The qemu-img dd/convert commands will create a image file and
then try to open it. Historically it has been possible to open
new files without passing any options. With encrypted files
though, the *key-secret options are mandatory, so we need to
provide those options when opening the newly created file.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
qemu-img.c | 41 +++++++++++++++++++++++++++++++++++------
1 file changed, 35 insertions(+), 6 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index 31c4923..3d9e7b3 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -305,15 +305,17 @@ static BlockBackend *img_open_opts(const char *optstr,
}
static BlockBackend *img_open_file(const char *filename,
+ QDict *options,
const char *fmt, int flags,
bool writethrough, bool quiet)
{
BlockBackend *blk;
Error *local_err = NULL;
- QDict *options = NULL;
if (fmt) {
- options = qdict_new();
+ if (!options) {
+ options = qdict_new();
+ }
qdict_put(options, "driver", qstring_from_str(fmt));
}
@@ -332,6 +334,33 @@ static BlockBackend *img_open_file(const char *filename,
}
+static int img_add_key_secrets(void *opaque,
+ const char *name, const char *value,
+ Error **errp)
+{
+ QDict *options = opaque;
+
+ if (g_str_has_suffix(name, "key-secret")) {
+ qdict_put(options, name, qstring_from_str(value));
+ }
+
+ return 0;
+}
+
+static BlockBackend *img_open_new_file(const char *filename,
+ QemuOpts *create_opts,
+ const char *fmt, int flags,
+ bool writethrough, bool quiet)
+{
+ QDict *options = NULL;
+
+ options = qdict_new();
+ qemu_opt_foreach(create_opts, img_add_key_secrets, options, NULL);
+
+ return img_open_file(filename, options, fmt, flags, writethrough, quiet);
+}
+
+
static BlockBackend *img_open(bool image_opts,
const char *filename,
const char *fmt, int flags, bool writethrough,
@@ -351,7 +380,7 @@ static BlockBackend *img_open(bool image_opts,
}
blk = img_open_opts(filename, opts, flags, writethrough, quiet);
} else {
- blk = img_open_file(filename, fmt, flags, writethrough, quiet);
+ blk = img_open_file(filename, NULL, fmt, flags, writethrough, quiet);
}
return blk;
}
@@ -2301,8 +2330,8 @@ static int img_convert(int argc, char **argv)
* That has to wait for bdrv_create to be improved
* to allow filenames in option syntax
*/
- out_blk = img_open_file(out_filename, out_fmt,
- flags, writethrough, quiet);
+ out_blk = img_open_new_file(out_filename, opts, out_fmt,
+ flags, writethrough, quiet);
}
if (!out_blk) {
ret = -1;
@@ -4351,7 +4380,7 @@ static int img_dd(int argc, char **argv)
* with the bdrv_create() call above which does not
* support image-opts style.
*/
- blk2 = img_open_file(out.filename, out_fmt, BDRV_O_RDWR,
+ blk2 = img_open_file(out.filename, NULL, out_fmt, BDRV_O_RDWR,
false, false);
if (!blk2) {
--
2.9.3
On 04/12/2017 11:44 AM, Daniel P. Berrange wrote:
> The qemu-img dd/convert commands will create a image file and
> then try to open it. Historically it has been possible to open
> new files without passing any options. With encrypted files
> though, the *key-secret options are mandatory, so we need to
> provide those options when opening the newly created file.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> qemu-img.c | 41 +++++++++++++++++++++++++++++++++++------
> 1 file changed, 35 insertions(+), 6 deletions(-)
Reviewed-by: Eric Blake <eblake@redhat.com>
> @@ -332,6 +334,33 @@ static BlockBackend *img_open_file(const char *filename,
> }
>
>
> +static int img_add_key_secrets(void *opaque,
> + const char *name, const char *value,
> + Error **errp)
> +{
> + QDict *options = opaque;
> +
> + if (g_str_has_suffix(name, "key-secret")) {
> + qdict_put(options, name, qstring_from_str(value));
If my patch to add qdict_put_str() lands (probably through Markus'
qapi-next tree) before yours, you can simplify this line. If yours lands
first, we just rerun my Coccinelle script to simplify it as part of my
patch.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
On 12.04.2017 18:44, Daniel P. Berrange wrote:
> The qemu-img dd/convert commands will create a image file and
> then try to open it. Historically it has been possible to open
> new files without passing any options. With encrypted files
> though, the *key-secret options are mandatory, so we need to
> provide those options when opening the newly created file.
>
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
> qemu-img.c | 41 +++++++++++++++++++++++++++++++++++------
> 1 file changed, 35 insertions(+), 6 deletions(-)
Thanks!
> diff --git a/qemu-img.c b/qemu-img.c
> index 31c4923..3d9e7b3 100644
> --- a/qemu-img.c
> +++ b/qemu-img.c
[...]
> @@ -332,6 +334,33 @@ static BlockBackend *img_open_file(const char *filename,
> }
>
>
> +static int img_add_key_secrets(void *opaque,
> + const char *name, const char *value,
> + Error **errp)
> +{
> + QDict *options = opaque;
> +
> + if (g_str_has_suffix(name, "key-secret")) {
> + qdict_put(options, name, qstring_from_str(value));
> + }
> +
> + return 0;
> +}
> +
> +static BlockBackend *img_open_new_file(const char *filename,
> + QemuOpts *create_opts,
> + const char *fmt, int flags,
> + bool writethrough, bool quiet)
> +{
> + QDict *options = NULL;
> +
> + options = qdict_new();
> + qemu_opt_foreach(create_opts, img_add_key_secrets, options, NULL);
I'd prefer &error_abort instead of NULL there. Not a hard requirement,
but I don't see a reason not to use it.
Max
> +
> + return img_open_file(filename, options, fmt, flags, writethrough, quiet);
> +}
> +
> +
> static BlockBackend *img_open(bool image_opts,
> const char *filename,
> const char *fmt, int flags, bool writethrough,
> @@ -351,7 +380,7 @@ static BlockBackend *img_open(bool image_opts,
[...]
© 2016 - 2026 Red Hat, Inc.