From nobody Mon Apr 29 00:36:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527854816478346.024374554278; Fri, 1 Jun 2018 05:06:56 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B343230E91A5; Fri, 1 Jun 2018 12:06:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7A2705B684; Fri, 1 Jun 2018 12:06:54 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 171241800C9D; Fri, 1 Jun 2018 12:06:54 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w51C6pbs030838 for ; Fri, 1 Jun 2018 08:06:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id ACCFE205D522; Fri, 1 Jun 2018 12:06:51 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id 50312205D521 for ; Fri, 1 Jun 2018 12:06:51 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Fri, 1 Jun 2018 14:06:37 +0200 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 1/2] qemu: domain: Forbid storage with old QCOW2 encryption X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Fri, 01 Jun 2018 12:06:55 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The encryption was buggy and qemu actually dropped it upstream. Forbid it for all versions since it would cause other problems too. Problems with the old encryption include weak crypto, corruption of images with blockjobs and a lot of usability problems. This requires changing of the encryption type for the encrypted disk tests. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- docs/formatdomain.html.in | 4 ++++ docs/formatstorageencryption.html.in | 5 ++--- src/qemu/qemu_domain.c | 10 ++++++++++ tests/qemuxml2argvdata/encrypted-disk-usage.args | 8 +++++++- tests/qemuxml2argvdata/encrypted-disk-usage.xml | 2 +- tests/qemuxml2argvdata/encrypted-disk.args | 8 +++++++- tests/qemuxml2argvdata/encrypted-disk.xml | 2 +- tests/qemuxml2argvtest.c | 4 ++-- tests/qemuxml2xmloutdata/encrypted-disk.xml | 2 +- tests/qemuxml2xmltest.c | 4 ++-- 10 files changed, 37 insertions(+), 12 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index b5a6e33bfe..b64a843fb4 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2974,6 +2974,10 @@ See the Storage Encryption page for more information. +

+ Note that the 'qcow' format of encryption is broken and thus i= s no + longer supported for use with disk images. + (Since libvirt 4.5.0)

reservations
Since libvirt 4.4.0, the diff --git a/docs/formatstorageencryption.html.in b/docs/formatstorageencry= ption.html.in index 23efbf932e..434bdb609e 100644 --- a/docs/formatstorageencryption.html.in +++ b/docs/formatstorageencryption.html.in @@ -53,9 +53,8 @@ The qcow format specifies that the built-in encryption support in qcow- or qcow2-formatted volume images should be used. A single - <secret type=3D'passphrase'> element is expected.= If - the secret element is not present during volume creatio= n, - a secret is automatically generated and attached to the volume. + <secret type=3D'passphrase'> element is expected.= Note + that this encryption is inherently broken and should not be used any= more.

"luks" format

