[libvirt] [PATCH v2 0/5] qemu: Forbid old qcow/qcow2 encryption

Wed May 30 20:14:31 UTC 2018

On 05/23/2018 10:13 AM, Peter Krempa wrote:
> The old qcow/qcow2 encryption format is so broken that qemu decided to
> drop it completely. This series forbids the use of such images even with
> qemus prior to this and removes all the cruft necessary to support it.
> 
> v2:
>  - fixed check to include the qcow format too
>  - reworded the error message slightly
>  - split second patch into two with proper justification for the
>    user-alias test since checking LUKS there actually makes sense
> 
> Peter Krempa (5):
>   tests: qemuxml2argv: Drop disk encryption from 'interface-server' test
>   tests: qemuxml2argv: Verify that disk secret alias is correct with
>     user-aliases
>   tests: qemublock: Switch to qcow2+luks in test files
>   qemu: domain: Forbid storage with old QCOW2 encryption
>   qemu: Remove code for setting up disk passphrases
> 

Why not remove it from storage as well? It's not like anything could or
would want to use whatever the storage driver created. There's always
the fall back to indicate to use qemu-img for the die hards.

John

>  src/qemu/qemu_domain.c                             |  10 ++
>  src/qemu/qemu_monitor.c                            |  13 ---
>  src/qemu/qemu_monitor.h                            |   4 -
>  src/qemu/qemu_monitor_json.c                       |  28 ------
>  src/qemu/qemu_monitor_json.h                       |   4 -
>  src/qemu/qemu_process.c                            | 103 ---------------------
>  .../file-qcow2-backing-chain-encryption.json       |   2 +-
>  .../file-qcow2-backing-chain-encryption.xml        |   2 +-
>  ...etwork-qcow2-backing-chain-encryption_auth.json |   2 +-
>  ...network-qcow2-backing-chain-encryption_auth.xml |   2 +-
>  tests/qemumonitorjsontest.c                        |   2 -
>  tests/qemuxml2argvdata/encrypted-disk-usage.args   |   8 +-
>  tests/qemuxml2argvdata/encrypted-disk-usage.xml    |   2 +-
>  tests/qemuxml2argvdata/encrypted-disk.args         |   8 +-
>  tests/qemuxml2argvdata/encrypted-disk.xml          |   2 +-
>  tests/qemuxml2argvdata/interface-server.xml        |   3 -
>  tests/qemuxml2argvdata/user-aliases.args           |   8 +-
>  tests/qemuxml2argvdata/user-aliases.xml            |   2 +-
>  tests/qemuxml2argvtest.c                           |   7 +-
>  tests/qemuxml2xmloutdata/encrypted-disk.xml        |   2 +-
>  tests/qemuxml2xmloutdata/interface-server.xml      |   3 -
>  tests/qemuxml2xmltest.c                            |   6 +-
>  22 files changed, 46 insertions(+), 177 deletions(-)
> 