[libvirt] [RFC PATCH 3/4] qemu: domain: Forbid storage with old QCOW2 encryption
Peter Krempa
pkrempa at redhat.com
Tue May 22 14:04:56 UTC 2018
The encryption was buggy and qemu actually dropped it upstream. Forbid
it for all versions since it would cause other problems too.
Problems with the old encryption include weak crypto, corruption of
images with blockjobs and a lot of usability problems.
Replace it with a message hinting that users should convert the image to
e.g. LUKS.
This requires changing of the encryption type for the encrypted disk
tests.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/qemu/qemu_domain.c | 20 ++++++++++++++------
tests/qemuxml2argvdata/encrypted-disk-usage.args | 8 +++++++-
tests/qemuxml2argvdata/encrypted-disk-usage.xml | 2 +-
tests/qemuxml2argvdata/encrypted-disk.args | 8 +++++++-
tests/qemuxml2argvdata/encrypted-disk.xml | 2 +-
tests/qemuxml2argvtest.c | 4 ++--
tests/qemuxml2xmloutdata/encrypted-disk.xml | 2 +-
tests/qemuxml2xmltest.c | 4 ++--
8 files changed, 35 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index d3beee5d87..f64b69cc3d 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -4179,12 +4179,20 @@ qemuDomainValidateStorageSource(virStorageSourcePtr src,
}
if (src->format == VIR_STORAGE_FILE_QCOW2 &&
- src->encryption &&
- src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
- !virQEMUCapsGet(qemuCaps, QEMU_CAPS_QCOW2_LUKS)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("LUKS encrypted QCOW2 images are not suppored by this QEMU"));
- return -1;
+ src->encryption) {
+ if (src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
+ !virQEMUCapsGet(qemuCaps, QEMU_CAPS_QCOW2_LUKS)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("LUKS encrypted QCOW2 images are not suppored by this QEMU"));
+ return -1;
+ }
+
+ if (src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT ||
+ src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_QCOW) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("old QCOW2 encryption is not supported, please convert images"));
+ return -1;
+ }
}
if (src->format == VIR_STORAGE_FILE_FAT &&
diff --git a/tests/qemuxml2argvdata/encrypted-disk-usage.args b/tests/qemuxml2argvdata/encrypted-disk-usage.args
index 8c7ce3d653..32307cea71 100644
--- a/tests/qemuxml2argvdata/encrypted-disk-usage.args
+++ b/tests/qemuxml2argvdata/encrypted-disk-usage.args
@@ -7,6 +7,8 @@ QEMU_AUDIO_DRV=none \
/usr/bin/qemu-system-i686 \
-name encryptdisk \
-S \
+-object secret,id=masterKey0,format=raw,\
+file=/tmp/lib/domain--1-encryptdisk/master-key.aes \
-machine pc,accel=tcg,usb=off,dump-guest-core=off \
-m 1024 \
-smp 1,sockets=1,cores=1,threads=1 \
@@ -22,7 +24,11 @@ path=/tmp/lib/domain--1-encryptdisk/monitor.sock,server,nowait \
-no-acpi \
-boot c \
-usb \
--drive file=/storage/guest_disks/encryptdisk,format=qcow2,if=none,\
+-object secret,id=virtio-disk0-luks-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive file=/storage/guest_disks/encryptdisk,encrypt.format=luks,\
+encrypt.key-secret=virtio-disk0-luks-secret0,format=qcow2,if=none,\
id=drive-virtio-disk0 \
-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
id=virtio-disk0 \
diff --git a/tests/qemuxml2argvdata/encrypted-disk-usage.xml b/tests/qemuxml2argvdata/encrypted-disk-usage.xml
index ad8f17e3df..205283b59d 100644
--- a/tests/qemuxml2argvdata/encrypted-disk-usage.xml
+++ b/tests/qemuxml2argvdata/encrypted-disk-usage.xml
@@ -18,7 +18,7 @@
<driver name='qemu' type='qcow2'/>
