[libvirt] [PATCH v3 00/10] Storage encryption adjustments
v2: https://www.redhat.com/archives/libvir-list/2018-May/msg01268.html Try #3 - this time since Peter removed support for qcow encrypted volumes for domains, I'm taking the same approach for storage. This is totally different from the previous approach which tried to actually create a qcow2 encrypted volume. This time slowly extricate the qcow2 encryption support from the storage driver - at least anything that can have a result via qemu-img. Additionally, added some more luks tests and added the capability to create a luks encrypted volume from a raw image using the two step process that was part of v2. John Ferlan (10): storage: Don't allow encryption secretPath to be NULL tests: Add luks creation examples to storagevolxml2argvtest storage: Rename encryption info variable for clarity tests: Remove qcow2 encryption from storagevol tests storage: Disallow create/resize of qcow2 encrypted images storage: Clean up storageBackendCreateQemuImgCheckEncryption storage: Clean up storageBackendCreateQemuImgOpts storage: Remove storageBackendGenerateSecretData storage: Add support for using inputvol for encryption docs: Add news article for volume encryption modifications docs/formatsecret.html.in | 22 +- docs/formatstorageencryption.html.in | 29 +- docs/news.xml | 25 ++ src/storage/storage_util.c | 303 +++++++-------------- src/storage/storage_util.h | 10 +- src/util/virqemu.c | 26 +- tests/storagevolxml2argvdata/luks-cipher.argv | 5 + tests/storagevolxml2argvdata/luks-convert.argv | 9 + tests/storagevolxml2argvdata/luks.argv | 4 + tests/storagevolxml2argvdata/qcow2-1.1.argv | 2 +- tests/storagevolxml2argvdata/qcow2-compat.argv | 2 +- .../qcow2-from-logical-compat.argv | 2 +- tests/storagevolxml2argvdata/qcow2-lazy.argv | 2 +- .../qcow2-nobacking-convert-prealloc-compat.argv | 2 +- .../qcow2-nobacking-prealloc-compat.argv | 2 +- .../qcow2-nocapacity-convert-prealloc.argv | 2 +- tests/storagevolxml2argvdata/qcow2-nocapacity.argv | 2 +- .../storagevolxml2argvdata/qcow2-nocow-compat.argv | 2 +- tests/storagevolxml2argvtest.c | 76 +++++- tests/storagevolxml2xmlin/vol-luks-convert.xml | 21 ++ tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-1.1.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-encryption.xml | 31 +++ tests/storagevolxml2xmlin/vol-qcow2-lazy.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml | 3 - .../vol-qcow2-nocapacity-backing.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nocow.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-1.1.xml | 3 - .../storagevolxml2xmlout/vol-qcow2-encryption.xml | 31 +++ tests/storagevolxml2xmlout/vol-qcow2-lazy.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml | 3 - .../storagevolxml2xmlout/vol-qcow2-nocapacity.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-nocow.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2.xml | 3 - tests/storagevolxml2xmltest.c | 1 + 38 files changed, 344 insertions(+), 312 deletions(-) create mode 100644 tests/storagevolxml2argvdata/luks-cipher.argv create mode 100644 tests/storagevolxml2argvdata/luks-convert.argv create mode 100644 tests/storagevolxml2argvdata/luks.argv create mode 100644 tests/storagevolxml2xmlin/vol-luks-convert.xml create mode 100644 tests/storagevolxml2xmlin/vol-qcow2-encryption.xml create mode 100644 tests/storagevolxml2xmlout/vol-qcow2-encryption.xml -- 2.14.4
Allowing a NULL @secretPath for virStorageBackendCreateQemuImgCmdFromVol would result in a generated command line with a dangling "file=" output. So let's make sure the @secretPath exists before processing. This means we should pass a dummy path from the storage test. Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/storage/storage_util.c | 5 +++++ tests/storagevolxml2argvtest.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index 87f2115869..88427cecb4 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -1233,6 +1233,11 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, if (info.format == VIR_STORAGE_FILE_RAW && vol->target.encryption && vol->target.encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { + if (!info.secretPath) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("path to secret data file is required")); + goto error; + } if (virAsprintf(&info.secretAlias, "%s_encrypt0", vol->name) < 0) goto error; if (storageBackendCreateQemuImgSecretObject(cmd, info.secretPath, diff --git a/tests/storagevolxml2argvtest.c b/tests/storagevolxml2argvtest.c index 0265a0ffe2..4286c50c6e 100644 --- a/tests/storagevolxml2argvtest.c +++ b/tests/storagevolxml2argvtest.c @@ -82,7 +82,7 @@ testCompareXMLToArgvFiles(bool shouldFail, cmd = virStorageBackendCreateQemuImgCmdFromVol(obj, vol, inputvol, flags, create_tool, - NULL); + "/path/to/secretFile"); if (!cmd) { if (shouldFail) { virResetLastError(); -- 2.14.4
Add the storagevolxml2xmltest "luks" and "luks-cipher" tests to the storagevolxml2argvtest. Signed-off-by: John Ferlan <jferlan@redhat.com> --- tests/storagevolxml2argvdata/luks-cipher.argv | 5 +++++ tests/storagevolxml2argvdata/luks.argv | 4 ++++ tests/storagevolxml2argvtest.c | 7 +++++++ 3 files changed, 16 insertions(+) create mode 100644 tests/storagevolxml2argvdata/luks-cipher.argv create mode 100644 tests/storagevolxml2argvdata/luks.argv diff --git a/tests/storagevolxml2argvdata/luks-cipher.argv b/tests/storagevolxml2argvdata/luks-cipher.argv new file mode 100644 index 0000000000..a8a19f03ff --- /dev/null +++ b/tests/storagevolxml2argvdata/luks-cipher.argv @@ -0,0 +1,5 @@ +qemu-img create -f luks \ +--object secret,id=LuksDemo.img_encrypt0,file=/path/to/secretFile \ +-o key-secret=LuksDemo.img_encrypt0,cipher-alg=serpent-256,cipher-mode=cbc,\ +hash-alg=sha256,ivgen-alg=plain64,ivgen-hash-alg=sha256 \ +/var/lib/libvirt/images/LuksDemo.img 5242880K diff --git a/tests/storagevolxml2argvdata/luks.argv b/tests/storagevolxml2argvdata/luks.argv new file mode 100644 index 0000000000..336238ecab --- /dev/null +++ b/tests/storagevolxml2argvdata/luks.argv @@ -0,0 +1,4 @@ +qemu-img create -f luks \ +--object secret,id=LuksDemo.img_encrypt0,file=/path/to/secretFile \ +-o key-secret=LuksDemo.img_encrypt0 \ +/var/lib/libvirt/images/LuksDemo.img 5242880K diff --git a/tests/storagevolxml2argvtest.c b/tests/storagevolxml2argvtest.c index 4286c50c6e..b8afe4abcc 100644 --- a/tests/storagevolxml2argvtest.c +++ b/tests/storagevolxml2argvtest.c @@ -232,6 +232,13 @@ mymain(void) "pool-dir", "vol-file-iso", "iso-input", 0); + DO_TEST("pool-dir", "vol-luks", + NULL, NULL, + "luks", 0); + DO_TEST("pool-dir", "vol-luks-cipher", + NULL, NULL, + "luks-cipher", 0); + return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE; } -- 2.14.4
