[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Re: [PATCH] qemu-img: set encrypted disk image password
From: |
Laurent Vivier |
Subject: |
Re: [Qemu-devel] Re: [PATCH] qemu-img: set encrypted disk image password |
Date: |
Wed, 30 Jul 2008 21:57:17 +0200 |
Le 30 juil. 08 à 21:17, Sebastian Herbszt a écrit :
Laurent Vivier wrote:
This patch modify qemu-img to ask and set a password when an
encrypted
disk image is created.
Well, this one is stupid, the other one is good...
Back when nuitari-qemu posted about this problem [1], i came up with
almost
exactly the same patch. Why is it "stupid" ?
[1] http://lists.gnu.org/archive/html/qemu-devel/2008-06/msg00344.html
* For the first point:
Qemu-img doesn't need a password when it creates the disk image
because there is nothing to encrypt in an empty image and the password
is never stored in it.
When qemu reads an encrypted image it uses the given password (the
key) to decrypt the data, if it is not the key given to encrypt it,
the data will be invalid.
It's why this patch is stupid...
You can test this:
- qemu-img create -f qcow2 -e encrypted.qcow2
- qemu -hda boot.img -hdb encrypted.qcow2
type a password (you need my last patch)
# mkfs /dev/hdb
# fsck -f /dev/hdb
-> OK
# halt
- qemu -hda boot.img -hdb encrypted.qcow2
type a different password
# fsck -f /dev/hdb
-> NOT OK
- qemu -hda boot.img -hdb encrypted.qcow2
type the good password
# fsck -f /dev/hdb
-> OK
Qemu-img needs the password to convert an image because there are
encrypted data to read an convert.
* For the second point:
it's what my other patch try to solve.
Regards,
Laurent
----------------------- Laurent Vivier ----------------------
"The best way to predict the future is to invent it."
- Alan Kay