<source file='/storage/guest_disks/encryptdisk'/>
<target dev='vda' bus='virtio'/>
- <encryption format='qcow'>
+ <encryption format='luks'>
<secret type='passphrase' usage='/storage/guest_disks/encryptdisk'/>
</encryption>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
diff --git a/tests/qemuxml2argvdata/encrypted-disk.args b/tests/qemuxml2argvdata/encrypted-disk.args
index 8c7ce3d653..32307cea71 100644
--- a/tests/qemuxml2argvdata/encrypted-disk.args
+++ b/tests/qemuxml2argvdata/encrypted-disk.args
@@ -7,6 +7,8 @@ QEMU_AUDIO_DRV=none \
/usr/bin/qemu-system-i686 \
-name encryptdisk \
-S \
+-object secret,id=masterKey0,format=raw,\
+file=/tmp/lib/domain--1-encryptdisk/master-key.aes \
-machine pc,accel=tcg,usb=off,dump-guest-core=off \
-m 1024 \
-smp 1,sockets=1,cores=1,threads=1 \
@@ -22,7 +24,11 @@ path=/tmp/lib/domain--1-encryptdisk/monitor.sock,server,nowait \
-no-acpi \
-boot c \
-usb \
--drive file=/storage/guest_disks/encryptdisk,format=qcow2,if=none,\
+-object secret,id=virtio-disk0-luks-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive file=/storage/guest_disks/encryptdisk,encrypt.format=luks,\
+encrypt.key-secret=virtio-disk0-luks-secret0,format=qcow2,if=none,\
id=drive-virtio-disk0 \
-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
id=virtio-disk0 \
diff --git a/tests/qemuxml2argvdata/encrypted-disk.xml b/tests/qemuxml2argvdata/encrypted-disk.xml
index 391461b200..275724bdaf 100644
--- a/tests/qemuxml2argvdata/encrypted-disk.xml
+++ b/tests/qemuxml2argvdata/encrypted-disk.xml
@@ -18,7 +18,7 @@
<driver name='qemu' type='qcow2'/>
<source file='/storage/guest_disks/encryptdisk'/>
<target dev='vda' bus='virtio'/>
- <encryption format='qcow'>
+ <encryption format='luks'>
<secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
</encryption>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index ee2b0ccff8..860e23f41a 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1631,8 +1631,8 @@ mymain(void)
DO_TEST("cpu-tsc-frequency", QEMU_CAPS_KVM);
qemuTestSetHostCPU(driver.caps, NULL);
- DO_TEST("encrypted-disk", NONE);
- DO_TEST("encrypted-disk-usage", NONE);
+ DO_TEST("encrypted-disk", QEMU_CAPS_QCOW2_LUKS, QEMU_CAPS_OBJECT_SECRET);
+ DO_TEST("encrypted-disk-usage", QEMU_CAPS_QCOW2_LUKS, QEMU_CAPS_OBJECT_SECRET);
# ifdef WITH_GNUTLS
DO_TEST("luks-disks", QEMU_CAPS_OBJECT_SECRET);
DO_TEST("luks-disks-source", QEMU_CAPS_OBJECT_SECRET);
diff --git a/tests/qemuxml2xmloutdata/encrypted-disk.xml b/tests/qemuxml2xmloutdata/encrypted-disk.xml
index 45b9fcca55..3c9d2fbafc 100644
--- a/tests/qemuxml2xmloutdata/encrypted-disk.xml
+++ b/tests/qemuxml2xmloutdata/encrypted-disk.xml
@@ -18,7 +18,7 @@
<driver name='qemu' type='qcow2'/>
<source file='/storage/guest_disks/encryptdisk'/>
<target dev='vda' bus='virtio'/>
- <encryption format='qcow'>
+ <encryption format='luks'>
<secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
</encryption>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index 5755800dcf..2610dfe086 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -480,8 +480,8 @@ mymain(void)
DO_TEST("pci-rom-disabled-invalid", NONE);
DO_TEST("pci-serial-dev-chardev", NONE);
- DO_TEST("encrypted-disk", NONE);
- DO_TEST("encrypted-disk-usage", NONE);
+ DO_TEST("encrypted-disk", QEMU_CAPS_QCOW2_LUKS);
+ DO_TEST("encrypted-disk-usage", QEMU_CAPS_QCOW2_LUKS);
DO_TEST("luks-disks", NONE);
DO_TEST("luks-disks-source", NONE);
DO_TEST("memtune", NONE);
--
2.16.2
More information about the libvir-list
mailing list