[Libguestfs] [PATCH 3/3] OCaml tools: add crypto support (RHBZ#1362649)
Richard W.M. Jones
rjones at redhat.com
Mon Sep 19 17:35:22 UTC 2016
On Mon, Sep 19, 2016 at 07:12:46PM +0200, Pino Toscano wrote:
> Make use of the additional command line arguments, and API needed to
> decrypt LUKS partitions.
>
> This affects only virt-customize, virt-get-kernel, virt-sparsify, and
> virt-sysprep, as they are the main OCaml tools interacting with
> user-provided images.
> ---
> customize/customize_main.ml | 5 ++++-
> customize/virt-customize.pod | 12 ++++++++++++
> get-kernel/get_kernel.ml | 5 ++++-
> get-kernel/virt-get-kernel.pod | 12 ++++++++++++
> sparsify/cmdline.ml | 2 +-
> sparsify/copying.ml | 3 +++
> sparsify/in_place.ml | 3 +++
> sparsify/virt-sparsify.pod | 12 ++++++++++++
> sysprep/main.ml | 5 ++++-
> sysprep/virt-sysprep.pod | 12 ++++++++++++
> 10 files changed, 67 insertions(+), 4 deletions(-)
>
> diff --git a/customize/customize_main.ml b/customize/customize_main.ml
> index 07fd790..5613277 100644
> --- a/customize/customize_main.ml
> +++ b/customize/customize_main.ml
> @@ -102,7 +102,7 @@ A short summary of the options is given below. For detailed help please
> read the man page virt-customize(1).
> ")
> prog in
> - let opthandle = create_standard_options argspec usage_msg in
> + let opthandle = create_standard_options argspec ~key_opts:true usage_msg in
> Getopt.parse opthandle;
>
> if not !format_consumed then
> @@ -175,6 +175,9 @@ read the man page virt-customize(1).
> g#launch ();
> g in
>
> + (* Decrypt the disks. *)
> + inspect_decrypt g;
> +
> (* Inspection. *)
> (match Array.to_list (g#inspect_os ()) with
> | [] ->
> diff --git a/customize/virt-customize.pod b/customize/virt-customize.pod
> index e594f61..a0ca9c9 100644
> --- a/customize/virt-customize.pod
> +++ b/customize/virt-customize.pod
> @@ -107,6 +107,13 @@ used instead of names.
> Perform a read-only "dry run" on the guest. This runs the sysprep
> operation, but throws away any changes to the disk at the end.
>
> +=item B<--echo-keys>
> +
> +When prompting for keys and passphrases, virt-customize normally turns
> +echoing off so you cannot see what you are typing. If you are not
> +worried about Tempest attacks and there is no one else in the room
> +you can specify this flag to see what you are typing.
> +
> =item B<--format> raw|qcow2|..
>
> =item B<--format> auto
> @@ -131,6 +138,11 @@ If you have untrusted raw-format guest disk images, you should use
> this option to specify the disk format. This avoids a possible
> security problem with malicious guests (CVE-2010-3851).
>
> +=item B<--keys-from-stdin>
> +
> +Read key or passphrase parameters from stdin. The default is
> +to try to read passphrases from the user by opening F</dev/tty>.
> +
> =item B<-m> MB
>
> =item B<--memsize> MB
> diff --git a/get-kernel/get_kernel.ml b/get-kernel/get_kernel.ml
> index f83a940..adf9649 100644
> --- a/get-kernel/get_kernel.ml
> +++ b/get-kernel/get_kernel.ml
> @@ -70,7 +70,7 @@ A short summary of the options is given below. For detailed help please
> read the man page virt-get-kernel(1).
> ")
> prog in
> - let opthandle = create_standard_options argspec usage_msg in
> + let opthandle = create_standard_options argspec ~key_opts:true usage_msg in
> Getopt.parse opthandle;
>
> (* Machine-readable mode? Print out some facts about what
> @@ -174,6 +174,9 @@ let main () =
> add g;
> g#launch ();
>
> + (* Decrypt the disks. *)
> + inspect_decrypt g;
> +
> let roots = g#inspect_os () in
> if Array.length roots = 0 then
> error (f_"no operating system found");
> diff --git a/get-kernel/virt-get-kernel.pod b/get-kernel/virt-get-kernel.pod
> index 97a159c..8298fe5 100644
> --- a/get-kernel/virt-get-kernel.pod
> +++ b/get-kernel/virt-get-kernel.pod
> @@ -70,6 +70,13 @@ not used at all.
> Add all the disks from the named libvirt guest. Domain UUIDs can be
> used instead of names.
>
> +=item B<--echo-keys>
> +
> +When prompting for keys and passphrases, virt-get-kernel normally turns
> +echoing off so you cannot see what you are typing. If you are not
> +worried about Tempest attacks and there is no one else in the room
> +you can specify this flag to see what you are typing.
> +
> =item B<--format> raw|qcow2|..
>
> =item B<--format> auto
> @@ -82,6 +89,11 @@ If you have untrusted raw-format guest disk images, you should use
> this option to specify the disk format. This avoids a possible
> security problem with malicious guests (CVE-2010-3851).
>
> +=item B<--keys-from-stdin>
> +
> +Read key or passphrase parameters from stdin. The default is
> +to try to read passphrases from the user by opening F</dev/tty>.
