From 84664353b00622571f099cf3306b317b7a67072f Mon Sep 17 00:00:00 2001
Message-Id: <84664353b00622571f099cf3306b317b7a67072f@dist-git>
From: John Ferlan <jferlan@redhat.com>
Date: Tue, 3 Jan 2017 13:31:55 -0500
Subject: [PATCH] qemu: Don't assume secret provided for LUKS encryption
7.4: https://bugzilla.redhat.com/show_bug.cgi?id=1405269
If a secret was not provided for what was determined to be a LUKS
encrypted disk (during virStorageFileGetMetadata processing when
called from qemuDomainDetermineDiskChain as a result of hotplug
attach qemuDomainAttachDeviceDiskLive), then do not attempt to
look it up (avoiding a libvirtd crash) and do not alter the format
to "luks" when adding the disk; otherwise, the device_add would
fail with a message such as:
"unable to execute QEMU command 'device_add': Property 'scsi-hd.drive'
can't find value 'drive-scsi0-0-0-0'"
because of assumptions that when the format=luks that libvirt would have
provided the secret to decrypt the volume.
Access to unlock the volume will thus be left to the application.
(cherry picked from commit 7f7d99048350935a394d07b98a13d7da9c4b0502)
https://bugzilla.redhat.com/show_bug.cgi?id=1411394
Signed-off-by: John Ferlan <jferlan@redhat.com>
---
src/qemu/qemu_command.c | 3 +--
src/qemu/qemu_domain.c | 15 +++++++++++++--
src/qemu/qemu_domain.h | 3 +++
src/qemu/qemu_hotplug.c | 3 +--
4 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index ade9e2524..bd01a0f76 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1312,8 +1312,7 @@ qemuBuildDriveSourceStr(virDomainDiskDefPtr disk,
if (disk->src->format > 0 &&
disk->src->type != VIR_STORAGE_TYPE_DIR) {
const char *qemuformat = virStorageFileFormatTypeToString(disk->src->format);
- if (disk->src->encryption &&
- disk->src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS)
+ if (qemuDomainDiskHasEncryptionSecret(disk->src))
qemuformat = "luks";
virBufferAsprintf(buf, "format=%s,", qemuformat);
}
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 3d2650fd5..b91db229f 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1037,6 +1037,18 @@ qemuDomainSecretDiskCapable(virStorageSourcePtr src)
}
+bool
+qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
+{
+ if (!virStorageSourceIsEmpty(src) && src->encryption &&
+ src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
+ src->encryption->nsecrets > 0)
+ return true;
+
+ return false;
+}
+
+
/* qemuDomainSecretDiskPrepare:
* @conn: Pointer to connection
* @priv: pointer to domain private object
@@ -1075,8 +1087,7 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn,
diskPriv->secinfo = secinfo;
}
- if (!virStorageSourceIsEmpty(src) && src->encryption &&
- src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) {
+ if (qemuDomainDiskHasEncryptionSecret(src)) {
if (VIR_ALLOC(secinfo) < 0)
return -1;
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 66ffe5817..e6eda2388 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -698,6 +698,9 @@ void qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk)
bool qemuDomainSecretDiskCapable(virStorageSourcePtr src)
ATTRIBUTE_NONNULL(1);
+bool qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
+ ATTRIBUTE_NONNULL(1);
+
int qemuDomainSecretDiskPrepare(virConnectPtr conn,
qemuDomainObjPrivatePtr priv,
virDomainDiskDefPtr disk)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 967c7c0b7..b7302a5f9 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -3148,8 +3148,7 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
/* Similarly, if this is possible a device using LUKS encryption, we
* can remove the luks object password too
*/
- if (!virStorageSourceIsEmpty(disk->src) && disk->src->encryption &&
- disk->src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) {
+ if (qemuDomainDiskHasEncryptionSecret(disk->src)) {
if (!(encAlias =
qemuDomainGetSecretAESAlias(disk->info.alias, true))) {
--
2.11.1