Re: [Qemu-devel] [PATCH 10/13] block/crypto: implement the encryption ke

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 10/13] block/crypto: implement the encryption ke

From:	Maxim Levitsky
Subject:	Re: [Qemu-devel] [PATCH 10/13] block/crypto: implement the encryption key management
Date:	Thu, 22 Aug 2019 14:36:58 +0300

On Thu, 2019-08-22 at 12:29 +0100, Daniel P. Berrangé wrote:
> On Wed, Aug 14, 2019 at 11:22:16PM +0300, Maxim Levitsky wrote:
> > This implements the encryption key management
> > using the generic code in qcrypto layer
> > 
> > This code adds another 'write_func' because the initialization
> > write_func works directly on the underlying file,
> > because during the creation, there is no open instance
> > of the luks driver, but during regular use, we have it,
> > and should use it instead.
> > 
> > Signed-off-by: Maxim Levitsky <address@hidden>
> > ---
> >  block/crypto.c | 96 ++++++++++++++++++++++++++++++++++++++++++++++++--
> >  1 file changed, 93 insertions(+), 3 deletions(-)
> > 
> > diff --git a/block/crypto.c b/block/crypto.c
> > index 42a3f0898b..415b6db041 100644
> > --- a/block/crypto.c
> > +++ b/block/crypto.c
> > @@ -36,6 +36,7 @@ typedef struct BlockCrypto BlockCrypto;
> >  
> >  struct BlockCrypto {
> >      QCryptoBlock *block;
> > +    bool updating_keys;
> >  };
> >  
> >  
> > @@ -69,6 +70,24 @@ static ssize_t block_crypto_read_func(QCryptoBlock 
> > *block,
> >      return ret;
> >  }
> >  
> > +static ssize_t block_crypto_write_func(QCryptoBlock *block,
> > +                                      size_t offset,
> > +                                      const uint8_t *buf,
> > +                                      size_t buflen,
> > +                                      void *opaque,
> > +                                      Error **errp)
> > +{
> > +    BlockDriverState *bs = opaque;
> > +    ssize_t ret;
> > +
> > +    ret = bdrv_pwrite(bs->file, offset, buf, buflen);
> > +    if (ret < 0) {
> > +        error_setg_errno(errp, -ret, "Could not write encryption header");
> > +        return ret;
> > +    }
> > +    return ret;
> > +}
> > +
> >  
> >  struct BlockCryptoCreateData {
> >      BlockBackend *blk;
> > @@ -622,6 +641,78 @@ block_crypto_get_specific_info_luks(BlockDriverState 
> > *bs, Error **errp)
> >      return spec_info;
> >  }
> >  
> > +
> > +static int
> > +block_crypto_setup_encryption(BlockDriverState *bs,
> > +                              enum BlkSetupEncryptionAction action,
> > +                              QCryptoEncryptionSetupOptions *options,
> > +                              bool force,
> > +                              Error **errp)
> > +{
> > +    BlockCrypto *crypto = bs->opaque;
> > +    int ret;
> > +
> > +    assert(crypto);
> > +    assert(crypto->block);
> > +
> > +    crypto->updating_keys = true;
> > +
> > +    ret = bdrv_child_refresh_perms(bs, bs->file, errp);
> > +
> > +    if (ret) {
> > +        crypto->updating_keys = false;
> > +        return ret;
> > +    }
> > +
> > +    ret = qcrypto_block_setup_encryption(crypto->block,
> > +                                          block_crypto_read_func,
> > +                                          block_crypto_write_func,
> > +                                          bs,
> > +                                          action,
> > +                                          options,
> > +                                          force,
> > +                                          errp);
> > +
> > +    crypto->updating_keys = false;
> > +    bdrv_child_refresh_perms(bs, bs->file, errp);
> > +
> > +
> > +    return ret;
> > +
> > +}
> > +
> > +
> > +static void
> > +block_crypto_child_perms(BlockDriverState *bs, BdrvChild *c,
> > +                         const BdrvChildRole *role,
> > +                         BlockReopenQueue *reopen_queue,
> > +                         uint64_t perm, uint64_t shared,
> > +                         uint64_t *nperm, uint64_t *nshared)
> > +{
> > +
> > +    BlockCrypto *crypto = bs->opaque;
> > +
> > +    /*
> > +     * This driver doesn't modify LUKS metadata except
> > +     * when updating the encryption slots.
> > +     * Allow share-rw=on as a special case.
> > +     *
> > +     * Encryption update will set the crypto->updating_keys
> > +     * during that period and refresh permissions
> > +     *
> > +     * */
> > +
> > +    if (crypto->updating_keys) {
> > +        /*need exclusive write access for header update  */
> > +        perm |= BLK_PERM_WRITE;
> > +        shared &= ~BLK_PERM_WRITE;
> > +    }
> 
> So if 2 QEMU's have the same LUKS image open, this means that
> if one tries to update the header, it will fail to upgrade
> its lock & thus be blocked from updating header ?
> 
I guess so. 

