|
 |
a41c76 |
From 881121d506d6482d4bdbf557994f31d6eb55af3f Mon Sep 17 00:00:00 2001
|
|
|
a41c76 |
Message-Id: <881121d506d6482d4bdbf557994f31d6eb55af3f@dist-git>
|
|
|
a41c76 |
From: Peter Krempa <pkrempa@redhat.com>
|
|
|
a41c76 |
Date: Mon, 16 Mar 2020 22:11:47 +0100
|
|
|
a41c76 |
Subject: [PATCH] qemuDomainSecretAESSetup: Split out lookup of secret data
|
|
|
a41c76 |
MIME-Version: 1.0
|
|
|
a41c76 |
Content-Type: text/plain; charset=UTF-8
|
|
|
a41c76 |
Content-Transfer-Encoding: 8bit
|
|
|
a41c76 |
|
|
|
a41c76 |
Split out the lookup of the secret from the secret driver into
|
|
|
a41c76 |
qemuDomainSecretAESSetupFromSecret so that we can also instantiate
|
|
|
a41c76 |
secret objects in qemu with data from other sources.
|
|
|
a41c76 |
|
|
|
a41c76 |
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
|
|
a41c76 |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
a41c76 |
(cherry picked from commit 88663e59ef62346cdea7e260c5d598c2e738c674)
|
|
|
a41c76 |
|
|
|
a41c76 |
https://bugzilla.redhat.com/show_bug.cgi?id=1804750
|
|
|
a41c76 |
Message-Id: <159609ccfe0ca42a20409e83f3f0d521113d8938.1584391726.git.pkrempa@redhat.com>
|
|
|
a41c76 |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
a41c76 |
---
|
|
|
a41c76 |
src/qemu/qemu_domain.c | 87 ++++++++++++++++++++++++++----------------
|
|
|
a41c76 |
1 file changed, 54 insertions(+), 33 deletions(-)
|
|
|
a41c76 |
|
|
|
a41c76 |
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
|
|
|
a41c76 |
index 37e361b1f4..c286f50650 100644
|
|
|
a41c76 |
--- a/src/qemu/qemu_domain.c
|
|
|
a41c76 |
+++ b/src/qemu/qemu_domain.c
|
|
|
a41c76 |
@@ -1522,37 +1522,28 @@ qemuDomainSecretPlainSetup(qemuDomainSecretInfoPtr secinfo,
|
|
|
a41c76 |
|
|
|
a41c76 |
/* qemuDomainSecretAESSetup:
|
|
|
a41c76 |
* @priv: pointer to domain private object
|
|
|
a41c76 |
- * @secinfo: Pointer to secret info
|
|
|
a41c76 |
- * @srcalias: Alias of the disk/hostdev used to generate the secret alias
|
|
|
a41c76 |
- * @usageType: The virSecretUsageType
|
|
|
a41c76 |
- * @username: username to use for authentication (may be NULL)
|
|
|
a41c76 |
- * @seclookupdef: Pointer to seclookupdef data
|
|
|
a41c76 |
- * @isLuks: True/False for is for luks (alias generation)
|
|
|
a41c76 |
+ * @alias: alias of the secret
|
|
|
a41c76 |
+ * @username: username to use (may be NULL)
|
|
|
a41c76 |
+ * @secret: secret data
|
|
|
a41c76 |
+ * @secretlen: length of @secret
|
|
|
a41c76 |
*
|
|
|
a41c76 |
- * Encrypts a secret looked up via @seclookupdef for use with qemu.
|
|
|
a41c76 |
+ * Encrypts @secret for use with qemu.
|
|
|
a41c76 |
*
|
|
|
a41c76 |
* Returns qemuDomainSecretInfoPtr filled with the necessary information.
