[libvirt] [PATCH v2 0/5] qemu: Forbid old qcow/qcow2 encryption
Peter Krempa
pkrempa at redhat.com
Thu May 31 06:18:15 UTC 2018
On Wed, May 30, 2018 at 16:14:31 -0400, John Ferlan wrote:
>
>
> On 05/23/2018 10:13 AM, Peter Krempa wrote:
> > The old qcow/qcow2 encryption format is so broken that qemu decided to
> > drop it completely. This series forbids the use of such images even with
> > qemus prior to this and removes all the cruft necessary to support it.
> >
> > v2:
> > - fixed check to include the qcow format too
> > - reworded the error message slightly
> > - split second patch into two with proper justification for the
> > user-alias test since checking LUKS there actually makes sense
> >
> > Peter Krempa (5):
> > tests: qemuxml2argv: Drop disk encryption from 'interface-server' test
> > tests: qemuxml2argv: Verify that disk secret alias is correct with
> > user-aliases
> > tests: qemublock: Switch to qcow2+luks in test files
> > qemu: domain: Forbid storage with old QCOW2 encryption
> > qemu: Remove code for setting up disk passphrases
> >
>
> Why not remove it from storage as well? It's not like anything could or
> would want to use whatever the storage driver created. There's always
> the fall back to indicate to use qemu-img for the die hards.
If we've ever supported the use case of converting a qcow2 encrypted
volume even into a unencrypted volume, we should keep that for allowing
migration from those volumes.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20180531/ecd76899/attachment-0001.sig>
More information about the libvir-list
mailing list