Change from @enc to @encinfo leaving @enc for the vol->target.encryption in the storageBackendCreateQemuImgSetOptions code path. Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/storage/storage_util.c | 21 +++++++++++---------- src/util/virqemu.c | 26 +++++++++++++------------- 2 files changed, 24 insertions(+), 23 deletions(-) diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index 88427cecb4..90cadb9d13 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -817,7 +817,7 @@ struct _virStorageBackendQemuImgInfo { static int -storageBackendCreateQemuImgOpts(virStorageEncryptionInfoDefPtr enc, +storageBackendCreateQemuImgOpts(virStorageEncryptionInfoDefPtr encinfo, char **opts, struct _virStorageBackendQemuImgInfo info) { @@ -827,8 +827,8 @@ storageBackendCreateQemuImgOpts(virStorageEncryptionInfoDefPtr enc, virBufferAsprintf(&buf, "backing_fmt=%s,", virStorageFileFormatTypeToString(info.backingFormat)); - if (info.format == VIR_STORAGE_FILE_RAW && enc) { - virQEMUBuildQemuImgKeySecretOpts(&buf, enc, info.secretAlias); + if (info.format == VIR_STORAGE_FILE_RAW && encinfo) { + virQEMUBuildQemuImgKeySecretOpts(&buf, encinfo, info.secretAlias); } else { if (info.encryption) virBufferAddLit(&buf, "encryption=on,"); @@ -1037,7 +1037,7 @@ storageBackendCreateQemuImgSetBacking(virStoragePoolObjPtr pool, static int storageBackendCreateQemuImgSetOptions(virCommandPtr cmd, - virStorageEncryptionInfoDefPtr enc, + virStorageEncryptionInfoDefPtr encinfo, struct _virStorageBackendQemuImgInfo info) { char *opts = NULL; @@ -1045,7 +1045,7 @@ storageBackendCreateQemuImgSetOptions(virCommandPtr cmd, if (info.format == VIR_STORAGE_FILE_QCOW2 && !info.compat) info.compat = "0.10"; - if (storageBackendCreateQemuImgOpts(enc, &opts, info) < 0) + if (storageBackendCreateQemuImgOpts(encinfo, &opts, info) < 0) return -1; if (opts) virCommandAddArgList(cmd, "-o", opts, NULL); @@ -1209,7 +1209,8 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, .secretPath = secretPath, .secretAlias = NULL, }; - virStorageEncryptionInfoDefPtr enc = NULL; + virStorageEncryptionPtr enc = vol->target.encryption; + virStorageEncryptionInfoDefPtr encinfo = NULL; virCheckFlags(VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA, NULL); @@ -1231,8 +1232,8 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, if (info.backingPath) virCommandAddArgList(cmd, "-b", info.backingPath, NULL); - if (info.format == VIR_STORAGE_FILE_RAW && vol->target.encryption && - vol->target.encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { + if (info.format == VIR_STORAGE_FILE_RAW && enc && + enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { if (!info.secretPath) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("path to secret data file is required")); @@ -1243,10 +1244,10 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, if (storageBackendCreateQemuImgSecretObject(cmd, info.secretPath, info.secretAlias) < 0) goto error; - enc = &vol->target.encryption->encinfo; + encinfo = &enc->encinfo; } - if (storageBackendCreateQemuImgSetOptions(cmd, enc, info) < 0) + if (storageBackendCreateQemuImgSetOptions(cmd, encinfo, info) < 0) goto error; VIR_FREE(info.secretAlias); diff --git a/src/util/virqemu.c b/src/util/virqemu.c index e16429d80d..30b8dc18d4 100644 --- a/src/util/virqemu.c +++ b/src/util/virqemu.c @@ -315,7 +315,7 @@ virQEMUBuildBufferEscapeComma(virBufferPtr buf, const char *str) /** * virQEMUBuildQemuImgKeySecretOpts: * @buf: buffer to build the string into - * @enc: pointer to encryption info + * @encinfo: pointer to encryption info * @alias: alias to use * * Generate the string for id=$alias and any encryption options for @@ -334,37 +334,37 @@ virQEMUBuildBufferEscapeComma(virBufferPtr buf, const char *str) */ void virQEMUBuildQemuImgKeySecretOpts(virBufferPtr buf, - virStorageEncryptionInfoDefPtr enc, + virStorageEncryptionInfoDefPtr encinfo, const char *alias) { virBufferAsprintf(buf, "key-secret=%s,", alias); - if (!enc->cipher_name) + if (!encinfo->cipher_name) return; virBufferAddLit(buf, "cipher-alg="); - virQEMUBuildBufferEscapeComma(buf, enc->cipher_name); - virBufferAsprintf(buf, "-%u,", enc->cipher_size); - if (enc->cipher_mode) { + virQEMUBuildBufferEscapeComma(buf, encinfo->cipher_name); + virBufferAsprintf(buf, "-%u,", encinfo->cipher_size); + if (encinfo->cipher_mode) { virBufferAddLit(buf, "cipher-mode="); - virQEMUBuildBufferEscapeComma(buf, enc->cipher_mode); + virQEMUBuildBufferEscapeComma(buf, encinfo->cipher_mode); virBufferAddLit(buf, ","); } - if (enc->cipher_hash) { + if (encinfo->cipher_hash) { virBufferAddLit(buf, "hash-alg="); - virQEMUBuildBufferEscapeComma(buf, enc->cipher_hash); + virQEMUBuildBufferEscapeComma(buf, encinfo->cipher_hash); virBufferAddLit(buf, ","); } - if (!enc->ivgen_name) + if (!encinfo->ivgen_name) return; virBufferAddLit(buf, "ivgen-alg="); - virQEMUBuildBufferEscapeComma(buf, enc->ivgen_name); + virQEMUBuildBufferEscapeComma(buf, encinfo->ivgen_name); virBufferAddLit(buf, ","); - if (enc->ivgen_hash) { + if (encinfo->ivgen_hash) { virBufferAddLit(buf, "ivgen-hash-alg="); - virQEMUBuildBufferEscapeComma(buf, enc->ivgen_hash); + virQEMUBuildBufferEscapeComma(buf, encinfo->ivgen_hash); virBufferAddLit(buf, ","); } } -- 2.14.4
We're about to disallow creation of a qcow2 encrypted storage volume, so let's remove the qcow encryption element from the tests which are testing whether other format='qcow2' related features work properly. Signed-off-by: John Ferlan <jferlan@redhat.com> --- tests/storagevolxml2argvdata/qcow2-1.1.argv | 2 +- tests/storagevolxml2argvdata/qcow2-compat.argv | 2 +- tests/storagevolxml2argvdata/qcow2-from-logical-compat.argv | 2 +- tests/storagevolxml2argvdata/qcow2-lazy.argv | 2 +- .../qcow2-nobacking-convert-prealloc-compat.argv | 2 +- tests/storagevolxml2argvdata/qcow2-nobacking-prealloc-compat.argv | 2 +- tests/storagevolxml2argvdata/qcow2-nocapacity-convert-prealloc.argv | 2 +- tests/storagevolxml2argvdata/qcow2-nocapacity.argv | 2 +- tests/storagevolxml2argvdata/qcow2-nocow-compat.argv | 2 +- tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml | 3 --- tests/storagevolxml2xmlin/vol-qcow2-1.1.xml | 3 --- tests/storagevolxml2xmlin/vol-qcow2-lazy.xml | 3 --- tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml | 3 --- tests/storagevolxml2xmlin/vol-qcow2-nocapacity-backing.xml | 3 --- tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml | 3 --- tests/storagevolxml2xmlin/vol-qcow2-nocow.xml | 3 --- tests/storagevolxml2xmlin/vol-qcow2.xml | 3 --- tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml | 3 --- tests/storagevolxml2xmlout/vol-qcow2-1.1.xml | 3 --- tests/storagevolxml2xmlout/vol-qcow2-lazy.xml | 3 --- tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml | 3 --- tests/storagevolxml2xmlout/vol-qcow2-nocapacity.xml | 3 --- tests/storagevolxml2xmlout/vol-qcow2-nocow.xml | 3 --- tests/storagevolxml2xmlout/vol-qcow2.xml | 3 --- 24 files changed, 9 insertions(+), 54 deletions(-) diff --git a/tests/storagevolxml2argvdata/qcow2-1.1.argv b/tests/storagevolxml2argvdata/qcow2-1.1.argv index c4dcb1bc3c..71ff67378e 100644 --- a/tests/storagevolxml2argvdata/qcow2-1.1.argv +++ b/tests/storagevolxml2argvdata/qcow2-1.1.argv @@ -1,3 +1,3 @@ qemu-img create -f qcow2 -b /dev/null \ --o backing_fmt=raw,encryption=on,compat=1.1 \ +-o backing_fmt=raw,compat=1.1 \ /var/lib/libvirt/images/OtherDemo.img 5242880K diff --git a/tests/storagevolxml2argvdata/qcow2-compat.argv b/tests/storagevolxml2argvdata/qcow2-compat.argv index 37ad2c078d..fcb6bed782 100644 --- a/tests/storagevolxml2argvdata/qcow2-compat.argv +++ b/tests/storagevolxml2argvdata/qcow2-compat.argv @@ -1,3 +1,3 @@ qemu-img create -f qcow2 -b /dev/null \ --o backing_fmt=raw,encryption=on,compat=0.10 \ +-o backing_fmt=raw,compat=0.10 \ /var/lib/libvirt/images/OtherDemo.img 5242880K diff --git a/tests/storagevolxml2argvdata/qcow2-from-logical-compat.argv b/tests/storagevolxml2argvdata/qcow2-from-logical-compat.argv index 5f365b1f84..f99717ad40 100644 --- a/tests/storagevolxml2argvdata/qcow2-from-logical-compat.argv +++ b/tests/storagevolxml2argvdata/qcow2-from-logical-compat.argv @@ -1,3 +1,3 @@ qemu-img convert -f raw -O qcow2 \ --o encryption=on,compat=0.10 \ +-o compat=0.10 \ /dev/HostVG/Swap /var/lib/libvirt/images/OtherDemo.img diff --git a/tests/storagevolxml2argvdata/qcow2-lazy.argv b/tests/storagevolxml2argvdata/qcow2-lazy.argv index b7058b84cc..c3c09cefef 100644 --- a/tests/storagevolxml2argvdata/qcow2-lazy.argv +++ b/tests/storagevolxml2argvdata/qcow2-lazy.argv @@ -1,3 +1,3 @@ qemu-img create -f qcow2 -b /dev/null \ --o backing_fmt=raw,encryption=on,compat=1.1,lazy_refcounts \ +-o backing_fmt=raw,compat=1.1,lazy_refcounts \ /var/lib/libvirt/images/OtherDemo.img 5242880K diff --git a/tests/storagevolxml2argvdata/qcow2-nobacking-convert-prealloc-compat.argv b/tests/storagevolxml2argvdata/qcow2-nobacking-convert-prealloc-compat.argv