[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 19/97] qemu-img: fix regression copying secrets duri
From: |
Michael Roth |
Subject: |
[Qemu-devel] [PATCH 19/97] qemu-img: fix regression copying secrets during convert |
Date: |
Mon, 1 Apr 2019 15:58:53 -0500 |
From: Daniel P. Berrangé <address@hidden>
When the convert command is creating an output file that needs
secrets, we need to ensure those secrets are passed to both the
blk_new_open and bdrv_create API calls.
This is done by qemu-img extracting all opts matching the name
suffix "key-secret". Unfortunately the code doing this was run after the
call to bdrv_create(), which meant the QemuOpts it was extracting
secrets from was now empty.
Previously this worked by luks as a bug meant the "key-secret"
parameters were not purged from the QemuOpts. This bug was fixed in
commit b76b4f604521e59f857d6177bc55f6f2e41fd392
Author: Kevin Wolf <address@hidden>
Date: Thu Jan 11 16:18:08 2018 +0100
qcow2: Use visitor for options in qcow2_create()
Exposing the latent bug in qemu-img. This fix simply moves the copying
of secrets to before the bdrv_create() call.
Cc: address@hidden
Signed-off-by: Daniel P. Berrangé <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 8d65a3ccfd5db7f0436e095cd952f5d0c3a873ba)
Signed-off-by: Michael Roth <address@hidden>
---
qemu-img.c | 32 +++++++++++++++-----------------
1 file changed, 15 insertions(+), 17 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index 1acddf693c..b12f4cd19b 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -345,21 +345,6 @@ static int img_add_key_secrets(void *opaque,
return 0;
}
-static BlockBackend *img_open_new_file(const char *filename,
- QemuOpts *create_opts,
- const char *fmt, int flags,
- bool writethrough, bool quiet,
- bool force_share)
-{
- QDict *options = NULL;
-
- options = qdict_new();
- qemu_opt_foreach(create_opts, img_add_key_secrets, options, &error_abort);
-
- return img_open_file(filename, options, fmt, flags, writethrough, quiet,
- force_share);
-}
-
static BlockBackend *img_open(bool image_opts,
const char *filename,
@@ -2018,6 +2003,7 @@ static int img_convert(int argc, char **argv)
BlockDriverState *out_bs;
QemuOpts *opts = NULL, *sn_opts = NULL;
QemuOptsList *create_opts = NULL;
+ QDict *open_opts = NULL;
char *options = NULL;
Error *local_err = NULL;
bool writethrough, src_writethrough, quiet = false, image_opts = false,
@@ -2362,6 +2348,16 @@ static int img_convert(int argc, char **argv)
}
}
+ /*
+ * The later open call will need any decryption secrets, and
+ * bdrv_create() will purge "opts", so extract them now before
+ * they are lost.
+ */
+ if (!skip_create) {
+ open_opts = qdict_new();
+ qemu_opt_foreach(opts, img_add_key_secrets, open_opts, &error_abort);
+ }
+
if (!skip_create) {
/* Create the new image */
ret = bdrv_create(drv, out_filename, opts, &local_err);
@@ -2388,8 +2384,9 @@ static int img_convert(int argc, char **argv)
* That has to wait for bdrv_create to be improved
* to allow filenames in option syntax
*/
- s.target = img_open_new_file(out_filename, opts, out_fmt,
- flags, writethrough, quiet, false);
+ s.target = img_open_file(out_filename, open_opts, out_fmt,
+ flags, writethrough, quiet, false);
+ open_opts = NULL; /* blk_new_open will have freed it */
}
if (!s.target) {
ret = -1;
@@ -2464,6 +2461,7 @@ out:
qemu_opts_del(opts);
qemu_opts_free(create_opts);
qemu_opts_del(sn_opts);
+ qobject_unref(open_opts);
blk_unref(s.target);
if (s.src) {
for (bs_i = 0; bs_i < s.src_num; bs_i++) {
--
2.17.1
- [Qemu-devel] [PATCH 00/97] Patch Round-up for stable 3.0.1, freeze on 2019-04-08, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 09/97] target/arm: Reformat integer register dump, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 08/97] target/arm: Fix offset scaling for LD_zprr and ST_zprr, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 10/97] target/arm: Dump SVE state if enabled, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 14/97] target/arm: Ignore float_flag_input_denormal from fp_status_f16, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 13/97] target/arm: Adjust FPCR_MASK for FZ16, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 12/97] spapr_cpu_core: vmstate_[un]register per-CPU data from (un)realizefn, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 11/97] target/arm: Add sve-max-vq cpu property to -cpu max, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 17/97] block/qapi: Fix memory leak in qmp_query_blockstats(), Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 16/97] target/arm: Use FZ not FZ16 for SVE FCVT single-half and double-half, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 19/97] qemu-img: fix regression copying secrets during convert,
Michael Roth <=
- [Qemu-devel] [PATCH 20/97] nvme: Fix nvme_init error handling, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 27/97] block: iotest to catch abort on forced blockjob cancel, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 24/97] vnc: fix memleak of the "vnc-worker-output" name, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 26/97] block: for jobs, do not clear user_paused until after the resume, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 28/97] virtio: update MemoryRegionCaches when guest negotiates features, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 31/97] slirp: Add sanity check for str option length, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 25/97] i386: Disable TOPOEXT by default on "-cpu host", Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 36/97] job: Fix nested aio_poll() hanging in job_txn_apply, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 18/97] mirror: Fail gracefully for source == target, Michael Roth, 2019/04/01
- [Qemu-devel] [PATCH 37/97] target/xtensa: fix s32c1i TCGMemOp flags, Michael Roth, 2019/04/01