From: Maxim Levitsky <mlevitsk@redhat.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>,
qemu-block@nongnu.org, qemu-devel@nongnu.org,
Max Reitz <mreitz@redhat.com>, John Snow <jsnow@redhat.com>,
Markus Armbruster <armbru@redhat.com>
Subject: Re: [PATCH 02/13] qcrypto-luks: implement encryption key management
Date: Thu, 30 Jan 2020 14:58:48 +0200 [thread overview]
Message-ID: <d05d9eadcf5bc9173bd5d24d09a0e168a268b015.camel@redhat.com> (raw)
In-Reply-To: <20200128172129.GV1446339@redhat.com>
On Tue, 2020-01-28 at 17:21 +0000, Daniel P. Berrangé wrote:
> On Tue, Jan 14, 2020 at 09:33:39PM +0200, Maxim Levitsky wrote:
> > Next few patches will expose that functionality
> > to the user.
> >
> > Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
> > ---
> > crypto/block-luks.c | 374 +++++++++++++++++++++++++++++++++++++++++++-
> > qapi/crypto.json | 50 +++++-
> > 2 files changed, 421 insertions(+), 3 deletions(-)
> >
> > diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> > index 4861db810c..349e95fed3 100644
> > --- a/crypto/block-luks.c
> > +++ b/crypto/block-luks.c
> > @@ -32,6 +32,7 @@
> > #include "qemu/uuid.h"
> >
> > #include "qemu/coroutine.h"
> > +#include "qemu/bitmap.h"
> >
> > /*
> > * Reference for the LUKS format implemented here is
> > @@ -70,6 +71,9 @@ typedef struct QCryptoBlockLUKSKeySlot QCryptoBlockLUKSKeySlot;
> >
> > #define QCRYPTO_BLOCK_LUKS_SECTOR_SIZE 512LL
> >
> > +#define QCRYPTO_BLOCK_LUKS_DEFAULT_ITER_TIME_MS 2000
> > +#define QCRYPTO_BLOCK_LUKS_ERASE_ITERATIONS 40
> > +
> > static const char qcrypto_block_luks_magic[QCRYPTO_BLOCK_LUKS_MAGIC_LEN] = {
> > 'L', 'U', 'K', 'S', 0xBA, 0xBE
> > };
> > @@ -219,6 +223,9 @@ struct QCryptoBlockLUKS {
> >
> > /* Hash algorithm used in pbkdf2 function */
> > QCryptoHashAlgorithm hash_alg;
> > +
> > + /* Name of the secret that was used to open the image */
> > + char *secret;
> > };
> >
> >
> > @@ -1069,6 +1076,112 @@ qcrypto_block_luks_find_key(QCryptoBlock *block,
> > return -1;
> > }
> >
> > +/*
> > + * Returns true if a slot i is marked as active
> > + * (contains encrypted copy of the master key)
> > + */
> > +static bool
> > +qcrypto_block_luks_slot_active(const QCryptoBlockLUKS *luks,
> > + unsigned int slot_idx)
> > +{
> > + uint32_t val = luks->header.key_slots[slot_idx].active;
> > + return val == QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED;
> > +}
> > +
> > +/*
> > + * Returns the number of slots that are marked as active
> > + * (slots that contain encrypted copy of the master key)
> > + */
> > +static unsigned int
> > +qcrypto_block_luks_count_active_slots(const QCryptoBlockLUKS *luks)
> > +{
> > + size_t i = 0;
> > + unsigned int ret = 0;
> > +
> > + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> > + if (qcrypto_block_luks_slot_active(luks, i)) {
> > + ret++;
> > + }
> > + }
> > + return ret;
> > +}
> > +
> > +/*
> > + * Finds first key slot which is not active
> > + * Returns the key slot index, or -1 if it doesn't exist
> > + */
> > +static int
> > +qcrypto_block_luks_find_free_keyslot(const QCryptoBlockLUKS *luks)
> > +{
> > + size_t i;
> > +
> > + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> > + if (!qcrypto_block_luks_slot_active(luks, i)) {
> > + return i;
> > + }
> > + }
> > + return -1;
> > +
> > +}
> > +
> > +/*
> > + * Erases an keyslot given its index