index 3d93ec8480..f3e230654b 100644 --- a/tests/storagevolxml2argvdata/qcow2-nobacking-convert-prealloc-compat.argv +++ b/tests/storagevolxml2argvdata/qcow2-nobacking-convert-prealloc-compat.argv @@ -1,3 +1,3 @@ qemu-img convert -f raw -O qcow2 \ --o encryption=on,preallocation=metadata,compat=0.10 \ +-o preallocation=metadata,compat=0.10 \ /var/lib/libvirt/images/sparse.img /var/lib/libvirt/images/OtherDemo.img diff --git a/tests/storagevolxml2argvdata/qcow2-nobacking-prealloc-compat.argv b/tests/storagevolxml2argvdata/qcow2-nobacking-prealloc-compat.argv index 903c94e33d..841d683965 100644 --- a/tests/storagevolxml2argvdata/qcow2-nobacking-prealloc-compat.argv +++ b/tests/storagevolxml2argvdata/qcow2-nobacking-prealloc-compat.argv @@ -1,3 +1,3 @@ qemu-img create -f qcow2 \ --o encryption=on,preallocation=metadata,compat=0.10 \ +-o preallocation=metadata,compat=0.10 \ /var/lib/libvirt/images/OtherDemo.img 5242880K diff --git a/tests/storagevolxml2argvdata/qcow2-nocapacity-convert-prealloc.argv b/tests/storagevolxml2argvdata/qcow2-nocapacity-convert-prealloc.argv index 73499178e7..22dd9381a4 100644 --- a/tests/storagevolxml2argvdata/qcow2-nocapacity-convert-prealloc.argv +++ b/tests/storagevolxml2argvdata/qcow2-nocapacity-convert-prealloc.argv @@ -1,4 +1,4 @@ qemu-img convert -f raw -O qcow2 \ --o encryption=on,preallocation=falloc,compat=0.10 \ +-o preallocation=falloc,compat=0.10 \ /var/lib/libvirt/images/sparse.img \ /var/lib/libvirt/images/OtherDemo.img diff --git a/tests/storagevolxml2argvdata/qcow2-nocapacity.argv b/tests/storagevolxml2argvdata/qcow2-nocapacity.argv index fd88055890..a922d12042 100644 --- a/tests/storagevolxml2argvdata/qcow2-nocapacity.argv +++ b/tests/storagevolxml2argvdata/qcow2-nocapacity.argv @@ -1,5 +1,5 @@ qemu-img create \ -f qcow2 \ -b /dev/null \ --o backing_fmt=raw,encryption=on,compat=0.10 \ +-o backing_fmt=raw,compat=0.10 \ /var/lib/libvirt/images/OtherDemo.img diff --git a/tests/storagevolxml2argvdata/qcow2-nocow-compat.argv b/tests/storagevolxml2argvdata/qcow2-nocow-compat.argv index d5a7547011..826001f73b 100644 --- a/tests/storagevolxml2argvdata/qcow2-nocow-compat.argv +++ b/tests/storagevolxml2argvdata/qcow2-nocow-compat.argv @@ -1,3 +1,3 @@ qemu-img create -f qcow2 -b /dev/null \ --o backing_fmt=raw,encryption=on,nocow=on,compat=0.10 \ +-o backing_fmt=raw,nocow=on,compat=0.10 \ /var/lib/libvirt/images/OtherDemo.img 5242880K diff --git a/tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml b/tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml index 5bf98b7c84..6007c183d3 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> <compat>0.10</compat> <features> <lazy_refcounts/> diff --git a/tests/storagevolxml2xmlin/vol-qcow2-1.1.xml b/tests/storagevolxml2xmlin/vol-qcow2-1.1.xml index 696e1e0750..9c42464ae3 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2-1.1.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2-1.1.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> <features/> </target> <backingStore> diff --git a/tests/storagevolxml2xmlin/vol-qcow2-lazy.xml b/tests/storagevolxml2xmlin/vol-qcow2-lazy.xml index c1d7875d66..48c3d65d98 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2-lazy.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2-lazy.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> <compat>1.1</compat> <features> <lazy_refcounts/> diff --git a/tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml b/tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml index 6a6bd5bef3..a21a68d417 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml @@ -14,8 +14,5 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> </volume> diff --git a/tests/storagevolxml2xmlin/vol-qcow2-nocapacity-backing.xml b/tests/storagevolxml2xmlin/vol-qcow2-nocapacity-backing.xml index f8e439bc56..2e508c6731 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2-nocapacity-backing.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2-nocapacity-backing.xml @@ -12,9 +12,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> <backingStore> <path>/dev/null</path> diff --git a/tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml b/tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml index 9746900f5c..2dede04295 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml @@ -12,8 +12,5 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> </volume> diff --git a/tests/storagevolxml2xmlin/vol-qcow2-nocow.xml b/tests/storagevolxml2xmlin/vol-qcow2-nocow.xml index 661475be73..30859536fc 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2-nocow.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2-nocow.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> <nocow/> </target> <backingStore> diff --git a/tests/storagevolxml2xmlin/vol-qcow2.xml b/tests/storagevolxml2xmlin/vol-qcow2.xml index 49a7de33d3..f576c7b3ed 100644 --- a/tests/storagevolxml2xmlin/vol-qcow2.xml +++ b/tests/storagevolxml2xmlin/vol-qcow2.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> <backingStore> <path>/dev/null</path> diff --git a/tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml b/tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml index 1f799dae01..9b666ad5bc 100644 --- a/tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml +++ b/tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> <compat>0.10</compat> <features> <lazy_refcounts/> diff --git a/tests/storagevolxml2xmlout/vol-qcow2-1.1.xml b/tests/storagevolxml2xmlout/vol-qcow2-1.1.xml index 14f805ff2a..c033f5bd57 100644 --- a/tests/storagevolxml2xmlout/vol-qcow2-1.1.xml +++ b/tests/storagevolxml2xmlout/vol-qcow2-1.1.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> <compat>1.1</compat> <features/> </target> diff --git a/tests/storagevolxml2xmlout/vol-qcow2-lazy.xml b/tests/storagevolxml2xmlout/vol-qcow2-lazy.xml index 68a9756d4f..ee79e26050 100644 --- a/tests/storagevolxml2xmlout/vol-qcow2-lazy.xml +++ b/tests/storagevolxml2xmlout/vol-qcow2-lazy.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> <compat>1.1</compat> <features> <lazy_refcounts/> diff --git a/tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml b/tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml index 075dc6996b..e8281e3b50 100644 --- a/tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml +++ b/tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml @@ -14,8 +14,5 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> </volume> diff --git a/tests/storagevolxml2xmlout/vol-qcow2-nocapacity.xml b/tests/storagevolxml2xmlout/vol-qcow2-nocapacity.xml index 223e6892fd..dbf9003213 100644 --- a/tests/storagevolxml2xmlout/vol-qcow2-nocapacity.xml +++ b/tests/storagevolxml2xmlout/vol-qcow2-nocapacity.xml @@ -14,8 +14,5 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> </volume> diff --git a/tests/storagevolxml2xmlout/vol-qcow2-nocow.xml b/tests/storagevolxml2xmlout/vol-qcow2-nocow.xml index 31dc57873c..a7d612135f 100644 --- a/tests/storagevolxml2xmlout/vol-qcow2-nocow.xml +++ b/tests/storagevolxml2xmlout/vol-qcow2-nocow.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> <backingStore> <path>/dev/null</path> diff --git a/tests/storagevolxml2xmlout/vol-qcow2.xml b/tests/storagevolxml2xmlout/vol-qcow2.xml index 31dc57873c..a7d612135f 100644 --- a/tests/storagevolxml2xmlout/vol-qcow2.xml +++ b/tests/storagevolxml2xmlout/vol-qcow2.xml @@ -14,9 +14,6 @@ <group>0</group> <label>unconfined_u:object_r:virt_image_t:s0</label> </permissions> - <encryption format='qcow'> - <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> - </encryption> </target> <backingStore> <path>/dev/null</path> -- 2.14.4
