reminds me the real performance
benefit comes from telling luks to not force 1 second running
time for the PBKDF algorithm. So I'll drop PBKDK down to 10ms
instead of 1sec
> > +== verify pattern failure with wrong password ==
> > +can't open: Invalid password, cannot unlock any keyslot
>
> Well, that's not quite a pattern failure. It's the result we want, but
> you should probably change the heading for this test case.
Good point.
> > +# get standard environment, filters and checks
> > +. ./common.rc
> > +. ./common.filter
> > +
> > +_supported_fmt qcow2
> > +_supported_proto generic
> > +_supported_os Linux
> > +
> > +
> > +size=128M
>
> Same as in last test, I'm not sure 128 MB are actually necessary.
>
> > +TEST_IMG_BASE=$TEST_IMG.base
>
> Hmmm, does this work with spaces in $TEST_IMG?
>
> > +SECRET="secret,id=sec0,data=astrochicken"
>
> How about using different secrets for the base and the overlay?
Yes, that's a good idea.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format
2017-01-24 13:58 ` Daniel P. Berrange
@ 2017-01-25 15:45 ` Max Reitz
0 siblings, 0 replies; 47+ messages in thread
From: Max Reitz @ 2017-01-25 15:45 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: qemu-devel, Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 2276 bytes --]
On 24.01.2017 14:58, Daniel P. Berrange wrote:
> On Sat, Jan 21, 2017 at 07:57:45PM +0100, Max Reitz wrote:
>> On 03.01.2017 19:27, Daniel P. Berrange wrote:
[...]
>>> diff --git a/tests/qemu-iotests/174 b/tests/qemu-iotests/174
>>> new file mode 100755
>>> index 0000000..27d4870
>>> --- /dev/null
>>> +++ b/tests/qemu-iotests/174
>>> +_supported_fmt qcow2
>>> +_supported_proto generic
>>> +_supported_os Linux
>>> +
>>> +
>>> +size=128M
>>> +
>>> +SECRET="secret,id=sec0,data=astrochicken"
>>> +SECRETALT="secret,id=sec0,data=platypus"
>>> +
>>> +_make_test_img --object $SECRET -o "encryption-format=luks,luks-key-secret=sec0" $size
>>> +
>>> +IMGSPEC="driver=$IMGFMT,file.filename=$TEST_IMG,luks-key-secret=sec0"
>>> +
>>> +QEMU_IO_OPTIONS=$QEMU_IO_OPTIONS_NO_FMT
>>> +
>>> +echo
>>> +echo "== reading whole image =="
>>> +$QEMU_IO --object $SECRET -c "read 0 $size" --image-opts $IMGSPEC | _filter_qemu_io | _filter_testdir
>>
>> Shouldn't "read -P 0 0 $size" work here, too?
>
> The underlying disk image contents will be zeros, but we'll then decrypt
> those zeros and get random garbage.
There are not disk image contents yet because you didn't use
preallocation. qcow2_co_preadv() always returns 0 for unallocated
clusters (without a backing file) and zero clusters.
While looking at that place in qcow2_co_preadv(), I also noticed that
compressed clusters are not encrypted. That looks like a flaw to me that
the user should at least be warned about when invoking qemu-img convert
with the -c option.
(You can test this by converting a disk image to an encrypted compressed
image (qemu-img convert with -c and -o encryption-format=luks; note this
doesn't actually work unless you hack into qemu-img.c, I'll write a
separate mail about this as a response to the cover letter) and then
just set the crypt_method field to 0 and overwrite the disk encryption
header extension type with 0. If all of the clusters could be compressed
(which is the case if the original image was all filled with 42-bytes or
something), then qemu-img compare will happily declare your image to be
equal to the original, without requiring any key.)
> We could only use -P 0 if we explicitly fill with encrypted-zeros.
Max
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
` (14 preceding siblings ...)
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 15/15] block: remove all encryption handling APIs Daniel P. Berrange
@ 2017-01-25 15:58 ` Max Reitz
2017-01-25 16:29 ` Daniel P. Berrange
15 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-25 15:58 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1361 bytes --]
On 03.01.2017 19:27, Daniel P. Berrange wrote:
> This series is a continuation of previous work to support LUKS in
> QEMU. The existing merged code supports LUKS as a standalone
> driver which can be layered over/under any other QEMU block device
> driver. This works well when using LUKS over protocol drivers (file,
> rbd, iscsi, etc, etc), but has some downsides when combined with
> format drivers like qcow2.
