summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2016-07-26 18:22:49 +0100
committerPeter Maydell <peter.maydell@linaro.org>2016-07-26 18:22:49 +0100
commitc1fdfe9fcaf4e47ec3def98c5a7c52d2cae6c511 (patch)
treee930fed8593d6842ea04099bf29867b1ec2e65f4
parentf49ee630d73729ecaeecf4b38a8df11bc613914d (diff)
parent4c44b4a4c816a0450b80feb14d692c9c8b80fbd2 (diff)
downloadqemu-c1fdfe9fcaf4e47ec3def98c5a7c52d2cae6c511.tar.gz
qemu-c1fdfe9fcaf4e47ec3def98c5a7c52d2cae6c511.tar.bz2
qemu-c1fdfe9fcaf4e47ec3def98c5a7c52d2cae6c511.zip
Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2016-07-26' into staging
Block patches for 2.7.0-rc1 # gpg: Signature made Tue 26 Jul 2016 18:11:36 BST # gpg: using RSA key 0x3BB14202E838ACAD # gpg: Good signature from "Max Reitz <mreitz@redhat.com>" # Primary key fingerprint: 91BE B60A 30DB 3E88 57D1 1829 F407 DB00 61D5 CF40 # Subkey fingerprint: 58B3 81CE 2DC8 9CF9 9730 EE64 3BB1 4202 E838 ACAD * remotes/maxreitz/tags/pull-block-2016-07-26: iotest: fix python based IO tests block: export LUKS specific data to qemu-img info crypto: add support for querying parameters for block encryption AioContext: correct comments qcow2: do not allocate extra memory Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat
-rw-r--r--block/crypto.c49
-rw-r--r--block/qcow.c2
-rw-r--r--block/qcow2.c2
-rw-r--r--crypto/block-luks.c67
-rw-r--r--crypto/block.c17
-rw-r--r--crypto/blockpriv.h4
-rw-r--r--include/block/aio.h2
-rw-r--r--include/crypto/block.h16
-rw-r--r--qapi/block-core.json6
-rw-r--r--qapi/crypto.json87
-rw-r--r--scripts/qemu.py32
-rw-r--r--scripts/qtest.py19
-rw-r--r--tests/qemu-iotests/iotests.py24
13 files changed, 290 insertions, 37 deletions
diff --git a/block/crypto.c b/block/crypto.c
index 7eaa0571b5..7f61e12686 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -563,6 +563,53 @@ static int block_crypto_create_luks(const char *filename,
filename, opts, errp);
}
+static int block_crypto_get_info_luks(BlockDriverState *bs,
+ BlockDriverInfo *bdi)
+{
+ BlockDriverInfo subbdi;
+ int ret;
+
+ ret = bdrv_get_info(bs->file->bs, &subbdi);
+ if (ret != 0) {
+ return ret;
+ }
+
+ bdi->unallocated_blocks_are_zero = false;
+ bdi->can_write_zeroes_with_unmap = false;
+ bdi->cluster_size = subbdi.cluster_size;
+
+ return 0;
+}
+
+static ImageInfoSpecific *
+block_crypto_get_specific_info_luks(BlockDriverState *bs)
+{
+ BlockCrypto *crypto = bs->opaque;
+ ImageInfoSpecific *spec_info;
+ QCryptoBlockInfo *info;
+
+ info = qcrypto_block_get_info(crypto->block, NULL);
+ if (!info) {
+ return NULL;
+ }
+ if (info->format != Q_CRYPTO_BLOCK_FORMAT_LUKS) {
+ qapi_free_QCryptoBlockInfo(info);
+ return NULL;
+ }
+
+ spec_info = g_new(ImageInfoSpecific, 1);
+ spec_info->type = IMAGE_INFO_SPECIFIC_KIND_LUKS;
+ spec_info->u.luks.data = g_new(QCryptoBlockInfoLUKS, 1);
+ *spec_info->u.luks.data = info->u.luks;
+
+ /* Blank out pointers we've just stolen to avoid double free */
+ memset(&info->u.luks, 0, sizeof(info->u.luks));
+
+ qapi_free_QCryptoBlockInfo(info);
+
+ return spec_info;
+}
+
BlockDriver bdrv_crypto_luks = {
.format_name = "luks",
.instance_size = sizeof(BlockCrypto),
@@ -576,6 +623,8 @@ BlockDriver bdrv_crypto_luks = {
.bdrv_co_readv = block_crypto_co_readv,
