[libvirt] [PATCH 15/20] Provide missing passphrase when creating a volume.

Tue Sep 1 15:49:14 UTC 2009

----- "Daniel P. Berrange" <berrange at redhat.com> wrote:
> On Thu, Aug 20, 2009 at 08:18:13PM +0200, Miloslav Trma?? wrote:
> > If the <encryption format='qcow'> element does not specify a secret
> > during volume creation, generate a suitable secret and add it to the
> > <encryption> tag.  The caller can view the updated <encryption> tag
> > using virStorageVolGetXMLDesc().
> > 
> > Similarly, when <encryption format='default'/> is specified while
> > creating a qcow or qcow2-formatted volume, change the format to "qcow"
> > and generate a secret as described above.

> > +    virBufferAddLit(&buf, "<secret ephemeral='no' private='no'>");
> > +    /* <uuid/> is chosen by the secret driver */
> > +    virBufferEscapeString(&buf,
> > +                          "<description>qcow passphrase for %s</description>",
> > +                          vol->target.path);
> > +    virBufferEscapeString(&buf, "<volume>%s</volume>", vol->target.path);
> > +    virBufferAddLit(&buf, "</secret>");
> > +    if (virBufferError(&buf)) {
> > +        virReportOOMError(conn);
> > +        goto cleanup;
> > +    }
> > +    xml = virBufferContentAndReset(&buf);
> 
> This is the first place where we should be just calling into an
> internal  secret_conf.h  API for formatting XML from a struct,
> rather than duplicating the XML formatting.
OK.

> > +    /* A qcow passphrase is up to 16 bytes, with any data following a NUL
> > +       ignored.  Prohibit control and non-ASCII characters to avoid possible
> > +       unpleasant surprises with the qemu monitor input mechanism. */
> > +    fd = open("/dev/urandom", O_RDONLY);
> > +    if (fd < 0) {
> > +        virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
> > +                              _("Cannot open /dev/urandom"));
> > +        goto cleanup;
> > +    }
> > +    i = 0;
> > +    while (i < sizeof (value)) {
> > +        ssize_t r;
> > +
> > +        while ((r = read(fd, value + i, 1)) == -1 && errno == EINTR)
> > +            ;
> > +        if (r <= 0) {
> > +            virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
> > +                                  _("Cannot read from /dev/urandom"));
> > +            goto cleanup;
> > +        }
> > +        if (value[i] >= 0x20 && value[i] <= 0x7E)
> > +            i++; /* Got an acceptable character */
> > +    }
> > +    close(fd);
> 
> I reckon this snippet of code could usefully be put into the util.h file
> as virFileGenerateRandomkey(), or alternatively perhaps secret_conf.h, 
> as virSecretGenerateRandomKey(unsigned char *buf, size_t buflen);
This code, with its limitation to ASCII characters, is qcow/qemu-specific.
    Mirek