When trying out whether compressed images are actually encrypted (which
they are not, as I wrote in my last reply to patch 12), I noticed that
the user interface still has some flaws:
One is that you actually can't convert to encrypted images any more, or
if you can, it doesn't seem obvious to me:
$ ./qemu-img convert -O qcow2 --object secret,id=sec0,data=12345 \
-o encryption-format=luks,luks-key-secret=sec0 \
foo.qcow2 bar.qcow2
qemu-img: Could not open 'bar.qcow2': Parameter 'key-secret' is required
for cipher
The issue is that you have to specify the key secret as a runtime
parameter in addition to the creation option. Not only is that a bit
cumbersome, but it's also impossible because --image-opts doesn't work
for the output image.
The second flaw is also visible above: The parameter is called
"luks-key-secret" here, not just "key-secret". The error message should
reflect that.
Max
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support
2017-01-25 15:58 ` [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Max Reitz
@ 2017-01-25 16:29 ` Daniel P. Berrange
2017-01-25 16:41 ` Max Reitz
0 siblings, 1 reply; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-25 16:29 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Wed, Jan 25, 2017 at 04:58:32PM +0100, Max Reitz wrote:
> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> > This series is a continuation of previous work to support LUKS in
> > QEMU. The existing merged code supports LUKS as a standalone
> > driver which can be layered over/under any other QEMU block device
> > driver. This works well when using LUKS over protocol drivers (file,
> > rbd, iscsi, etc, etc), but has some downsides when combined with
> > format drivers like qcow2.
>
> When trying out whether compressed images are actually encrypted (which
> they are not, as I wrote in my last reply to patch 12), I noticed that
> the user interface still has some flaws:
The original code explicitly forbids this combination
"qemu-img: Compression and encryption not supported at the same time"
but I guess we lost the error check due to changing to use
encryption-format as the option name
> One is that you actually can't convert to encrypted images any more, or
> if you can, it doesn't seem obvious to me:
>
> $ ./qemu-img convert -O qcow2 --object secret,id=sec0,data=12345 \
> -o encryption-format=luks,luks-key-secret=sec0 \
> foo.qcow2 bar.qcow2
> qemu-img: Could not open 'bar.qcow2': Parameter 'key-secret' is required
> for cipher
>
> The issue is that you have to specify the key secret as a runtime
> parameter in addition to the creation option. Not only is that a bit
> cumbersome, but it's also impossible because --image-opts doesn't work
> for the output image.
Yeah, this is a problem I've not figured out a solutiuon for yet - it
also affects the previously merged bare luks format code.
Somehow qemu-img needs to know which create options are also required
to be passed when opening the newly created image.
Perhaps the BlockDriver struct needs a new callback like
bdrv_create_opts_to_runtime_opts(QemuOpts *copts, QemuOpts *ropts);
> The second flaw is also visible above: The parameter is called
> "luks-key-secret" here, not just "key-secret". The error message should
> reflect that.
This is hard to fix. The "luks-key-secret" parameter refers to the parameter
at the block driver level. The error message though is coming from the crypto
layer whose parameter genuinely is called "key-secret". Fixing it would
require the block layer to pre-emptively check parmaeters, duplicating what
the crypto layer does later, which I didn't really like the idea of.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support
2017-01-25 16:29 ` Daniel P. Berrange
@ 2017-01-25 16:41 ` Max Reitz
2017-01-25 17:18 ` Daniel P. Berrange
0 siblings, 1 reply; 47+ messages in thread
From: Max Reitz @ 2017-01-25 16:41 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: qemu-devel, Kevin Wolf, qemu-block
[-- Attachment #1: Type: text/plain, Size: 3978 bytes --]
On 25.01.2017 17:29, Daniel P. Berrange wrote:
> On Wed, Jan 25, 2017 at 04:58:32PM +0100, Max Reitz wrote:
>> On 03.01.2017 19:27, Daniel P. Berrange wrote:
>>> This series is a continuation of previous work to support LUKS in
>>> QEMU. The existing merged code supports LUKS as a standalone
>>> driver which can be layered over/under any other QEMU block device
>>> driver. This works well when using LUKS over protocol drivers (file,
>>> rbd, iscsi, etc, etc), but has some downsides when combined with
>>> format drivers like qcow2.
>>
>> When trying out whether compressed images are actually encrypted (which
>> they are not, as I wrote in my last reply to patch 12), I noticed that
>> the user interface still has some flaws:
>
> The original code explicitly forbids this combination
>
> "qemu-img: Compression and encryption not supported at the same time"
>
> but I guess we lost the error check due to changing to use
> encryption-format as the option name
Yes, not supporting it is completely fine, but qemu-img should refuse
that combination then (or at least warn about it).
