4172d6971a
- kvm-block-Use-QEMU_IS_ALIGNED.patch [bz#1745922] - kvm-block-qcow2-Fix-corruption-introduced-by-commit-8ac0.patch [bz#1745922] - kvm-block-qcow2-refactor-encryption-code.patch [bz#1745922] - kvm-qemu-iotests-Add-test-for-bz-1745922.patch [bz#1745922] - Resolves: bz#1745922 (Luks-inside-qcow2 snapshot cannot boot after 'qemu-img rebase')
235 lines
9.4 KiB
Diff
235 lines
9.4 KiB
Diff
From 780fbdf04884188eca3d5891faa2b2417a88ef14 Mon Sep 17 00:00:00 2001
|
|
From: Maxim Levitsky <mlevitsk@redhat.com>
|
|
Date: Tue, 24 Sep 2019 21:11:51 +0100
|
|
Subject: [PATCH 3/4] block/qcow2: refactor encryption code
|
|
|
|
RH-Author: Maxim Levitsky <mlevitsk@redhat.com>
|
|
Message-id: <20190924211152.13461-4-mlevitsk@redhat.com>
|
|
Patchwork-id: 90876
|
|
O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH v2 3/4] block/qcow2: refactor encryption code
|
|
Bugzilla: 1745922
|
|
RH-Acked-by: John Snow <jsnow@redhat.com>
|
|
RH-Acked-by: Max Reitz <mreitz@redhat.com>
|
|
RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>
|
|
|
|
* Change the qcow2_co_{encrypt|decrypt} to just receive full host and
|
|
guest offsets and use this function directly instead of calling
|
|
do_perform_cow_encrypt (which is removed by that patch).
|
|
|
|
* Adjust qcow2_co_encdec to take full host and guest offsets as well.
|
|
|
|
* Document the qcow2_co_{encrypt|decrypt} arguments
|
|
to prevent the bug fixed in former commit from hopefully
|
|
happening again.
|
|
|
|
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
|
|
Message-id: 20190915203655.21638-3-mlevitsk@redhat.com
|
|
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
|
|
[mreitz: Let perform_cow() return the error value returned by
|
|
qcow2_co_encrypt(), as proposed by Vladimir]
|
|
Signed-off-by: Max Reitz <mreitz@redhat.com>
|
|
(cherry picked from commit 603fbd076c76438b15ec842f0e2d1ba4867dfd00)
|
|
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
|
|
|
|
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
|
---
|
|
block/qcow2-cluster.c | 41 +++++++++++----------------------
|
|
block/qcow2-threads.c | 63 +++++++++++++++++++++++++++++++++++++++------------
|
|
block/qcow2.c | 5 ++--
|
|
block/qcow2.h | 8 +++----
|
|
4 files changed, 69 insertions(+), 48 deletions(-)
|
|
|
|
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
|
|
index 11e5a92..b30fd12 100644
|
|
--- a/block/qcow2-cluster.c
|
|
+++ b/block/qcow2-cluster.c
|
|
@@ -461,28 +461,6 @@ static int coroutine_fn do_perform_cow_read(BlockDriverState *bs,
|
|
return 0;
|
|
}
|
|
|
|
-static bool coroutine_fn do_perform_cow_encrypt(BlockDriverState *bs,
|
|
- uint64_t src_cluster_offset,
|
|
- uint64_t cluster_offset,
|
|
- unsigned offset_in_cluster,
|
|
- uint8_t *buffer,
|
|
- unsigned bytes)
|
|
-{
|
|
- if (bytes && bs->encrypted) {
|
|
- BDRVQcow2State *s = bs->opaque;
|
|
- assert(QEMU_IS_ALIGNED(offset_in_cluster, BDRV_SECTOR_SIZE));
|
|
- assert(QEMU_IS_ALIGNED(bytes, BDRV_SECTOR_SIZE));
|
|
- assert(s->crypto);
|
|
- if (qcow2_co_encrypt(bs,
|
|
- start_of_cluster(s, cluster_offset + offset_in_cluster),
