From patchwork Mon Mar 27 13:26:34 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Markus Armbruster X-Patchwork-Id: 9646685 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id ACF19602D6 for ; Mon, 27 Mar 2017 13:28:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 99A132838E for ; Mon, 27 Mar 2017 13:28:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8E57C28417; Mon, 27 Mar 2017 13:28:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id BE6D428446 for ; Mon, 27 Mar 2017 13:28:00 +0000 (UTC) Received: from localhost ([::1]:46808 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1csUgh-000285-Oe for patchwork-qemu-devel@patchwork.kernel.org; Mon, 27 Mar 2017 09:27:59 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60335) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1csUfW-00026x-WB for qemu-devel@nongnu.org; Mon, 27 Mar 2017 09:26:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1csUfQ-0006Pk-LU for qemu-devel@nongnu.org; Mon, 27 Mar 2017 09:26:46 -0400 Received: from mx1.redhat.com ([209.132.183.28]:39030) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1csUfQ-0006OW-9y for qemu-devel@nongnu.org; Mon, 27 Mar 2017 09:26:40 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1C6D8C0641EA for ; Mon, 27 Mar 2017 13:26:39 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 1C6D8C0641EA Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=armbru@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 1C6D8C0641EA Received: from blackfin.pond.sub.org (ovpn-116-26.ams2.redhat.com [10.36.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 903A48866A; Mon, 27 Mar 2017 13:26:38 +0000 (UTC) Received: by blackfin.pond.sub.org (Postfix, from userid 1000) id 8E481113860E; Mon, 27 Mar 2017 15:26:35 +0200 (CEST) From: Markus Armbruster To: qemu-devel@nongnu.org Date: Mon, 27 Mar 2017 15:26:34 +0200 Message-Id: <1490621195-2228-11-git-send-email-armbru@redhat.com> In-Reply-To: <1490621195-2228-1-git-send-email-armbru@redhat.com> References: <1490621195-2228-1-git-send-email-armbru@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Mon, 27 Mar 2017 13:26:39 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH RFC v3 for-2.9 10/11] Revert "rbd: add support for getting password from QCryptoSecret object" X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jdurgin@redhat.com, jcody@redhat.com, mreitz@redhat.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP This reverts commit 60390a2192e7b38aee18db6ce7fb740498709737. The commit's rationale Currently RBD passwords must be provided on the command line via $QEMU -drive file=rbd:pool/image:id=myname:\ key=QVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMUE=:\ auth_supported=cephx This is insecure because the key is visible in the OS process listing. is invalid. You can easily avoid passing keys on the command line by using "keyfile" instead of "key". In fact, the Ceph documentation calls use of key "not recommended". But the most common way to provide keys is a keyring. The default keyrings should be just fine for most users. When they aren't, you can configure your own keyrings with "keyring" or override the key with "keyfile". The commit adds parameter password-secret to -drive. Support for it was included in -blockdev, but reverted in the previous commit due to concerns about the QMP interface. Revert it from -drive, too. Cc: Daniel P. Berrange Signed-off-by: Markus Armbruster --- block/rbd.c | 47 ----------------------------------------------- 1 file changed, 47 deletions(-) diff --git a/block/rbd.c b/block/rbd.c index 103ce44..5a58d3e 100644 --- a/block/rbd.c +++ b/block/rbd.c @@ -16,7 +16,6 @@ #include "qapi/error.h" #include "qemu/error-report.h" #include "block/block_int.h" -#include "crypto/secret.h" #include "qemu/cutils.h" #include "qapi/qmp/qstring.h" @@ -225,26 +224,6 @@ done: return; } - -static int qemu_rbd_set_auth(rados_t cluster, const char *secretid, - Error **errp) -{ - if (secretid == 0) { - return 0; - } - - gchar *secret = qcrypto_secret_lookup_as_base64(secretid, - errp); - if (!secret) { - return -1; - } - - rados_conf_set(cluster, "key", secret); - g_free(secret); - - return 0; -} - static int qemu_rbd_set_keypairs(rados_t cluster, const char *keypairs, Error **errp) { @@ -322,11 +301,6 @@ static QemuOptsList runtime_opts = { /* * server.* extracted manually, see qemu_rbd_array_opts() */ - { - .name = "password-secret", - .type = QEMU_OPT_STRING, - .help = "ID of secret providing the password", - }, /* * Keys for qemu_rbd_parse_filename(), not in the QAPI schema @@ -366,14 +340,11 @@ static int qemu_rbd_create(const char *filename, QemuOpts *opts, Error **errp) int64_t objsize; int obj_order = 0; const char *pool, *name, *conf, *clientname, *keypairs; - const char *secretid; rados_t cluster; rados_ioctx_t io_ctx; QDict *options = NULL; int ret = 0; - secretid = qemu_opt_get(opts, "password-secret"); - /* Read out options */ bytes = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0), BDRV_SECTOR_SIZE); @@ -426,11 +397,6 @@ static int qemu_rbd_create(const char *filename, QemuOpts *opts, Error **errp) goto shutdown; } - if (qemu_rbd_set_auth(cluster, secretid, errp) < 0) { - ret = -EIO; - goto shutdown; - } - ret = rados_connect(cluster); if (ret < 0) { error_setg_errno(errp, -ret, "error connecting"); @@ -596,7 +562,6 @@ static int qemu_rbd_open(BlockDriverState *bs, QDict *options, int flags, { BDRVRBDState *s = bs->opaque; const char *pool, *snap, *conf, *clientname, *name, *keypairs; - const char *secretid; QemuOpts *opts; Error *local_err = NULL; char *mon_host = NULL; @@ -618,8 +583,6 @@ static int qemu_rbd_open(BlockDriverState *bs, QDict *options, int flags, goto failed_opts; } - secretid = qemu_opt_get(opts, "password-secret"); - pool = qemu_opt_get(opts, "pool"); conf = qemu_opt_get(opts, "conf"); snap = qemu_opt_get(opts, "snapshot"); @@ -661,11 +624,6 @@ static int qemu_rbd_open(BlockDriverState *bs, QDict *options, int flags, } } - if (qemu_rbd_set_auth(s->cluster, secretid, errp) < 0) { - r = -EIO; - goto failed_shutdown; - } - /* * Fallback to more conservative semantics if setting cache * options fails. Ignore errors from setting rbd_cache because the @@ -1105,11 +1063,6 @@ static QemuOptsList qemu_rbd_create_opts = { .type = QEMU_OPT_SIZE, .help = "RBD object size" }, - { - .name = "password-secret", - .type = QEMU_OPT_STRING, - .help = "ID of secret providing the password", - }, { /* end of list */ } } };