https://bugzilla.redhat.com/show_bug.cgi?id=1526382 Since commit c4eedd793 disallowed qcow2 encrypted images to be used for domains, it no longer makes sense to allow a qcow2 encrypted volume to be created or resized. Add a test that will exhibit the failure of creation as well as the xml2xml validation of the format still being correct. Update the documentation to note the removal of the capability to create and use qcow/default encrypted volumes. Signed-off-by: John Ferlan <jferlan@redhat.com> --- docs/formatsecret.html.in | 22 +++++++-------- docs/formatstorageencryption.html.in | 29 +++++--------------- src/storage/storage_util.c | 22 +++++++++++++-- tests/storagevolxml2argvtest.c | 4 +++ tests/storagevolxml2xmlin/vol-qcow2-encryption.xml | 31 ++++++++++++++++++++++ .../storagevolxml2xmlout/vol-qcow2-encryption.xml | 31 ++++++++++++++++++++++ tests/storagevolxml2xmltest.c | 1 + 7 files changed, 104 insertions(+), 36 deletions(-) create mode 100644 tests/storagevolxml2xmlin/vol-qcow2-encryption.xml create mode 100644 tests/storagevolxml2xmlout/vol-qcow2-encryption.xml diff --git a/docs/formatsecret.html.in b/docs/formatsecret.html.in index 155b7c35de..defbe71731 100644 --- a/docs/formatsecret.html.in +++ b/docs/formatsecret.html.in @@ -51,7 +51,7 @@ <p> This secret is associated with a volume, whether the format is either - for a "qcow" or a "luks" encrypted volume. Each volume will have a + for a "luks" encrypted volume. Each volume will have a unique secret associated with it and it is safe to delete the secret after the volume is deleted. The <code><usage type='volume'></code> element must contain a @@ -83,16 +83,6 @@ Secret value set # </pre> - <p> - The volume type secret can be supplied in domain XML for a qcow storage - volume <a href="formatstorageencryption.html">encryption</a> as follows: - </p> - <pre> -<encryption format='qcow'> - <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/> -</encryption> - </pre> - <p> The volume type secret can be supplied either in volume XML during creation of a <a href="formatstorage.html#StorageVol">storage volume</a> @@ -120,6 +110,16 @@ Secret value set # </pre> + <p> + The volume type secret can be supplied in domain XML for a luks storage + volume <a href="formatstorageencryption.html">encryption</a> as follows: + </p> + <pre> +<encryption format='luks'> + <secret type='passphrase' uuid='f52a81b2-424e-490c-823d-6bd4235bc57'/> +</encryption> + </pre> + <h3><a id="CephUsageType">Usage type "ceph"</a></h3> <p> This secret is associated with a Ceph RBD (rados block device). diff --git a/docs/formatstorageencryption.html.in b/docs/formatstorageencryption.html.in index 434bdb609e..ea80a87cfb 100644 --- a/docs/formatstorageencryption.html.in +++ b/docs/formatstorageencryption.html.in @@ -39,22 +39,14 @@ specified <code>uuid</code>. </p> <h3><a id="StorageEncryptionDefault">"default" format</a></h3> - <p> - <code><encryption format="default"/></code> can be specified only - when creating a qcow volume. If the volume is successfully created, the - encryption formats, parameters and secrets will be auto-generated by - libvirt and the attached <code>encryption</code> tag will be updated. - The unmodified contents of the <code>encryption</code> tag can be used - in later operations with the volume, or when setting up a domain that - uses the volume. - </p> <h3><a id="StorageEncryptionQcow">"qcow" format</a></h3> <p> - The <code>qcow</code> format specifies that the built-in encryption - support in <code>qcow</code>- or <code>qcow2</code>-formatted volume - images should be used. A single - <code><secret type='passphrase'></code> element is expected. Note - that this encryption is inherently broken and should not be used any more. + <span class="since">Since 4.5.0,</span> encryption formats + <code>default</code> and <code>qcow</code> may no longer be used + to create an encrypted volume. Usage of qcow encrypted volumes + in QEMU began phasing out in QEMU 2.3 and by QEMU 2.9 creation + of a qcow encrypted volume via qemu-img required usage of secret + objects, but that support was not added to libvirt. </p> <h3><a id="StorageEncryptionLuks">"luks" format</a></h3> <p> @@ -121,15 +113,6 @@ <h2><a id="example">Examples</a></h2> - <p> - Here is a simple example, specifying use of the <code>qcow</code> format: - </p> - - <pre> -<encryption format='qcow'> - <secret type='passphrase' uuid='c1f11a6d-8c5d-4a3e-ac7a-4e171c5e0d4a' /> -</encryption></pre> - <p> Assuming a <a href="formatsecret.html#VolumeUsageType"> <code>luks volume type secret</code></a> is already defined, diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index 90cadb9d13..6b02bb2e9a 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -1214,6 +1214,15 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, virCheckFlags(VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA, NULL); + if (enc && (enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_QCOW || + enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT) && + (vol->target.format == VIR_STORAGE_FILE_QCOW || + vol->target.format == VIR_STORAGE_FILE_QCOW2)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("creation of qcow2 encrypted image is not supported")); + goto error; + } + if (virStorageBackendCreateQemuImgSetInfo(pool, vol, inputvol, &info) < 0) goto error; @@ -1232,8 +1241,7 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, if (info.backingPath) virCommandAddArgList(cmd, "-b", info.backingPath, NULL); - if (info.format == VIR_STORAGE_FILE_RAW && enc && - enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { + if (enc) { if (!info.secretPath) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("path to secret data file is required")); @@ -2354,6 +2362,16 @@ storageBackendResizeQemuImg(virStoragePoolObjPtr pool, const char *type; char *secretPath = NULL; char *secretAlias = NULL; + virStorageEncryptionPtr enc = vol->target.encryption; + + if (enc && (enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_QCOW || + enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT) && + (vol->target.format == VIR_STORAGE_FILE_QCOW || + vol->target.format == VIR_STORAGE_FILE_QCOW2)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("resize of qcow2 encrypted image is not supported")); + return -1; + } img_tool = virFindFileInPath("qemu-img"); if (!img_tool) { diff --git a/tests/storagevolxml2argvtest.c b/tests/storagevolxml2argvtest.c index b8afe4abcc..d7f5c0f51e 100644 --- a/tests/storagevolxml2argvtest.c +++ b/tests/storagevolxml2argvtest.c @@ -232,6 +232,10 @@ mymain(void) "pool-dir", "vol-file-iso", "iso-input", 0); + DO_TEST_FAIL("pool-dir", "vol-qcow2-encryption", + NULL, NULL, + "qcow2-encryption", 0); + DO_TEST("pool-dir", "vol-luks", NULL, NULL, "luks", 0); diff --git a/tests/storagevolxml2xmlin/vol-qcow2-encryption.xml b/tests/storagevolxml2xmlin/vol-qcow2-encryption.xml new file mode 100644 index 0000000000..49a7de33d3 --- /dev/null +++ b/tests/storagevolxml2xmlin/vol-qcow2-encryption.xml @@ -0,0 +1,31 @@ +<volume> + <name>OtherDemo.img</name> + <key>/var/lib/libvirt/images/OtherDemo.img</key> + <source> + </source> + <capacity unit="G">5</capacity> + <allocation>294912</allocation> + <target> + <path>/var/lib/libvirt/images/OtherDemo.img</path> + <format type='qcow2'/> + <permissions> + <mode>0644</mode> + <owner>0</owner> + <group>0</group> + <label>unconfined_u:object_r:virt_image_t:s0</label> + </permissions> + <encryption format='qcow'> + <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> + </encryption> + </target> + <backingStore> + <path>/dev/null</path> + <format type='raw'/> + <permissions> + <mode>0644</mode> + <owner>0</owner> + <group>0</group> + <label>unconfined_u:object_r:virt_image_t:s0</label> + </permissions> + </backingStore> +</volume> diff --git a/tests/storagevolxml2xmlout/vol-qcow2-encryption.xml b/tests/storagevolxml2xmlout/vol-qcow2-encryption.xml new file