> > + * Returns:
> > + * 0 if the keyslot was erased successfully
> > + * -1 if a error occurred while erasing the keyslot
> > + *
> > + */
> > +static int
> > +qcrypto_block_luks_erase_key(QCryptoBlock *block,
> > + unsigned int slot_idx,
> > + QCryptoBlockWriteFunc writefunc,
> > + void *opaque,
> > + Error **errp)
> > +{
> > + QCryptoBlockLUKS *luks = block->opaque;
> > + QCryptoBlockLUKSKeySlot *slot = &luks->header.key_slots[slot_idx];
> > + g_autofree uint8_t *garbagesplitkey = NULL;
> > + size_t splitkeylen = luks->header.master_key_len * slot->stripes;
> > + size_t i;
> > +
> > + assert(slot_idx < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS);
> > + assert(splitkeylen > 0);
> > +
> > + garbagesplitkey = g_new0(uint8_t, splitkeylen);
> > +
> > + /* Reset the key slot header */
> > + memset(slot->salt, 0, QCRYPTO_BLOCK_LUKS_SALT_LEN);
> > + slot->iterations = 0;
> > + slot->active = QCRYPTO_BLOCK_LUKS_KEY_SLOT_DISABLED;
> > +
> > + qcrypto_block_luks_store_header(block, writefunc, opaque, errp);
> > +
> > + /*
> > + * Now try to erase the key material, even if the header
> > + * update failed
> > + */
> > + for (i = 0; i < QCRYPTO_BLOCK_LUKS_ERASE_ITERATIONS; i++) {
> > + if (qcrypto_random_bytes(garbagesplitkey, splitkeylen, errp) < 0) {
> > + /*
> > + * If we failed to get the random data, still write
> > + * at least zeros to the key slot at least once
> > + */
> > + if (i > 0) {
> > + return -1;
> > + }
> > + }
> > +
> > + if (writefunc(block,
> > + slot->key_offset_sector * QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
> > + garbagesplitkey,
> > + splitkeylen,
> > + opaque,
> > + errp) != splitkeylen) {
> > + return -1;
> > + }
> > + }
> > + return 0;
> > +}
> >
> > static int
> > qcrypto_block_luks_open(QCryptoBlock *block,
> > @@ -1099,6 +1212,7 @@ qcrypto_block_luks_open(QCryptoBlock *block,
> >
> > luks = g_new0(QCryptoBlockLUKS, 1);
> > block->opaque = luks;
> > + luks->secret = g_strdup(options->u.luks.key_secret);
> >
> > if (qcrypto_block_luks_load_header(block, readfunc, opaque, errp) < 0) {
> > goto fail;
> > @@ -1164,6 +1278,7 @@ qcrypto_block_luks_open(QCryptoBlock *block,
> > fail:
> > qcrypto_block_free_cipher(block);
> > qcrypto_ivgen_free(block->ivgen);
> > + g_free(luks->secret);
> > g_free(luks);
> > return -1;
> > }
> > @@ -1204,7 +1319,7 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> >
> > memcpy(&luks_opts, &options->u.luks, sizeof(luks_opts));
> > if (!luks_opts.has_iter_time) {
> > - luks_opts.iter_time = 2000;
> > + luks_opts.iter_time = QCRYPTO_BLOCK_LUKS_DEFAULT_ITER_TIME_MS;
> > }
> > if (!luks_opts.has_cipher_alg) {
> > luks_opts.cipher_alg = QCRYPTO_CIPHER_ALG_AES_256;
> > @@ -1244,6 +1359,8 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> > optprefix ? optprefix : "");
> > goto error;
> > }
> > + luks->secret = g_strdup(options->u.luks.key_secret);
> > +
> > password = qcrypto_secret_lookup_as_utf8(luks_opts.key_secret, errp);
> > if (!password) {
> > goto error;
> > @@ -1471,10 +1588,260 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> > qcrypto_block_free_cipher(block);
> > qcrypto_ivgen_free(block->ivgen);
> >
> > + g_free(luks->secret);
> > g_free(luks);
> > return -1;
> > }
> >
> > +/*
> > + * Given LUKSKeyslotUpdate command, return @slots_bitmap with all slots