|
|
|
a41c76 |
*/
|
|
|
a41c76 |
static qemuDomainSecretInfoPtr
|
|
|
a41c76 |
qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr priv,
|
|
|
a41c76 |
- const char *srcalias,
|
|
|
a41c76 |
- virSecretUsageType usageType,
|
|
|
a41c76 |
+ const char *alias,
|
|
|
a41c76 |
const char *username,
|
|
|
a41c76 |
- virSecretLookupTypeDefPtr seclookupdef,
|
|
|
a41c76 |
- bool isLuks)
|
|
|
a41c76 |
+ uint8_t *secret,
|
|
|
a41c76 |
+ size_t secretlen)
|
|
|
a41c76 |
{
|
|
|
a41c76 |
g_autoptr(qemuDomainSecretInfo) secinfo = NULL;
|
|
|
a41c76 |
- g_autoptr(virConnect) conn = virGetConnectSecret();
|
|
|
a41c76 |
g_autofree uint8_t *raw_iv = NULL;
|
|
|
a41c76 |
size_t ivlen = QEMU_DOMAIN_AES_IV_LEN;
|
|
|
a41c76 |
- uint8_t *secret = NULL;
|
|
|
a41c76 |
- size_t secretlen = 0;
|
|
|
a41c76 |
g_autofree uint8_t *ciphertext = NULL;
|
|
|
a41c76 |
size_t ciphertextlen = 0;
|
|
|
a41c76 |
|
|
|
a41c76 |
- if (!conn)
|
|
|
a41c76 |
- return NULL;
|
|
|
a41c76 |
-
|
|
|
a41c76 |
if (!qemuDomainSupportsEncryptedSecret(priv)) {
|
|
|
a41c76 |
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
|
|
|
a41c76 |
_("encrypted secrets are not supported"));
|
|
|
a41c76 |
@@ -1562,11 +1553,9 @@ qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr priv,
|
|
|
a41c76 |
secinfo = g_new0(qemuDomainSecretInfo, 1);
|
|
|
a41c76 |
|
|
|
a41c76 |
secinfo->type = VIR_DOMAIN_SECRET_INFO_TYPE_AES;
|
|
|
a41c76 |
+ secinfo->s.aes.alias = g_strdup(alias);
|
|
|
a41c76 |
secinfo->s.aes.username = g_strdup(username);
|
|
|
a41c76 |
|
|
|
a41c76 |
- if (!(secinfo->s.aes.alias = qemuDomainGetSecretAESAlias(srcalias, isLuks)))
|
|
|
a41c76 |
- return NULL;
|
|
|
a41c76 |
-
|
|
|
a41c76 |
raw_iv = g_new0(uint8_t, ivlen);
|
|
|
a41c76 |
|
|
|
a41c76 |
/* Create a random initialization vector */
|
|
|
a41c76 |
@@ -1576,29 +1565,61 @@ qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr priv,
|
|
|
a41c76 |
/* Encode the IV and save that since qemu will need it */
|
|
|
a41c76 |
secinfo->s.aes.iv = g_base64_encode(raw_iv, ivlen);
|
|
|
a41c76 |
|
|
|
a41c76 |
- /* Grab the unencoded secret */
|
|
|
a41c76 |
- if (virSecretGetSecretString(conn, seclookupdef, usageType,
|
|
|
a41c76 |
- &secret, &secretlen) < 0)
|
|
|
a41c76 |
- goto error;
|
|
|
a41c76 |
-
|
|
|
a41c76 |
if (virCryptoEncryptData(VIR_CRYPTO_CIPHER_AES256CBC,
|
|
|
a41c76 |
priv->masterKey, QEMU_DOMAIN_MASTER_KEY_LEN,
|
|
|
a41c76 |
raw_iv, ivlen, secret, secretlen,
|
|
|
a41c76 |
&ciphertext, &ciphertextlen) < 0)
|
|
|
a41c76 |
- goto error;
|
|
|
a41c76 |
-
|
|
|
a41c76 |
- /* Clear out the secret */
|
|
|
a41c76 |
- memset(secret, 0, secretlen);
|
|
|
a41c76 |
+ return NULL;
|
|
|
a41c76 |
|
|
|
a41c76 |
/* Now encode the ciphertext and store to be passed to qemu */
|
|
|
a41c76 |
secinfo->s.aes.ciphertext = g_base64_encode(ciphertext,
|
|
|
a41c76 |
ciphertextlen);
|
|
|
a41c76 |
|
|
|
a41c76 |
return g_steal_pointer(&secinfo);
|
|
|
a41c76 |
+}
|
|
|
a41c76 |
+
|
|
|
a41c76 |
+
|
|
|
a41c76 |
+/**
|
|
|
a41c76 |
+ * qemuDomainSecretAESSetupFromSecret:
|
|
|
a41c76 |
+ * @priv: pointer to domain private object
|
|
|
a41c76 |
+ * @srcalias: Alias of the disk/hostdev used to generate the secret alias
|
|
|
a41c76 |
+ * @usageType: The virSecretUsageType
|
|
|
a41c76 |
+ * @username: username to use for authentication (may be NULL)
|
|
|
a41c76 |
+ * @seclookupdef: Pointer to seclookupdef data
|
|
|
a41c76 |
+ * @isLuks: True/False for is for luks (alias generation)
|
|
|
a41c76 |
+ *
|
|
|
a41c76 |
+ * Looks up a secret in the secret driver based on @usageType and @seclookupdef
|
|
|
a41c76 |
+ * and builds qemuDomainSecretInfoPtr from it.
