[libvirt] [RFC PATCH 0/4] qemu: Forbid old qcow2 encryption

Peter Krempa pkrempa at redhat.com
Tue May 22 14:51:38 UTC 2018 

On Tue, May 22, 2018 at 10:40:39 -0400, John Ferlan wrote:
> 
> 
> On 05/22/2018 10:04 AM, Peter Krempa wrote:
> > This applies on top of the text monitor cleanup. See explanation in 3/4
> > for justification.
> > 
> > Peter Krempa (4):
> >   tests: qemublock: Switch to qcow2+luks in test files
> >   tests: qemu: Modernize/remove qcow2 encryption from tests not related
> >     to storage
> >   qemu: domain: Forbid storage with old QCOW2 encryption
> >   qemu: Remove code for setting up disk passphrases
> > 
> 
> This would be nice, but based on this series:
> 
> https://www.redhat.com/archives/libvir-list/2018-May/msg01268.html
> 
> I believe there are quite a few more tests/files to modify/delete in
> order to remove qcow[2] from the source tree.

Yes, because the check in 3/4 only does this for qcow2, but it also
should be done for qcow.

> 
> There's also the formatstorageencryption and formatsecret documentation
> that would need updating.

Yep.

> 
> Based only on the effort from the above series to convert/consume a non
> encrypted image to result in a qcow[2] encrypted image - I assume
> conversion of qcow[2] images is not a simple exercise. Not sure whether
> anyone really uses qcow[2] encryption anymore in the wild, but just
> telling them they have to convert (without providing a shred of details
> as to what that entails isn't very friendly.

Starting with qemu 2.7 qcow[2] encryption can't be used with system
emulators only with qemu-img. It was deprecated since 2.3. While this
breaks compatibility with old qemus the upstream support for this is
declared dead.

With these patches you get a failure even with old qemus and you know
that you have to fix your images rather than waiting for the doom which
can happen.

commit 8c0dcbc4ad2bf4f9f3b27c637b357e87cad70ec7
Author: Daniel P. Berrange <berrange at redhat.com>
Date:   Mon Jun 13 12:30:09 2016 +0100

    block: drop support for using qcow[2] encryption with system emulators
    
    Back in the 2.3.0 release we declared qcow[2] encryption as
    deprecated, warning people that it would be removed in a future
    release.
    
      commit a1f688f4152e65260b94f37543521ceff8bfebe4
      Author: Markus Armbruster <armbru at redhat.com>
      Date:   Fri Mar 13 21:09:40 2015 +0100
    
        block: Deprecate QCOW/QCOW2 encryption


> Also not sure it's possible to just convert to using LUKS since at one
> time at least usage required having code/tests inside a "# ifdef
> WITH_GNUTLS" (something that can be seen in the diffs from
> tests/qemuxml2argvtest.c in patch 3).

Well, without gnutls this will not work, but in that case even qemu
encryption will most probably not work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20180522/0a77dde8/attachment-0001.sig>

More information about the libvir-list mailing list