[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 11/13] block/qcow2: implement the encryption key man
From: |
Maxim Levitsky |
Subject: |
[Qemu-devel] [PATCH 11/13] block/qcow2: implement the encryption key managment |
Date: |
Wed, 14 Aug 2019 23:22:17 +0300 |
This is the main purpose of the patchset, to enaable
us to manage luks like header, embedded in the qcow2
image, which standard cryptosetup tools don't support.
Signed-off-by: Maxim Levitsky <address@hidden>
---
block/qcow2.c | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/block/qcow2.c b/block/qcow2.c
index 039bdc2f7e..a87e58f36a 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -5086,6 +5086,31 @@ void qcow2_signal_corruption(BlockDriverState *bs, bool
fatal, int64_t offset,
s->signaled_corruption = true;
}
+
+static int qcow2_setup_encryption(BlockDriverState *bs,
+ enum BlkSetupEncryptionAction action,
+ QCryptoEncryptionSetupOptions *options,
+ bool force,
+ Error **errp)
+{
+ BDRVQcow2State *s = bs->opaque;
+
+ if (!s->crypto) {
+ error_setg(errp, "Can't manage encryption - image is not encrypted");
+ return -EINVAL;
+ }
+
+ return qcrypto_block_setup_encryption(s->crypto,
+ qcow2_crypto_hdr_read_func,
+ qcow2_crypto_hdr_write_func,
+ bs,
+ action,
+ options,
+ force,
+ errp);
+}
+
+
static QemuOptsList qcow2_create_opts = {
.name = "qcow2-create-opts",
.head = QTAILQ_HEAD_INITIALIZER(qcow2_create_opts.head),
@@ -5232,6 +5257,8 @@ BlockDriver bdrv_qcow2 = {
.bdrv_reopen_bitmaps_rw = qcow2_reopen_bitmaps_rw,
.bdrv_can_store_new_dirty_bitmap = qcow2_can_store_new_dirty_bitmap,
.bdrv_remove_persistent_dirty_bitmap =
qcow2_remove_persistent_dirty_bitmap,
+
+ .bdrv_setup_encryption = qcow2_setup_encryption,
};
static void bdrv_qcow2_init(void)
--
2.17.2
[Qemu-devel] [PATCH 13/13] iotests : add tests for encryption key management, Maxim Levitsky, 2019/08/14
Re: [Qemu-devel] [PATCH 00/13] RFC: luks/encrypted qcow2 key management, Eric Blake, 2019/08/14