.bdrv_co_writev = block_crypto_co_writev,
.bdrv_getlength = block_crypto_getlength,
+ .bdrv_get_info = block_crypto_get_info_luks,
+ .bdrv_get_specific_info = block_crypto_get_specific_info_luks,
};
static void block_crypto_init(void)
diff --git a/block/qcow.c b/block/qcow.c
index 0c7b75bc76..6f9b2e2d26 100644
--- a/block/qcow.c
+++ b/block/qcow.c
@@ -983,7 +983,7 @@ static int qcow_write_compressed(BlockDriverState *bs, int64_t sector_num,
return ret;
}
- out_buf = g_malloc(s->cluster_size + (s->cluster_size / 1000) + 128);
+ out_buf = g_malloc(s->cluster_size);
/* best compression, small window, no zlib header */
memset(&strm, 0, sizeof(strm));
diff --git a/block/qcow2.c b/block/qcow2.c
index d620d0a85b..91ef4dfefc 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -2612,7 +2612,7 @@ static int qcow2_write_compressed(BlockDriverState *bs, int64_t sector_num,
return ret;
}
- out_buf = g_malloc(s->cluster_size + (s->cluster_size / 1000) + 128);
+ out_buf = g_malloc(s->cluster_size);
/* best compression, small window, no zlib header */
memset(&strm, 0, sizeof(strm));
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index fcf3b040e4..aba4455646 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -201,6 +201,15 @@ QEMU_BUILD_BUG_ON(sizeof(struct QCryptoBlockLUKSHeader) != 592);
struct QCryptoBlockLUKS {
QCryptoBlockLUKSHeader header;
+
+ /* Cache parsed versions of what's in header fields,
+ * as we can't rely on QCryptoBlock.cipher being
+ * non-NULL */
+ QCryptoCipherAlgorithm cipher_alg;
+ QCryptoCipherMode cipher_mode;
+ QCryptoIVGenAlgorithm ivgen_alg;
+ QCryptoHashAlgorithm ivgen_hash_alg;
+ QCryptoHashAlgorithm hash_alg;
};
@@ -847,6 +856,12 @@ qcrypto_block_luks_open(QCryptoBlock *block,
block->payload_offset = luks->header.payload_offset *
QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ luks->cipher_alg = cipheralg;
+ luks->cipher_mode = ciphermode;
+ luks->ivgen_alg = ivalg;
+ luks->ivgen_hash_alg = ivhash;
+ luks->hash_alg = hash;
+
g_free(masterkey);
g_free(password);
@@ -1271,6 +1286,12 @@ qcrypto_block_luks_create(QCryptoBlock *block,
goto error;
}
+ luks->cipher_alg = luks_opts.cipher_alg;
+ luks->cipher_mode = luks_opts.cipher_mode;
+ luks->ivgen_alg = luks_opts.ivgen_alg;
+ luks->ivgen_hash_alg = luks_opts.ivgen_hash_alg;
+ luks->hash_alg = luks_opts.hash_alg;
+
memset(masterkey, 0, luks->header.key_bytes);
g_free(masterkey);
memset(slotkey, 0, luks->header.key_bytes);
@@ -1305,6 +1326,51 @@ qcrypto_block_luks_create(QCryptoBlock *block,
}
+static int qcrypto_block_luks_get_info(QCryptoBlock *block,
+ QCryptoBlockInfo *info,
+ Error **errp)
+{
+ QCryptoBlockLUKS *luks = block->opaque;
+ QCryptoBlockInfoLUKSSlot *slot;
+ QCryptoBlockInfoLUKSSlotList *slots = NULL, **prev = &info->u.luks.slots;
+ size_t i;
+
+ info->u.luks.cipher_alg = luks->cipher_alg;
+ info->u.luks.cipher_mode = luks->cipher_mode;
+ info->u.luks.ivgen_alg = luks->ivgen_alg;
+ if (info->u.luks.ivgen_alg == QCRYPTO_IVGEN_ALG_ESSIV) {
+ info->u.luks.has_ivgen_hash_alg = true;
+ info->u.luks.ivgen_hash_alg = luks->ivgen_hash_alg;
+ }
+ info->u.luks.hash_alg = luks->hash_alg;
+ info->u.luks.payload_offset = block->payload_offset;
+ info->u.luks.master_key_iters = luks->header.master_key_iterations;
