[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH WIP 12/30] block: rip out all traces of password pro
From: |
Daniel P. Berrange |
Subject: |
[Qemu-devel] [PATCH WIP 12/30] block: rip out all traces of password prompting |
Date: |
Fri, 20 Nov 2015 18:04:12 +0000 |
Now that qcow & qcow2 are wired up to get encryption keys
via the QCryptoSecret object, all traces of code which
had to deal with prompting for passwords can be ripped
out.
When the image is initially opened, the encryption key
must be available immediately, or an error will be
reported.
$ qemu-system-x86_64 -drive file=secret.qcow2
qemu-system-x86_64: -drive file=secret.qcow2: Image is encrypted but no secret
is provided
Users must provide the secret with -object
$ echo 123456 > mypasswd.txt
qemu-system-x86_64 -drive file=secret.qcow2,keysecret=sec0 -object
secret,file=mypasswd.txt,id=sec0
The BDRV_O_NO_IO flag allows this error to be skipped,
for use when 'qemu-img info' wants to open the file
to query the headers, but not perform any actual I/O
operations.
Signed-off-by: Daniel P. Berrange <address@hidden>
---
block/qcow.c | 7 +++++
block/qcow2.c | 13 +++++++--
hmp.c | 31 --------------------
hw/usb/dev-storage.c | 34 ----------------------
include/block/block.h | 1 +
include/monitor/monitor.h | 7 -----
include/qemu/osdep.h | 2 --
monitor.c | 69 --------------------------------------------
qemu-img.c | 46 +++++++++++------------------
qemu-io.c | 21 --------------
qmp.c | 9 ------
tests/qemu-iotests/087 | 20 +++++++++++++
tests/qemu-iotests/087.out | 2 ++
tests/qemu-iotests/134 | 17 +++++++----
tests/qemu-iotests/134.out | 8 -----
tests/qemu-iotests/common.rc | 4 +--
util/oslib-posix.c | 66 ------------------------------------------
util/oslib-win32.c | 24 ---------------
18 files changed, 72 insertions(+), 309 deletions(-)
diff --git a/block/qcow.c b/block/qcow.c
index 719ed7c..ff80ef5 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -231,6 +231,13 @@ static int qcow_open(BlockDriverState *bs, QDict *options,
int flags,
if (s->crypt_method_header) {
bs->encrypted = 1;
}
+ if (!(flags & BDRV_O_NO_IO) &&
+ bs->encrypted && !s->cipher) {
+ error_setg(errp, "Image is encrypted but no secret is provided");
+ ret = -EINVAL;
+ goto fail;
+ }
+
s->cluster_bits = header.cluster_bits;
s->cluster_size = 1 << s->cluster_bits;
s->cluster_sectors = 1 << (s->cluster_bits - 9);
diff --git a/block/qcow2.c b/block/qcow2.c
index 1e6e975..d326148 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1136,6 +1136,13 @@ static int qcow2_open(BlockDriverState *bs, QDict
*options, int flags,
goto fail;
}
+ if (!(flags & BDRV_O_NO_IO) &&
+ bs->encrypted && !s->cipher) {
+ error_setg(errp, "Image is encrypted but no secret is provided");
+ ret = -EINVAL;
+ goto fail;
+ }
+
s->cluster_cache = g_malloc(s->cluster_size);
/* one more sector for decompressed data alignment */
s->cluster_data = qemu_try_blockalign(bs->file->bs, QCOW_MAX_CRYPT_CLUSTERS
@@ -2207,7 +2214,8 @@ static int qcow2_create2(const char *filename, int64_t
total_size,
options = qdict_new();
qdict_put(options, "driver", qstring_from_str("qcow2"));
ret = bdrv_open(&bs, filename, NULL, options,
- BDRV_O_RDWR | BDRV_O_CACHE_WB | BDRV_O_NO_FLUSH,
+ BDRV_O_RDWR | BDRV_O_CACHE_WB | BDRV_O_NO_FLUSH |
+ BDRV_O_NO_IO,
&local_err);
if (ret < 0) {
error_propagate(errp, local_err);