> +
> =item B<--machine-readable>
>
> This option is used to make the output more machine friendly
> diff --git a/sparsify/cmdline.ml b/sparsify/cmdline.ml
> index 523d612..2a9dd48 100644
> --- a/sparsify/cmdline.ml
> +++ b/sparsify/cmdline.ml
> @@ -90,7 +90,7 @@ A short summary of the options is given below. For detailed help please
> read the man page virt-sparsify(1).
> ")
> prog in
> - let opthandle = create_standard_options argspec ~anon_fun usage_msg in
> + let opthandle = create_standard_options argspec ~anon_fun ~key_opts:true usage_msg in
> Getopt.parse opthandle;
>
> (* Dereference the rest of the args. *)
> diff --git a/sparsify/copying.ml b/sparsify/copying.ml
> index 003dbf8..9c66428 100644
> --- a/sparsify/copying.ml
> +++ b/sparsify/copying.ml
> @@ -182,6 +182,9 @@ You can ignore this warning or change it to a hard failure using the
>
> g in
>
> + (* Decrypt the disks. *)
> + inspect_decrypt g;
> +
> (* Modify SIGINT handler (set first above) to cancel the handle. *)
> let do_sigint _ =
> g#user_cancel ();
> diff --git a/sparsify/in_place.ml b/sparsify/in_place.ml
> index e2ee9d9..5411892 100644
> --- a/sparsify/in_place.ml
> +++ b/sparsify/in_place.ml
> @@ -57,6 +57,9 @@ let run disk format ignores machine_readable zeroes =
> if not (g#feature_available [|"fstrim"|]) then
> error ~exit_code:3 (f_"discard/trim is not supported");
>
> + (* Decrypt the disks. *)
> + inspect_decrypt g;
> +
> (* Discard non-ignored filesystems that we are able to mount, and
> * selected swap partitions.
> *)
> diff --git a/sparsify/virt-sparsify.pod b/sparsify/virt-sparsify.pod
> index 177cd03..fa72c23 100644
> --- a/sparsify/virt-sparsify.pod
> +++ b/sparsify/virt-sparsify.pod
> @@ -192,6 +192,13 @@ For fine-tuning the output format, see: I<--compress>, I<-o>.
>
> You cannot use this option and I<--in-place> together.
>
> +=item B<--echo-keys>
> +
> +When prompting for keys and passphrases, virt-sparsify normally turns
> +echoing off so you cannot see what you are typing. If you are not
> +worried about Tempest attacks and there is no one else in the room
> +you can specify this flag to see what you are typing.
> +
> =item B<--format> raw
>
> =item B<--format> qcow2
> @@ -223,6 +230,11 @@ You can give this option multiple times.
> Do in-place sparsification instead of copying sparsification.
> See L</IN-PLACE SPARSIFICATION> below.
>
> +=item B<--keys-from-stdin>
> +
> +Read key or passphrase parameters from stdin. The default is
> +to try to read passphrases from the user by opening F</dev/tty>.
> +
> =item B<--machine-readable>
>
> This option is used to make the output more machine friendly
> diff --git a/sysprep/main.ml b/sysprep/main.ml
> index 01ea590..2fa416f 100644
> --- a/sysprep/main.ml
> +++ b/sysprep/main.ml
> @@ -147,7 +147,7 @@ A short summary of the options is given below. For detailed help please
> read the man page virt-sysprep(1).
> ")
> prog in
> - let opthandle = create_standard_options args usage_msg in
> + let opthandle = create_standard_options args ~key_opts:true usage_msg in
> Getopt.parse opthandle;
>
> if not !format_consumed then
> @@ -216,6 +216,9 @@ read the man page virt-sysprep(1).
>
> operations, g, mount_opts in
>
> + (* Decrypt the disks. *)
> + inspect_decrypt g;
> +
> (* Inspection. *)
> (match Array.to_list (g#inspect_os ()) with
> | [] ->
> diff --git a/sysprep/virt-sysprep.pod b/sysprep/virt-sysprep.pod
> index bdb4580..0e59b4c 100644
> --- a/sysprep/virt-sysprep.pod
> +++ b/sysprep/virt-sysprep.pod
> @@ -155,6 +155,13 @@ version of virt-sysprep.
> See L</OPERATIONS> below for a list and an explanation of each
> operation.
>
> +=item B<--echo-keys>
> +
> +When prompting for keys and passphrases, virt-sysprep normally turns
> +echoing off so you cannot see what you are typing. If you are not
> +worried about Tempest attacks and there is no one else in the room
> +you can specify this flag to see what you are typing.
> +
> =item B<--format> raw|qcow2|..
>
> =item B<--format> auto
> @@ -179,6 +186,11 @@ If you have untrusted raw-format guest disk images, you should use
> this option to specify the disk format. This avoids a possible
> security problem with malicious guests (CVE-2010-3851).
>
> +=item B<--keys-from-stdin>
> +
> +Read key or passphrase parameters from stdin. The default is
> +to try to read passphrases from the user by opening F</dev/tty>.
> +
> =item B<--list-operations>
>
> List the operations supported by the virt-sysprep program.
Looks good, ACK.
Thanks,
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top
More information about the Libguestfs
mailing list