+ info->u.luks.uuid = g_strndup((const char *)luks->header.uuid,
+ sizeof(luks->header.uuid));
+
+ for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
+ slots = g_new0(QCryptoBlockInfoLUKSSlotList, 1);
+ *prev = slots;
+
+ slots->value = slot = g_new0(QCryptoBlockInfoLUKSSlot, 1);
+ slot->active = luks->header.key_slots[i].active ==
+ QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED;
+ slot->key_offset = luks->header.key_slots[i].key_offset
+ * QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
+ if (slot->active) {
+ slot->has_iters = true;
+ slot->iters = luks->header.key_slots[i].iterations;
+ slot->has_stripes = true;
+ slot->stripes = luks->header.key_slots[i].stripes;
+ }
+
+ prev = &slots->next;
+ }
+
+ return 0;
+}
+
+
static void qcrypto_block_luks_cleanup(QCryptoBlock *block)
{
g_free(block->opaque);
@@ -1342,6 +1408,7 @@ qcrypto_block_luks_encrypt(QCryptoBlock *block,
const QCryptoBlockDriver qcrypto_block_driver_luks = {
.open = qcrypto_block_luks_open,
.create = qcrypto_block_luks_create,
+ .get_info = qcrypto_block_luks_get_info,
.cleanup = qcrypto_block_luks_cleanup,
.decrypt = qcrypto_block_luks_decrypt,
.encrypt = qcrypto_block_luks_encrypt,
diff --git a/crypto/block.c b/crypto/block.c
index da60eba85f..be823eebeb 100644
--- a/crypto/block.c
+++ b/crypto/block.c
@@ -105,6 +105,23 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
}
+QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
+ Error **errp)
+{
+ QCryptoBlockInfo *info = g_new0(QCryptoBlockInfo, 1);
+
+ info->format = block->format;
+
+ if (block->driver->get_info &&
+ block->driver->get_info(block, info, errp) < 0) {
+ g_free(info);
+ return NULL;
+ }
+
+ return info;
+}
+
+
int qcrypto_block_decrypt(QCryptoBlock *block,
uint64_t startsector,
uint8_t *buf,
diff --git a/crypto/blockpriv.h b/crypto/blockpriv.h
index 15b547d952..68f0f06704 100644
--- a/crypto/blockpriv.h
+++ b/crypto/blockpriv.h
@@ -53,6 +53,10 @@ struct QCryptoBlockDriver {
void *opaque,
Error **errp);
+ int (*get_info)(QCryptoBlock *block,
+ QCryptoBlockInfo *info,
+ Error **errp);
+
void (*cleanup)(QCryptoBlock *block);
int (*encrypt)(QCryptoBlock *block,
diff --git a/include/block/aio.h b/include/block/aio.h
index 209551deb2..173c1ed404 100644
--- a/include/block/aio.h
+++ b/include/block/aio.h
@@ -74,7 +74,7 @@ struct AioContext {
* event_notifier_set necessary.
*
* Bit 0 is reserved for GSource usage of the AioContext, and is 1
- * between a call to aio_ctx_check and the next call to aio_ctx_dispatch.
+ * between a call to aio_ctx_prepare and the next call to aio_ctx_check.
* Bits 1-31 simply count the number of active calls to aio_poll
* that are in the prepare or poll phase.
*
diff --git a/include/crypto/block.h b/include/crypto/block.h
index 895521162c..b6971de921 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -138,6 +138,22 @@ QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
void *opaque,
Error **errp);
+
+/**
+ * qcrypto_block_get_info:
+ * @block: the block encryption object
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Get information about the configuration options for the
+ * block encryption object. This includes details such as
+ * the cipher algorithms, modes, and initialization vector
+ * generators.