@@ -2261,7 +2269,8 @@ static int qcow2_create2(const char *filename, int64_t
total_size,
options = qdict_new();
qdict_put(options, "driver", qstring_from_str("qcow2"));
ret = bdrv_open(&bs, filename, NULL, options,
- BDRV_O_RDWR | BDRV_O_CACHE_WB | BDRV_O_NO_BACKING,
+ BDRV_O_RDWR | BDRV_O_CACHE_WB | BDRV_O_NO_BACKING |
+ BDRV_O_NO_IO,
&local_err);
if (local_err) {
error_propagate(errp, local_err);
diff --git a/hmp.c b/hmp.c
index 6044db3..ed08e0b 100644
--- a/hmp.c
+++ b/hmp.c
@@ -962,37 +962,12 @@ void hmp_ringbuf_read(Monitor *mon, const QDict *qdict)
g_free(data);
}
-static void hmp_cont_cb(void *opaque, int err)
-{
- if (!err) {
- qmp_cont(NULL);
- }
-}
-
-static bool key_is_missing(const BlockInfo *bdev)
-{
- return (bdev->inserted && bdev->inserted->encryption_key_missing);
-}
-
void hmp_cont(Monitor *mon, const QDict *qdict)
{
- BlockInfoList *bdev_list, *bdev;
Error *err = NULL;
- bdev_list = qmp_query_block(NULL);
- for (bdev = bdev_list; bdev; bdev = bdev->next) {
- if (key_is_missing(bdev->value)) {
- monitor_read_block_device_key(mon, bdev->value->device,
- hmp_cont_cb, NULL);
- goto out;
- }
- }
-
qmp_cont(&err);
hmp_handle_error(mon, &err);
-
-out:
- qapi_free_BlockInfoList(bdev_list);
}
void hmp_system_wakeup(Monitor *mon, const QDict *qdict)
@@ -1379,12 +1354,6 @@ void hmp_change(Monitor *mon, const QDict *qdict)
qmp_blockdev_change_medium(device, target, !!arg, arg,
!!read_only, read_only_mode, &err);
- if (err &&
- error_get_class(err) == ERROR_CLASS_DEVICE_ENCRYPTED) {
- error_free(err);
- monitor_read_block_device_key(mon, device, NULL, NULL);
- return;
- }
}
hmp_handle_error(mon, &err);
diff --git a/hw/usb/dev-storage.c b/hw/usb/dev-storage.c
index 597d8fd..2122f4f 100644
--- a/hw/usb/dev-storage.c
+++ b/hw/usb/dev-storage.c
@@ -553,21 +553,6 @@ static void usb_msd_handle_data(USBDevice *dev, USBPacket
*p)
}
}
-static void usb_msd_password_cb(void *opaque, int err)
-{
- MSDState *s = opaque;
- Error *local_err = NULL;
-
- if (!err) {
- usb_device_attach(&s->dev, &local_err);
- }
-
- if (local_err) {
- error_report_err(local_err);
- qdev_unplug(&s->dev.qdev, NULL);
- }
-}
-
static void *usb_msd_load_request(QEMUFile *f, SCSIRequest *req)
{
MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent);
@@ -613,25 +598,6 @@ static void usb_msd_realize_storage(USBDevice *dev, Error
**errp)
return;
}
- if (blk_bs(blk)) {
- bdrv_add_key(blk_bs(blk), NULL, &err);
- if (err) {
- if (monitor_cur_is_qmp()) {
- error_propagate(errp, err);
- return;
- }
- error_free(err);
- err = NULL;
- if (cur_mon) {
- monitor_read_bdrv_key_start(cur_mon, blk_bs(blk),
- usb_msd_password_cb, s);
- s->dev.auto_attach = 0;
- } else {
- autostart = 0;
- }
- }
- }
-
blkconf_serial(&s->conf, &dev->serial);
blkconf_blocksizes(&s->conf);
diff --git a/include/block/block.h b/include/block/block.h
index 73edb1a..ccd2f72 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -91,6 +91,7 @@ typedef struct HDGeometry {
#define BDRV_O_PROTOCOL 0x8000 /* if no block driver is explicitly given:
select an appropriate protocol driver,
ignoring the format layer */
+#define BDRV_O_NO_IO 0x10000 /* don't initialize for I/O */
#define BDRV_O_CACHE_MASK (BDRV_O_NOCACHE | BDRV_O_CACHE_WB | BDRV_O_NO_FLUSH)
diff --git a/include/monitor/monitor.h b/include/monitor/monitor.h
index aa0f373..cd38020 100644
--- a/include/monitor/monitor.h
+++ b/include/monitor/monitor.h