> > + * that will be updated with new password (or erased)
> > + * returns number of affected slots
> > + */
> > +static int qcrypto_block_luks_get_slots_bitmap(QCryptoBlock *block,
> > + QCryptoBlockReadFunc readfunc,
> > + void *opaque,
> > + const LUKSKeyslotUpdate *command,
> > + unsigned long *slots_bitmap,
> > + Error **errp)
> > +{
> > + const QCryptoBlockLUKS *luks = block->opaque;
> > + size_t i;
> > + int ret = 0;
> > +
> > + if (command->has_keyslot) {
> > + /* keyslot set, select only this keyslot */
> > + int keyslot = command->keyslot;
> > +
> > + if (keyslot < 0 || keyslot >= QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS) {
> > + error_setg(errp,
> > + "Invalid slot %u specified, must be between 0 and %u",
> > + keyslot, QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS - 1);
> > + goto error;
> > + }
> > + bitmap_set(slots_bitmap, keyslot, 1);
> > + ret++;
> > +
> > + } else if (command->has_old_secret) {
> > + /* initially select all active keyslots */
> > + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> > + if (qcrypto_block_luks_slot_active(luks, i)) {
> > + bitmap_set(slots_bitmap, i, 1);
> > + ret++;
> > + }
> > + }
> > + } else {
> > + /* find a free keyslot */
> > + int slot = qcrypto_block_luks_find_free_keyslot(luks);
> > +
> > + if (slot == -1) {
> > + error_setg(errp,
> > + "Can't add a keyslot - all key slots are in use");
> > + goto error;
> > + }
> > + bitmap_set(slots_bitmap, slot, 1);
> > + ret++;
> > + }
> > +
> > + if (command->has_old_secret) {
> > + /* now deselect all keyslots that don't contain the password */
> > + g_autofree uint8_t *tmpkey = g_new0(uint8_t,
> > + luks->header.master_key_len);
> > +
> > + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> > + g_autofree char *old_password = NULL;
> > + int rv;
> > +
> > + if (!test_bit(i, slots_bitmap)) {
> > + continue;
> > + }
> > +
> > + old_password = qcrypto_secret_lookup_as_utf8(command->old_secret,
> > + errp);
> > + if (!old_password) {
> > + goto error;
> > + }
> > +
> > + rv = qcrypto_block_luks_load_key(block,
> > + i,
> > + old_password,
> > + tmpkey,
> > + readfunc,
> > + opaque,
> > + errp);
> > + if (rv == -1)
> > + goto error;
> > + else if (rv == 0) {
> > + bitmap_clear(slots_bitmap, i, 1);
> > + ret--;
> > + }
> > + }
> > + }
> > + return ret;
> > +error:
> > + return -1;
> > +}
> > +
> > +/*
> > + * Apply a single keyslot update command as described in @command
> > + * Optionally use @unlock_secret to retrieve the master key
> > + */
> > +static int
> > +qcrypto_block_luks_apply_keyslot_update(QCryptoBlock *block,
> > + QCryptoBlockReadFunc readfunc,
> > + QCryptoBlockWriteFunc writefunc,
> > + void *opaque,
> > + LUKSKeyslotUpdate *command,
> > + const char *unlock_secret,
> > + uint8_t **master_key,
> > + bool force,
> > + Error **errp)
> > +{
> > + QCryptoBlockLUKS *luks = block->opaque;
> > + g_autofree unsigned long *slots_bitmap = NULL;
> > + int64_t iter_time = QCRYPTO_BLOCK_LUKS_DEFAULT_ITER_TIME_MS;
> > + int slot_count;
> > + size_t i;
> > + char *new_password;
> > + bool erasing;
> > +
> > + slots_bitmap = bitmap_new(QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS);
> > + slot_count = qcrypto_block_luks_get_slots_bitmap(block, readfunc, opaque,
> > + command, slots_bitmap,
> > + errp);
> > + if (slot_count == -1) {
> > + goto error;
