[PATCH 0/2] qemu: block: Use correct format name when formatting overlay of qcow2+luks
see 1/2 Peter Krempa (2): qemu: block: Use correct format name when formatting overlay of qcow2+luks qemublocktest: Add test for creating a qcow2 on top of an luks-encrypted qcow2 src/qemu/qemu_block.c | 3 ++- tests/qemublocktest.c | 1 + .../imagecreate/qcow2-backing-qcow2luks.json | 15 +++++++++++++++ .../imagecreate/qcow2-backing-qcow2luks.xml | 1 + 4 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.json create mode 120000 tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.xml -- 2.31.1
A logic bug in the code creating overlays on existing images resulted into wrongly using "luks" instead of "qcow2" for the backing format if the backing image is an luks-encrypted qcow2. The special format munging is needed only for raw luks images. In practice the impact is not as critical as to use encrypted images in the backing chain the user must fully describe the backing chain including backing images to provide encryption keys, which overrides the metadata recorded in the qcow2 header. Signed-off-by: Peter Krempa <pkrempa@redhat.com> --- src/qemu/qemu_block.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index e09c7e66c8..0bc92f6a23 100644 --- a/src/qemu/qemu_block.c +++ b/src/qemu/qemu_block.c @@ -2264,7 +2264,8 @@ qemuBlockStorageSourceCreateAddBacking(virStorageSource *backing, return 0; if (format) { - if (backing->encryption && + if (backing->format == VIR_STORAGE_FILE_RAW && + backing->encryption && backing->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) backingFormatStr = "luks"; else -- 2.31.1
Signed-off-by: Peter Krempa <pkrempa@redhat.com> --- tests/qemublocktest.c | 1 + .../imagecreate/qcow2-backing-qcow2luks.json | 15 +++++++++++++++ .../imagecreate/qcow2-backing-qcow2luks.xml | 1 + 3 files changed, 17 insertions(+) create mode 100644 tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.json create mode 120000 tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.xml diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c index 308668f2b8..4af8862c5b 100644 --- a/tests/qemublocktest.c +++ b/tests/qemublocktest.c @@ -1216,6 +1216,7 @@ mymain(void) TEST_IMAGE_CREATE("qcow2-backing-raw", "raw"); TEST_IMAGE_CREATE("qcow2-backing-raw-nbd", "raw-nbd"); TEST_IMAGE_CREATE("qcow2-backing-luks", "luks-noopts"); + TEST_IMAGE_CREATE("qcow2-backing-qcow2luks", "qcow2-luks-noopts"); TEST_IMAGE_CREATE("qcow2-luks-encopts-backing", "qcow2"); TEST_IMAGE_CREATE("qcow2-backing-raw-slice", "raw-slice"); TEST_IMAGE_CREATE("qcow2-backing-qcow2-slice", "qcow2-slice"); diff --git a/tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.json b/tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.json new file mode 100644 index 0000000000..1dac76f6be --- /dev/null +++ b/tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.json @@ -0,0 +1,15 @@ +protocol: +{ + "driver": "file", + "filename": "/var/lib/libvirt/images/i.qcow2", + "size": 4294967296 +} + +format: +{ + "driver": "qcow2", + "file": "0123456789ABCDEF0123456789ABCDE", + "size": 8589934590, + "backing-file": "/var/lib/libvirt/images/i.qcow2", + "backing-fmt": "qcow2" +} diff --git a/tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.xml b/tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.xml new file mode 120000 index 0000000000..5769c2c866 --- /dev/null +++ b/tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.xml @@ -0,0 +1 @@ +qcow2.xml \ No newline at end of file -- 2.31.1
On a Friday in 2021, Peter Krempa wrote:
see 1/2
saw both
Peter Krempa (2): qemu: block: Use correct format name when formatting overlay of qcow2+luks qemublocktest: Add test for creating a qcow2 on top of an luks-encrypted qcow2
src/qemu/qemu_block.c | 3 ++- tests/qemublocktest.c | 1 + .../imagecreate/qcow2-backing-qcow2luks.json | 15 +++++++++++++++ .../imagecreate/qcow2-backing-qcow2luks.xml | 1 + 4 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.json create mode 120000 tests/qemublocktestdata/imagecreate/qcow2-backing-qcow2luks.xml
Reviewed-by: Ján Tomko <jtomko@redhat.com> Jano
participants (2)
-
Ján Tomko -
Peter Krempa