+ *
+ * Returns: a block encryption info object, or NULL on error
+ */
+QCryptoBlockInfo *qcrypto_block_get_info(QCryptoBlock *block,
+ Error **errp);
+
/**
* @qcrypto_block_decrypt:
* @block: the block encryption object
diff --git a/qapi/block-core.json b/qapi/block-core.json
index f462345ca3..d4bab5d991 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -85,7 +85,11 @@
{ 'union': 'ImageInfoSpecific',
'data': {
'qcow2': 'ImageInfoSpecificQCow2',
- 'vmdk': 'ImageInfoSpecificVmdk'
+ 'vmdk': 'ImageInfoSpecificVmdk',
+ # If we need to add block driver specific parameters for
+ # LUKS in future, then we'll subclass QCryptoBlockInfoLUKS
+ # to define a ImageInfoSpecificLUKS
+ 'luks': 'QCryptoBlockInfoLUKS'
} }
##
diff --git a/qapi/crypto.json b/qapi/crypto.json
index 4c4a3e07f4..34d2583154 100644
--- a/qapi/crypto.json
+++ b/qapi/crypto.json
@@ -224,3 +224,90 @@
'discriminator': 'format',
'data': { 'qcow': 'QCryptoBlockOptionsQCow',
'luks': 'QCryptoBlockCreateOptionsLUKS' } }
+
+
+##
+# QCryptoBlockInfoBase:
+#
+# The common information that applies to all full disk
+# encryption formats
+#
+# @format: the encryption format
+#
+# Since: 2.7
+##
+{ 'struct': 'QCryptoBlockInfoBase',
+ 'data': { 'format': 'QCryptoBlockFormat' }}
+
+
+##
+# QCryptoBlockInfoLUKSSlot:
+#
+# Information about the LUKS block encryption key
+# slot options
+#
+# @active: whether the key slot is currently in use
+# @key-offset: offset to the key material in bytes
+# @iters: #optional number of PBKDF2 iterations for key material
+# @stripes: #optional number of stripes for splitting key material
+#
+# Since: 2.7
+##
+{ 'struct': 'QCryptoBlockInfoLUKSSlot',
+ 'data': {'active': 'bool',
+ '*iters': 'int',
+ '*stripes': 'int',
+ 'key-offset': 'int' } }
+
+
+##
+# QCryptoBlockInfoLUKS:
+#
+# Information about the LUKS block encryption options
+#
+# @cipher-alg: the cipher algorithm for data encryption
+# @cipher-mode: the cipher mode for data encryption
+# @ivgen-alg: the initialization vector generator
+# @ivgen-hash-alg: #optional the initialization vector generator hash
+# @hash-alg: the master key hash algorithm
+# @payload-offset: offset to the payload data in bytes
+# @master-key-iters: number of PBKDF2 iterations for key material
+# @uuid: unique identifier for the volume
+# @slots: information about each key slot
+#
+# Since: 2.7
+##
+{ 'struct': 'QCryptoBlockInfoLUKS',
+ 'data': {'cipher-alg': 'QCryptoCipherAlgorithm',
+ 'cipher-mode': 'QCryptoCipherMode',
+ 'ivgen-alg': 'QCryptoIVGenAlgorithm',
+ '*ivgen-hash-alg': 'QCryptoHashAlgorithm',
+ 'hash-alg': 'QCryptoHashAlgorithm',
+ 'payload-offset': 'int',
+ 'master-key-iters': 'int',
+ 'uuid': 'str',
+ 'slots': [ 'QCryptoBlockInfoLUKSSlot' ] }}
+
+##
+# QCryptoBlockInfoQCow:
+#
+# Information about the QCow block encryption options
+#
+# Since: 2.7
+##
+{ 'struct': 'QCryptoBlockInfoQCow',
+ 'data': { }}
+
+
+##
+# QCryptoBlockInfo:
+#
+# Information about the block encryption options
+#
+# Since: 2.7
+##
+{ 'union': 'QCryptoBlockInfo',
+ 'base': 'QCryptoBlockInfoBase',
+ 'discriminator': 'format',
+ 'data': { 'qcow': 'QCryptoBlockInfoQCow',
+ 'luks': 'QCryptoBlockInfoLUKS' } }
diff --git a/scripts/qemu.py b/scripts/qemu.py
index 9cdad24949..6d1b6230b7 100644
--- a/scripts/qemu.py
+++ b/scripts/qemu.py
@@ -24,7 +24,7 @@ class QEMUMachine(object):
'''A QEMU VM'''
def __init__(self, binary, args=[], wrapper=[], name=None, test_dir="/var/tmp",
- monitor_address=None, debug=False):
+ monitor_address=None, socket_scm_helper=None, debug=False):
if name is None:
name = "qemu-%d" % os.getpid()
if monitor_address is None:
@@ -33,10 +33,11 @@ class QEMUMachine(object):
self._qemu_log_path = os.path.join(test_dir, name + ".log")
self._popen = None
self._binary = binary
- self._args = args
+ self._args = list(args) # Force copy args in case we modify them
self._wrapper = wrapper
self._events = []
