|
 |
b38b0f |
From 14768fe9b44d6c89c066ebf597b9be79f7d43f30 Mon Sep 17 00:00:00 2001
|
|
|
b38b0f |
From: Kevin Wolf <kwolf@redhat.com>
|
|
|
b38b0f |
Date: Wed, 14 Aug 2019 11:28:11 +0100
|
|
|
b38b0f |
Subject: [PATCH 3/3] qemu-img: fix regression copying secrets during convert
|
|
|
b38b0f |
MIME-Version: 1.0
|
|
|
b38b0f |
Content-Type: text/plain; charset=UTF-8
|
|
|
b38b0f |
Content-Transfer-Encoding: 8bit
|
|
|
b38b0f |
|
|
|
b38b0f |
RH-Author: Kevin Wolf <kwolf@redhat.com>
|
|
|
b38b0f |
Message-id: <20190814112811.28642-2-kwolf@redhat.com>
|
|
|
b38b0f |
Patchwork-id: 89987
|
|
|
b38b0f |
O-Subject: [RHEL-8.1.0 qemu-kvm PATCH 1/1] qemu-img: fix regression copying secrets during convert
|
|
|
b38b0f |
Bugzilla: 1727821
|
|
|
b38b0f |
RH-Acked-by: Max Reitz <mreitz@redhat.com>
|
|
|
b38b0f |
RH-Acked-by: John Snow <jsnow@redhat.com>
|
|
|
b38b0f |
RH-Acked-by: Thomas Huth <thuth@redhat.com>
|
|
|
b38b0f |
|
|
|
b38b0f |
From: Daniel P. Berrangé <berrange@redhat.com>
|
|
|
b38b0f |
|
|
|
b38b0f |
When the convert command is creating an output file that needs
|
|
|
b38b0f |
secrets, we need to ensure those secrets are passed to both the
|
|
|
b38b0f |
blk_new_open and bdrv_create API calls.
|
|
|
b38b0f |
|
|
|
b38b0f |
This is done by qemu-img extracting all opts matching the name
|
|
|
b38b0f |
suffix "key-secret". Unfortunately the code doing this was run after the
|
|
|
b38b0f |
call to bdrv_create(), which meant the QemuOpts it was extracting
|
|
|
b38b0f |
secrets from was now empty.
|
|
|
b38b0f |
|
|
|
b38b0f |
Previously this worked by luks as a bug meant the "key-secret"
|
|
|
b38b0f |
parameters were not purged from the QemuOpts. This bug was fixed in
|
|
|
b38b0f |
|
|
|
b38b0f |
commit b76b4f604521e59f857d6177bc55f6f2e41fd392
|
|
|
b38b0f |
Author: Kevin Wolf <kwolf@redhat.com>
|
|
|
b38b0f |
Date: Thu Jan 11 16:18:08 2018 +0100
|
|
|
b38b0f |
|
|
|
b38b0f |
qcow2: Use visitor for options in qcow2_create()
|
|
|
b38b0f |
|
|
|
b38b0f |
Exposing the latent bug in qemu-img. This fix simply moves the copying
|
|
|
b38b0f |
of secrets to before the bdrv_create() call.