@@ -21,13 +21,6 @@ void monitor_init(CharDriverState *chr, int flags);
int monitor_suspend(Monitor *mon);
void monitor_resume(Monitor *mon);
-int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
- BlockCompletionFunc *completion_cb,
- void *opaque);
-int monitor_read_block_device_key(Monitor *mon, const char *device,
- BlockCompletionFunc *completion_cb,
- void *opaque);
-
int monitor_get_fd(Monitor *mon, const char *fdname, Error **errp);
int monitor_fd_param(Monitor *mon, const char *fdname, Error **errp);
diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
index 861d84b..6e04f44 100644
--- a/include/qemu/osdep.h
+++ b/include/qemu/osdep.h
@@ -295,8 +295,6 @@ void qemu_set_tty_echo(int fd, bool echo);
void os_mem_prealloc(int fd, char *area, size_t sz);
-int qemu_read_password(char *buf, int buf_size);
-
/**
* qemu_fork:
*
diff --git a/monitor.c b/monitor.c
index e4cf34e..09e0df2 100644
--- a/monitor.c
+++ b/monitor.c
@@ -4138,75 +4138,6 @@ void monitor_init(CharDriverState *chr, int flags)
qemu_mutex_unlock(&monitor_lock);
}
-static void bdrv_password_cb(void *opaque, const char *password,
- void *readline_opaque)
-{
- Monitor *mon = opaque;
- BlockDriverState *bs = readline_opaque;
- int ret = 0;
- Error *local_err = NULL;
-
- bdrv_add_key(bs, password, &local_err);
- if (local_err) {
- monitor_printf(mon, "%s\n", error_get_pretty(local_err));
- error_free(local_err);
- ret = -EPERM;
- }
- if (mon->password_completion_cb)
- mon->password_completion_cb(mon->password_opaque, ret);
-
- monitor_read_command(mon, 1);
-}
-
-int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
- BlockCompletionFunc *completion_cb,
- void *opaque)
-{
- int err;
-
- monitor_printf(mon, "%s (%s) is encrypted.\n", bdrv_get_device_name(bs),
- bdrv_get_encrypted_filename(bs));
-
- mon->password_completion_cb = completion_cb;
- mon->password_opaque = opaque;
-
- err = monitor_read_password(mon, bdrv_password_cb, bs);
-
- if (err && completion_cb)
- completion_cb(opaque, err);
-
- return err;
-}
-
-int monitor_read_block_device_key(Monitor *mon, const char *device,
- BlockCompletionFunc *completion_cb,
- void *opaque)
-{
- Error *err = NULL;
- BlockBackend *blk;
-
- blk = blk_by_name(device);
- if (!blk) {
- monitor_printf(mon, "Device not found %s\n", device);
- return -1;
- }
- if (!blk_bs(blk)) {
- monitor_printf(mon, "Device '%s' has no medium\n", device);
- return -1;
- }
-
- bdrv_add_key(blk_bs(blk), NULL, &err);
- if (err) {
- error_free(err);
- return monitor_read_bdrv_key_start(mon, blk_bs(blk), completion_cb,
opaque);
- }
-
- if (completion_cb) {
- completion_cb(opaque, 0);
- }
- return 0;
-}
-
QemuOptsList qemu_mon_opts = {
.name = "mon",
.implied_opt_name = "chardev",
diff --git a/qemu-img.c b/qemu-img.c
index 6f8b6ab..54a3e6b 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -303,11 +303,9 @@ static BlockBackend *img_open_opts(const char *id,
static BlockBackend *img_open_file(const char *id, const char *filename,
const char *fmt, int flags,
- bool require_io, bool quiet)
+ bool quiet)
{
BlockBackend *blk;
- BlockDriverState *bs;
- char password[256];
Error *local_err = NULL;
QDict *options = NULL;
@@ -324,18 +322,6 @@ static BlockBackend *img_open_file(const char *id, const
char *filename,
goto fail;
}
- bs = blk_bs(blk);
- if (bdrv_is_encrypted(bs) && require_io) {
- qprintf(quiet, "Disk image '%s' is encrypted.\n", filename);