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 873bcec50d..f10bbf39c0 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4483,6 +4483,16 @@ qemuDomainValidateStorageSource(virStorageSourcePtr = src, return -1; } + if ((src->format =3D=3D VIR_STORAGE_FILE_QCOW || + src->format =3D=3D VIR_STORAGE_FILE_QCOW2) && + src->encryption && + (src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_DEFA= ULT || + src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_QCOW= )) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("old qcow/qcow2 encryption is not supported")= ); + return -1; + } + if (src->format =3D=3D VIR_STORAGE_FILE_QCOW2 && src->encryption && src->encryption->format =3D=3D VIR_STORAGE_ENCRYPTION_FORMAT_LUKS = && diff --git a/tests/qemuxml2argvdata/encrypted-disk-usage.args b/tests/qemux= ml2argvdata/encrypted-disk-usage.args index 8c7ce3d653..32307cea71 100644 --- a/tests/qemuxml2argvdata/encrypted-disk-usage.args +++ b/tests/qemuxml2argvdata/encrypted-disk-usage.args @@ -7,6 +7,8 @@ QEMU_AUDIO_DRV=3Dnone \ /usr/bin/qemu-system-i686 \ -name encryptdisk \ -S \ +-object secret,id=3DmasterKey0,format=3Draw,\ +file=3D/tmp/lib/domain--1-encryptdisk/master-key.aes \ -machine pc,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \ -m 1024 \ -smp 1,sockets=3D1,cores=3D1,threads=3D1 \ @@ -22,7 +24,11 @@ path=3D/tmp/lib/domain--1-encryptdisk/monitor.sock,serve= r,nowait \ -no-acpi \ -boot c \ -usb \ --drive file=3D/storage/guest_disks/encryptdisk,format=3Dqcow2,if=3Dnone,\ +-object secret,id=3Dvirtio-disk0-luks-secret0,\ +data=3D9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=3DmasterKey0,iv=3DAAECAwQFBgcICQoLDA0ODw=3D=3D,format=3Dbase64 \ +-drive file=3D/storage/guest_disks/encryptdisk,encrypt.format=3Dluks,\ +encrypt.key-secret=3Dvirtio-disk0-luks-secret0,format=3Dqcow2,if=3Dnone,\ id=3Ddrive-virtio-disk0 \ -device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk0,\ id=3Dvirtio-disk0 \ diff --git a/tests/qemuxml2argvdata/encrypted-disk-usage.xml b/tests/qemuxm= l2argvdata/encrypted-disk-usage.xml index ad8f17e3df..205283b59d 100644 --- a/tests/qemuxml2argvdata/encrypted-disk-usage.xml +++ b/tests/qemuxml2argvdata/encrypted-disk-usage.xml @@ -18,7 +18,7 @@ - +

diff --git a/tests/qemuxml2argvdata/encrypted-disk.args b/tests/qemuxml2arg= vdata/encrypted-disk.args index 8c7ce3d653..32307cea71 100644 --- a/tests/qemuxml2argvdata/encrypted-disk.args +++ b/tests/qemuxml2argvdata/encrypted-disk.args @@ -7,6 +7,8 @@ QEMU_AUDIO_DRV=3Dnone \ /usr/bin/qemu-system-i686 \ -name encryptdisk \ -S \ +-object secret,id=3DmasterKey0,format=3Draw,\ +file=3D/tmp/lib/domain--1-encryptdisk/master-key.aes \ -machine pc,accel=3Dtcg,usb=3Doff,dump-guest-core=3Doff \ -m 1024 \ -smp 1,sockets=3D1,cores=3D1,threads=3D1 \ @@ -22,7 +24,11 @@ path=3D/tmp/lib/domain--1-encryptdisk/monitor.sock,serve= r,nowait \ -no-acpi \ -boot c \ -usb \ --drive file=3D/storage/guest_disks/encryptdisk,format=3Dqcow2,if=3Dnone,\ +-object secret,id=3Dvirtio-disk0-luks-secret0,\ +data=3D9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ +keyid=3DmasterKey0,iv=3DAAECAwQFBgcICQoLDA0ODw=3D=3D,format=3Dbase64 \ +-drive file=3D/storage/guest_disks/encryptdisk,encrypt.format=3Dluks,\ +encrypt.key-secret=3Dvirtio-disk0-luks-secret0,format=3Dqcow2,if=3Dnone,\ id=3Ddrive-virtio-disk0 \ -device virtio-blk-pci,bus=3Dpci.0,addr=3D0x4,drive=3Ddrive-virtio-disk0,\ id=3Dvirtio-disk0 \ diff --git a/tests/qemuxml2argvdata/encrypted-disk.xml b/tests/qemuxml2argv= data/encrypted-disk.xml index 391461b200..275724bdaf 100644 --- a/tests/qemuxml2argvdata/encrypted-disk.xml +++ b/tests/qemuxml2argvdata/encrypted-disk.xml @@ -18,7 +18,7 @@ - +
