mirror of https://github.com/proxmox/mirror_qemu
luks: extract qcrypto_block_calculate_payload_offset()
The qcow2 .bdrv_measure() code calculates the crypto payload offset. This logic really belongs in crypto/block.c where it can be reused by other image formats. The "luks" block driver will need this same logic in order to implement .bdrv_measure(), so extract the qcrypto_block_calculate_payload_offset() function now. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-Id: <20200221112522.1497712-2-stefanha@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>master
parent
ba29883206
commit
6d49d3a859
|
@ -4608,60 +4608,6 @@ static coroutine_fn int qcow2_co_flush_to_os(BlockDriverState *bs)
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static ssize_t qcow2_measure_crypto_hdr_init_func(QCryptoBlock *block,
|
|
||||||
size_t headerlen, void *opaque, Error **errp)
|
|
||||||
{
|
|
||||||
size_t *headerlenp = opaque;
|
|
||||||
|
|
||||||
/* Stash away the payload size */
|
|
||||||
*headerlenp = headerlen;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static ssize_t qcow2_measure_crypto_hdr_write_func(QCryptoBlock *block,
|
|
||||||
size_t offset, const uint8_t *buf, size_t buflen,
|
|
||||||
void *opaque, Error **errp)
|
|
||||||
{
|
|
||||||
/* Discard the bytes, we're not actually writing to an image */
|
|
||||||
return buflen;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Determine the number of bytes for the LUKS payload */
|
|
||||||
static bool qcow2_measure_luks_headerlen(QemuOpts *opts, size_t *len,
|
|
||||||
Error **errp)
|
|
||||||
{
|
|
||||||
QDict *opts_qdict;
|
|
||||||
QDict *cryptoopts_qdict;
|
|
||||||
QCryptoBlockCreateOptions *cryptoopts;
|
|
||||||
QCryptoBlock *crypto;
|
|
||||||
|
|
||||||
/* Extract "encrypt." options into a qdict */
|
|
||||||
opts_qdict = qemu_opts_to_qdict(opts, NULL);
|
|
||||||
qdict_extract_subqdict(opts_qdict, &cryptoopts_qdict, "encrypt.");
|
|
||||||
qobject_unref(opts_qdict);
|
|
||||||
|
|
||||||
/* Build QCryptoBlockCreateOptions object from qdict */
|
|
||||||
qdict_put_str(cryptoopts_qdict, "format", "luks");
|
|
||||||
cryptoopts = block_crypto_create_opts_init(cryptoopts_qdict, errp);
|
|
||||||
qobject_unref(cryptoopts_qdict);
|
|
||||||
if (!cryptoopts) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Fake LUKS creation in order to determine the payload size */
|
|
||||||
crypto = qcrypto_block_create(cryptoopts, "encrypt.",
|
|
||||||
qcow2_measure_crypto_hdr_init_func,
|
|
||||||
qcow2_measure_crypto_hdr_write_func,
|
|
||||||
len, errp);
|
|
||||||
qapi_free_QCryptoBlockCreateOptions(cryptoopts);
|
|
||||||
if (!crypto) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
qcrypto_block_free(crypto);
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
static BlockMeasureInfo *qcow2_measure(QemuOpts *opts, BlockDriverState *in_bs,
|
static BlockMeasureInfo *qcow2_measure(QemuOpts *opts, BlockDriverState *in_bs,
|
||||||
Error **errp)
|
Error **errp)
|
||||||
{
|
{
|
||||||
|
@ -4712,9 +4658,27 @@ static BlockMeasureInfo *qcow2_measure(QemuOpts *opts, BlockDriverState *in_bs,
|
||||||
g_free(optstr);
|
g_free(optstr);
|
||||||
|
|
||||||
if (has_luks) {
|
if (has_luks) {
|
||||||
|
g_autoptr(QCryptoBlockCreateOptions) create_opts = NULL;
|
||||||
|
QDict *opts_qdict;
|
||||||
|
QDict *cryptoopts;
|
||||||
size_t headerlen;
|
size_t headerlen;
|
||||||
|
|
||||||
if (!qcow2_measure_luks_headerlen(opts, &headerlen, &local_err)) {
|
opts_qdict = qemu_opts_to_qdict(opts, NULL);
|
||||||
|
qdict_extract_subqdict(opts_qdict, &cryptoopts, "encrypt.");
|
||||||
|
