[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH 9/9] Add support for qcow encrypted volumes to qemu.



---
 src/qemu_driver.c |   51 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 50 insertions(+), 1 deletions(-)

diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 9ead5fd..b57db31 100644
--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -2172,10 +2172,59 @@ qemudMonitorCommand(const virDomainObjPtr vm,
 }
 
 static int
+qemudMonitorSendVolumePassphrase(const virDomainObjPtr vm,
+                                 const char *buf,
+                                 const char *prompt,
+                                 void *data ATTRIBUTE_UNUSED)
+{
+    const char *path;
+    size_t path_len;
+    int i;
+
+    /* The complete prompt looks like this:
+           ide0-hd0 (/path/to/volume) is encrypted.
+           Password:
+       prompt starts with ") is encrypted".  Extract /path/to/volume. */
+    for (path = prompt; path > buf && path[-1] != '('; path-- )
+        ;
+    if (path == buf)
+        return -1;
+    path_len = prompt - path;
+
+    for (i = 0; i < vm->def->ndisks; i++) {
+        virDomainDiskDefPtr disk;
+
+        disk = vm->def->disks[i];
+        if (disk->src != NULL && memcmp(disk->src, path, path_len) == 0 &&
+            disk->src[path_len] == '\0' &&
+            disk->encryption != NULL &&
+            disk->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_QCOW) {
+            const char *passphrase;
+
+            passphrase = disk->encryption->v.qcow.passphrase;
+            if (passphrase != NULL) {
+                size_t passphrase_len;
+
+                passphrase_len = strlen(passphrase);
+                if (safewrite(vm->monitor, passphrase, passphrase_len) !=
+                    passphrase_len)
+                    return -1;
+                if (safewrite(vm->monitor, "\r", 1) != 1)
+                    return -1;
+                return 0;
+            }
+        }
+    }
+    return -1;
+}
+
+static int
 qemudMonitorSendCont(const virDomainObjPtr vm) {
     char *reply;
 
-    if (qemudMonitorCommand(vm, "cont", &reply) < 0)
+    if (qemudMonitorCommandWithHandler(vm, "cont", ") is encrypted.",
+                                       qemudMonitorSendVolumePassphrase,
+                                       NULL, &reply) < 0)
         return -1;
     qemudDebug ("%s: cont reply: %s", vm->def->name, info);
     VIR_FREE(reply);
-- 
1.6.2.5


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]