mode 100644 index 0000000000..31dc57873c --- /dev/null +++ b/tests/storagevolxml2xmlout/vol-qcow2-encryption.xml @@ -0,0 +1,31 @@ +<volume type='file'> + <name>OtherDemo.img</name> + <key>/var/lib/libvirt/images/OtherDemo.img</key> + <source> + </source> + <capacity unit='bytes'>5368709120</capacity> + <allocation unit='bytes'>294912</allocation> + <target> + <path>/var/lib/libvirt/images/OtherDemo.img</path> + <format type='qcow2'/> + <permissions> + <mode>0644</mode> + <owner>0</owner> + <group>0</group> + <label>unconfined_u:object_r:virt_image_t:s0</label> + </permissions> + <encryption format='qcow'> + <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> + </encryption> + </target> + <backingStore> + <path>/dev/null</path> + <format type='raw'/> + <permissions> + <mode>0644</mode> + <owner>0</owner> + <group>0</group> + <label>unconfined_u:object_r:virt_image_t:s0</label> + </permissions> + </backingStore> +</volume> diff --git a/tests/storagevolxml2xmltest.c b/tests/storagevolxml2xmltest.c index 426b100c27..7bac4974ae 100644 --- a/tests/storagevolxml2xmltest.c +++ b/tests/storagevolxml2xmltest.c @@ -106,6 +106,7 @@ mymain(void) DO_TEST("pool-dir", "vol-qcow2-lazy"); DO_TEST("pool-dir", "vol-qcow2-0.10-lazy"); DO_TEST("pool-dir", "vol-qcow2-nobacking"); + DO_TEST("pool-dir", "vol-qcow2-encryption"); DO_TEST("pool-dir", "vol-luks"); DO_TEST("pool-dir", "vol-luks-cipher"); DO_TEST("pool-disk", "vol-partition"); -- 2.14.4
Remove the checks for qcow encryption since both callers (create and resize) would have already disallowed usage. Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/storage/storage_util.c | 20 +------------------- 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index 6b02bb2e9a..fe588df7dd 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -891,25 +891,7 @@ storageBackendCreateQemuImgCheckEncryption(int format, { virStorageEncryptionPtr enc = vol->target.encryption; - if (format == VIR_STORAGE_FILE_QCOW || format == VIR_STORAGE_FILE_QCOW2) { - if (enc->format != VIR_STORAGE_ENCRYPTION_FORMAT_QCOW && - enc->format != VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("unsupported volume encryption format %d"), - vol->target.encryption->format); - return -1; - } - if (enc->nsecrets > 1) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("too many secrets for qcow encryption")); - return -1; - } - if (enc->nsecrets == 0) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("no secret provided for qcow encryption")); - return -1; - } - } else if (format == VIR_STORAGE_FILE_RAW) { + if (format == VIR_STORAGE_FILE_RAW) { if (enc->format != VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("unsupported volume encryption format %d"), -- 2.14.4
Since we only generate the @encinfo when there's a secret object and thus we need to reference it in the options, Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/storage/storage_util.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index fe588df7dd..e090521d79 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -827,12 +827,8 @@ storageBackendCreateQemuImgOpts(virStorageEncryptionInfoDefPtr encinfo, virBufferAsprintf(&buf, "backing_fmt=%s,", virStorageFileFormatTypeToString(info.backingFormat)); - if (info.format == VIR_STORAGE_FILE_RAW && encinfo) { + if (encinfo) virQEMUBuildQemuImgKeySecretOpts(&buf, encinfo, info.secretAlias); - } else { - if (info.encryption) - virBufferAddLit(&buf, "encryption=on,"); - } if (info.preallocate) { if (info.size_arg > info.allocation) -- 2.14.4
Since we no longer support creating qcow2 encryption format volumes, we no longer have to possibly create some secret and have no real need for the function, so move the remaining functionality to build the secret path back into the caller storageBackendCreateQemuImg. Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/storage/storage_util.c | 134 +-------------------------------------------- 1 file changed, 2 insertions(+), 132 deletions(-) diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index e090521d79..e26f5e2b48 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -482,109 +482,6 @@ storageBackendCreateRaw(virStoragePoolObjPtr pool, return ret; } -static int -virStorageGenerateSecretUUID(virConnectPtr conn, - unsigned char *uuid) -{ - unsigned attempt; - - for (attempt = 0; attempt < 65536; attempt++) { - virSecretPtr tmp; - if (virUUIDGenerate(uuid) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("unable to generate uuid")); - return -1; - } - tmp = virSecretLookupByUUID(conn, uuid); - if (tmp == NULL) - return 0; - - virObjectUnref(tmp); - } - - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("too many conflicts when generating a uuid")); - - return -1; -} - -static int -virStorageGenerateQcowEncryption(virStorageVolDefPtr vol) -{ - virSecretDefPtr def = NULL; - virBuffer buf = VIR_BUFFER_INITIALIZER; - virStorageEncryptionPtr enc; - virStorageEncryptionSecretPtr enc_secret = NULL; - virSecretPtr secret = NULL; - char *xml; - unsigned char value[VIR_STORAGE_QCOW_PASSPHRASE_SIZE]; - int ret = -1; - virConnectPtr conn = NULL; - - conn = virGetConnectSecret(); - if (!conn) - return -1; - - enc = vol->target.encryption; - if (enc->nsecrets != 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("secrets already defined")); - goto cleanup; - } - - if (VIR_ALLOC(enc_secret) < 0 || VIR_REALLOC_N(enc->secrets, 1) < 0 || - VIR_ALLOC(def) < 0) - goto cleanup; - - def->isephemeral = false; - def->isprivate = false; - if (virStorageGenerateSecretUUID(conn, def->uuid) < 0) - goto cleanup; - - def->usage_type = VIR_SECRET_USAGE_TYPE_VOLUME; - if (VIR_STRDUP(def->usage_id, vol->target.path) < 0) - goto cleanup; - xml = virSecretDefFormat(def); - virSecretDefFree(def); - def = NULL; - if (xml == NULL) - goto cleanup; - - secret = virSecretDefineXML(conn, xml, 0); - if (secret == NULL) { - VIR_FREE(xml); - goto cleanup; - } - VIR_FREE(xml); - - if (virStorageGenerateQcowPassphrase(value) < 0) - goto cleanup; - - if (virSecretSetValue(secret, value, sizeof(value), 0) < 0) - goto cleanup; - - enc_secret->type = VIR_STORAGE_ENCRYPTION_SECRET_TYPE_PASSPHRASE; - enc_secret->seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID; - memcpy(enc_secret->seclookupdef.u.uuid, secret->uuid, VIR_UUID_BUFLEN); - enc->format = VIR_STORAGE_ENCRYPTION_FORMAT_QCOW; - enc->secrets[0] = enc_secret; /* Space for secrets[0] allocated above */ - enc_secret = NULL; - enc->nsecrets = 1; - - ret = 0; - - cleanup: - if (secret != NULL) { - if (ret != 0) - virSecretUndefine(secret); - virObjectUnref(secret); - } - virObjectUnref(conn); - virBufferFreeAndReset(&buf); - virSecretDefFree(def); - VIR_FREE(enc_secret); - return ret; -} static int virStorageBackendCreateExecCommand(virStoragePoolObjPtr pool, @@ -1325,34 +1222,6 @@ storageBackendCreateQemuImgSecretPath(virStoragePoolObjPtr pool, } -static int -storageBackendGenerateSecretData(virStoragePoolObjPtr pool, - virStorageVolDefPtr vol, - char **secretPath) -{ - virStorageEncryptionPtr enc = vol->target.encryption; - - if (!enc) - return 0; - - if ((vol->target.format == VIR_STORAGE_FILE_QCOW || - vol->target.format == VIR_STORAGE_FILE_QCOW2) && - (enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT || - enc->nsecrets == 0)) { - if (virStorageGenerateQcowEncryption(vol) < 0) - return -1; - } - - if (vol->target.format == VIR_STORAGE_FILE_RAW && - enc->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { - if (!(*secretPath = storageBackendCreateQemuImgSecretPath(pool, vol))) - return -1; - } - - return 0; -} - - static int storageBackendDoCreateQemuImg(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, @@ -1398,7 +1267,8 @@ storageBackendCreateQemuImg(virStoragePoolObjPtr pool, return -1; } - if (storageBackendGenerateSecretData(pool, vol, &secretPath) < 0) + if (vol->target.encryption && + !(secretPath = storageBackendCreateQemuImgSecretPath(pool, vol))) goto cleanup; ret = storageBackendDoCreateQemuImg(pool, vol, inputvol, flags, -- 2.14.4
