[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 1/5] qcow2/qcow: protect against uninitialized e

From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH 1/5] qcow2/qcow: protect against uninitialized encryption key
Date: Tue, 12 May 2015 12:06:17 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0

On 05/12/2015 10:09 AM, Daniel P. Berrange wrote:
> When a qcow[2] file is opened, if the header reports an
> encryption method, this is used to set the 'crypt_method_header'
> field on the BDRVQcow[2]State struct, and the 'encrypted' flag
> in the BDRVState struct.
> When doing I/O operations, the 'crypt_method' field on the
> BDRVQcow[2]State struct is checked to determine if encryption
> needs to be applied.
> The crypt_method_header value is copied into crypt_method when
> the bdrv_set_key() method is called.
> The QEMU code which opens a block device is expected to always
> do a check
>    if (bdrv_is_encrypted(bs)) {
>        bdrv_set_key(bs, ....key...);
>    }
> If code forgets todo this, then 'crypt_method' is never set

s/todo/to do/

> and so when I/O is performed, QEMU writes plain text data
> into a sector which is expected to contain cipher text, or
> when reading, will return cipher text instead of plain
> text.
> Change the qcow[2] code to consult bs->encrypted when deciding
> whether encryption is required, and assert(s->crypt_method)
> to protect against cases where the caller forgets to set the
> encryption key.
> Also put an assert in the set_key methods to protect against
> the case where the caller sets an encryption key on a block
> device that does not have encryption
> Signed-off-by: Daniel P. Berrange <address@hidden>
> ---
>  block/qcow.c          | 10 +++++++---
>  block/qcow2-cluster.c |  3 ++-
>  block/qcow2.c         | 18 ++++++++++++------
>  3 files changed, 21 insertions(+), 10 deletions(-)

Reviewed-by: Eric Blake <address@hidden>

Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]