|
|
4a2fec |
From e28736d3d0b2e1a8bf4e9d0bb9c6bca8d972b043 Mon Sep 17 00:00:00 2001
|
|
|
4a2fec |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
4a2fec |
Date: Wed, 29 Nov 2017 15:09:19 +0100
|
|
|
4a2fec |
Subject: [PATCH 01/36] qcow2: don't permit changing encryption parameters
|
|
|
4a2fec |
|
|
|
4a2fec |
RH-Author: Daniel P. Berrange <berrange@redhat.com>
|
|
|
4a2fec |
Message-id: <20171129150920.8539-2-berrange@redhat.com>
|
|
|
4a2fec |
Patchwork-id: 77973
|
|
|
4a2fec |
O-Subject: [RHV-7.5 qemu-kvm-rhev PATCH 1/2] qcow2: don't permit changing encryption parameters
|
|
|
4a2fec |
Bugzilla: 1406803
|
|
|
4a2fec |
RH-Acked-by: Max Reitz <mreitz@redhat.com>
|
|
|
4a2fec |
RH-Acked-by: Jeffrey Cody <jcody@redhat.com>
|
|
|
4a2fec |
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
|
|
|
4a2fec |
|
|
|
4a2fec |
Currently if trying to change encryption parameters on a qcow2 image, qemu-img
|
|
|
4a2fec |
will abort. We already explicitly check for attempt to change encrypt.format
|
|
|
4a2fec |
but missed other parameters like encrypt.key-secret. Rather than list each
|
|
|
4a2fec |
parameter, just blacklist changing of all parameters with a 'encrypt.' prefix.
|
|
|
4a2fec |
|
|
|
4a2fec |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
4a2fec |
Reviewed-by: Alberto Garcia <berto@igalia.com>
|
|
|
4a2fec |
Reviewed-by: Eric Blake <eblake@redhat.com>
|
|
|
4a2fec |
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
|
4a2fec |
(cherry picked from commit f66afbe26f0c093d639610d70d16d7cc3183b652)
|
|
|
4a2fec |
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
|
4a2fec |
---
|
|
|
4a2fec |
block/qcow2.c | 3 +++
|
|
|
4a2fec |
1 file changed, 3 insertions(+)
|
|
|
4a2fec |
|
|
|
4a2fec |
diff --git a/block/qcow2.c b/block/qcow2.c
|
|
|
4a2fec |
index b26cbbf..6e8f753 100644
|
|
|
4a2fec |
--- a/block/qcow2.c
|
|
|
4a2fec |
+++ b/block/qcow2.c
|
|
|
4a2fec |
@@ -4044,6 +4044,9 @@ static int qcow2_amend_options(BlockDriverState *bs, QemuOpts *opts,
|
|
|
4a2fec |
error_report("Changing the encryption format is not supported");
|
|
|
4a2fec |
return -ENOTSUP;
|
|
|
4a2fec |
}
|
|
|
4a2fec |
+ } else if (g_str_has_prefix(desc->name, "encrypt.")) {
|
|
|
4a2fec |
+ error_report("Changing the encryption parameters is not supported");
|
|
|
4a2fec |
+ return -ENOTSUP;
|
|
|
4a2fec |
} else if (!strcmp(desc->name, BLOCK_OPT_CLUSTER_SIZE)) {
|
|
|
4a2fec |
cluster_size = qemu_opt_get_size(opts, BLOCK_OPT_CLUSTER_SIZE,
|
|
|
4a2fec |
cluster_size);
|
|
|
4a2fec |
--
|
|
|
4a2fec |
1.8.3.1
|
|
|
4a2fec |
|