[v6,03/14] block/amend: add 'force' option

Message ID	20200510134037.18487-4-mlevitsk@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Maxim Levitsky <mlevitsk@redhat.com> To: qemu-devel@nongnu.org Subject: [PATCH v6 03/14] block/amend: add 'force' option Date: Sun, 10 May 2020 16:40:26 +0300 Message-Id: <20200510134037.18487-4-mlevitsk@redhat.com> In-Reply-To: <20200510134037.18487-1-mlevitsk@redhat.com> References: <20200510134037.18487-1-mlevitsk@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=205.139.110.61; envelope-from=mlevitsk@redhat.com; helo=us-smtp-delivery-1.mimecast.com Precedence: list Cc: Kevin Wolf <kwolf@redhat.com>, =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com>, qemu-block@nongnu.org, John Snow <jsnow@redhat.com>, Markus Armbruster <armbru@redhat.com>, Max Reitz <mreitz@redhat.com>, Maxim Levitsky <mlevitsk@redhat.com> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	LUKS: encryption slot management using amend interface \| expand [v6,00/14] LUKS: encryption slot management using amend interface [v6,01/14] qcrypto/core: add generic infrastructure for crypto options amendment [v6,02/14] qcrypto/luks: implement encryption key management [v6,03/14] block/amend: add 'force' option [v6,04/14] block/amend: separate amend and create options for qemu-img [v6,05/14] block/amend: refactor qcow2 amend options [v6,06/14] block/crypto: rename two functions [v6,07/14] block/crypto: implement the encryption key management [v6,08/14] block/qcow2: extend qemu-img amend interface with crypto options [v6,09/14] iotests: filter few more luks specific create options [v6,10/14] iotests: qemu-img tests for luks key management [v6,11/14] block/core: add generic infrastructure for x-blockdev-amend qmp command [v6,12/14] block/crypto: implement blockdev-amend [v6,13/14] block/qcow2: implement blockdev-amend [v6,14/14] iotests: add tests for blockdev-amend

Message ID

20200510134037.18487-4-mlevitsk@redhat.com

State

New

Headers

From: Maxim Levitsky <mlevitsk@redhat.com>
To: qemu-devel@nongnu.org
Subject: [PATCH v6 03/14] block/amend: add 'force' option
Date: Sun, 10 May 2020 16:40:26 +0300
Message-Id: <20200510134037.18487-4-mlevitsk@redhat.com>
In-Reply-To: <20200510134037.18487-1-mlevitsk@redhat.com>
References: <20200510134037.18487-1-mlevitsk@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=205.139.110.61;
 envelope-from=mlevitsk@redhat.com;
 helo=us-smtp-delivery-1.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001 autolearn=_AUTOLEARN
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Kevin Wolf <kwolf@redhat.com>,
 =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com>,
 qemu-block@nongnu.org, John Snow <jsnow@redhat.com>,
 Markus Armbruster <armbru@redhat.com>, Max Reitz <mreitz@redhat.com>,
 Maxim Levitsky <mlevitsk@redhat.com>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

LUKS: encryption slot management using amend interface | expand

Commit Message

Maxim Levitsky May 10, 2020, 1:40 p.m. UTC

'force' option will be used for some unsafe amend operations.

This includes things like erasing last keyslot in luks based formats
(which destroys the data, unless the master key is backed up
by external means), but that _might_ be desired result.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
---
 block.c                   | 4 +++-
 block/qcow2.c             | 1 +
 docs/tools/qemu-img.rst   | 5 ++++-
 include/block/block.h     | 1 +
 include/block/block_int.h | 1 +
 qemu-img-cmds.hx          | 4 ++--
 qemu-img.c                | 8 +++++++-
 7 files changed, 19 insertions(+), 5 deletions(-)

Comments

Max Reitz May 14, 2020, 12:18 p.m. UTC | #1

On 10.05.20 15:40, Maxim Levitsky wrote:
> 'force' option will be used for some unsafe amend operations.
> 
> This includes things like erasing last keyslot in luks based formats
> (which destroys the data, unless the master key is backed up
> by external means), but that _might_ be desired result.
> 
> Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>  block.c                   | 4 +++-
>  block/qcow2.c             | 1 +
>  docs/tools/qemu-img.rst   | 5 ++++-
>  include/block/block.h     | 1 +
>  include/block/block_int.h | 1 +
>  qemu-img-cmds.hx          | 4 ++--
>  qemu-img.c                | 8 +++++++-
>  7 files changed, 19 insertions(+), 5 deletions(-)

[...]