- if (qemu_read_password(password, sizeof(password)) < 0) {
- error_report("No password given");
- goto fail;
- }
- if (bdrv_set_key(bs, password) < 0) {
- error_report("invalid password");
- goto fail;
- }
- }
return blk;
fail:
blk_unref(blk);
@@ -727,7 +713,7 @@ static int img_check(int argc, char **argv)
}
blk = img_open_opts("image", opts, flags);
} else {
- blk = img_open_file("image", filename, fmt, flags, true, quiet);
+ blk = img_open_file("image", filename, fmt, flags, quiet);
}
if (!blk) {
return 1;
@@ -940,7 +926,7 @@ static int img_commit(int argc, char **argv)
}
blk = img_open_opts("image", opts, flags);
} else {
- blk = img_open_file("image", filename, fmt, flags, true, quiet);
+ blk = img_open_file("image", filename, fmt, flags, quiet);
}
if (!blk) {
return 1;
@@ -1310,13 +1296,13 @@ static int img_compare(int argc, char **argv)
goto out3;
}
} else {
- blk1 = img_open_file("image_1", filename1, fmt1, flags, true, quiet);
+ blk1 = img_open_file("image_1", filename1, fmt1, flags, quiet);
if (!blk1) {
ret = 2;
goto out3;
}
- blk2 = img_open_file("image_2", filename2, fmt2, flags, true, quiet);
+ blk2 = img_open_file("image_2", filename2, fmt2, flags, quiet);
if (!blk2) {
ret = 2;
goto out2;
@@ -2010,7 +1996,7 @@ static int img_convert(int argc, char **argv)
opts = qemu_opts_next(opts);
} else {
blk[bs_i] = img_open_file(id, argv[optind + bs_i], fmt, src_flags,
- true, quiet);
+ quiet);
}
g_free(id);
if (!blk[bs_i]) {
@@ -2160,7 +2146,7 @@ static int img_convert(int argc, char **argv)
* the bdrv_create() call which takes different params
*/
out_blk = img_open_file("target", out_filename,
- out_fmt, flags, true, quiet);
+ out_fmt, flags, quiet);
if (!out_blk) {
ret = -1;
goto out;
@@ -2358,12 +2344,14 @@ static ImageInfoList *collect_image_info_list(QemuOpts
*opts,
goto err;
}
blk = img_open_opts("image", opts,
- BDRV_O_FLAGS | BDRV_O_NO_BACKING);
+ BDRV_O_FLAGS | BDRV_O_NO_BACKING |
+ BDRV_O_NO_IO);
opts = NULL;
} else {
blk = img_open_file("image", filename, fmt,
- BDRV_O_FLAGS | BDRV_O_NO_BACKING,
- false, false);
+ BDRV_O_FLAGS | BDRV_O_NO_BACKING |
+ BDRV_O_NO_IO,
+ false);
}
if (!blk) {
goto err;
@@ -2699,7 +2687,7 @@ static int img_map(int argc, char **argv)
}
blk = img_open_opts("image", opts, BDRV_O_FLAGS);
} else {
- blk = img_open_file("image", filename, fmt, BDRV_O_FLAGS, true, false);
+ blk = img_open_file("image", filename, fmt, BDRV_O_FLAGS, false);
}
if (!blk) {
return 1;
@@ -2865,7 +2853,7 @@ static int img_snapshot(int argc, char **argv)
if (opts) {
blk = img_open_opts("image", opts, bdrv_oflags);
} else {
- blk = img_open_file("image", filename, NULL, bdrv_oflags, true, quiet);
+ blk = img_open_file("image", filename, NULL, bdrv_oflags, quiet);
}
if (!blk) {
return 1;
@@ -3055,7 +3043,7 @@ static int img_rebase(int argc, char **argv)
}
blk = img_open_opts("image", opts, flags);
} else {
- blk = img_open_file("image", filename, fmt, flags, true, quiet);
+ blk = img_open_file("image", filename, fmt, flags, quiet);
}
if (!blk) {
ret = -1;
@@ -3413,7 +3401,7 @@ static int img_resize(int argc, char **argv)
blk = img_open_opts("image", opts, BDRV_O_FLAGS | BDRV_O_RDWR);
} else {
blk = img_open_file("image", filename, fmt, BDRV_O_FLAGS | BDRV_O_RDWR,
- true, quiet);
+ quiet);
}
if (!blk) {
ret = -1;
@@ -3590,7 +3578,7 @@ static int img_amend(int argc, char **argv)
}
blk = img_open_opts("image", opts, BDRV_O_FLAGS | BDRV_O_RDWR);