|
|
|
b38b0f |
|
|
|
b38b0f |
Cc: qemu-stable@nongnu.org
|
|
|
b38b0f |
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
|
b38b0f |
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
|
b38b0f |
(cherry picked from commit 8d65a3ccfd5db7f0436e095cd952f5d0c3a873ba)
|
|
|
b38b0f |
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
|
b38b0f |
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
|
|
b38b0f |
---
|
|
|
b38b0f |
qemu-img.c | 32 +++++++++++++++-----------------
|
|
|
b38b0f |
1 file changed, 15 insertions(+), 17 deletions(-)
|
|
|
b38b0f |
|
|
|
b38b0f |
diff --git a/qemu-img.c b/qemu-img.c
|
|
|
b38b0f |
index f42750a..fa0cbd7 100644
|
|
|
b38b0f |
--- a/qemu-img.c
|
|
|
b38b0f |
+++ b/qemu-img.c
|
|
|
b38b0f |
@@ -348,21 +348,6 @@ static int img_add_key_secrets(void *opaque,
|
|
|
b38b0f |
return 0;
|
|
|
b38b0f |
}
|
|
|
b38b0f |
|
|
|
b38b0f |
-static BlockBackend *img_open_new_file(const char *filename,
|
|
|
b38b0f |
- QemuOpts *create_opts,
|
|
|
b38b0f |
- const char *fmt, int flags,
|
|
|
b38b0f |
- bool writethrough, bool quiet,
|
|
|
b38b0f |
- bool force_share)
|
|
|
b38b0f |
-{
|
|
|
b38b0f |
- QDict *options = NULL;
|
|
|
b38b0f |
-
|
|
|
b38b0f |
- options = qdict_new();
|
|
|
b38b0f |
- qemu_opt_foreach(create_opts, img_add_key_secrets, options, &error_abort);
|
|
|
b38b0f |
-
|
|
|
b38b0f |
- return img_open_file(filename, options, fmt, flags, writethrough, quiet,
|
|
|
b38b0f |
- force_share);
|
|
|
b38b0f |
-}
|
|
|
b38b0f |
-
|
|
|
b38b0f |
|
|
|
b38b0f |
static BlockBackend *img_open(bool image_opts,
|
|
|
b38b0f |
const char *filename,
|
|
|
b38b0f |
@@ -1994,6 +1979,7 @@ static int img_convert(int argc, char **argv)
|
|
|
b38b0f |
BlockDriverState *out_bs;
|
|
|
b38b0f |
QemuOpts *opts = NULL, *sn_opts = NULL;
|
|
|
b38b0f |
QemuOptsList *create_opts = NULL;
|
|
|
b38b0f |
+ QDict *open_opts = NULL;
|
|
|
b38b0f |
char *options = NULL;
|
|
|
b38b0f |
Error *local_err = NULL;
|
|
|
b38b0f |
bool writethrough, src_writethrough, quiet = false, image_opts = false,
|
|
|
b38b0f |
@@ -2342,6 +2328,16 @@ static int img_convert(int argc, char **argv)
|
|
|
b38b0f |
}
|
|
|
b38b0f |
}
|
|
|
b38b0f |
|
|
|
b38b0f |
+ /*
|
|
|
b38b0f |
+ * The later open call will need any decryption secrets, and
|
|
|
b38b0f |
+ * bdrv_create() will purge "opts", so extract them now before
|
|
|
b38b0f |
+ * they are lost.
|
|
|
b38b0f |
+ */
|
|
|
b38b0f |
+ if (!skip_create) {
|
|
|
b38b0f |
+ open_opts = qdict_new();
|
|
|
b38b0f |
+ qemu_opt_foreach(opts, img_add_key_secrets, open_opts, &error_abort);
|
|
|
b38b0f |
+ }
|
|
|
b38b0f |
+
|
|
|
b38b0f |
if (!skip_create) {
|
|
|
b38b0f |
/* Create the new image */
|
|
|
b38b0f |
ret = bdrv_create(drv, out_filename, opts, &local_err);
|
|
|
b38b0f |
@@ -2368,8 +2364,9 @@ static int img_convert(int argc, char **argv)
|
|
|
b38b0f |
* That has to wait for bdrv_create to be improved
|
|
|
b38b0f |
* to allow filenames in option syntax
|
|
|
b38b0f |
*/
|
|
|
b38b0f |
- s.target = img_open_new_file(out_filename, opts, out_fmt,
|
|
|
b38b0f |
- flags, writethrough, quiet, false);
|
|
|
b38b0f |
+ s.target = img_open_file(out_filename, open_opts, out_fmt,
|
|
|
b38b0f |
+ flags, writethrough, quiet, false);
|
|
|
b38b0f |
+ open_opts = NULL; /* blk_new_open will have freed it */
|
|
|
b38b0f |
}
|
|
|
b38b0f |
if (!s.target) {
|
|
|
b38b0f |
ret = -1;
|
|
|
b38b0f |
@@ -2437,6 +2434,7 @@ out:
|
|
|
b38b0f |
qemu_opts_del(opts);
|
|
|
b38b0f |
qemu_opts_free(create_opts);
|
|
|
b38b0f |
qemu_opts_del(sn_opts);
|
|
|
b38b0f |
+ qobject_unref(open_opts);
|
|
|
b38b0f |
blk_unref(s.target);
|
|
|
b38b0f |
if (s.src) {
|
|
|
b38b0f |
for (bs_i = 0; bs_i < s.src_num; bs_i++) {
|
|
|
b38b0f |
--
|
|
|
b38b0f |
1.8.3.1
|
|
|
b38b0f |
|