self._iolog = None
+ self._socket_scm_helper = socket_scm_helper
self._debug = debug
# This can be used to add an unused monitor instance.
@@ -60,11 +61,13 @@ class QEMUMachine(object):
def send_fd_scm(self, fd_file_path):
# In iotest.py, the qmp should always use unix socket.
assert self._qmp.is_scm_available()
- bin = socket_scm_helper
- if os.path.exists(bin) == False:
- print "Scm help program does not present, path '%s'." % bin
+ if self._socket_scm_helper is None:
+ print >>sys.stderr, "No path to socket_scm_helper set"
return -1
- fd_param = ["%s" % bin,
+ if os.path.exists(self._socket_scm_helper) == False:
+ print >>sys.stderr, "%s does not exist" % self._socket_scm_helper
+ return -1
+ fd_param = ["%s" % self._socket_scm_helper,
"%d" % self._qmp.get_sock_fd(),
"%s" % fd_file_path]
devnull = open('/dev/null', 'rb')
@@ -183,6 +186,23 @@ class QEMUMachine(object):
return events
def event_wait(self, name, timeout=60.0, match=None):
+ # Test if 'match' is a recursive subset of 'event'
+ def event_match(event, match=None):
+ if match is None:
+ return True
+
+ for key in match:
+ if key in event:
+ if isinstance(event[key], dict):
+ if not event_match(event[key], match[key]):
+ return False
+ elif event[key] != match[key]:
+ return False
+ else:
+ return False
+
+ return True
+
# Search cached events
for event in self._events:
if (event['event'] == name) and event_match(event, match):
diff --git a/scripts/qtest.py b/scripts/qtest.py
index 03bc7f6c9b..d5aecb5f49 100644
--- a/scripts/qtest.py
+++ b/scripts/qtest.py
@@ -79,25 +79,30 @@ class QEMUQtestProtocol(object):
class QEMUQtestMachine(qemu.QEMUMachine):
'''A QEMU VM'''
- def __init__(self, binary, args=[], name=None, test_dir="/var/tmp"):
- super(self, QEMUQtestMachine).__init__(binary, args, name, test_dir)
+ def __init__(self, binary, args=[], name=None, test_dir="/var/tmp",
+ socket_scm_helper=None):
+ if name is None:
+ name = "qemu-%d" % os.getpid()
+ super(QEMUQtestMachine, self).__init__(binary, args, name=name, test_dir=test_dir,
+ socket_scm_helper=socket_scm_helper)
self._qtest_path = os.path.join(test_dir, name + "-qtest.sock")
def _base_args(self):
- args = super(self, QEMUQtestMachine)._base_args()
- args.extend(['-qtest', 'unix:path=' + self._qtest_path])
+ args = super(QEMUQtestMachine, self)._base_args()
+ args.extend(['-qtest', 'unix:path=' + self._qtest_path,
+ '-machine', 'accel=qtest'])
return args
def _pre_launch(self):
- super(self, QEMUQtestMachine)._pre_launch()
+ super(QEMUQtestMachine, self)._pre_launch()
self._qtest = QEMUQtestProtocol(self._qtest_path, server=True)
def _post_launch(self):
- super(self, QEMUQtestMachine)._post_launch()
+ super(QEMUQtestMachine, self)._post_launch()
self._qtest.accept()
def _post_shutdown(self):
- super(self, QEMUQtestMachine)._post_shutdown()
+ super(QEMUQtestMachine, self)._post_shutdown()
self._remove_if_exists(self._qtest_path)
def qtest(self, cmd):
diff --git a/tests/qemu-iotests/iotests.py b/tests/qemu-iotests/iotests.py
index 14427f44f9..dbe0ee548a 100644
--- a/tests/qemu-iotests/iotests.py
+++ b/tests/qemu-iotests/iotests.py
@@ -39,7 +39,7 @@ qemu_io_args = [os.environ.get('QEMU_IO_PROG', 'qemu-io')]
if os.environ.get('QEMU_IO_OPTIONS'):
qemu_io_args += os.environ['QEMU_IO_OPTIONS'].strip().split(' ')
-qemu_prog = [os.environ.get('QEMU_PROG', 'qemu')]
+qemu_prog = os.environ.get('QEMU_PROG', 'qemu')
qemu_opts = os.environ.get('QEMU_OPTIONS', '').strip().split(' ')
imgfmt = os.environ.get('IMGFMT', 'raw')
@@ -128,28 +128,12 @@ def log(msg, filters=[]):
msg = flt(msg)
print msg
-# Test if 'match' is a recursive subset of 'event'
-def event_match(event, match=None):
- if match is None:
- return True
-
- for key in match:
- if key in event:
- if isinstance(event[key], dict):
- if not event_match(event[key], match[key]):
- return False
- elif event[key] != match[key]:
- return False
- else:
- return False
-
- return True
-
-class VM(qtest.QEMUMachine):
+class VM(qtest.QEMUQtestMachine):
'''A QEMU VM'''
def __init__(self):
- super(self, VM).__init__(qemu_prog, qemu_opts, test_dir)
+ super(VM, self).__init__(qemu_prog, qemu_opts, test_dir=test_dir,
+ socket_scm_helper=socket_scm_helper)
self._num_drives = 0
def add_drive_raw(self, opts):
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 03:47:26 +0000