From 84664353b00622571f099cf3306b317b7a67072f Mon Sep 17 00:00:00 2001 Message-Id: <84664353b00622571f099cf3306b317b7a67072f@dist-git> From: John Ferlan Date: Tue, 3 Jan 2017 13:31:55 -0500 Subject: [PATCH] qemu: Don't assume secret provided for LUKS encryption 7.4: https://bugzilla.redhat.com/show_bug.cgi?id=1405269 If a secret was not provided for what was determined to be a LUKS encrypted disk (during virStorageFileGetMetadata processing when called from qemuDomainDetermineDiskChain as a result of hotplug attach qemuDomainAttachDeviceDiskLive), then do not attempt to look it up (avoiding a libvirtd crash) and do not alter the format to "luks" when adding the disk; otherwise, the device_add would fail with a message such as: "unable to execute QEMU command 'device_add': Property 'scsi-hd.drive' can't find value 'drive-scsi0-0-0-0'" because of assumptions that when the format=luks that libvirt would have provided the secret to decrypt the volume. Access to unlock the volume will thus be left to the application. (cherry picked from commit 7f7d99048350935a394d07b98a13d7da9c4b0502) https://bugzilla.redhat.com/show_bug.cgi?id=1411394 Signed-off-by: John Ferlan --- src/qemu/qemu_command.c | 3 +-- src/qemu/qemu_domain.c | 15 +++++++++++++-- src/qemu/qemu_domain.h | 3 +++ src/qemu/qemu_hotplug.c | 3 +-- 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index ade9e2524..bd01a0f76 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -1312,8 +1312,7 @@ qemuBuildDriveSourceStr(virDomainDiskDefPtr disk, if (disk->src->format > 0 && disk->src->type != VIR_STORAGE_TYPE_DIR) { const char *qemuformat = virStorageFileFormatTypeToString(disk->src->format); - if (disk->src->encryption && - disk->src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) + if (qemuDomainDiskHasEncryptionSecret(disk->src)) qemuformat = "luks"; virBufferAsprintf(buf, "format=%s,", qemuformat); } diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 3d2650fd5..b91db229f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1037,6 +1037,18 @@ qemuDomainSecretDiskCapable(virStorageSourcePtr src) } +bool +qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src) +{ + if (!virStorageSourceIsEmpty(src) && src->encryption && + src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS && + src->encryption->nsecrets > 0) + return true; + + return false; +} + + /* qemuDomainSecretDiskPrepare: * @conn: Pointer to connection * @priv: pointer to domain private object @@ -1075,8 +1087,7 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn, diskPriv->secinfo = secinfo; } - if (!virStorageSourceIsEmpty(src) && src->encryption && - src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { + if (qemuDomainDiskHasEncryptionSecret(src)) { if (VIR_ALLOC(secinfo) < 0) return -1; diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 66ffe5817..e6eda2388 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -698,6 +698,9 @@ void qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk) bool qemuDomainSecretDiskCapable(virStorageSourcePtr src) ATTRIBUTE_NONNULL(1); +bool qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src) + ATTRIBUTE_NONNULL(1); + int qemuDomainSecretDiskPrepare(virConnectPtr conn, qemuDomainObjPrivatePtr priv, virDomainDiskDefPtr disk) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 967c7c0b7..b7302a5f9 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -3148,8 +3148,7 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver, /* Similarly, if this is possible a device using LUKS encryption, we * can remove the luks object password too */ - if (!virStorageSourceIsEmpty(disk->src) && disk->src->encryption && - disk->src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) { + if (qemuDomainDiskHasEncryptionSecret(disk->src)) { if (!(encAlias = qemuDomainGetSecretAESAlias(disk->info.alias, true))) { -- 2.11.1