Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
qcow2: fix encryption during cow of sectors
Broken in previous commit: commit aaa4d20 Author: Kevin Wolf <kwolf@redhat.com> Date: Wed Jun 1 15:21:05 2016 +0200 qcow2: Make copy_sectors() byte based The copy_sectors() code was originally using the 'sector' parameter for encryption, which was passed in by the caller from the QCowL2Meta.offset field (aka the guest logical offset). After the change, the code is using 'cluster_offset' which was passed in from QCow2L2Meta.alloc_offset field (aka the host physical offset). This would cause the data to be encrypted using an incorrect initialization vector which will in turn cause later reads to return garbage. Although current qcow2 built-in encryption is blocked from usage in the emulator, one could still hit this if writing to the file via qemu-{img,io,nbd} commands. Cc: qemu-stable@nongnu.org Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> (cherry picked from commit bb9f8dd) Conflicts: tests/qemu-iotests/group * drop context dependancy on non-2.7 iotest groups Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
- Loading branch information
Showing
4 changed files
with
118 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
#!/bin/bash | ||
# | ||
# Test encrypted read/write using backing files | ||
# | ||
# Copyright (C) 2015 Red Hat, Inc. | ||
# | ||
# This program is free software; you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation; either version 2 of the License, or | ||
# (at your option) any later version. | ||
# | ||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
# | ||
|
||
# creator | ||
owner=berrange@redhat.com | ||
|
||
seq=`basename $0` | ||
echo "QA output created by $seq" | ||
|
||
here=`pwd` | ||
status=1 # failure is the default! | ||
|
||
_cleanup() | ||
{ | ||
_cleanup_test_img | ||
} | ||
trap "_cleanup; exit \$status" 0 1 2 3 15 | ||
|
||
# get standard environment, filters and checks | ||
. ./common.rc | ||
. ./common.filter | ||
|
||
_supported_fmt qcow2 | ||
_supported_proto generic | ||
_supported_os Linux | ||
|
||
|
||
size=128M | ||
TEST_IMG_BASE=$TEST_IMG.base | ||
|
||
TEST_IMG_SAVE=$TEST_IMG | ||
TEST_IMG=$TEST_IMG_BASE | ||
echo "== create base ==" | ||
IMGOPTS="encryption=on" _make_test_img $size | ||
TEST_IMG=$TEST_IMG_SAVE | ||
|
||
echo | ||
echo "== writing whole image ==" | ||
echo "astrochicken" | $QEMU_IO -c "write -P 0xa 0 $size" "$TEST_IMG_BASE" | _filter_qemu_io | _filter_testdir | ||
|
||
echo | ||
echo "== verify pattern ==" | ||
echo "astrochicken" | $QEMU_IO -c "read -P 0xa 0 $size" "$TEST_IMG_BASE" | _filter_qemu_io | _filter_testdir | ||
|
||
echo "== create overlay ==" | ||
IMGOPTS="encryption=on" _make_test_img -b "$TEST_IMG_BASE" $size | ||
|
||
echo | ||
echo "== writing part of a cluster ==" | ||
echo "astrochicken" | $QEMU_IO -c "write -P 0xe 0 1024" "$TEST_IMG" | _filter_qemu_io | _filter_testdir | ||
|
||
echo | ||
echo "== verify pattern ==" | ||
echo "astrochicken" | $QEMU_IO -c "read -P 0xe 0 1024" "$TEST_IMG" | _filter_qemu_io | _filter_testdir | ||
echo | ||
echo "== verify pattern ==" | ||
echo "astrochicken" | $QEMU_IO -c "read -P 0xa 1024 64512" "$TEST_IMG" | _filter_qemu_io | _filter_testdir | ||
|
||
|
||
# success, all done | ||
echo "*** done" | ||
rm -f $seq.full | ||
status=0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
QA output created by 158 | ||
== create base == | ||
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=134217728 encryption=on | ||
|
||
== writing whole image == | ||
Disk image 'TEST_DIR/t.qcow2.base' is encrypted. | ||
password: | ||
wrote 134217728/134217728 bytes at offset 0 | ||
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) | ||
|
||
== verify pattern == | ||
Disk image 'TEST_DIR/t.qcow2.base' is encrypted. | ||
password: | ||
read 134217728/134217728 bytes at offset 0 | ||
128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) | ||
== create overlay == | ||
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=134217728 backing_file=TEST_DIR/t.IMGFMT.base encryption=on | ||
|
||
== writing part of a cluster == | ||
Disk image 'TEST_DIR/t.qcow2' is encrypted. | ||
password: | ||
wrote 1024/1024 bytes at offset 0 | ||
1 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) | ||
|
||
== verify pattern == | ||
Disk image 'TEST_DIR/t.qcow2' is encrypted. | ||
password: | ||
read 1024/1024 bytes at offset 0 | ||
1 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) | ||
|
||
== verify pattern == | ||
Disk image 'TEST_DIR/t.qcow2' is encrypted. | ||
password: | ||
read 64512/64512 bytes at offset 1024 | ||
63 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) | ||
*** done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -157,4 +157,5 @@ | |
155 rw auto | ||
156 rw auto quick | ||
157 auto | ||
158 rw auto quick | ||
162 auto quick |