> diff --git a/docs/tools/qemu-img.rst b/docs/tools/qemu-img.rst
> index 0080f83a76..fc2dca6649 100644
> --- a/docs/tools/qemu-img.rst
> +++ b/docs/tools/qemu-img.rst
> @@ -249,11 +249,14 @@ Command description:
>  
>  .. program:: qemu-img-commands
>  
> -.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] -o OPTIONS FILENAME
> +.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] [--force] -o OPTIONS FILENAME
>  
>    Amends the image format specific *OPTIONS* for the image file
>    *FILENAME*. Not all file formats support this operation.
>  
> +  --force allows some unsafe operations. Currently for -f luks, it allows to
> +  erase last encryption key, and to overwrite an active encryption key.

*erase the last encryption key

With that fixed:

Reviewed-by: Max Reitz <mreitz@redhat.com>

Maxim Levitsky May 17, 2020, 8:15 a.m. UTC | #2

On Thu, 2020-05-14 at 14:18 +0200, Max Reitz wrote:
> On 10.05.20 15:40, Maxim Levitsky wrote:
> > 'force' option will be used for some unsafe amend operations.
> > 
> > This includes things like erasing last keyslot in luks based formats
> > (which destroys the data, unless the master key is backed up
> > by external means), but that _might_ be desired result.
> > 
> > Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
> > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> > ---
> >  block.c                   | 4 +++-
> >  block/qcow2.c             | 1 +
> >  docs/tools/qemu-img.rst   | 5 ++++-
> >  include/block/block.h     | 1 +
> >  include/block/block_int.h | 1 +
> >  qemu-img-cmds.hx          | 4 ++--
> >  qemu-img.c                | 8 +++++++-
> >  7 files changed, 19 insertions(+), 5 deletions(-)
> 
> [...]
> 
> > diff --git a/docs/tools/qemu-img.rst b/docs/tools/qemu-img.rst
> > index 0080f83a76..fc2dca6649 100644
> > --- a/docs/tools/qemu-img.rst
> > +++ b/docs/tools/qemu-img.rst
> > @@ -249,11 +249,14 @@ Command description:
> >  
> >  .. program:: qemu-img-commands
> >  
> > -.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] -o OPTIONS FILENAME
> > +.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] [--force] -o OPTIONS FILENAME
> >  
> >    Amends the image format specific *OPTIONS* for the image file
> >    *FILENAME*. Not all file formats support this operation.
> >  
> > +  --force allows some unsafe operations. Currently for -f luks, it allows to
> > +  erase last encryption key, and to overwrite an active encryption key.
> 
> *erase the last encryption key
Fixed, thanks!
> 
> With that fixed:
> 
> Reviewed-by: Max Reitz <mreitz@redhat.com>
> 

Thanks for the review,
	Best regards,
		Maxim Levitsky

diff --git a/block.c b/block.c
index 0653ccb913..94a6e851b4 100644
--- a/block.c
+++ b/block.c
@@ -6356,6 +6356,7 @@  void bdrv_remove_aio_context_notifier(BlockDriverState *bs,
 
 int bdrv_amend_options(BlockDriverState *bs, QemuOpts *opts,
                        BlockDriverAmendStatusCB *status_cb, void *cb_opaque,
+                       bool force,
                        Error **errp)
 {
     if (!bs->drv) {
@@ -6367,7 +6368,8 @@  int bdrv_amend_options(BlockDriverState *bs, QemuOpts *opts,
                    bs->drv->format_name);
         return -ENOTSUP;
     }
-    return bs->drv->bdrv_amend_options(bs, opts, status_cb, cb_opaque, errp);
+    return bs->drv->bdrv_amend_options(bs, opts, status_cb,
+                                       cb_opaque, force, errp);
 }
 
 /*
diff --git a/block/qcow2.c b/block/qcow2.c
index 1ad95ff048..79fbad9d76 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -5227,6 +5227,7 @@  static void qcow2_amend_helper_cb(BlockDriverState *bs,
 static int qcow2_amend_options(BlockDriverState *bs, QemuOpts *opts,
                                BlockDriverAmendStatusCB *status_cb,
                                void *cb_opaque,
+                               bool force,
                                Error **errp)
 {
     BDRVQcow2State *s = bs->opaque;
diff --git a/docs/tools/qemu-img.rst b/docs/tools/qemu-img.rst
index 0080f83a76..fc2dca6649 100644
--- a/docs/tools/qemu-img.rst
+++ b/docs/tools/qemu-img.rst
@@ -249,11 +249,14 @@  Command description:
 
 .. program:: qemu-img-commands
 
-.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] -o OPTIONS FILENAME
+.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] [--force] -o OPTIONS FILENAME
 
   Amends the image format specific *OPTIONS* for the image file
   *FILENAME*. Not all file formats support this operation.
 
