[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 19/22] qemu-io: prompt for encryption keys when requi
From: |
Kevin Wolf |
Subject: |
[Qemu-devel] [PULL 19/22] qemu-io: prompt for encryption keys when required |
Date: |
Fri, 22 May 2015 17:26:37 +0200 |
From: "Daniel P. Berrange" <address@hidden>
The qemu-io tool does not check if the image is encrypted so
historically would silently corrupt the sectors by writing
plain text data into them instead of cipher text. The earlier
commit turns this mistake into a fatal abort, so check for
encryption and prompt for key when required.
This enables us to add unit tests to ensure we don't break
the ability of qemu-img to convert existing encrypted qcow2
files into a non-encrypted format.
Signed-off-by: Daniel P. Berrange <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
---
qemu-io.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/qemu-io.c b/qemu-io.c
index ae5e274..9bc83c6 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -52,6 +52,7 @@ static const cmdinfo_t close_cmd = {
static int openfile(char *name, int flags, QDict *opts)
{
Error *local_err = NULL;
+ BlockDriverState *bs;
if (qemuio_blk) {
fprintf(stderr, "file open already, try 'help close'\n");
@@ -68,7 +69,27 @@ static int openfile(char *name, int flags, QDict *opts)
return 1;
}
+ bs = blk_bs(qemuio_blk);
+ if (bdrv_is_encrypted(bs)) {
+ char password[256];
+ printf("Disk image '%s' is encrypted.\n", name);
+ if (qemu_read_password(password, sizeof(password)) < 0) {
+ error_report("No password given");
+ goto error;
+ }
+ if (bdrv_set_key(bs, password) < 0) {
+ error_report("invalid password");
+ goto error;
+ }
+ }
+
+
return 0;
+
+ error:
+ blk_unref(qemuio_blk);
+ qemuio_blk = NULL;
+ return 1;
}
static void open_help(void)
--
1.8.3.1
- [Qemu-devel] [PULL 12/22] qemu-io: Use getopt() correctly, (continued)
- [Qemu-devel] [PULL 12/22] qemu-io: Use getopt() correctly, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 10/22] qcow2: make qcow2_cache_put() a void function, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 13/22] block: Detect multiplication overflow in bdrv_getlength, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 14/22] qemu-iotests: qemu-img info on afl VMDK image with a huge capacity, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 18/22] util: allow \n to terminate password input, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 16/22] qcow2/qcow: protect against uninitialized encryption key, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 17/22] util: move read_password method out of qemu-img into osdep/oslib, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 20/22] tests: add test case for encrypted qcow2 read/write, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 15/22] qemu-iotests: Make debugging python tests easier, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 21/22] MAINTAINERS: Add header files to Block Layer Core section, Kevin Wolf, 2015/05/22
- [Qemu-devel] [PULL 19/22] qemu-io: prompt for encryption keys when required,
Kevin Wolf <=
- [Qemu-devel] [PULL 22/22] MAINTAINERS: Split "Block QAPI, monitor, command line" off core, Kevin Wolf, 2015/05/22
- Re: [Qemu-devel] [PULL 00/22] Block layer core and image format patches, Peter Maydell, 2015/05/26