|
|
- src_cluster_offset + offset_in_cluster,
|
|
- buffer, bytes) < 0) {
|
|
- return false;
|
|
- }
|
|
- }
|
|
- return true;
|
|
-}
|
|
-
|
|
static int coroutine_fn do_perform_cow_write(BlockDriverState *bs,
|
|
uint64_t cluster_offset,
|
|
unsigned offset_in_cluster,
|
|
@@ -887,12 +865,19 @@ static int perform_cow(BlockDriverState *bs, QCowL2Meta *m)
|
|
|
|
/* Encrypt the data if necessary before writing it */
|
|
if (bs->encrypted) {
|
|
- if (!do_perform_cow_encrypt(bs, m->offset, m->alloc_offset,
|
|
- start->offset, start_buffer,
|
|
- start->nb_bytes) ||
|
|
- !do_perform_cow_encrypt(bs, m->offset, m->alloc_offset,
|
|
- end->offset, end_buffer, end->nb_bytes)) {
|
|
- ret = -EIO;
|
|
+ ret = qcow2_co_encrypt(bs,
|
|
+ m->alloc_offset + start->offset,
|
|
+ m->offset + start->offset,
|
|
+ start_buffer, start->nb_bytes);
|
|
+ if (ret < 0) {
|
|
+ goto fail;
|
|
+ }
|
|
+
|
|
+ ret = qcow2_co_encrypt(bs,
|
|
+ m->alloc_offset + end->offset,
|
|
+ m->offset + end->offset,
|
|
+ end_buffer, end->nb_bytes);
|
|
+ if (ret < 0) {
|
|
goto fail;
|
|
}
|
|
}
|
|
diff --git a/block/qcow2-threads.c b/block/qcow2-threads.c
|
|
index 3b1e63f..8f5a0d1 100644
|
|
--- a/block/qcow2-threads.c
|
|
+++ b/block/qcow2-threads.c
|
|
@@ -234,35 +234,70 @@ static int qcow2_encdec_pool_func(void *opaque)
|
|
}
|
|
|
|
static int coroutine_fn
|
|
-qcow2_co_encdec(BlockDriverState *bs, uint64_t file_cluster_offset,
|
|
- uint64_t offset, void *buf, size_t len, Qcow2EncDecFunc func)
|
|
+qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset,
|
|
+ uint64_t guest_offset, void *buf, size_t len,
|
|
+ Qcow2EncDecFunc func)
|
|
{
|
|
BDRVQcow2State *s = bs->opaque;
|
|
Qcow2EncDecData arg = {
|
|
.block = s->crypto,
|
|
- .offset = s->crypt_physical_offset ?
|
|
- file_cluster_offset + offset_into_cluster(s, offset) :
|
|
- offset,
|
|
+ .offset = s->crypt_physical_offset ? host_offset : guest_offset,
|
|
.buf = buf,
|
|
.len = len,
|
|
.func = func,
|
|
};
|
|
|
|
- return qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
|
|
+ assert(QEMU_IS_ALIGNED(guest_offset, BDRV_SECTOR_SIZE));
|
|
+ assert(QEMU_IS_ALIGNED(host_offset, BDRV_SECTOR_SIZE));
|
|
+ assert(QEMU_IS_ALIGNED(len, BDRV_SECTOR_SIZE));
|
|
+ assert(s->crypto);
|
|
+
|
|
+ return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
|
|
}
|
|
|
|
+/*
|
|
+ * qcow2_co_encrypt()
|
|
+ *
|
|
+ * Encrypts one or more contiguous aligned sectors
|
|
+ *
|
|
+ * @host_offset - underlying storage offset of the first sector of the
|
|
+ * data to be encrypted
|
|
+ *
|
|
+ * @guest_offset - guest (virtual) offset of the first sector of the
|
|
+ * data to be encrypted
|
|
+ *
|
|
+ * @buf - buffer with the data to encrypt, that after encryption
|
|
+ * will be written to the underlying storage device at
|
|
+ * @host_offset
|
|
+ *
|
|
+ * @len - length of the buffer (must be a BDRV_SECTOR_SIZE multiple)
|
|
+ *
|
|
+ * Depending on the encryption method, @host_offset and/or @guest_offset
|
|
+ * may be used for generating the initialization vector for
|
|
+ * encryption.