} else {
- blk = img_open_file("image", filename, fmt, flags, true, quiet);
+ blk = img_open_file("image", filename, fmt, flags, quiet);
}
if (!blk) {
ret = -1;
diff --git a/qemu-io.c b/qemu-io.c
index fc7f81b..0018bfa 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -56,7 +56,6 @@ static const cmdinfo_t close_cmd = {
static int openfile(char *name, int flags, QDict *opts)
{
Error *local_err = NULL;
- BlockDriverState *bs;
if (qemuio_blk) {
fprintf(stderr, "file open already, try 'help close'\n");
@@ -73,27 +72,7 @@ static int openfile(char *name, int flags, QDict *opts)
return 1;
}
- bs = blk_bs(qemuio_blk);
- if (bdrv_is_encrypted(bs)) {
- char password[256];
- printf("Disk image '%s' is encrypted.\n", name);
- if (qemu_read_password(password, sizeof(password)) < 0) {
- error_report("No password given");
- goto error;
- }
- if (bdrv_set_key(bs, password) < 0) {
- error_report("invalid password");
- goto error;
- }
- }
-
-
return 0;
-
- error:
- blk_unref(qemuio_blk);
- qemuio_blk = NULL;
- return 1;
}
static void open_help(void)
diff --git a/qmp.c b/qmp.c
index f38d597..025d4bc 100644
--- a/qmp.c
+++ b/qmp.c
@@ -170,9 +170,7 @@ SpiceInfo *qmp_query_spice(Error **errp)
void qmp_cont(Error **errp)
{
- Error *local_err = NULL;
BlockBackend *blk;
- BlockDriverState *bs;
if (runstate_needs_reset()) {
error_setg(errp, "Resetting the Virtual Machine is required");
@@ -184,13 +182,6 @@ void qmp_cont(Error **errp)
for (blk = blk_next(NULL); blk; blk = blk_next(blk)) {
blk_iostatus_reset(blk);
}
- for (bs = bdrv_next(NULL); bs; bs = bdrv_next(bs)) {
- bdrv_add_key(bs, NULL, &local_err);
- if (local_err) {
- error_propagate(errp, local_err);
- return;
- }
- }
if (runstate_check(RUN_STATE_INMIGRATE)) {
autostart = 1;
diff --git a/tests/qemu-iotests/087 b/tests/qemu-iotests/087
index af44299..a1498b6 100755
--- a/tests/qemu-iotests/087
+++ b/tests/qemu-iotests/087
@@ -187,11 +187,21 @@ echo
_make_test_img -o encryption=on $size
run_qemu -S <<EOF
{ "execute": "qmp_capabilities" }
+{ "execute": "object-add",
+ "arguments": {
+ "qom-type": "secret",
+ "id": "sec0",
+ "props": {
+ "data": "123456"
+ }
+ }
+}
{ "execute": "blockdev-add",
"arguments": {
"options": {
"driver": "$IMGFMT",
"id": "disk",
+ "keyid": "sec0",
"file": {
"driver": "file",
"filename": "$TEST_IMG"
@@ -204,11 +214,21 @@ EOF
run_qemu <<EOF
{ "execute": "qmp_capabilities" }
+{ "execute": "object-add",
+ "arguments": {
+ "qom-type": "secret",
+ "id": "sec0",
+ "props": {
+ "data": "123456"
+ }
+ }
+}
{ "execute": "blockdev-add",
"arguments": {
"options": {
"driver": "$IMGFMT",
"id": "disk",
+ "keyid": "sec0",
"file": {
"driver": "file",
"filename": "$TEST_IMG"
diff --git a/tests/qemu-iotests/087.out b/tests/qemu-iotests/087.out
index 7d62cd5..85752bb 100644
--- a/tests/qemu-iotests/087.out
+++ b/tests/qemu-iotests/087.out
@@ -48,6 +48,7 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728
encryption=on
Testing: -S
QMP_VERSION
{"return": {}}
+{"return": {}}
Encrypted images are deprecated
Support for them will be removed in a future release.
You can use 'qemu-img convert' to convert your image to an unencrypted one.
@@ -58,6 +59,7 @@ You can use 'qemu-img convert' to convert your image to an
unencrypted one.
Testing:
QMP_VERSION
{"return": {}}
+{"return": {}}
Encrypted images are deprecated
Support for them will be removed in a future release.