That what I understood from our talk with Kevin and then also from
my own understanding of the permission code.
I absolutely don't like the 'global' variable 'crypto->updating_keys'
but we kind of agreed that this must be done like that.
In the defense of this, this code is only needed for backward compatibility,
so maybe this is the right solution after all.

> > +
> > +    bdrv_filter_default_perms(bs, c, role, reopen_queue,
> > +            perm, shared, nperm, nshared);
> > 

Best regards,
        Maxim Levitsky

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH 06/13] qcrypto-luks: implement more rigorous header checking, (continued)
- [Qemu-devel] [PATCH 08/13] qcrypto: add the plumbing for encryption management, Maxim Levitsky, 2019/08/14
  - Re: [Qemu-devel] [PATCH 08/13] qcrypto: add the plumbing for encryption management, Daniel P . Berrangé, 2019/08/22
    - Re: [Qemu-devel] [PATCH 08/13] qcrypto: add the plumbing for encryption management, Maxim Levitsky, 2019/08/22
    - Re: [Qemu-devel] [PATCH 08/13] qcrypto: add the plumbing for encryption management, Daniel P . Berrangé, 2019/08/22
- [Qemu-devel] [PATCH 09/13] qcrypto-luks: implement the encryption key management, Maxim Levitsky, 2019/08/14
  - Re: [Qemu-devel] [PATCH 09/13] qcrypto-luks: implement the encryption key management, Daniel P . Berrangé, 2019/08/22
    - Re: [Qemu-devel] [PATCH 09/13] qcrypto-luks: implement the encryption key management, Maxim Levitsky, 2019/08/25
- [Qemu-devel] [PATCH 10/13] block/crypto: implement the encryption key management, Maxim Levitsky, 2019/08/14
  - Re: [Qemu-devel] [PATCH 10/13] block/crypto: implement the encryption key management, Daniel P . Berrangé, 2019/08/22
    - Re: [Qemu-devel] [PATCH 10/13] block/crypto: implement the encryption key management, Maxim Levitsky <=
- [Qemu-devel] [PATCH 11/13] block/qcow2: implement the encryption key managment, Maxim Levitsky, 2019/08/14
- [Qemu-devel] [PATCH 12/13] qemu-img: implement key management, Maxim Levitsky, 2019/08/14
  - Re: [Qemu-devel] [PATCH 12/13] qemu-img: implement key management, Max Reitz, 2019/08/20
    - Re: [Qemu-devel] [PATCH 12/13] qemu-img: implement key management, Maxim Levitsky, 2019/08/21
    - Re: [Qemu-devel] [PATCH 12/13] qemu-img: implement key management, Daniel P . Berrangé, 2019/08/22
    - Re: [Qemu-devel] [PATCH 12/13] qemu-img: implement key management, Max Reitz, 2019/08/22
    - Re: [Qemu-devel] [PATCH 12/13] qemu-img: implement key management, Maxim Levitsky, 2019/08/25
- [Qemu-devel] [PATCH 13/13] iotests : add tests for encryption key management, Maxim Levitsky, 2019/08/14
- Re: [Qemu-devel] [PATCH 00/13] RFC: luks/encrypted qcow2 key management, Eric Blake, 2019/08/14
  - Re: [Qemu-devel] [PATCH 00/13] RFC: luks/encrypted qcow2 key management, Maxim Levitsky, 2019/08/15

Prev by Date: [Qemu-devel] [PATCH 05/26] target/mips: Clean up handling of CP0 register 6
Next by Date: [Qemu-devel] [PATCH 19/26] target/mips: Clean up handling of CP0 register 24
Previous by thread: Re: [Qemu-devel] [PATCH 10/13] block/crypto: implement the encryption key management
Next by thread: [Qemu-devel] [PATCH 11/13] block/qcow2: implement the encryption key managment
Index(es):
- Date
- Thread