qcow2: report encryption specific image information
Currently 'qemu-img info' reports a simple "encrypted: yes" field. This is not very useful now that qcow2 can support multiple encryption formats. Users want to know which format is in use and some data related to it. Wire up usage of the qcrypto_block_get_info() method so that 'qemu-img info' can report about the encryption format and parameters in use $ qemu-img create \ --object secret,id=sec0,data=123456 \ -o encrypt.format=luks,encrypt.key-secret=sec0 \ -f qcow2 demo.qcow2 1G Formatting 'demo.qcow2', fmt=qcow2 size=1073741824 \ encryption=off encrypt.format=luks encrypt.key-secret=sec0 \ cluster_size=65536 lazy_refcounts=off refcount_bits=16 $ qemu-img info demo.qcow2 image: demo.qcow2 file format: qcow2 virtual size: 1.0G (1073741824 bytes) disk size: 480K encrypted: yes cluster_size: 65536 Format specific information: compat: 1.1 lazy refcounts: false refcount bits: 16 encrypt: ivgen alg: plain64 hash alg: sha256 cipher alg: aes-256 uuid: 3fa930c4-58c8-4ef7-b3c5-314bb5af21f3 format: luks cipher mode: xts slots: [0]: active: true iters: 1839058 key offset: 4096 stripes: 4000 [1]: active: false key offset: 262144 [2]: active: false key offset: 520192 [3]: active: false key offset: 778240 [4]: active: false key offset: 1036288 [5]: active: false key offset: 1294336 [6]: active: false key offset: 1552384 [7]: active: false key offset: 1810432 payload offset: 2068480 master key iters: 438487 corrupt: false With the legacy "AES" encryption we just report the format name $ qemu-img create \ --object secret,id=sec0,data=123456 \ -o encrypt.format=aes,encrypt.key-secret=sec0 \ -f qcow2 demo.qcow2 1G Formatting 'demo.qcow2', fmt=qcow2 size=1073741824 \ encryption=off encrypt.format=aes encrypt.key-secret=sec0 \ cluster_size=65536 lazy_refcounts=off refcount_bits=16 $ ./qemu-img info demo.qcow2 image: demo.qcow2 file format: qcow2 virtual size: 1.0G (1073741824 bytes) disk size: 196K encrypted: yes cluster_size: 65536 Format specific information: compat: 1.1 lazy refcounts: false refcount bits: 16 encrypt: format: aes corrupt: false Reviewed-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-20-berrange@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
This commit is contained in:
parent
1cd9a787a2
commit
0a12f6f80e
@ -3241,8 +3241,14 @@ static int qcow2_get_info(BlockDriverState *bs, BlockDriverInfo *bdi)
|
||||
static ImageInfoSpecific *qcow2_get_specific_info(BlockDriverState *bs)
|
||||
{
|
||||
BDRVQcow2State *s = bs->opaque;
|
||||
ImageInfoSpecific *spec_info = g_new(ImageInfoSpecific, 1);
|
||||
ImageInfoSpecific *spec_info;
|
||||
QCryptoBlockInfo *encrypt_info = NULL;
|
||||
|
||||
if (s->crypto != NULL) {
|
||||
encrypt_info = qcrypto_block_get_info(s->crypto, &error_abort);
|
||||
}
|
||||
|
||||
spec_info = g_new(ImageInfoSpecific, 1);
|
||||
*spec_info = (ImageInfoSpecific){
|
||||
.type = IMAGE_INFO_SPECIFIC_KIND_QCOW2,
|
||||
.u.qcow2.data = g_new(ImageInfoSpecificQCow2, 1),
|
||||
@ -3269,6 +3275,30 @@ static ImageInfoSpecific *qcow2_get_specific_info(BlockDriverState *bs)
|
||||
assert(false);
|
||||
}
|
||||
|
||||
if (encrypt_info) {
|
||||
ImageInfoSpecificQCow2Encryption *qencrypt =
|
||||
g_new(ImageInfoSpecificQCow2Encryption, 1);
|
||||
switch (encrypt_info->format) {
|
||||
case Q_CRYPTO_BLOCK_FORMAT_QCOW:
|
||||
qencrypt->format = BLOCKDEV_QCOW2_ENCRYPTION_FORMAT_AES;
|
||||
qencrypt->u.aes = encrypt_info->u.qcow;
|
||||
break;
|
||||
case Q_CRYPTO_BLOCK_FORMAT_LUKS:
|
||||
qencrypt->format = BLOCKDEV_QCOW2_ENCRYPTION_FORMAT_LUKS;
|
||||
qencrypt->u.luks = encrypt_info->u.luks;
|
||||
break;
|
||||
default:
|
||||
abort();
|
||||
}
|
||||
/* Since we did shallow copy above, erase any pointers
|
||||
* in the original info */
|
||||
memset(&encrypt_info->u, 0, sizeof(encrypt_info->u));
|
||||
qapi_free_QCryptoBlockInfo(encrypt_info);
|
||||
|
||||
spec_info->u.qcow2.data->has_encrypt = true;
|
||||
spec_info->u.qcow2.data->encrypt = qencrypt;
|
||||
}
|
||||
|
||||
return spec_info;
|
||||
}
|
||||
|
||||
|
@ -32,6 +32,27 @@
|
||||
'date-sec': 'int', 'date-nsec': 'int',
|
||||
'vm-clock-sec': 'int', 'vm-clock-nsec': 'int' } }
|
||||
|
||||
##
|
||||
# @ImageInfoSpecificQCow2EncryptionBase:
|
||||
#
|
||||
# @format: The encryption format
|
||||
#
|
||||
# Since: 2.10
|
||||
##
|
||||
{ 'struct': 'ImageInfoSpecificQCow2EncryptionBase',
|
||||
'data': { 'format': 'BlockdevQcow2EncryptionFormat'}}
|
||||
|
||||
##
|
||||
# @ImageInfoSpecificQCow2Encryption:
|
||||
#
|
||||
# Since: 2.10
|
||||
##
|
||||
{ 'union': 'ImageInfoSpecificQCow2Encryption',
|
||||
'base': 'ImageInfoSpecificQCow2EncryptionBase',
|
||||
'discriminator': 'format',
|
||||
'data': { 'aes': 'QCryptoBlockInfoQCow',
|
||||
'luks': 'QCryptoBlockInfoLUKS' } }
|
||||
|
||||
##
|
||||
# @ImageInfoSpecificQCow2:
|
||||
#
|
||||
@ -44,6 +65,9 @@
|
||||
#
|
||||
# @refcount-bits: width of a refcount entry in bits (since 2.3)
|
||||
#
|
||||
# @encrypt: details about encryption parameters; only set if image
|
||||
# is encrypted (since 2.10)
|
||||
#
|
||||
# Since: 1.7
|
||||
##
|
||||
{ 'struct': 'ImageInfoSpecificQCow2',
|
||||
@ -51,7 +75,8 @@
|
||||
'compat': 'str',
|
||||
'*lazy-refcounts': 'bool',
|
||||
'*corrupt': 'bool',
|
||||
'refcount-bits': 'int'
|
||||
'refcount-bits': 'int',
|
||||
'*encrypt': 'ImageInfoSpecificQCow2Encryption'
|
||||
} }
|
||||
|
||||
##
|
||||
|
Loading…
Reference in New Issue
Block a user