From patchwork Wed Jan 20 17:38:59 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 570825 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 29CDE14031D for ; Thu, 21 Jan 2016 04:43:52 +1100 (AEDT) Received: from localhost ([::1]:44446 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLwnO-0007ZA-9K for incoming@patchwork.ozlabs.org; Wed, 20 Jan 2016 12:43:50 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:48496) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLwjR-0008Ud-7r for qemu-devel@nongnu.org; Wed, 20 Jan 2016 12:39:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aLwjK-0007WZ-TX for qemu-devel@nongnu.org; Wed, 20 Jan 2016 12:39:44 -0500 Received: from mx1.redhat.com ([209.132.183.28]:56438) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aLwjH-0007VP-UA; Wed, 20 Jan 2016 12:39:36 -0500 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (Postfix) with ESMTPS id 8A355C0AD1CE; Wed, 20 Jan 2016 17:39:35 +0000 (UTC) Received: from t530wlan.home.berrange.com.com (vpn1-6-168.ams2.redhat.com [10.36.6.168]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u0KHd3ea026310; Wed, 20 Jan 2016 12:39:34 -0500 From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Wed, 20 Jan 2016 17:38:59 +0000 Message-Id: <1453311539-1193-18-git-send-email-berrange@redhat.com> In-Reply-To: <1453311539-1193-1-git-send-email-berrange@redhat.com> References: <1453311539-1193-1-git-send-email-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 209.132.183.28 Cc: Kevin Wolf , Fam Zheng , qemu-block@nongnu.org Subject: [Qemu-devel] [PATCH v2 17/17] block: remove support for legecy AES qcow/qcow2 encryption X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Refuse to use images with the legacy AES-CBC encryption format in the system emulators. They are still fully supported in the qemu-img, qemu-io & qemu-nbd tools in order to allow data to be liberated and for compatibility with older QEMU versions. Continued support in these tools is not a notable burden with the new FDE framework. Signed-off-by: Daniel P. Berrange --- block.c | 12 +++++------- block/qcow.c | 8 ++++++++ block/qcow2.c | 8 ++++++++ include/block/block.h | 1 + tests/qemu-iotests/049.out | 3 --- tests/qemu-iotests/087.out | 12 ------------ tests/qemu-iotests/134.out | 12 ------------ 7 files changed, 22 insertions(+), 34 deletions(-) diff --git a/block.c b/block.c index 5403355..b59bd81 100644 --- a/block.c +++ b/block.c @@ -312,6 +312,11 @@ static int bdrv_is_whitelisted(BlockDriver *drv, bool read_only) return 0; } +bool bdrv_uses_whitelist(void) +{ + return use_bdrv_whitelist; +} + typedef struct CreateCo { BlockDriver *drv; char *filename; @@ -1021,13 +1026,6 @@ static int bdrv_open_common(BlockDriverState *bs, BdrvChild *file, goto free_and_fail; } - if (bs->encrypted) { - error_report("Encrypted images are deprecated"); - error_printf("Support for them will be removed in a future release.\n" - "You can use 'qemu-img convert' to convert your image" - " to an unencrypted one.\n"); - } - ret = refresh_total_sectors(bs, bs->total_sectors); if (ret < 0) { error_setg_errno(errp, -ret, "Could not refresh total sector count"); diff --git a/block/qcow.c b/block/qcow.c index 2fc7c3c..3ae438e 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -180,6 +180,14 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags, s->crypt_method_header = header.crypt_method; if (s->crypt_method_header) { if (s->crypt_method_header == QCOW_CRYPT_AES) { + if (bdrv_uses_whitelist()) { + error_setg(errp, + "Use of AES-CBC encrypted qcow images is no longer " + "supported. Please use the qcow2 LUKS format instead."); + ret = -ENOSYS; + goto fail; + } + ov = opts_visitor_new(opts); crypto_opts = g_new0(QCryptoBlockOpenOptions, 1); diff --git a/block/qcow2.c b/block/qcow2.c index 1fbae85..a737c6c 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -1209,6 +1209,14 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags, s->crypt_method_header = header.crypt_method; if (s->crypt_method_header) { + if (bdrv_uses_whitelist() && + s->crypt_method_header == QCOW_CRYPT_AES) { + error_setg(errp, + "Use of AES-CBC encrypted qcow2 images is no longer " + "supported. Please use the qcow2 LUKS format instead."); + ret = -ENOSYS; + goto fail; + } bs->encrypted = 1; } diff --git a/include/block/block.h b/include/block/block.h index 379a24c..58006d2 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -190,6 +190,7 @@ void bdrv_io_limits_update_group(BlockDriverState *bs, const char *group); void bdrv_init(void); void bdrv_init_with_whitelist(void); +bool bdrv_uses_whitelist(void); BlockDriver *bdrv_find_protocol(const char *filename, bool allow_protocol_prefix, Error **errp); diff --git a/tests/qemu-iotests/049.out b/tests/qemu-iotests/049.out index c9f0bc5..e0bedc0 100644 --- a/tests/qemu-iotests/049.out +++ b/tests/qemu-iotests/049.out @@ -187,9 +187,6 @@ qemu-img create -f qcow2 -o encryption=off TEST_DIR/t.qcow2 64M Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16 qemu-img create -f qcow2 --object secret,id=sec0,data=123456 -o encryption=on,key-secret=sec0 TEST_DIR/t.qcow2 64M -qemu-img: Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 size=67108864 encryption=on cluster_size=65536 lazy_refcounts=off refcount_bits=16 key-secret=sec0 == Check lazy_refcounts option (only with v3) == diff --git a/tests/qemu-iotests/087.out b/tests/qemu-iotests/087.out index 6582dda..b8842d5 100644 --- a/tests/qemu-iotests/087.out +++ b/tests/qemu-iotests/087.out @@ -38,17 +38,11 @@ QMP_VERSION === Encrypted image === -qemu-img: Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on key-secret=sec0 Testing: -S QMP_VERSION {"return": {}} {"return": {}} -Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. {"return": {}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"} @@ -57,9 +51,6 @@ Testing: QMP_VERSION {"return": {}} {"return": {}} -Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. {"return": {}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN"} @@ -67,9 +58,6 @@ You can use 'qemu-img convert' to convert your image to an unencrypted one. === Missing driver === -qemu-img: Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on key-secret=sec0 Testing: -S QMP_VERSION diff --git a/tests/qemu-iotests/134.out b/tests/qemu-iotests/134.out index e9bf302..d498570 100644 --- a/tests/qemu-iotests/134.out +++ b/tests/qemu-iotests/134.out @@ -1,27 +1,15 @@ QA output created by 134 -qemu-img: Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 encryption=on key-secret=sec0 == reading whole image == -Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. read 134217728/134217728 bytes at offset 0 128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) == rewriting whole image == -Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. wrote 134217728/134217728 bytes at offset 0 128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) == verify pattern == -Encrypted images are deprecated -Support for them will be removed in a future release. -You can use 'qemu-img convert' to convert your image to an unencrypted one. read 134217728/134217728 bytes at offset 0 128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)