> > + }
> > + /* no matching slots, so nothing to do */
> > + if (slot_count == 0) {
> > + error_setg(errp, "Requested operation didn't match any slots");
> > + goto error;
> > + }
> > + /*
> > + * slot is erased when the password is set to null, or empty string
> > + * (for compatibility with command line)
> > + */
> > + erasing = command->new_secret->type == QTYPE_QNULL ||
> > + strlen(command->new_secret->u.s) == 0;
> > +
> > + /* safety checks */
> > + if (!force) {
> > + if (erasing) {
> > + if (slot_count == qcrypto_block_luks_count_active_slots(luks)) {
> > + error_setg(errp,
> > + "Requested operation will erase all active keyslots"
> > + " which will erase all the data in the image"
> > + " irreversibly - refusing operation");
> > + goto error;
> > + }
> > + } else {
> > + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> > + if (!test_bit(i, slots_bitmap)) {
> > + continue;
> > + }
> > + if (qcrypto_block_luks_slot_active(luks, i)) {
> > + error_setg(errp,
> > + "Refusing to overwrite active slot %zu - "
> > + "please erase it first", i);
> > + goto error;
> > + }
> > + }
> > + }
> > + }
> > +
> > + /* setup the data needed for storing the new keyslot */
> > + if (!erasing) {
> > + /* Load the master key if it wasn't already loaded */
> > + if (!*master_key) {
> > + g_autofree char *old_password;
> > + old_password = qcrypto_secret_lookup_as_utf8(unlock_secret, errp);
> > + if (!old_password) {
> > + goto error;
> > + }
> > + *master_key = g_new0(uint8_t, luks->header.master_key_len);
> > +
> > + if (qcrypto_block_luks_find_key(block, old_password, *master_key,
> > + readfunc, opaque, errp) < 0) {
> > + error_append_hint(errp, "Failed to retrieve the master key");
> > + goto error;
> > + }
> > + }
> > + new_password = qcrypto_secret_lookup_as_utf8(command->new_secret->u.s,
> > + errp);
> > + if (!new_password) {
> > + goto error;
> > + }
> > + if (command->has_iter_time) {
> > + iter_time = command->iter_time;
> > + }
> > + }
> > +
> > + /* new apply the update */
> > + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> > + if (!test_bit(i, slots_bitmap)) {
> > + continue;
> > + }
> > + if (erasing) {
> > + if (qcrypto_block_luks_erase_key(block, i,
> > + writefunc,
> > + opaque,
> > + errp)) {
> > + error_append_hint(errp, "Failed to erase keyslot %zu", i);
> > + goto error;
> > + }
> > + } else {
> > + if (qcrypto_block_luks_store_key(block, i,
> > + new_password,
> > + *master_key,
> > + iter_time,
> > + writefunc,
> > + opaque,
> > + errp)) {
> > + error_append_hint(errp, "Failed to write to keyslot %zu", i);
> > + goto error;
> > + }
> > + }
> > + }
> > + return 0;
> > +error:
> > + return -EINVAL;
> > +}
>
> I feel the this method is confusing from trying to handle both
> adding and erasing keyslots....
>
>
> > +
> > +static int
> > +qcrypto_block_luks_amend_options(QCryptoBlock *block,
> > + QCryptoBlockReadFunc readfunc,
> > + QCryptoBlockWriteFunc writefunc,
> > + void *opaque,
> > + QCryptoBlockAmendOptions *options,
> > + bool force,
> > + Error **errp)
> > +{
> > + QCryptoBlockLUKS *luks = block->opaque;
> > + QCryptoBlockAmendOptionsLUKS *options_luks = &options->u.luks;
> > + LUKSKeyslotUpdateList *ptr;
> > + g_autofree uint8_t *master_key = NULL;
> > + int ret;
> > +
> > + char *unlock_secret = options_luks->has_unlock_secret ?