Starting with QEMU 2.9, encryption convert processing requires a multi-step process in order to generate an encrypted image from some non encrypted raw image. Processing requires to first create an encrypted image using the sizing parameters from the input source and second to use the --image-opts, -n, and --target-image-opts options along with inline driver options to describe the input and output files, generating two commands such as: $ qemu-img create -f luks \ --object secret,id=demo.img_encrypt0,file=/path/to/secretFile \ -o key-secret=demo.img_encrypt0 \ demo.img 500K Formatting 'demo.img', fmt=luks size=512000 key-secret=demo.img_encrypt0 $ qemu-img convert --image-opts -n --target-image-opts \ --object secret,id=demo.img_encrypt0,file=/path/to/secretFile \ driver=raw,file.filename=sparse.img \ driver=luks,file.filename=demo.img,key-secret=demo.img_encrypt0 $ This patch handles the convert processing by running the processing in a do..while loop essentially reusing the existing create logic and arguments to create the target vol from the inputvol and then converting the inputvol using new arguments. This then allows the following virsh command to work properly: virsh vol-create-from default encrypt1-luks.xml data.img --inputpool default where encrypt1-luks.xml would provided the path and secret for the new image, while data.img would be the source image. Signed-off-by: John Ferlan <jferlan@redhat.com> --- src/storage/storage_util.c | 103 +++++++++++++++++-------- src/storage/storage_util.h | 10 ++- tests/storagevolxml2argvdata/luks-convert.argv | 9 +++ tests/storagevolxml2argvtest.c | 65 +++++++++++++--- tests/storagevolxml2xmlin/vol-luks-convert.xml | 21 +++++ 5 files changed, 161 insertions(+), 47 deletions(-) create mode 100644 tests/storagevolxml2argvdata/luks-convert.argv create mode 100644 tests/storagevolxml2xmlin/vol-luks-convert.xml diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index e26f5e2b48..a701a75702 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -819,12 +819,15 @@ storageBackendCreateQemuImgCheckEncryption(int format, static int storageBackendCreateQemuImgSetInput(virStorageVolDefPtr inputvol, + virStorageVolEncryptConvertStep convertStep, struct _virStorageBackendQemuImgInfo *info) { - if (!(info->inputPath = inputvol->target.path)) { - virReportError(VIR_ERR_INVALID_ARG, "%s", - _("missing input volume target path")); - return -1; + if (convertStep != VIR_STORAGE_VOL_ENCRYPT_CREATE) { + if (!(info->inputPath = inputvol->target.path)) { + virReportError(VIR_ERR_INVALID_ARG, "%s", + _("missing input volume target path")); + return -1; + } } info->inputFormat = inputvol->target.format; @@ -995,6 +998,7 @@ static int virStorageBackendCreateQemuImgSetInfo(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, virStorageVolDefPtr inputvol, + virStorageVolEncryptConvertStep convertStep, struct _virStorageBackendQemuImgInfo *info) { /* Treat output block devices as 'raw' format */ @@ -1027,11 +1031,6 @@ virStorageBackendCreateQemuImgSetInfo(virStoragePoolObjPtr pool, return -1; } if (info->format == VIR_STORAGE_FILE_RAW && vol->target.encryption) { - if (inputvol) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("cannot use inputvol with encrypted raw volume")); - return -1; - } if (vol->target.encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { info->type = "luks"; } else { @@ -1042,7 +1041,7 @@ virStorageBackendCreateQemuImgSetInfo(virStoragePoolObjPtr pool, } if (inputvol && - storageBackendCreateQemuImgSetInput(inputvol, info) < 0) + storageBackendCreateQemuImgSetInput(inputvol, convertStep, info) < 0) return -1; if (virStorageSourceHasBacking(&vol->target) && @@ -1068,7 +1067,8 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, virStorageVolDefPtr inputvol, unsigned int flags, const char *create_tool, - const char *secretPath) + const char *secretPath, + virStorageVolEncryptConvertStep convertStep) { virCommandPtr cmd = NULL; struct _virStorageBackendQemuImgInfo info = { @@ -1098,18 +1098,25 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, goto error; } - if (virStorageBackendCreateQemuImgSetInfo(pool, vol, inputvol, &info) < 0) + if (virStorageBackendCreateQemuImgSetInfo(pool, vol, inputvol, + convertStep, &info) < 0) goto error; cmd = virCommandNew(create_tool); - /* ignore the backing volume when we're converting a volume */ - if (info.inputPath) + /* ignore the backing volume when we're converting a volume + * including when we're doing a two step convert during create */ + if (info.inputPath || convertStep == VIR_STORAGE_VOL_ENCRYPT_CREATE) info.backingPath = NULL; - if (info.inputPath) + /* Converting to use encryption is a two step process - step 1 is to + * create the image and step 2 is to convert it using special arguments */ + if (info.inputPath && convertStep == VIR_STORAGE_VOL_ENCRYPT_NONE) virCommandAddArgList(cmd, "convert", "-f", info.inputFormatStr, "-O", info.type, NULL); + else if (info.inputPath && convertStep == VIR_STORAGE_VOL_ENCRYPT_CONVERT) + virCommandAddArgList(cmd, "convert", "--image-opts", "-n", + "--target-image-opts", NULL); else virCommandAddArgList(cmd, "create", "-f", info.type, NULL); @@ -1130,15 +1137,24 @@ virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, encinfo = &enc->encinfo; } - if (storageBackendCreateQemuImgSetOptions(cmd, encinfo, info) < 0) - goto error; - VIR_FREE(info.secretAlias); + if (convertStep != VIR_STORAGE_VOL_ENCRYPT_CONVERT) { + if (storageBackendCreateQemuImgSetOptions(cmd, encinfo, info) < 0) + goto error; + if (info.inputPath) + virCommandAddArg(cmd, info.inputPath); + virCommandAddArg(cmd, info.path); + if (!info.inputPath && (info.size_arg || !info.backingPath)) + virCommandAddArgFormat(cmd, "%lluK", info.size_arg); + } else { + /* source */ + virCommandAddArgFormat(cmd, "driver=raw,file.filename=%s", + info.inputPath); - if (info.inputPath) - virCommandAddArg(cmd, info.inputPath); - virCommandAddArg(cmd, info.path); - if (!info.inputPath && (info.size_arg || !info.backingPath)) - virCommandAddArgFormat(cmd, "%lluK", info.size_arg); + /* dest */ + virCommandAddArgFormat(cmd, "driver=%s,file.filename=%s,key-secret=%s", + info.type, info.path, info.secretAlias); + } + VIR_FREE(info.secretAlias); return cmd; @@ -1228,14 +1244,15 @@ storageBackendDoCreateQemuImg(virStoragePoolObjPtr pool, virStorageVolDefPtr inputvol, unsigned int flags, const char *create_tool, - const char *secretPath) + const char *secretPath, + virStorageVolEncryptConvertStep convertStep) { int ret; virCommandPtr cmd; cmd = virStorageBackendCreateQemuImgCmdFromVol(pool, vol, inputvol, flags, create_tool, - secretPath); + secretPath, convertStep); if (!cmd) return -1; @@ -1256,6 +1273,7 @@ storageBackendCreateQemuImg(virStoragePoolObjPtr pool, int ret = -1; char *create_tool; char *secretPath = NULL; + virStorageVolEncryptConvertStep convertStep = VIR_STORAGE_VOL_ENCRYPT_NONE; virCheckFlags(VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA, -1); @@ -1271,8 +1289,32 @@ storageBackendCreateQemuImg(virStoragePoolObjPtr pool, !