+  --force allows some unsafe operations. Currently for -f luks, it allows to
+  erase last encryption key, and to overwrite an active encryption key.
+
 .. option:: bench [-c COUNT] [-d DEPTH] [-f FMT] [--flush-interval=FLUSH_INTERVAL] [-i AIO] [-n] [--no-drain] [-o OFFSET] [--pattern=PATTERN] [-q] [-s BUFFER_SIZE] [-S STEP_SIZE] [-t CACHE] [-w] [-U] FILENAME
 
   Run a simple sequential I/O benchmark on the specified image. If ``-w`` is
diff --git a/include/block/block.h b/include/block/block.h
index 4de8d8f8a6..5b44a838d9 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -392,6 +392,7 @@  typedef void BlockDriverAmendStatusCB(BlockDriverState *bs, int64_t offset,
                                       int64_t total_work_size, void *opaque);
 int bdrv_amend_options(BlockDriverState *bs_new, QemuOpts *opts,
                        BlockDriverAmendStatusCB *status_cb, void *cb_opaque,
+                       bool force,
                        Error **errp);
 
 /* check if a named node can be replaced when doing drive-mirror */
diff --git a/include/block/block_int.h b/include/block/block_int.h
index df6d0273d6..952b2f033a 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -432,6 +432,7 @@  struct BlockDriver {
     int (*bdrv_amend_options)(BlockDriverState *bs, QemuOpts *opts,
                               BlockDriverAmendStatusCB *status_cb,
                               void *cb_opaque,
+                              bool force,
                               Error **errp);
 
     void (*bdrv_debug_event)(BlockDriverState *bs, BlkdebugEvent event);
diff --git a/qemu-img-cmds.hx b/qemu-img-cmds.hx
index c9c54de1df..9920f1f9d4 100644
--- a/qemu-img-cmds.hx
+++ b/qemu-img-cmds.hx
@@ -10,9 +10,9 @@  HXCOMM When amending the rST sections, please remember to copy the usage
 HXCOMM over to the per-command sections in qemu-img.texi.
 
 DEF("amend", img_amend,
-    "amend [--object objectdef] [--image-opts] [-p] [-q] [-f fmt] [-t cache] -o options filename")
+    "amend [--object objectdef] [--image-opts] [-p] [-q] [-f fmt] [-t cache] [--force] -o options filename")
 SRST
-.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] -o OPTIONS FILENAME
+.. option:: amend [--object OBJECTDEF] [--image-opts] [-p] [-q] [-f FMT] [-t CACHE] [--force] -o OPTIONS FILENAME
 ERST
 
 DEF("bench", img_bench,
diff --git a/qemu-img.c b/qemu-img.c
index 6a4327aaba..ef422d5471 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -71,6 +71,7 @@  enum {
     OPTION_SHRINK = 266,
     OPTION_SALVAGE = 267,
     OPTION_TARGET_IS_ZERO = 268,
+    OPTION_FORCE = 269,
 };
 
 typedef enum OutputFormat {
@@ -3958,6 +3959,7 @@  static int img_amend(int argc, char **argv)
     BlockBackend *blk = NULL;
     BlockDriverState *bs = NULL;
     bool image_opts = false;
+    bool force = false;
 
     cache = BDRV_DEFAULT_CACHE;
     for (;;) {
@@ -3965,6 +3967,7 @@  static int img_amend(int argc, char **argv)
             {"help", no_argument, 0, 'h'},
             {"object", required_argument, 0, OPTION_OBJECT},
             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
+            {"force", no_argument, 0, OPTION_FORCE},
             {0, 0, 0, 0}
         };
         c = getopt_long(argc, argv, ":ho:f:t:pq",
@@ -4012,6 +4015,9 @@  static int img_amend(int argc, char **argv)
         case OPTION_IMAGE_OPTS:
             image_opts = true;
             break;
+        case OPTION_FORCE:
+            force = true;
+            break;
         }
     }
 
@@ -4089,7 +4095,7 @@  static int img_amend(int argc, char **argv)
 
     /* In case the driver does not call amend_status_cb() */
     qemu_progress_print(0.f, 0);
-    ret = bdrv_amend_options(bs, opts, &amend_status_cb, NULL, &err);
+    ret = bdrv_amend_options(bs, opts, &amend_status_cb, NULL, force, &err);
     qemu_progress_print(100.f, 0);
     if (ret < 0) {
         error_report_err(err);

[v6,03/14] block/amend: add 'force' option

Commit Message

Comments

Patch