>> One is that you actually can't convert to encrypted images any more, or
>> if you can, it doesn't seem obvious to me:
>>
>> $ ./qemu-img convert -O qcow2 --object secret,id=sec0,data=12345 \
>> -o encryption-format=luks,luks-key-secret=sec0 \
>> foo.qcow2 bar.qcow2
>> qemu-img: Could not open 'bar.qcow2': Parameter 'key-secret' is required
>> for cipher
>>
>> The issue is that you have to specify the key secret as a runtime
>> parameter in addition to the creation option. Not only is that a bit
>> cumbersome, but it's also impossible because --image-opts doesn't work
>> for the output image.
>
> Yeah, this is a problem I've not figured out a solutiuon for yet - it
> also affects the previously merged bare luks format code.
>
> Somehow qemu-img needs to know which create options are also required
> to be passed when opening the newly created image.
>
> Perhaps the BlockDriver struct needs a new callback like
>
> bdrv_create_opts_to_runtime_opts(QemuOpts *copts, QemuOpts *ropts);
Yeah, it's tough. For the moment, I'd be fine with qemu-img convert
working at all, though, even if that means having to specify the secret
twice. But I don't know if fixing the --image-opts issue is any easier
-- maybe we can allow image-opts syntax for the targets when -n is
given? Then you'd have to call qemu-img create and qemu-img convert
separately (or call qemu-img convert twice, once without -n (which
successfully creates the image but then fails when trying to open it)
and once without...), but at least there'd be a way to make it work.
I have to admit that I personally wouldn't mind a hack in qemu-img
convert like "copy every option ending in 'key-secret' to the runtime
opts" too much. But I don't know how much that might infuriate some
other people.
It's ugly, yes, but it would work perfectly well for now. I don't think
it would hurt us in the future. If other parameters appear that we have
to copy over, we can still implement the well-engineered solution.
>> The second flaw is also visible above: The parameter is called
>> "luks-key-secret" here, not just "key-secret". The error message should
>> reflect that.
>
> This is hard to fix. The "luks-key-secret" parameter refers to the parameter
> at the block driver level. The error message though is coming from the crypto
> layer whose parameter genuinely is called "key-secret". Fixing it would
> require the block layer to pre-emptively check parmaeters, duplicating what
> the crypto layer does later, which I didn't really like the idea of.
I know that it is hard to fix, but as it stands, the error message
confuses more than it helps. In my opinion, just saying "Key required"
or "key secret must be given" would be better than implying the code
actually knew how the option is called exactly.
Max
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 512 bytes --]
^ permalink raw reply [flat|nested] 47+ messages in thread
* Re: [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support
2017-01-25 16:41 ` Max Reitz
@ 2017-01-25 17:18 ` Daniel P. Berrange
0 siblings, 0 replies; 47+ messages in thread
From: Daniel P. Berrange @ 2017-01-25 17:18 UTC (permalink / raw)
To: Max Reitz; +Cc: qemu-devel, Kevin Wolf, qemu-block
On Wed, Jan 25, 2017 at 05:41:59PM +0100, Max Reitz wrote:
> On 25.01.2017 17:29, Daniel P. Berrange wrote:
> > On Wed, Jan 25, 2017 at 04:58:32PM +0100, Max Reitz wrote:
> >> On 03.01.2017 19:27, Daniel P. Berrange wrote:
> >>> This series is a continuation of previous work to support LUKS in
> >>> QEMU. The existing merged code supports LUKS as a standalone
> >>> driver which can be layered over/under any other QEMU block device
> >>> driver. This works well when using LUKS over protocol drivers (file,
> >>> rbd, iscsi, etc, etc), but has some downsides when combined with
> >>> format drivers like qcow2.
> >>
> >> When trying out whether compressed images are actually encrypted (which
> >> they are not, as I wrote in my last reply to patch 12), I noticed that
> >> the user interface still has some flaws:
> >
> > The original code explicitly forbids this combination
> >
> > "qemu-img: Compression and encryption not supported at the same time"
> >
> > but I guess we lost the error check due to changing to use
> > encryption-format as the option name
>
> Yes, not supporting it is completely fine, but qemu-img should refuse
> that combination then (or at least warn about it).
Yep, I'll make sure the existing error message covers this scenario.
>
> >> One is that you actually can't convert to encrypted images any more, or
> >> if you can, it doesn't seem obvious to me:
> >>
> >> $ ./qemu-img convert -O qcow2 --object secret,id=sec0,data=12345 \
> >> -o encryption-format=luks,luks-key-secret=sec0 \
> >> foo.qcow2 bar.qcow2
> >> qemu-img: Could not open 'bar.qcow2': Parameter 'key-secret' is required
> >> for cipher
> >>
> >> The issue is that you have to specify the key secret as a runtime
> >> parameter in addition to the creation option. Not only is that a bit
> >> cumbersome, but it's also impossible because --image-opts doesn't work
> >> for the output image.