(secretPath = storageBackendCreateQemuImgSecretPath(pool, vol))) goto cleanup; - ret = storageBackendDoCreateQemuImg(pool, vol, inputvol, flags, - create_tool, secretPath); + /* Using an input file for encryption requires a multi-step process + * to create an image of the same size as the inputvol and then to + * convert the inputvol afterwards. */ + if (secretPath && inputvol) + convertStep = VIR_STORAGE_VOL_ENCRYPT_CREATE; + + do { + ret = storageBackendDoCreateQemuImg(pool, vol, inputvol, flags, + create_tool, secretPath, + convertStep); + + /* Failure to convert, attempt to delete what we created */ + if (ret < 0 && convertStep == VIR_STORAGE_VOL_ENCRYPT_CONVERT) + ignore_value(virFileRemove(vol->target.path, + vol->target.perms->uid, + vol->target.perms->gid)); + + if (ret < 0 || convertStep == VIR_STORAGE_VOL_ENCRYPT_NONE) + goto cleanup; + + if (convertStep == VIR_STORAGE_VOL_ENCRYPT_CREATE) + convertStep = VIR_STORAGE_VOL_ENCRYPT_CONVERT; + else if (convertStep == VIR_STORAGE_VOL_ENCRYPT_CONVERT) + convertStep = VIR_STORAGE_VOL_ENCRYPT_DONE; + } while (convertStep != VIR_STORAGE_VOL_ENCRYPT_DONE); + cleanup: if (secretPath) { unlink(secretPath); @@ -2024,13 +2066,6 @@ storageBackendVolBuildLocal(virStoragePoolObjPtr pool, virStorageBackendBuildVolFrom create_func; if (inputvol) { - if (vol->target.encryption) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - "%s", _("storage pool does not support " - "building encrypted volumes from " - "other volumes")); - return -1; - } if (!(create_func = virStorageBackendGetBuildVolFromFunction(vol, inputvol))) return -1; diff --git a/src/storage/storage_util.h b/src/storage/storage_util.h index 9307702754..6fc8e8972c 100644 --- a/src/storage/storage_util.h +++ b/src/storage/storage_util.h @@ -153,13 +153,21 @@ char *virStorageBackendStablePath(virStoragePoolObjPtr pool, const char *devpath, bool loop); +typedef enum { + VIR_STORAGE_VOL_ENCRYPT_NONE = 0, + VIR_STORAGE_VOL_ENCRYPT_CREATE, + VIR_STORAGE_VOL_ENCRYPT_CONVERT, + VIR_STORAGE_VOL_ENCRYPT_DONE, +} virStorageVolEncryptConvertStep; + virCommandPtr virStorageBackendCreateQemuImgCmdFromVol(virStoragePoolObjPtr pool, virStorageVolDefPtr vol, virStorageVolDefPtr inputvol, unsigned int flags, const char *create_tool, - const char *secretPath); + const char *secretPath, + virStorageVolEncryptConvertStep convertStep); int virStorageBackendSCSIFindLUs(virStoragePoolObjPtr pool, uint32_t scanhost); diff --git a/tests/storagevolxml2argvdata/luks-convert.argv b/tests/storagevolxml2argvdata/luks-convert.argv new file mode 100644 index 0000000000..6bac814300 --- /dev/null +++ b/tests/storagevolxml2argvdata/luks-convert.argv @@ -0,0 +1,9 @@ +qemu-img create -f luks \ +--object secret,id=OtherDemo.img_encrypt0,file=/path/to/secretFile \ +-o key-secret=OtherDemo.img_encrypt0 \ +/var/lib/libvirt/images/OtherDemo.img 5242880K +qemu-img convert --image-opts -n --target-image-opts \ +--object secret,id=OtherDemo.img_encrypt0,file=/path/to/secretFile \ +driver=raw,file.filename=/var/lib/libvirt/images/sparse.img \ +driver=luks,file.filename=/var/lib/libvirt/images/OtherDemo.img,\ +key-secret=OtherDemo.img_encrypt0 diff --git a/tests/storagevolxml2argvtest.c b/tests/storagevolxml2argvtest.c index d7f5c0f51e..b795f83aee 100644 --- a/tests/storagevolxml2argvtest.c +++ b/tests/storagevolxml2argvtest.c @@ -43,6 +43,7 @@ testCompareXMLToArgvFiles(bool shouldFail, unsigned long parse_flags) { char *actualCmdline = NULL; + virStorageVolEncryptConvertStep convertStep = VIR_STORAGE_VOL_ENCRYPT_NONE; int ret = -1; virCommandPtr cmd = NULL; @@ -79,20 +80,56 @@ testCompareXMLToArgvFiles(bool shouldFail, testSetVolumeType(vol, def); testSetVolumeType(inputvol, inputpool); - cmd = virStorageBackendCreateQemuImgCmdFromVol(obj, vol, - inputvol, flags, - create_tool, - "/path/to/secretFile"); - if (!cmd) { - if (shouldFail) { - virResetLastError(); - ret = 0; + /* Using an input file for encryption requires a multi-step process + * to create an image of the same size as the inputvol and then to + * convert the inputvol afterwards. Since we only care about the + * command line we have to copy code from storageBackendCreateQemuImg + * and adjust it for the test needs. */ + if (inputvol && vol->target.encryption) + convertStep = VIR_STORAGE_VOL_ENCRYPT_CREATE; + + do { + cmd = virStorageBackendCreateQemuImgCmdFromVol(obj, vol, + inputvol, flags, + create_tool, + "/path/to/secretFile", + convertStep); + if (!cmd) { + if (shouldFail) { + virResetLastError(); + ret = 0; + } + goto cleanup; } - goto cleanup; - } - if (!(actualCmdline = virCommandToString(cmd))) - goto cleanup; + if (convertStep != VIR_STORAGE_VOL_ENCRYPT_CONVERT) { + if (!(actualCmdline = virCommandToString(cmd))) + goto cleanup; + } else { + char *createCmdline = actualCmdline; + char *cvtCmdline; + int rc; + + if (!(cvtCmdline = virCommandToString(cmd))) + goto cleanup; + + rc = virAsprintf(&actualCmdline, "%s\n%s", + createCmdline, cvtCmdline); + + VIR_FREE(createCmdline); + VIR_FREE(cvtCmdline); + if (rc < 0) + goto cleanup; + } + + if (convertStep == VIR_STORAGE_VOL_ENCRYPT_NONE) + convertStep = VIR_STORAGE_VOL_ENCRYPT_DONE; + else if (convertStep == VIR_STORAGE_VOL_ENCRYPT_CREATE) + convertStep = VIR_STORAGE_VOL_ENCRYPT_CONVERT; + else if (convertStep == VIR_STORAGE_VOL_ENCRYPT_CONVERT) + convertStep = VIR_STORAGE_VOL_ENCRYPT_DONE; + + } while (convertStep != VIR_STORAGE_VOL_ENCRYPT_DONE); if (virTestCompareToFile(actualCmdline, cmdline) < 0) goto cleanup; @@ -243,6 +280,10 @@ mymain(void) NULL, NULL, "luks-cipher", 0); + DO_TEST("pool-dir", "vol-luks-convert", + "pool-dir", "vol-file", + "luks-convert", 0); + return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE; } diff --git a/tests/storagevolxml2xmlin/vol-luks-convert.xml b/tests/storagevolxml2xmlin/vol-luks-convert.xml new file mode 100644 index 0000000000..6e03de6b14 --- /dev/null +++ b/tests/storagevolxml2xmlin/vol-luks-convert.xml @@ -0,0 +1,21 @@ +<volume> + <name>OtherDemo.img</name> + <key>/var/lib/libvirt/images/OtherDemo.img</key> + <source> + </source> + <capacity unit="G">5</capacity> + <allocation>294912</allocation> + <target> + <path>/var/lib/libvirt/images/OtherDemo.img</path> + <format type='raw'/> + <permissions> + <mode>0644</mode> + <owner>0</owner> + <group>0</group> + <label>unconfined_u:object_r:virt_image_t:s0</label> + </permissions> + <encryption format='luks'> + <secret type='passphrase' uuid='e78d4b51-a2af-485f-b0f5-afca709a80f4'/> + </encryption> + </target> +</volume> -- 2.14.4
Include both the domain and storage modifications in a "Removed features" section as well as describing the improvement to allow using a raw input volume to create the luks encrypted volume. Signed-off-by: John Ferlan <jferlan@redhat.com> --- docs/news.xml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 08e5dcbda3..b97c7beb86 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -62,6 +62,21 @@ </description> </change> </section> + <section title="Removed features"> + <change> + <summary> + Remove support for qcow/default encrypted volumes + </summary> + <description> + Disallow using a qcow encrypted volume for the guest and + disallow creation of the qcow or default encrypted volume + from the storage driver. Support for qcow encrypted volumes + has been phasing out since QEMU 2.3 and by QEMU 2.9 creation + of a qcow encrypted volume via qemu-img required usage of + secret objects, but that support was never added to libvirt. + </description> + </change> + </section> <section title="Improvements"> <change> <summary> @@ -71,6 +86,16 @@ Capabilities XML now provide information about host IOMMU support. </description> </change> + <change> + <summary> + Add support to use an raw input volume for encryption + </summary> + <description> + It is now possible to provide a raw input volume as input for + to generate a luks encrypted volume via either virsh vol-create-from + or virStorageVolCreateXMLFrom. + </description> + </change> </section> <section title="Bug fixes"> <change> -- 2.14.4
ping? Tks, John On 06/20/2018 07:01 PM, John Ferlan wrote:
v2: https://www.redhat.com/archives/libvir-list/2018-May/msg01268.html
Try #3 - this time since Peter removed support for qcow encrypted volumes for domains, I'm taking the same approach for storage.
