On Fri, Jan 23, 2015 at 01:35:26PM +0100, Ján Tomko wrote:

After the 8-byte size header, there are two one-byte headers and two bytes of padding before the crypt_header field.

Our QCOW1_HDR_CRYPT constant did not skip the padding. http://git.qemu.org/?p=qemu.git;a=blob;f=block/qcow.c;h=ece22697#l41

https://bugzilla.redhat.com/show_bug.cgi?id=1185165 --- src/util/virstoragefile.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index 7a4f9a0..8568ebb 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -161,7 +161,7 @@ qedGetBackingStore(char **, int *, const char *, size_t); #define QCOWX_HDR_BACKING_FILE_SIZE (QCOWX_HDR_BACKING_FILE_OFFSET+8) #define QCOWX_HDR_IMAGE_SIZE (QCOWX_HDR_BACKING_FILE_SIZE+4+4)

-#define QCOW1_HDR_CRYPT (QCOWX_HDR_IMAGE_SIZE+8+1+1) +#define QCOW1_HDR_CRYPT (QCOWX_HDR_IMAGE_SIZE+8+1+1+2) #define QCOW2_HDR_CRYPT (QCOWX_HDR_IMAGE_SIZE+8)

#define QCOW1_HDR_TOTAL_SIZE (QCOW1_HDR_CRYPT+4+8)

ACK I guess we can see how many people use qcow1 encryption. Zero :-) Which is good, because it is just as awful & insecure as qcow2 encryption and so should never be used :-) Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|