You can use 'qemu-img convert' to convert your image to an unencrypted one.
diff --git a/tests/qemu-iotests/134 b/tests/qemu-iotests/134
index 1c3820b..a247473 100755
--- a/tests/qemu-iotests/134
+++ b/tests/qemu-iotests/134
@@ -44,23 +44,30 @@ _supported_os Linux
size=128M
-IMGOPTS="encryption=on" _make_test_img $size
+SECRET1=secret,id=sec0,data=astrochicken
+SECRET2=secret,id=sec0,data=platypus
+
+EXTRA_IMG_ARGS="--object $SECRET1" IMGOPTS="encryption=on" _make_test_img $size
+
+
+QEMU_IO_OPTIONS=`echo $QEMU_IO_OPTIONS | sed -e 's/-f qcow2//'`
+TEST_IMG="driver=qcow2,file=$TEST_IMG,keyid=sec0"
echo
echo "== reading whole image =="
-echo "astrochicken" | $QEMU_IO -c "read 0 $size" "$TEST_IMG" | _filter_qemu_io
| _filter_testdir
+$QEMU_IO --object $SECRET1 -c "read 0 $size" --source "$TEST_IMG" |
_filter_qemu_io | _filter_testdir
echo
echo "== rewriting whole image =="
-echo "astrochicken" | $QEMU_IO -c "write -P 0xa 0 $size" "$TEST_IMG" |
_filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET1 -c "write -P 0xa 0 $size" --source "$TEST_IMG" |
_filter_qemu_io | _filter_testdir
echo
echo "== verify pattern =="
-echo "astrochicken" | $QEMU_IO -c "read -P 0xa 0 $size" "$TEST_IMG" |
_filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET1 -c "read -P 0xa 0 $size" --source "$TEST_IMG" |
_filter_qemu_io | _filter_testdir
echo
echo "== verify pattern failure with wrong password =="
-echo "platypus" | $QEMU_IO -c "read -P 0xa 0 $size" "$TEST_IMG" |
_filter_qemu_io | _filter_testdir
+$QEMU_IO --object $SECRET2 -c "read -P 0xa 0 $size" --source "$TEST_IMG" |
_filter_qemu_io | _filter_testdir
# success, all done
diff --git a/tests/qemu-iotests/134.out b/tests/qemu-iotests/134.out
index a16acb8..845aa57 100644
--- a/tests/qemu-iotests/134.out
+++ b/tests/qemu-iotests/134.out
@@ -11,8 +11,6 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728
encryption=on
Encrypted images are deprecated
Support for them will be removed in a future release.
You can use 'qemu-img convert' to convert your image to an unencrypted one.
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
@@ -20,8 +18,6 @@ read 134217728/134217728 bytes at offset 0
Encrypted images are deprecated
Support for them will be removed in a future release.
You can use 'qemu-img convert' to convert your image to an unencrypted one.
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
wrote 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
@@ -29,8 +25,6 @@ wrote 134217728/134217728 bytes at offset 0
Encrypted images are deprecated
Support for them will be removed in a future release.
You can use 'qemu-img convert' to convert your image to an unencrypted one.
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
@@ -38,8 +32,6 @@ read 134217728/134217728 bytes at offset 0
Encrypted images are deprecated
Support for them will be removed in a future release.
You can use 'qemu-img convert' to convert your image to an unencrypted one.
-Disk image 'TEST_DIR/t.qcow2' is encrypted.
-password:
Pattern verification failed at offset 0, 134217728 bytes
read 134217728/134217728 bytes at offset 0
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
diff --git a/tests/qemu-iotests/common.rc b/tests/qemu-iotests/common.rc
index d9913f8..da78459 100644
--- a/tests/qemu-iotests/common.rc
+++ b/tests/qemu-iotests/common.rc
@@ -135,9 +135,9 @@ _make_test_img()