This is totally different from the previous approach which tried to actually create a qcow2 encrypted volume. This time slowly extricate the qcow2 encryption support from the storage driver - at least anything that can have a result via qemu-img.
Additionally, added some more luks tests and added the capability to create a luks encrypted volume from a raw image using the two step process that was part of v2.
John Ferlan (10): storage: Don't allow encryption secretPath to be NULL tests: Add luks creation examples to storagevolxml2argvtest storage: Rename encryption info variable for clarity tests: Remove qcow2 encryption from storagevol tests storage: Disallow create/resize of qcow2 encrypted images storage: Clean up storageBackendCreateQemuImgCheckEncryption storage: Clean up storageBackendCreateQemuImgOpts storage: Remove storageBackendGenerateSecretData storage: Add support for using inputvol for encryption docs: Add news article for volume encryption modifications
docs/formatsecret.html.in | 22 +- docs/formatstorageencryption.html.in | 29 +- docs/news.xml | 25 ++ src/storage/storage_util.c | 303 +++++++-------------- src/storage/storage_util.h | 10 +- src/util/virqemu.c | 26 +- tests/storagevolxml2argvdata/luks-cipher.argv | 5 + tests/storagevolxml2argvdata/luks-convert.argv | 9 + tests/storagevolxml2argvdata/luks.argv | 4 + tests/storagevolxml2argvdata/qcow2-1.1.argv | 2 +- tests/storagevolxml2argvdata/qcow2-compat.argv | 2 +- .../qcow2-from-logical-compat.argv | 2 +- tests/storagevolxml2argvdata/qcow2-lazy.argv | 2 +- .../qcow2-nobacking-convert-prealloc-compat.argv | 2 +- .../qcow2-nobacking-prealloc-compat.argv | 2 +- .../qcow2-nocapacity-convert-prealloc.argv | 2 +- tests/storagevolxml2argvdata/qcow2-nocapacity.argv | 2 +- .../storagevolxml2argvdata/qcow2-nocow-compat.argv | 2 +- tests/storagevolxml2argvtest.c | 76 +++++- tests/storagevolxml2xmlin/vol-luks-convert.xml | 21 ++ tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-1.1.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-encryption.xml | 31 +++ tests/storagevolxml2xmlin/vol-qcow2-lazy.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml | 3 - .../vol-qcow2-nocapacity-backing.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nocow.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-1.1.xml | 3 - .../storagevolxml2xmlout/vol-qcow2-encryption.xml | 31 +++ tests/storagevolxml2xmlout/vol-qcow2-lazy.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml | 3 - .../storagevolxml2xmlout/vol-qcow2-nocapacity.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-nocow.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2.xml | 3 - tests/storagevolxml2xmltest.c | 1 + 38 files changed, 344 insertions(+), 312 deletions(-) create mode 100644 tests/storagevolxml2argvdata/luks-cipher.argv create mode 100644 tests/storagevolxml2argvdata/luks-convert.argv create mode 100644 tests/storagevolxml2argvdata/luks.argv create mode 100644 tests/storagevolxml2xmlin/vol-luks-convert.xml create mode 100644 tests/storagevolxml2xmlin/vol-qcow2-encryption.xml create mode 100644 tests/storagevolxml2xmlout/vol-qcow2-encryption.xml
On 06/21/2018 01:01 AM, John Ferlan wrote:
v2: https://www.redhat.com/archives/libvir-list/2018-May/msg01268.html
Try #3 - this time since Peter removed support for qcow encrypted volumes for domains, I'm taking the same approach for storage.
This is totally different from the previous approach which tried to actually create a qcow2 encrypted volume. This time slowly extricate the qcow2 encryption support from the storage driver - at least anything that can have a result via qemu-img.
Additionally, added some more luks tests and added the capability to create a luks encrypted volume from a raw image using the two step process that was part of v2.
John Ferlan (10): storage: Don't allow encryption secretPath to be NULL tests: Add luks creation examples to storagevolxml2argvtest storage: Rename encryption info variable for clarity tests: Remove qcow2 encryption from storagevol tests storage: Disallow create/resize of qcow2 encrypted images storage: Clean up storageBackendCreateQemuImgCheckEncryption storage: Clean up storageBackendCreateQemuImgOpts storage: Remove storageBackendGenerateSecretData storage: Add support for using inputvol for encryption docs: Add news article for volume encryption modifications
docs/formatsecret.html.in | 22 +- docs/formatstorageencryption.html.in | 29 +- docs/news.xml | 25 ++ src/storage/storage_util.c | 303 +++++++-------------- src/storage/storage_util.h | 10 +- src/util/virqemu.c | 26 +- tests/storagevolxml2argvdata/luks-cipher.argv | 5 + tests/storagevolxml2argvdata/luks-convert.argv | 9 + tests/storagevolxml2argvdata/luks.argv | 4 + tests/storagevolxml2argvdata/qcow2-1.1.argv | 2 +- tests/storagevolxml2argvdata/qcow2-compat.argv | 2 +- .../qcow2-from-logical-compat.argv | 2 +- tests/storagevolxml2argvdata/qcow2-lazy.argv | 2 +- .../qcow2-nobacking-convert-prealloc-compat.argv | 2 +- .../qcow2-nobacking-prealloc-compat.argv | 2 +- .../qcow2-nocapacity-convert-prealloc.argv | 2 +- tests/storagevolxml2argvdata/qcow2-nocapacity.argv | 2 +- .../storagevolxml2argvdata/qcow2-nocow-compat.argv | 2 +- tests/storagevolxml2argvtest.c | 76 +++++- tests/storagevolxml2xmlin/vol-luks-convert.xml | 21 ++ tests/storagevolxml2xmlin/vol-qcow2-0.10-lazy.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-1.1.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-encryption.xml | 31 +++ tests/storagevolxml2xmlin/vol-qcow2-lazy.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nobacking.xml | 3 - .../vol-qcow2-nocapacity-backing.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nocapacity.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2-nocow.xml | 3 - tests/storagevolxml2xmlin/vol-qcow2.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-0.10-lazy.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-1.1.xml | 3 - .../storagevolxml2xmlout/vol-qcow2-encryption.xml | 31 +++ tests/storagevolxml2xmlout/vol-qcow2-lazy.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-nobacking.xml | 3 - .../storagevolxml2xmlout/vol-qcow2-nocapacity.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2-nocow.xml | 3 - tests/storagevolxml2xmlout/vol-qcow2.xml | 3 - tests/storagevolxml2xmltest.c | 1 + 38 files changed, 344 insertions(+), 312 deletions(-) create mode 100644 tests/storagevolxml2argvdata/luks-cipher.argv create mode 100644 tests/storagevolxml2argvdata/luks-convert.argv create mode 100644 tests/storagevolxml2argvdata/luks.argv create mode 100644 tests/storagevolxml2xmlin/vol-luks-convert.xml create mode 100644 tests/storagevolxml2xmlin/vol-qcow2-encryption.xml create mode 100644 tests/storagevolxml2xmlout/vol-qcow2-encryption.xml
ACK series. Michal
participants (2)
-
John Ferlan -
Michal Privoznik