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 2d41f78f8b..64d112be36 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1651,8 +1651,8 @@ mymain(void) DO_TEST("cpu-tsc-frequency", QEMU_CAPS_KVM); qemuTestSetHostCPU(driver.caps, NULL); - DO_TEST("encrypted-disk", NONE); - DO_TEST("encrypted-disk-usage", NONE); + DO_TEST("encrypted-disk", QEMU_CAPS_QCOW2_LUKS, QEMU_CAPS_OBJECT_SECRE= T); + DO_TEST("encrypted-disk-usage", QEMU_CAPS_QCOW2_LUKS, QEMU_CAPS_OBJECT= _SECRET); # ifdef WITH_GNUTLS DO_TEST("luks-disks", QEMU_CAPS_OBJECT_SECRET); DO_TEST("luks-disks-source", QEMU_CAPS_OBJECT_SECRET); diff --git a/tests/qemuxml2xmloutdata/encrypted-disk.xml b/tests/qemuxml2xm= loutdata/encrypted-disk.xml index 45b9fcca55..3c9d2fbafc 100644 --- a/tests/qemuxml2xmloutdata/encrypted-disk.xml +++ b/tests/qemuxml2xmloutdata/encrypted-disk.xml @@ -18,7 +18,7 @@ - +
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 57b4c3eb0a..f53f9a7db5 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -482,8 +482,8 @@ mymain(void) DO_TEST("pci-rom-disabled-invalid", NONE); DO_TEST("pci-serial-dev-chardev", NONE); - DO_TEST("encrypted-disk", NONE); - DO_TEST("encrypted-disk-usage", NONE); + DO_TEST("encrypted-disk", QEMU_CAPS_QCOW2_LUKS); + DO_TEST("encrypted-disk-usage", QEMU_CAPS_QCOW2_LUKS); DO_TEST("luks-disks", NONE); DO_TEST("luks-disks-source", NONE); DO_TEST("memtune", NONE); --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Mon Apr 29 00:36:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527854816592525.9848925068579; Fri, 1 Jun 2018 05:06:56 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8E4E4A7001; Fri, 1 Jun 2018 12:06:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 44D15308BDA6; Fri, 1 Jun 2018 12:06:54 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DB0751800FC1; Fri, 1 Jun 2018 12:06:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w51C6qXd030847 for ; Fri, 1 Jun 2018 08:06:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4F776205D522; Fri, 1 Jun 2018 12:06:52 +0000 (UTC) Received: from angien.brq.redhat.com (unknown [10.43.2.136]) by smtp.corp.redhat.com (Postfix) with ESMTP id E7CF5205D521 for ; Fri, 1 Jun 2018 12:06:51 +0000 (UTC) From: Peter Krempa To: libvir-list@redhat.com Date: Fri, 1 Jun 2018 14:06:38 +0200 Message-Id: <8e011cf699d9737caa4b56d36a480ec8b115ebe0.1527854576.git.pkrempa@redhat.com> In-Reply-To: References: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 2/2] qemu: Remove code for setting up disk passphrases X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Fri, 01 Jun 2018 12:06:55 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Now that the old qcow2 encryption is removed we can safely delete all this code since it's not needed any more. Signed-off-by: Peter Krempa Reviewed-by: J=EF=BF=BDn Tomko --- src/qemu/qemu_monitor.c | 13 ------ src/qemu/qemu_monitor.h | 4 -- src/qemu/qemu_monitor_json.c | 28 ------------ src/qemu/qemu_monitor_json.h | 4 -- src/qemu/qemu_process.c | 103 ---------------------------------------= ---- tests/qemumonitorjsontest.c | 2 - 6 files changed, 154 deletions(-) diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 876157437a..b0c63c68d3 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -3118,19 +3118,6 @@ qemuMonitorAddDrive(qemuMonitorPtr mon, } -int -qemuMonitorSetDrivePassphrase(qemuMonitorPtr mon, - const char *alias, - const char *passphrase) -{ - VIR_DEBUG("alias=3D%s passphrase=3D%p(value hidden)", alias, passphras= e); - - QEMU_CHECK_MONITOR(mon); - - return qemuMonitorJSONSetDrivePassphrase(mon, alias, passphrase); -} - - int qemuMonitorCreateSnapshot(qemuMonitorPtr mon, const char *name) { diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index d6e5a2239e..9894eba4d0 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -819,10 +819,6 @@ int qemuMonitorAddDrive(qemuMonitorPtr mon, int qemuMonitorDriveDel(qemuMonitorPtr mon, const char *drivestr); -int qemuMonitorSetDrivePassphrase(qemuMonitorPtr mon, - const char *alias, - const char *passphrase); - int qemuMonitorCreateSnapshot(qemuMonitorPtr mon, const char *name); int qemuMonitorLoadSnapshot(qemuMonitorPtr mon, const char *name); int qemuMonitorDeleteSnapshot(qemuMonitorPtr mon, const char *name); diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 7522eaeef0..42d7b9c5e9 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -4055,34 +4055,6 @@ int qemuMonitorJSONDelObject(qemuMonitorPtr mon, } -int qemuMonitorJSONSetDrivePassphrase(qemuMonitorPtr mon, - const char *alias, - const char *passphrase) -{ - int ret =3D -1; - virJSONValuePtr cmd; - virJSONValuePtr reply =3D NULL; - - cmd =3D qemuMonitorJSONMakeCommand("block_passwd", - "s:device", alias, - "s:password", passphrase, - NULL); - if (!cmd) - return -1; - - if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) - goto cleanup; - - if (qemuMonitorJSONCheckError(cmd, reply) < 0) - goto cleanup; - - ret =3D 0; - cleanup: - virJSONValueFree(cmd); - virJSONValueFree(reply); - return ret; -} - int qemuMonitorJSONDiskSnapshot(qemuMonitorPtr mon, virJSONValuePtr actions, const char *device, const char *file, diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 5fc51b1d6b..2ae0faad74 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -235,10 +235,6 @@ int qemuMonitorJSONAddObject(qemuMonitorPtr mon, int qemuMonitorJSONDelObject(qemuMonitorPtr mon, const char *objalias); -int qemuMonitorJSONSetDrivePassphrase(qemuMonitorPtr mon, - const char *alias, - const char *passphrase); - int qemuMonitorJSONDiskSnapshot(qemuMonitorPtr mon, virJSONValuePtr actions, const char *device, diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 30cc5904e0..07d8cb6d49 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -371,74 +371,6 @@ qemuProcessFindDomainDiskByAlias(virDomainObjPtr vm, return NULL; } -static int -qemuProcessGetVolumeQcowPassphrase(virDomainDiskDefPtr disk, - char **secretRet, - size_t *secretLen) -{ - virConnectPtr conn =3D NULL; - char *passphrase; - unsigned char *data; - size_t size; - int ret =3D -1; - virStorageEncryptionPtr enc; - - if (!disk->src->encryption) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("disk %s does not have any encryption information= "), - disk->src->path); - return -1; - } - enc =3D disk->src->encryption; - - if (!(conn =3D virGetConnectSecret())) - goto cleanup; - - if (enc->format !=3D VIR_STORAGE_ENCRYPTION_FORMAT_QCOW || - enc->nsecrets !=3D 1 || - enc->secrets[0]->type !=3D - VIR_STORAGE_ENCRYPTION_SECRET_TYPE_PASSPHRASE) { - virReportError(VIR_ERR_XML_ERROR, - _("invalid for volume %s"), - virDomainDiskGetSource(disk)); - goto cleanup; - } - - if (virSecretGetSecretString(conn, &enc->secrets[0]->seclookupdef, - VIR_SECRET_USAGE_TYPE_VOLUME, - &data, &size) < 0) - goto cleanup; - - if (memchr(data, '\0', size) !