10:49 a.m.
----- "Daniel P. Berrange" <berrange(a)redhat.com> wrote:
On Thu, Aug 20, 2009 at 08:18:13PM +0200, Miloslav Trma?? wrote:
> If the <encryption format='qcow'> element does not specify a secret
> during volume creation, generate a suitable secret and add it to the
> <encryption> tag. The caller can view the updated <encryption> tag
> using virStorageVolGetXMLDesc().
>
> Similarly, when <encryption format='default'/> is specified while
> creating a qcow or qcow2-formatted volume, change the format to "qcow"
> and generate a secret as described above.
> + virBufferAddLit(&buf, "<secret
ephemeral='no' private='no'>");
> + /* <uuid/> is chosen by the secret driver */
> + virBufferEscapeString(&buf,
> + "<description>qcow passphrase for
%s</description>",
> + vol->target.path);
> + virBufferEscapeString(&buf, "<volume>%s</volume>",
vol->target.path);
> + virBufferAddLit(&buf, "</secret>");
> + if (virBufferError(&buf)) {
> + virReportOOMError(conn);
> + goto cleanup;
> + }
> + xml = virBufferContentAndReset(&buf);
This is the first place where we should be just calling into an
internal secret_conf.h API for formatting XML from a struct,
rather than duplicating the XML formatting.
OK.
> + /* A qcow passphrase is up to 16 bytes, with any data
following a NUL
> + ignored. Prohibit control and non-ASCII characters to avoid possible
> + unpleasant surprises with the qemu monitor input mechanism. */
> + fd = open("/dev/urandom", O_RDONLY);
> + if (fd < 0) {
> + virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
> + _("Cannot open /dev/urandom"));
> + goto cleanup;
> + }
> + i = 0;
> + while (i < sizeof (value)) {
> + ssize_t r;
> +
> + while ((r = read(fd, value + i, 1)) == -1 && errno == EINTR)
> + ;
> + if (r <= 0) {
> + virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
> + _("Cannot read from /dev/urandom"));
> + goto cleanup;
> + }
> + if (value[i] >= 0x20 && value[i] <= 0x7E)
> + i++; /* Got an acceptable character */
> + }
> + close(fd);
I reckon this snippet of code could usefully be put into the util.h file
as virFileGenerateRandomkey(), or alternatively perhaps secret_conf.h,
as virSecretGenerateRandomKey(unsigned char *buf, size_t buflen);
This code, with
its limitation to ASCII characters, is qcow/qemu-specific.
Mirek
12:41 p.m.
New subject: [libvirt] [PATCH 15/20] Provide missing passphrase when creating a volume.
On Tue, Sep 01, 2009 at 11:49:14AM -0400, Miloslav Trmac wrote:
----- "Daniel P. Berrange" <berrange(a)redhat.com>
wrote:
> > + /* A qcow passphrase is up to 16 bytes, with any data following a NUL
> > + ignored. Prohibit control and non-ASCII characters to avoid possible
> > + unpleasant surprises with the qemu monitor input mechanism. */
> > + fd = open("/dev/urandom", O_RDONLY);
> > + if (fd < 0) {
> > + virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR, "%s",
> > + _("Cannot open /dev/urandom"));
> > + goto cleanup;
> > + }
> > + i = 0;
> > + while (i < sizeof (value)) {
> > + ssize_t r;
> > +
> > + while ((r = read(fd, value + i, 1)) == -1 && errno == EINTR)
> > + ;
> > + if (r <= 0) {
> > + virStorageReportError(conn, VIR_ERR_INTERNAL_ERROR,
"%s",
> > + _("Cannot read from
/dev/urandom"));
> > + goto cleanup;
> > + }
> > + if (value[i] >= 0x20 && value[i] <= 0x7E)
> > + i++; /* Got an acceptable character */
> > + }
> > + close(fd);
>
> I reckon this snippet of code could usefully be put into the util.h file
> as virFileGenerateRandomkey(), or alternatively perhaps secret_conf.h,
> as virSecretGenerateRandomKey(unsigned char *buf, size_t buflen);
This code, with its limitation to ASCII characters, is qcow/qemu-specific.
Ok, lets leave it in the QEMU driver file then
Regards,
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
1:58 p.m.
New subject: [libvirt] [PATCH 15/20] Provide missing passphrase when creating a volume.
----- "Daniel P. Berrange" <berrange(a)redhat.com> wrote:
> > I reckon this snippet of code could usefully be put into
the util.h file
> > as virFileGenerateRandomkey(), or alternatively perhaps secret_conf.h,
> > as virSecretGenerateRandomKey(unsigned char *buf, size_t buflen);
> This code, with its limitation to ASCII characters, is
qcow/qemu-specific.
Ok, lets leave it in the QEMU driver file then
AFAICS the qemu and storage drivers
can be built as modules, this would create a dependency. I'll just split the code
into a separate function for now.
Mirek
2:56 p.m.
New subject: [libvirt] [PATCH 15/20] Provide missing passphrase when creating a volume.
On Tue, Sep 01, 2009 at 02:58:12PM -0400, Miloslav Trmac wrote:
----- "Daniel P. Berrange" <berrange(a)redhat.com>
wrote:
> > > I reckon this snippet of code could usefully be put into the util.h file
> > > as virFileGenerateRandomkey(), or alternatively perhaps secret_conf.h,
> > > as virSecretGenerateRandomKey(unsigned char *buf, size_t buflen);
> > This code, with its limitation to ASCII characters, is
> qcow/qemu-specific.
>
> Ok, lets leave it in the QEMU driver file then
AFAICS the qemu and storage drivers can be built as modules, this would
create a dependency. I'll just split the code into a separate function
for now.
Yes, you can't introduce dependancies between individual drivers. You
could move it out into the storage_encryption_conf.c/.h file, rather
that util.c. That would make it clearer that its just for the qcow
encryption case
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
5560
days inactive
5560
days old
3 comments
2 participants
participants (2)
-
Daniel P. Berrange -
Miloslav Trmac