# XXX(hch): have global image options?
(
if [ $use_backing = 1 ]; then
- $QEMU_IMG create -f $IMGFMT $extra_img_options -b "$backing_file"
"$img_name" $image_size 2>&1
+ $QEMU_IMG create $EXTRA_IMG_ARGS -f $IMGFMT $extra_img_options -b
"$backing_file" "$img_name" $image_size 2>&1
else
- $QEMU_IMG create -f $IMGFMT $extra_img_options "$img_name" $image_size
2>&1
+ $QEMU_IMG create $EXTRA_IMG_ARGS -f $IMGFMT $extra_img_options
"$img_name" $image_size 2>&1
fi
) | _filter_img_create
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index 914cef5..73cb9be 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -406,72 +406,6 @@ void os_mem_prealloc(int fd, char *area, size_t memory)
}
-static struct termios oldtty;
-
-static void term_exit(void)
-{
- tcsetattr(0, TCSANOW, &oldtty);
-}
-
-static void term_init(void)
-{
- struct termios tty;
-
- tcgetattr(0, &tty);
- oldtty = tty;
-
- tty.c_iflag &= ~(IGNBRK|BRKINT|PARMRK|ISTRIP
- |INLCR|IGNCR|ICRNL|IXON);
- tty.c_oflag |= OPOST;
- tty.c_lflag &= ~(ECHO|ECHONL|ICANON|IEXTEN);
- tty.c_cflag &= ~(CSIZE|PARENB);
- tty.c_cflag |= CS8;
- tty.c_cc[VMIN] = 1;
- tty.c_cc[VTIME] = 0;
-
- tcsetattr(0, TCSANOW, &tty);
-
- atexit(term_exit);
-}
-
-int qemu_read_password(char *buf, int buf_size)
-{
- uint8_t ch;
- int i, ret;
-
- printf("password: ");
- fflush(stdout);
- term_init();
- i = 0;
- for (;;) {
- ret = read(0, &ch, 1);
- if (ret == -1) {
- if (errno == EAGAIN || errno == EINTR) {
- continue;
- } else {
- break;
- }
- } else if (ret == 0) {
- ret = -1;
- break;
- } else {
- if (ch == '\r' ||
- ch == '\n') {
- ret = 0;
- break;
- }
- if (i < (buf_size - 1)) {
- buf[i++] = ch;
- }
- }
- }
- term_exit();
- buf[i] = '\0';
- printf("\n");
- return ret;
-}
-
-
pid_t qemu_fork(Error **errp)
{
sigset_t oldmask, newmask;
diff --git a/util/oslib-win32.c b/util/oslib-win32.c
index 09f9e98..1ae5cc4 100644
--- a/util/oslib-win32.c
+++ b/util/oslib-win32.c
@@ -474,30 +474,6 @@ void os_mem_prealloc(int fd, char *area, size_t memory)
}
-/* XXX: put correct support for win32 */
-int qemu_read_password(char *buf, int buf_size)
-{
- int c, i;
-
- printf("Password: ");
- fflush(stdout);
- i = 0;
- for (;;) {
- c = getchar();
- if (c < 0) {
- buf[i] = '\0';
- return -1;
- } else if (c == '\n') {
- break;
- } else if (i < (buf_size - 1)) {
- buf[i++] = c;
- }
- }
- buf[i] = '\0';
- return 0;
-}
-
-
pid_t qemu_fork(Error **errp)
{
errno = ENOSYS;
--
2.5.0
- [Qemu-devel] [PATCH WIP 00/30] Support for full disk encryption, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 04/30] qcow2: add a 'keyid' parameter to qcow2 options, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 02/30] crypto: add support for loading encrypted x509 keys, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 05/30] qom: add user_creatable_add & user_creatable_del methods, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 01/30] crypto: add QCryptoSecret object class for password/key handling, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 03/30] qcow: add a 'keyid' parameter to qcow options, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 17/30] crypto: add method for querying hash digest size, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 14/30] block: remove support for writing to qcow/qcow2 encrypted images, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 12/30] block: rip out all traces of password prompting,
Daniel P. Berrange <=
- [Qemu-devel] [PATCH WIP 20/30] crypto: ensure qapi/crypto.json is listed in qapi-modules, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 07/30] qemu-nbd: add support for --object command line arg, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 10/30] qemu-nbd: allow specifying image as a set of options args, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 13/30] block: remove all encryption handling APIs, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 19/30] crypto: move QCryptoCipherAlgorithm/Mode enum definitions into QAPI, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 24/30] crypto: add support for anti-forensic split algorithm, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 26/30] crypto: add block encryption framework, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 08/30] qemu-io: add support for --object command line arg, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 06/30] qemu-img: add support for --object command line arg, Daniel P. Berrange, 2015/11/20
- [Qemu-devel] [PATCH WIP 09/30] qemu-io: allow specifying image as a set of options args, Daniel P. Berrange, 2015/11/20