|
|
|
a41c76 |
+ */
|
|
|
a41c76 |
+static qemuDomainSecretInfoPtr
|
|
|
a41c76 |
+qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivatePtr priv,
|
|
|
a41c76 |
+ const char *srcalias,
|
|
|
a41c76 |
+ virSecretUsageType usageType,
|
|
|
a41c76 |
+ const char *username,
|
|
|
a41c76 |
+ virSecretLookupTypeDefPtr seclookupdef,
|
|
|
a41c76 |
+ bool isLuks)
|
|
|
a41c76 |
+{
|
|
|
a41c76 |
+ g_autoptr(virConnect) conn = virGetConnectSecret();
|
|
|
a41c76 |
+ qemuDomainSecretInfoPtr secinfo;
|
|
|
a41c76 |
+ g_autofree char *alias = NULL;
|
|
|
a41c76 |
+ uint8_t *secret = NULL;
|
|
|
a41c76 |
+ size_t secretlen = 0;
|
|
|
a41c76 |
+
|
|
|
a41c76 |
+ if (!conn)
|
|
|
a41c76 |
+ return NULL;
|
|
|
a41c76 |
+
|
|
|
a41c76 |
+ if (!(alias = qemuDomainGetSecretAESAlias(srcalias, isLuks)))
|
|
|
a41c76 |
+ return NULL;
|
|
|
a41c76 |
+
|
|
|
a41c76 |
+ if (virSecretGetSecretString(conn, seclookupdef, usageType,
|
|
|
a41c76 |
+ &secret, &secretlen) < 0)
|
|
|
a41c76 |
+ return NULL;
|
|
|
a41c76 |
+
|
|
|
a41c76 |
+ secinfo = qemuDomainSecretAESSetup(priv, alias, username, secret, secretlen);
|
|
|
a41c76 |
|
|
|
a41c76 |
- error:
|
|
|
a41c76 |
VIR_DISPOSE_N(secret, secretlen);
|
|
|
a41c76 |
- return NULL;
|
|
|
a41c76 |
+
|
|
|
a41c76 |
+ return secinfo;
|
|
|
a41c76 |
}
|
|
|
a41c76 |
|
|
|
a41c76 |
|
|
|
a41c76 |
@@ -1670,8 +1691,8 @@ qemuDomainSecretInfoNew(qemuDomainObjPrivatePtr priv,
|
|
|
a41c76 |
virSecretLookupTypeDefPtr lookupDef,
|
|
|
a41c76 |
bool isLuks)
|
|
|
a41c76 |
{
|
|
|
a41c76 |
- return qemuDomainSecretAESSetup(priv, srcAlias, usageType, username,
|
|
|
a41c76 |
- lookupDef, isLuks);
|
|
|
a41c76 |
+ return qemuDomainSecretAESSetupFromSecret(priv, srcAlias, usageType, username,
|
|
|
a41c76 |
+ lookupDef, isLuks);
|
|
|
a41c76 |
}
|
|
|
a41c76 |
|
|
|
a41c76 |
|
|
|
a41c76 |
--
|
|
|
a41c76 |
2.25.1
|
|
|
a41c76 |
|