> >
> > Yeah, this is a problem I've not figured out a solutiuon for yet - it
> > also affects the previously merged bare luks format code.
> >
> > Somehow qemu-img needs to know which create options are also required
> > to be passed when opening the newly created image.
> >
> > Perhaps the BlockDriver struct needs a new callback like
> >
> > bdrv_create_opts_to_runtime_opts(QemuOpts *copts, QemuOpts *ropts);
>
> Yeah, it's tough. For the moment, I'd be fine with qemu-img convert
> working at all, though, even if that means having to specify the secret
> twice. But I don't know if fixing the --image-opts issue is any easier
> -- maybe we can allow image-opts syntax for the targets when -n is
> given? Then you'd have to call qemu-img create and qemu-img convert
> separately (or call qemu-img convert twice, once without -n (which
> successfully creates the image but then fails when trying to open it)
> and once without...), but at least there'd be a way to make it work.
>
> I have to admit that I personally wouldn't mind a hack in qemu-img
> convert like "copy every option ending in 'key-secret' to the runtime
> opts" too much. But I don't know how much that might infuriate some
> other people.
>
> It's ugly, yes, but it would work perfectly well for now. I don't think
> it would hurt us in the future. If other parameters appear that we have
> to copy over, we can still implement the well-engineered solution.
This turns out to be pretty trivial to implement. So although it is
a bit ugly, it feels like reasonable approach to take in the short
term.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 47+ messages in thread
end of thread, other threads:[~2017-01-25 17:19 UTC | newest]
Thread overview: 47+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-03 18:27 [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 01/15] block: expose crypto option names / defs to other drivers Daniel P. Berrange
2017-01-03 19:46 ` Eric Blake
2017-01-16 19:42 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 02/15] block: add ability to set a prefix for opt names Daniel P. Berrange
2017-01-16 19:31 ` Max Reitz
2017-01-24 12:15 ` Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 03/15] qcow: document another weakness of qcow AES encryption Daniel P. Berrange
2017-01-16 19:37 ` Max Reitz
2017-01-24 12:11 ` Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 04/15] qcow: require image size to be > 1 for new images Daniel P. Berrange
2017-01-16 19:41 ` Max Reitz
2017-01-24 12:14 ` Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 05/15] iotests: skip 042 with qcow which dosn't support zero sized images Daniel P. Berrange
2017-01-16 19:42 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 06/15] iotests: skip 048 with qcow which doesn't support resize Daniel P. Berrange
2017-01-16 19:48 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 07/15] iotests: fix 097 when run with qcow Daniel P. Berrange
2017-01-16 20:04 ` Max Reitz
2017-01-17 9:59 ` Daniel P. Berrange
2017-01-18 12:44 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 08/15] qcow: make encrypt_sectors encrypt in place Daniel P. Berrange
2017-01-16 20:25 ` Max Reitz
2017-01-24 12:21 ` Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 09/15] qcow: convert QCow to use QCryptoBlock for encryption Daniel P. Berrange
2017-01-16 21:16 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 10/15] qcow2: make qcow2_encrypt_sectors encrypt in place Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 11/15] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
2017-01-18 18:13 ` Max Reitz
2017-01-19 9:39 ` Daniel P. Berrange
2017-01-21 19:07 ` Max Reitz
2017-01-24 12:33 ` Daniel P. Berrange
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 12/15] qcow2: add support for LUKS encryption format Daniel P. Berrange
2017-01-21 18:57 ` Max Reitz
2017-01-24 13:58 ` Daniel P. Berrange
2017-01-25 15:45 ` Max Reitz
2017-01-03 18:27 ` [Qemu-devel] [PATCH v1 13/15] iotests: enable tests 134 and 158 to work with qcow (v1) Daniel P. Berrange
2017-01-21 19:12 ` Max Reitz
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 14/15] block: rip out all traces of password prompting Daniel P. Berrange
2017-01-21 19:17 ` Max Reitz
2017-01-03 18:28 ` [Qemu-devel] [PATCH v1 15/15] block: remove all encryption handling APIs Daniel P. Berrange
2017-01-21 19:22 ` Max Reitz
2017-01-24 12:49 ` Daniel P. Berrange
2017-01-25 15:58 ` [Qemu-devel] [PATCH v1 00/15] Convert QCow[2] to QCryptoBlock & add LUKS support Max Reitz
2017-01-25 16:29 ` Daniel P. Berrange
2017-01-25 16:41 ` Max Reitz
2017-01-25 17:18 ` Daniel P. Berrange
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.