6ae9ed
From 7f7caec5c5a02df88ee941c1120aa4b0c8b2c1ab Mon Sep 17 00:00:00 2001
6ae9ed
Message-Id: <7f7caec5c5a02df88ee941c1120aa4b0c8b2c1ab@dist-git>
6ae9ed
From: John Ferlan <jferlan@redhat.com>
6ae9ed
Date: Sat, 20 Aug 2016 09:11:45 -0400
6ae9ed
Subject: [PATCH] qemu: Fix crash hot plugging luks volume
6ae9ed
6ae9ed
https://bugzilla.redhat.com/show_bug.cgi?id=1367259
6ae9ed
6ae9ed
Crash occurs because 'secrets' is being dereferenced in call:
6ae9ed
6ae9ed
        if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias,
6ae9ed
                                  VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
6ae9ed
                                  &src->encryption->secrets[0]->seclookupdef,
6ae9ed
                                  true) < 0)
6ae9ed
6ae9ed
(gdb) p *src->encryption
6ae9ed
$1 = {format = 2, nsecrets = 0, secrets = 0x0, encinfo = {cipher_size = 0,
6ae9ed
    cipher_name = 0x0, cipher_mode = 0x0, cipher_hash = 0x0, ivgen_name = 0x0,
6ae9ed
    ivgen_hash = 0x0}}
6ae9ed
(gdb) bt
6ae9ed
    priv=priv@entry=0x7fffc03be160, disk=disk@entry=0x7fffb4002ae0)
6ae9ed
    at qemu/qemu_domain.c:1087
6ae9ed
    disk=0x7fffb4002ae0, vm=0x7fffc03a2580, driver=0x7fffc02ca390,
6ae9ed
    conn=0x7fffb00009a0) at qemu/qemu_hotplug.c:355
6ae9ed
6ae9ed
Upon entry to qemuDomainAttachVirtioDiskDevice, src->encryption points
6ae9ed
at a valid 'secret' buffer w/ nsecrets == 1; however, the call to
6ae9ed
qemuDomainDetermineDiskChain will call virStorageFileGetMetadata
6ae9ed
and eventually virStorageFileGetMetadataInternal where the src->encryption
6ae9ed
was overwritten when probing the volume.
6ae9ed
6ae9ed
Commit id 'a48c7141' added code to virStorageFileGetMetadataInternal
6ae9ed
to determine if the disk/volume would use/need encryption and allocated
6ae9ed
a meta->encryption. This overwrote an existing encryption buffer
6ae9ed
already provided by the XML
6ae9ed
6ae9ed
This patch adds a check for meta->encryption already present before
6ae9ed
just allocating and overwriting an existing buffer. It then checks the
6ae9ed
existing encryption data to ensure the XML provided format for the
6ae9ed
disk matches the expected format read from the disk and errors if there
6ae9ed
is a mismatch.
6ae9ed
6ae9ed
(cherry picked from commit b4478c16c02f28d88673709947124c6ea2fb4c7b)
6ae9ed
Signed-off-by: John Ferlan <jferlan@redhat.com>
6ae9ed
---
6ae9ed
 src/util/virstoragefile.c | 17 ++++++++++++++---
6ae9ed
 1 file changed, 14 insertions(+), 3 deletions(-)
6ae9ed
6ae9ed
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
6ae9ed
index 471aa1f..feeb061 100644
6ae9ed
--- a/src/util/virstoragefile.c
6ae9ed
+++ b/src/util/virstoragefile.c
6ae9ed
@@ -950,10 +950,21 @@ virStorageFileGetMetadataInternal(virStorageSourcePtr meta,
6ae9ed
         for (i = 0; fileTypeInfo[meta->format].cryptInfo[i].format != 0; i++) {
6ae9ed
             if (virStorageFileHasEncryptionFormat(&fileTypeInfo[meta->format].cryptInfo[i],
6ae9ed
                                                   buf, len)) {
6ae9ed
-                if (VIR_ALLOC(meta->encryption) < 0)
6ae9ed
-                    goto cleanup;
6ae9ed
+                int expt_fmt = fileTypeInfo[meta->format].cryptInfo[i].format;
6ae9ed
+                if (!meta->encryption) {
6ae9ed
+                    if (VIR_ALLOC(meta->encryption) < 0)
6ae9ed
+                        goto cleanup;
6ae9ed
 
6ae9ed
-                meta->encryption->format = fileTypeInfo[meta->format].cryptInfo[i].format;
6ae9ed
+                    meta->encryption->format = expt_fmt;
6ae9ed
+                } else {
6ae9ed
+                    if (meta->encryption->format != expt_fmt) {
6ae9ed
+                        virReportError(VIR_ERR_XML_ERROR,
6ae9ed
+                                       _("encryption format %d doesn't match "
6ae9ed
+                                         "expected format %d"),
6ae9ed
+                                       meta->encryption->format, expt_fmt);
6ae9ed
+                        goto cleanup;
6ae9ed
+                    }
6ae9ed
+                }
6ae9ed
             }
6ae9ed
         }
6ae9ed
     }
6ae9ed
-- 
6ae9ed
2.9.2
6ae9ed