* [Qemu-devel] [PATCH] qcow2: don't permit changing encryption parameters
@ 2017-11-03 14:39 Daniel P. Berrange
2017-11-03 17:56 ` Eric Blake
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Daniel P. Berrange @ 2017-11-03 14:39 UTC (permalink / raw)
To: qemu-devel; +Cc: qemu-block, Kevin Wolf, Max Reitz, Daniel P. Berrange
Currently if trying to change encryption parameters on a qcow2 image, qemu-img
will abort. We already explicitly check for attempt to change encrypt.format
but missed other parameters like encrypt.key-secret. Rather than list each
parameter, just blacklist changing of all parameters with a 'encrypt.' prefix.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qcow2.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/block/qcow2.c b/block/qcow2.c
index 92cb9f9bfa..8edf8ac3c7 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -4062,6 +4062,9 @@ static int qcow2_amend_options(BlockDriverState *bs, QemuOpts *opts,
error_report("Changing the encryption format is not supported");
return -ENOTSUP;
}
+ } else if (g_str_has_prefix(desc->name, "encrypt.")) {
+ error_report("Changing the encryption parameters is not supported");
+ return -ENOTSUP;
} else if (!strcmp(desc->name, BLOCK_OPT_CLUSTER_SIZE)) {
cluster_size = qemu_opt_get_size(opts, BLOCK_OPT_CLUSTER_SIZE,
cluster_size);
--
2.13.6
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH] qcow2: don't permit changing encryption parameters
2017-11-03 14:39 [Qemu-devel] [PATCH] qcow2: don't permit changing encryption parameters Daniel P. Berrange
@ 2017-11-03 17:56 ` Eric Blake
2017-11-06 15:27 ` [Qemu-devel] [Qemu-block] " Alberto Garcia
2017-11-08 11:43 ` [Qemu-devel] " Kevin Wolf
2 siblings, 0 replies; 4+ messages in thread
From: Eric Blake @ 2017-11-03 17:56 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block, Max Reitz
[-- Attachment #1: Type: text/plain, Size: 684 bytes --]
On 11/03/2017 09:39 AM, Daniel P. Berrange wrote:
> Currently if trying to change encryption parameters on a qcow2 image, qemu-img
> will abort. We already explicitly check for attempt to change encrypt.format
> but missed other parameters like encrypt.key-secret. Rather than list each
> parameter, just blacklist changing of all parameters with a 'encrypt.' prefix.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> block/qcow2.c | 3 +++
> 1 file changed, 3 insertions(+)
Reviewed-by: Eric Blake <eblake@redhat.com>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 619 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [Qemu-block] [PATCH] qcow2: don't permit changing encryption parameters
2017-11-03 14:39 [Qemu-devel] [PATCH] qcow2: don't permit changing encryption parameters Daniel P. Berrange
2017-11-03 17:56 ` Eric Blake
@ 2017-11-06 15:27 ` Alberto Garcia
2017-11-08 11:43 ` [Qemu-devel] " Kevin Wolf
2 siblings, 0 replies; 4+ messages in thread
From: Alberto Garcia @ 2017-11-06 15:27 UTC (permalink / raw)
To: Daniel P. Berrange, qemu-devel; +Cc: Kevin Wolf, qemu-block, Max Reitz
On Fri 03 Nov 2017 03:39:02 PM CET, Daniel P. Berrange wrote:
> Currently if trying to change encryption parameters on a qcow2 image, qemu-img
> will abort. We already explicitly check for attempt to change encrypt.format
> but missed other parameters like encrypt.key-secret. Rather than list each
> parameter, just blacklist changing of all parameters with a 'encrypt.' prefix.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Berto
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH] qcow2: don't permit changing encryption parameters
2017-11-03 14:39 [Qemu-devel] [PATCH] qcow2: don't permit changing encryption parameters Daniel P. Berrange
2017-11-03 17:56 ` Eric Blake
2017-11-06 15:27 ` [Qemu-devel] [Qemu-block] " Alberto Garcia
@ 2017-11-08 11:43 ` Kevin Wolf
2 siblings, 0 replies; 4+ messages in thread
From: Kevin Wolf @ 2017-11-08 11:43 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: qemu-devel, qemu-block, Max Reitz
Am 03.11.2017 um 15:39 hat Daniel P. Berrange geschrieben:
> Currently if trying to change encryption parameters on a qcow2 image, qemu-img
> will abort. We already explicitly check for attempt to change encrypt.format
> but missed other parameters like encrypt.key-secret. Rather than list each
> parameter, just blacklist changing of all parameters with a 'encrypt.' prefix.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Thanks, applied to the block branch.
Kevin
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-11-08 11:43 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-11-03 14:39 [Qemu-devel] [PATCH] qcow2: don't permit changing encryption parameters Daniel P. Berrange
2017-11-03 17:56 ` Eric Blake
2017-11-06 15:27 ` [Qemu-devel] [Qemu-block] " Alberto Garcia
2017-11-08 11:43 ` [Qemu-devel] " Kevin Wolf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.