From nobody Mon Feb  9 12:25:24 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1493734988754104.97220159646747;
 Tue, 2 May 2017 07:23:08 -0700 (PDT)
Received: from localhost ([::1]:59233 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1d5Yhm-000777-90
	for importer@patchew.org; Tue, 02 May 2017 10:23:06 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:45127)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1d5YeR-0004jU-3M
	for qemu-devel@nongnu.org; Tue, 02 May 2017 10:19:40 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1d5YeQ-0001Yz-2F
	for qemu-devel@nongnu.org; Tue, 02 May 2017 10:19:39 -0400
Received: from mx1.redhat.com ([209.132.183.28]:60814)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <berrange@redhat.com>)
	id 1d5YeN-0001YF-DI; Tue, 02 May 2017 10:19:35 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 656F210948D;
	Tue,  2 May 2017 14:19:34 +0000 (UTC)
Received: from t460.redhat.com (ovpn-117-189.ams2.redhat.com [10.36.117.189])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 8522C77FFB;
	Tue,  2 May 2017 14:19:28 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 656F210948D
Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com;
	dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com;
	spf=pass smtp.mailfrom=berrange@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 656F210948D
From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Date: Tue,  2 May 2017 15:18:57 +0100
Message-Id: <20170502141858.24805-5-berrange@redhat.com>
In-Reply-To: <20170502141858.24805-1-berrange@redhat.com>
References: <20170502141858.24805-1-berrange@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.26]);
	Tue, 02 May 2017 14:19:34 +0000 (UTC)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
	[fuzzy]
X-Received-From: 209.132.183.28
Subject: [Qemu-devel] [PATCH v6 4/5] qemu-img: copy *key-secret opts when
 opening newly created files
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Kevin Wolf <kwolf@redhat.com>, Fam Zheng <famz@redhat.com>,
	qemu-block@nongnu.org, Max Reitz <mreitz@redhat.com>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"

The qemu-img dd/convert commands will create an image file and
then try to open it. Historically it has been possible to open
new files without passing any options. With encrypted files
though, the *key-secret options are mandatory, so we need to
provide those options when opening the newly created file.

Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 qemu-img.c | 41 +++++++++++++++++++++++++++++++++++------
 1 file changed, 35 insertions(+), 6 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index 94c8cea..cbf05b4 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -305,15 +305,17 @@ static BlockBackend *img_open_opts(const char *optstr,
 }
=20
 static BlockBackend *img_open_file(const char *filename,
+                                   QDict *options,
                                    const char *fmt, int flags,
                                    bool writethrough, bool quiet)
 {
     BlockBackend *blk;
     Error *local_err =3D NULL;
-    QDict *options =3D NULL;
=20
     if (fmt) {
-        options =3D qdict_new();
+        if (!options) {
+            options =3D qdict_new();
+        }
         qdict_put(options, "driver", qstring_from_str(fmt));
     }
=20
@@ -332,6 +334,33 @@ static BlockBackend *img_open_file(const char *filenam=
e,
 }
=20
=20
+static int img_add_key_secrets(void *opaque,
+                               const char *name, const char *value,
+                               Error **errp)
+{
+    QDict *options =3D opaque;
+
+    if (g_str_has_suffix(name, "key-secret")) {
+        qdict_put(options, name, qstring_from_str(value));
+    }
+
+    return 0;
+}
+
+static BlockBackend *img_open_new_file(const char *filename,
+                                       QemuOpts *create_opts,
+                                       const char *fmt, int flags,
+                                       bool writethrough, bool quiet)
+{
+    QDict *options =3D NULL;
+
+    options =3D qdict_new();
+    qemu_opt_foreach(create_opts, img_add_key_secrets, options, &error_abo=
rt);
+
+    return img_open_file(filename, options, fmt, flags, writethrough, quie=
t);
+}
+
+
 static BlockBackend *img_open(bool image_opts,
                               const char *filename,
                               const char *fmt, int flags, bool writethroug=
h,
@@ -351,7 +380,7 @@ static BlockBackend *img_open(bool image_opts,
         }
         blk =3D img_open_opts(filename, opts, flags, writethrough, quiet);
     } else {
-        blk =3D img_open_file(filename, fmt, flags, writethrough, quiet);
+        blk =3D img_open_file(filename, NULL, fmt, flags, writethrough, qu=
iet);
     }
     return blk;
 }
@@ -2256,8 +2285,8 @@ static int img_convert(int argc, char **argv)
          * That has to wait for bdrv_create to be improved
          * to allow filenames in option syntax
          */
-        s.target =3D img_open_file(out_filename, out_fmt, flags,
-                                 writethrough, quiet);
+        s.target =3D img_open_new_file(out_filename, opts, out_fmt,
+                                     flags, writethrough, quiet);
     }
     if (!s.target) {
         ret =3D -1;
@@ -4269,7 +4298,7 @@ static int img_dd(int argc, char **argv)
      * with the bdrv_create() call above which does not
      * support image-opts style.
      */
-    blk2 =3D img_open_file(out.filename, out_fmt, BDRV_O_RDWR,
+    blk2 =3D img_open_file(out.filename, NULL, out_fmt, BDRV_O_RDWR,
                          false, false);
=20
     if (!blk2) {
--=20
2.9.3