> > + options_luks->unlock_secret :
> > + luks->secret;
> > +
> > + for (ptr = options_luks->keys; ptr; ptr = ptr->next) {
> > + ret = qcrypto_block_luks_apply_keyslot_update(block, readfunc,
> > + writefunc, opaque,
> > + ptr->value,
> > + unlock_secret,
> > + &master_key,
> > + force, errp);
>
> .... imho we sould do
>
> bool erasing = command->new_secret->type == QTYPE_QNULL;
>
> if (erasing) {
> ret = qcrypto_block_luks_disable_keyslot(block, readfunc,
> writefunc, opaque,
> ptr->value,
> unlock_secret,
> &master_key,
> force, errp);
> } else {
> ret = qcrypto_block_luks_enable_keyslot(block, readfunc,
> writefunc, opaque,
> ptr->value,
> unlock_secret,
> &master_key,
> force, errp);
> }
I implemented something like that now, I'll send this in next version of the patches.
>
> > +
> > + if (ret != 0) {
> > + goto error;
> > + }
> > + }
> > + return 0;
> > +error:
> > + return -1;
> > +}
>
> If there's no code to run in the 'error' label, then we should just
> get rid of it and 'return -1' instead of "goto error"
Old habit. Fixed now.
>
> >
> > static int qcrypto_block_luks_get_info(QCryptoBlock *block,
> > QCryptoBlockInfo *info,
> > @@ -1523,7 +1890,9 @@ static int qcrypto_block_luks_get_info(QCryptoBlock *block,
> >
> > static void qcrypto_block_luks_cleanup(QCryptoBlock *block)
> > {
> > - g_free(block->opaque);
> > + QCryptoBlockLUKS *luks = block->opaque;
> > + g_free(luks->secret);
>
> Check if "luks" is non-NULL for robustness in early failure scenarios
100% agree. Fixed.
>
> > + g_free(luks);
> > }
> >
>
> Regards,
> Daniel
Thanks for the review,
Best regards,
Maxim Levitsky
next prev parent reply other threads:[~2020-01-30 13:00 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-14 19:33 [PATCH 00/13] LUKS: encryption slot management using amend interface Maxim Levitsky
2020-01-14 19:33 ` [PATCH 01/13] qcrypto: add generic infrastructure for crypto options amendment Maxim Levitsky
2020-01-28 16:59 ` Daniel P. Berrangé
2020-01-29 17:49 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 02/13] qcrypto-luks: implement encryption key management Maxim Levitsky
2020-01-21 7:54 ` Markus Armbruster
2020-01-21 13:13 ` Maxim Levitsky
2020-01-28 17:11 ` Daniel P. Berrangé
2020-01-28 17:32 ` Daniel P. Berrangé
2020-01-29 17:54 ` Maxim Levitsky
2020-01-30 12:38 ` Kevin Wolf
2020-01-30 12:53 ` Daniel P. Berrangé
2020-01-30 14:23 ` Kevin Wolf
2020-01-30 14:30 ` Daniel P. Berrangé
2020-01-30 14:53 ` Markus Armbruster
2020-01-30 14:47 ` Markus Armbruster
2020-01-30 15:01 ` Daniel P. Berrangé
2020-01-30 16:37 ` Markus Armbruster
2020-02-05 8:24 ` Markus Armbruster
2020-02-05 9:30 ` Kevin Wolf
2020-02-05 10:03 ` Markus Armbruster
2020-02-05 11:02 ` Kevin Wolf
2020-02-05 14:31 ` Markus Armbruster
2020-02-06 13:44 ` Markus Armbruster
2020-02-06 13:49 ` Daniel P. Berrangé
2020-02-06 14:20 ` Max Reitz
2020-02-05 10:23 ` Daniel P. Berrangé
2020-02-05 14:31 ` Markus Armbruster
2020-02-06 13:20 ` Markus Armbruster
2020-02-06 13:36 ` Daniel P. Berrangé
2020-02-06 14:25 ` Kevin Wolf
2020-02-06 15:19 ` Markus Armbruster
2020-02-06 15:23 ` Maxim Levitsky
2020-01-30 15:45 ` Maxim Levitsky
2020-01-28 17:21 ` Daniel P. Berrangé
2020-01-30 12:58 ` Maxim Levitsky [this message]
