From patchwork Tue Feb 19 12:50:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 10819849 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A88E31390 for ; Tue, 19 Feb 2019 12:54:37 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9732628680 for ; Tue, 19 Feb 2019 12:54:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8BB872C19F; Tue, 19 Feb 2019 12:54:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id BD61328680 for ; Tue, 19 Feb 2019 12:54:32 +0000 (UTC) Received: from localhost ([127.0.0.1]:47651 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gw4ut-0000Q3-VA for patchwork-qemu-devel@patchwork.kernel.org; Tue, 19 Feb 2019 07:54:31 -0500 Received: from eggs.gnu.org ([209.51.188.92]:51415) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gw4rV-0005x4-9B for qemu-devel@nongnu.org; Tue, 19 Feb 2019 07:51:02 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gw4rU-00085G-2G for qemu-devel@nongnu.org; Tue, 19 Feb 2019 07:51:01 -0500 Received: from mx1.redhat.com ([209.132.183.28]:39036) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gw4rS-00080n-2F; Tue, 19 Feb 2019 07:50:58 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B967B87624; Tue, 19 Feb 2019 12:50:51 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-57.ams2.redhat.com [10.36.112.57]) by smtp.corp.redhat.com (Postfix) with ESMTP id 982AD19C58; Tue, 19 Feb 2019 12:50:49 +0000 (UTC) From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Tue, 19 Feb 2019 12:50:43 +0000 Message-Id: <20190219125044.5416-2-berrange@redhat.com> In-Reply-To: <20190219125044.5416-1-berrange@redhat.com> References: <20190219125044.5416-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 19 Feb 2019 12:50:51 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH 1/2] qcow2: fail if encryption opts are provided to non-encrypted image X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP If the qcow2 image does not have any encryption method specified in its header, the user should not be providing any encryption options when opening it. We already detect this if the user had set "encrypt.format" but this field is optional so must consider any "encrypt.*" option to be an error. Signed-off-by: Daniel P. Berrangé Reviewed-by: Eric Blake --- block/qcow2.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/block/qcow2.c b/block/qcow2.c index 65a54c9ac6..ecc577175f 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -1045,6 +1045,12 @@ static int qcow2_update_options_prepare(BlockDriverState *bs, ret = -EINVAL; goto fail; } + if (encryptopts && qdict_size(encryptopts)) { + error_setg(errp, "No encryption in image header, but encryption " + "options provided"); + ret = -EINVAL; + goto fail; + } break; case QCOW_CRYPT_AES: From patchwork Tue Feb 19 12:50:44 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 10819847 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 63B9C13BF for ; Tue, 19 Feb 2019 12:52:19 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5343F2C194 for ; Tue, 19 Feb 2019 12:52:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 519642C17F; Tue, 19 Feb 2019 12:52:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id F0A912C19A for ; Tue, 19 Feb 2019 12:52:18 +0000 (UTC) Received: from localhost ([127.0.0.1]:47623 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gw4sk-0006wt-7r for patchwork-qemu-devel@patchwork.kernel.org; Tue, 19 Feb 2019 07:52:18 -0500 Received: from eggs.gnu.org ([209.51.188.92]:51398) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gw4rU-0005wk-IQ for qemu-devel@nongnu.org; Tue, 19 Feb 2019 07:51:01 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gw4rT-00084Y-JR for qemu-devel@nongnu.org; Tue, 19 Feb 2019 07:51:00 -0500 Received: from mx1.redhat.com ([209.132.183.28]:46032) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gw4rR-00081S-Qq; Tue, 19 Feb 2019 07:50:57 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 80267C04BE0C; Tue, 19 Feb 2019 12:50:54 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-57.ams2.redhat.com [10.36.112.57]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3087919C58; Tue, 19 Feb 2019 12:50:51 +0000 (UTC) From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Tue, 19 Feb 2019 12:50:44 +0000 Message-Id: <20190219125044.5416-3-berrange@redhat.com> In-Reply-To: <20190219125044.5416-1-berrange@redhat.com> References: <20190219125044.5416-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Tue, 19 Feb 2019 12:50:54 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH 2/2] qcow2: mark image as corrupt if failing during create X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP During creation we write a minimal qcow2 header and then update it with extra features. If the updating fails for some reason we might still be left with a valid qcow2 image that will be mistakenly used for I/O. We cannot delete the image, since we don't know if we created the underlying storage or not. Thus we mark the header as corrupt to prevents its later usage. Signed-off-by: Daniel P. Berrangé --- block/qcow2.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/block/qcow2.c b/block/qcow2.c index ecc577175f..338513e652 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -3104,6 +3104,9 @@ qcow2_co_create(BlockdevCreateOptions *create_options, Error **errp) ret = 0; out: + if (ret < 0) { + qcow2_mark_corrupt(blk_bs(blk)); + } blk_unref(blk); bdrv_unref(bs); return ret;