=3D NULL) { - memset(data, 0, size); - VIR_FREE(data); - virReportError(VIR_ERR_XML_ERROR, - _("format=3D'qcow' passphrase for %s must not conta= in a " - "'\\0'"), virDomainDiskGetSource(disk)); - goto cleanup; - } - - if (VIR_ALLOC_N(passphrase, size + 1) < 0) { - memset(data, 0, size); - VIR_FREE(data); - goto cleanup; - } - memcpy(passphrase, data, size); - passphrase[size] =3D '\0'; - - memset(data, 0, size); - VIR_FREE(data); - - *secretRet =3D passphrase; - *secretLen =3D size; - - ret =3D 0; - - cleanup: - virObjectUnref(conn); - return ret; -} - static int qemuProcessHandleReset(qemuMonitorPtr mon ATTRIBUTE_UNUSED, virDomainObjPtr vm, @@ -2729,11 +2661,8 @@ qemuProcessInitPasswords(virQEMUDriverPtr driver, int asyncJob) { int ret =3D 0; - qemuDomainObjPrivatePtr priv =3D vm->privateData; virQEMUDriverConfigPtr cfg =3D virQEMUDriverGetConfig(driver); size_t i; - char *alias =3D NULL; - char *secret =3D NULL; for (i =3D 0; i < vm->def->ngraphics; ++i) { virDomainGraphicsDefPtr graphics =3D vm->def->graphics[i]; @@ -2755,39 +2684,7 @@ qemuProcessInitPasswords(virQEMUDriverPtr driver, goto cleanup; } - for (i =3D 0; i < vm->def->ndisks; i++) { - size_t secretLen; - - if (!vm->def->disks[i]->src->encryption || - !virDomainDiskGetSource(vm->def->disks[i])) - continue; - - if (vm->def->disks[i]->src->encryption->format !=3D - VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT && - vm->def->disks[i]->src->encryption->format !=3D - VIR_STORAGE_ENCRYPTION_FORMAT_QCOW) - continue; - - VIR_FREE(secret); - if (qemuProcessGetVolumeQcowPassphrase(vm->def->disks[i], - &secret, &secretLen) < 0) - goto cleanup; - - VIR_FREE(alias); - if (!(alias =3D qemuAliasFromDisk(vm->def->disks[i]))) - goto cleanup; - if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0) - goto cleanup; - ret =3D qemuMonitorSetDrivePassphrase(priv->mon, alias, secret); - if (qemuDomainObjExitMonitor(driver, vm) < 0) - ret =3D -1; - if (ret < 0) - goto cleanup; - } - cleanup: - VIR_FREE(alias); - VIR_FREE(secret); virObjectUnref(cfg); return ret; } diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c index add5ff0f19..3b494a1dba 100644 --- a/tests/qemumonitorjsontest.c +++ b/tests/qemumonitorjsontest.c @@ -1343,7 +1343,6 @@ GEN_TEST_FUNC(qemuMonitorJSONAddNetdev, "id=3Dnet0,ty= pe=3Dtest") GEN_TEST_FUNC(qemuMonitorJSONRemoveNetdev, "net0") GEN_TEST_FUNC(qemuMonitorJSONDelDevice, "ide0") GEN_TEST_FUNC(qemuMonitorJSONAddDevice, "some_dummy_devicestr") -GEN_TEST_FUNC(qemuMonitorJSONSetDrivePassphrase, "drive-vda", "secret_pass= hprase") GEN_TEST_FUNC(qemuMonitorJSONDriveMirror, "vdb", "/foo/bar", NULL, 1024, 0= , 0, VIR_DOMAIN_BLOCK_REBASE_SHALLOW | VIR_DOMAIN_BLOCK_REBASE_RE= USE_EXT) GEN_TEST_FUNC(qemuMonitorJSONBlockCommit, "vdb", "/foo/bar1", "/foo/bar2",= NULL, 1024) @@ -2967,7 +2966,6 @@ mymain(void) DO_TEST_GEN(qemuMonitorJSONRemoveNetdev); DO_TEST_GEN(qemuMonitorJSONDelDevice); DO_TEST_GEN(qemuMonitorJSONAddDevice); - DO_TEST_GEN(qemuMonitorJSONSetDrivePassphrase); DO_TEST_GEN(qemuMonitorJSONDriveMirror); DO_TEST_GEN(qemuMonitorJSONBlockCommit); DO_TEST_GEN(qemuMonitorJSONDrivePivot); --=20 2.16.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list