|
|
+ *
|
|
+ * Note that while the whole range must be aligned on sectors, it
|
|
+ * does not have to be aligned on clusters and can also cross cluster
|
|
+ * boundaries
|
|
+ */
|
|
int coroutine_fn
|
|
-qcow2_co_encrypt(BlockDriverState *bs, uint64_t file_cluster_offset,
|
|
- uint64_t offset, void *buf, size_t len)
|
|
+qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
|
|
+ uint64_t guest_offset, void *buf, size_t len)
|
|
{
|
|
- return qcow2_co_encdec(bs, file_cluster_offset, offset, buf, len,
|
|
- qcrypto_block_encrypt);
|
|
+ return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
|
|
+ qcrypto_block_encrypt);
|
|
}
|
|
|
|
+/*
|
|
+ * qcow2_co_decrypt()
|
|
+ *
|
|
+ * Decrypts one or more contiguous aligned sectors
|
|
+ * Similar to qcow2_co_encrypt
|
|
+ */
|
|
int coroutine_fn
|
|
-qcow2_co_decrypt(BlockDriverState *bs, uint64_t file_cluster_offset,
|
|
- uint64_t offset, void *buf, size_t len)
|
|
+qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
|
|
+ uint64_t guest_offset, void *buf, size_t len)
|
|
{
|
|
- return qcow2_co_encdec(bs, file_cluster_offset, offset, buf, len,
|
|
- qcrypto_block_decrypt);
|
|
+ return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
|
|
+ qcrypto_block_decrypt);
|
|
}
|
|
diff --git a/block/qcow2.c b/block/qcow2.c
|
|
index dc4302f..d4c4f24 100644
|
|
--- a/block/qcow2.c
|
|
+++ b/block/qcow2.c
|
|
@@ -2073,7 +2073,8 @@ static coroutine_fn int qcow2_co_preadv(BlockDriverState *bs, uint64_t offset,
|
|
assert(s->crypto);
|
|
assert(QEMU_IS_ALIGNED(offset, BDRV_SECTOR_SIZE));
|
|
assert(QEMU_IS_ALIGNED(cur_bytes, BDRV_SECTOR_SIZE));
|
|
- if (qcow2_co_decrypt(bs, cluster_offset, offset,
|
|
+ if (qcow2_co_decrypt(bs, cluster_offset + offset_in_cluster,
|
|
+ offset,
|
|
cluster_data, cur_bytes) < 0) {
|
|
ret = -EIO;
|
|
goto fail;
|
|
@@ -2288,7 +2289,7 @@ static coroutine_fn int qcow2_co_pwritev(BlockDriverState *bs, uint64_t offset,
|
|
QCOW_MAX_CRYPT_CLUSTERS * s->cluster_size);
|
|
qemu_iovec_to_buf(&hd_qiov, 0, cluster_data, hd_qiov.size);
|
|
|
|
- if (qcow2_co_encrypt(bs, cluster_offset, offset,
|
|
+ if (qcow2_co_encrypt(bs, cluster_offset + offset_in_cluster, offset,
|
|
cluster_data, cur_bytes) < 0) {
|
|
ret = -EIO;
|
|
goto out_unlocked;
|
|
diff --git a/block/qcow2.h b/block/qcow2.h
|
|
index fc1b0d3..b54e734 100644
|
|
--- a/block/qcow2.h
|
|
+++ b/block/qcow2.h
|
|
@@ -757,10 +757,10 @@ ssize_t coroutine_fn
|
|
qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size,
|
|
const void *src, size_t src_size);
|
|
int coroutine_fn
|
|
-qcow2_co_encrypt(BlockDriverState *bs, uint64_t file_cluster_offset,
|
|
- uint64_t offset, void *buf, size_t len);
|
|
+qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
|
|
+ uint64_t guest_offset, void *buf, size_t len);
|
|
int coroutine_fn
|
|
-qcow2_co_decrypt(BlockDriverState *bs, uint64_t file_cluster_offset,
|
|
- uint64_t offset, void *buf, size_t len);
|
|
+qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
|
|
+ uint64_t guest_offset, void *buf, size_t len);
|
|
|
|
#endif
|
|
--
|
|
1.8.3.1
|
|
|