2020-02-15 14:51 ` QAPI schema for desired state of LUKS keyslots (was: [PATCH 02/13] qcrypto-luks: implement encryption key management) Markus Armbruster
2020-02-16 8:05 ` Maxim Levitsky
2020-02-17 6:45 ` QAPI schema for desired state of LUKS keyslots Markus Armbruster
2020-02-17 8:19 ` Maxim Levitsky
2020-02-17 10:37 ` QAPI schema for desired state of LUKS keyslots (was: [PATCH 02/13] qcrypto-luks: implement encryption key management) Kevin Wolf
2020-02-17 11:07 ` Maxim Levitsky
2020-02-24 14:46 ` Daniel P. Berrangé
2020-02-24 14:50 ` Maxim Levitsky
2020-02-17 12:28 ` QAPI schema for desired state of LUKS keyslots Markus Armbruster
2020-02-17 12:44 ` Eric Blake
2020-02-24 14:43 ` Daniel P. Berrangé
2020-02-24 14:45 ` QAPI schema for desired state of LUKS keyslots (was: [PATCH 02/13] qcrypto-luks: implement encryption key management) Daniel P. Berrangé
2020-02-25 12:15 ` Max Reitz
2020-02-25 16:48 ` QAPI schema for desired state of LUKS keyslots Markus Armbruster
2020-02-25 17:00 ` Max Reitz
2020-02-26 7:28 ` Markus Armbruster
2020-02-26 9:18 ` Maxim Levitsky
2020-02-25 17:18 ` Daniel P. Berrangé
2020-03-03 9:18 ` QAPI schema for desired state of LUKS keyslots (was: [PATCH 02/13] qcrypto-luks: implement encryption key management) Maxim Levitsky
2020-03-05 12:15 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 03/13] block: amend: add 'force' option Maxim Levitsky
2020-01-14 19:33 ` [PATCH 04/13] block: amend: separate amend and create options for qemu-img Maxim Levitsky
2020-01-28 17:23 ` Daniel P. Berrangé
2020-01-30 15:54 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 05/13] block/crypto: rename two functions Maxim Levitsky
2020-01-14 19:33 ` [PATCH 06/13] block/crypto: implement the encryption key management Maxim Levitsky
2020-01-28 17:27 ` Daniel P. Berrangé
2020-01-30 16:08 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 07/13] qcow2: extend qemu-img amend interface with crypto options Maxim Levitsky
2020-01-28 17:30 ` Daniel P. Berrangé
2020-01-30 16:09 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 08/13] iotests: filter few more luks specific create options Maxim Levitsky
2020-01-28 17:36 ` Daniel P. Berrangé
2020-01-30 16:12 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 09/13] qemu-iotests: qemu-img tests for luks key management Maxim Levitsky
2020-01-14 19:33 ` [PATCH 10/13] block: add generic infrastructure for x-blockdev-amend qmp command Maxim Levitsky
2020-01-21 7:59 ` Markus Armbruster
2020-01-21 13:58 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 11/13] block/crypto: implement blockdev-amend Maxim Levitsky
2020-01-28 17:40 ` Daniel P. Berrangé
2020-01-30 16:24 ` Maxim Levitsky
2020-01-14 19:33 ` [PATCH 12/13] block/qcow2: " Maxim Levitsky
2020-01-28 17:41 ` Daniel P. Berrangé
2020-01-14 19:33 ` [PATCH 13/13] iotests: add tests for blockdev-amend Maxim Levitsky
2020-01-14 21:16 ` [PATCH 00/13] LUKS: encryption slot management using amend interface no-reply
2020-01-16 14:01 ` Maxim Levitsky
2020-01-14 21:17 ` no-reply
2020-01-16 14:19 ` Maxim Levitsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d05d9eadcf5bc9173bd5d24d09a0e168a268b015.camel@redhat.com \
--to=mlevitsk@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=jsnow@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).