qobject_unref(opts_qdict);
|
||||||
|
|
||||||
|
qdict_put_str(cryptoopts, "format", "luks");
|
||||||
|
|
||||||
|
create_opts = block_crypto_create_opts_init(cryptoopts, errp);
|
||||||
|
qobject_unref(cryptoopts);
|
||||||
|
if (!create_opts) {
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!qcrypto_block_calculate_payload_offset(create_opts,
|
||||||
|
"encrypt.",
|
||||||
|
&headerlen,
|
||||||
|
&local_err)) {
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -115,6 +115,42 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static ssize_t qcrypto_block_headerlen_hdr_init_func(QCryptoBlock *block,
|
||||||
|
size_t headerlen, void *opaque, Error **errp)
|
||||||
|
{
|
||||||
|
size_t *headerlenp = opaque;
|
||||||
|
|
||||||
|
/* Stash away the payload size */
|
||||||
|
*headerlenp = headerlen;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static ssize_t qcrypto_block_headerlen_hdr_write_func(QCryptoBlock *block,
|
||||||
|
size_t offset, const uint8_t *buf, size_t buflen,
|
||||||
|
void *opaque, Error **errp)
|
||||||
|
{
|
||||||
|
/* Discard the bytes, we're not actually writing to an image */
|
||||||
|
return buflen;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
bool
|
||||||
|
qcrypto_block_calculate_payload_offset(QCryptoBlockCreateOptions *create_opts,
|
||||||
|
const char *optprefix,
|
||||||
|
size_t *len,
|
||||||
|
Error **errp)
|
||||||
|
{
|
||||||
|
/* Fake LUKS creation in order to determine the payload size */
|
||||||
|
g_autoptr(QCryptoBlock) crypto =
|
||||||
|
qcrypto_block_create(create_opts, optprefix,
|
||||||
|
qcrypto_block_headerlen_hdr_init_func,
|
||||||
|
qcrypto_block_headerlen_hdr_write_func,
|
||||||
|
len, errp);
|
||||||
|
return crypto != NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
|
QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
|
||||||
Error **errp)
|
Error **errp)
|
||||||
{
|
{
|
||||||
|
|
|
@ -145,6 +145,26 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
|
||||||
Error **errp);
|
Error **errp);
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* qcrypto_block_calculate_payload_offset:
|
||||||
|
* @create_opts: the encryption options
|
||||||
|
* @optprefix: name prefix for options
|
||||||
|
* @len: output for number of header bytes before payload
|
||||||
|
* @errp: pointer to a NULL-initialized error object
|
||||||
|
*
|
||||||
|
* Calculate the number of header bytes before the payload in an encrypted
|
||||||
|
* storage volume. The header is an area before the payload that is reserved
|
||||||
|
* for encryption metadata.
|
||||||
|
*
|
||||||
|
* Returns: true on success, false on error
|
||||||
|
*/
|
||||||
|
bool
|
||||||
|
qcrypto_block_calculate_payload_offset(QCryptoBlockCreateOptions *create_opts,
|
||||||
|
const char *optprefix,
|
||||||
|
size_t *len,
|
||||||
|
Error **errp);
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* qcrypto_block_get_info:
|
* qcrypto_block_get_info:
|
||||||
* @block: the block encryption object
|
* @block: the block encryption object
|
||||||
|
@ -269,5 +289,7 @@ uint64_t qcrypto_block_get_sector_size(QCryptoBlock *block);
|
||||||
void qcrypto_block_free(QCryptoBlock *block);
|
void qcrypto_block_free(QCryptoBlock *block);
|
||||||
|
|
||||||
G_DEFINE_AUTOPTR_CLEANUP_FUNC(QCryptoBlock, qcrypto_block_free)
|
G_DEFINE_AUTOPTR_CLEANUP_FUNC(QCryptoBlock, qcrypto_block_free)
|
||||||
|
G_DEFINE_AUTOPTR_CLEANUP_FUNC(QCryptoBlockCreateOptions,
|
||||||
|
qapi_free_QCryptoBlockCreateOptions)
|
||||||
|
|
||||||
#endif /* QCRYPTO_BLOCK_H */
|
#endif /* QCRYPTO_BLOCK_H */
|
||||||
|
|
Loading…
Reference in New Issue