qemu: Don't assume secret provided for LUKS encryption

https://bugzilla.redhat.com/show_bug.cgi?id=1405269

If a secret was not provided for what was determined to be a LUKS
encrypted disk (during virStorageFileGetMetadata processing when
called from qemuDomainDetermineDiskChain as a result of hotplug
attach qemuDomainAttachDeviceDiskLive), then do not attempt to
look it up (avoiding a libvirtd crash) and do not alter the format
to "luks" when adding the disk; otherwise, the device_add would
fail with a message such as:

   "unable to execute QEMU command 'device_add': Property 'scsi-hd.drive'
    can't find value 'drive-scsi0-0-0-0'"

because of assumptions that when the format=luks that libvirt would have
provided the secret to decrypt the volume.

Access to unlock the volume will thus be left to the application.

(cherry picked from commit 7f7d99048350935a394d07b98a13d7da9c4b0502)

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index f8d3d6e1864369a6e684a2c6bbb708341bbe32c1..8fd103a8c7f9449d64a57116428810fcf9e0d54c 100644 (file)
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1303,8 +1303,7 @@ qemuBuildDriveSourceStr(virDomainDiskDefPtr disk,
     if (disk->src->format > 0 &&
         disk->src->type != VIR_STORAGE_TYPE_DIR) {
         const char *qemuformat = virStorageFileFormatTypeToString(disk->src->format);
-        if (disk->src->encryption &&
-            disk->src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS)
+        if (qemuDomainDiskHasEncryptionSecret(disk->src))
             qemuformat = "luks";
         virBufferAsprintf(buf, "format=%s,", qemuformat);
     }

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index c1fb77129676f89c16056befe8e836a46c508e4a..db59d07edc2395f3712537bccd2c3def3ec332ca 100644 (file)
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1044,6 +1044,18 @@ qemuDomainSecretDiskCapable(virStorageSourcePtr src)
 }
 
 
+bool
+qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
+{
+    if (!virStorageSourceIsEmpty(src) && src->encryption &&
+        src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
+        src->encryption->nsecrets > 0)
+        return true;
+
+    return false;
+}
+
+
 /* qemuDomainSecretDiskPrepare:
  * @conn: Pointer to connection
  * @priv: pointer to domain private object
@@ -1082,8 +1094,7 @@ qemuDomainSecretDiskPrepare(virConnectPtr conn,
         diskPriv->secinfo = secinfo;
     }
 
-    if (!virStorageSourceIsEmpty(src) && src->encryption &&
-        src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) {
+    if (qemuDomainDiskHasEncryptionSecret(src)) {
 
         if (VIR_ALLOC(secinfo) < 0)
             return -1;

diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 13c03729f3cd5664563eddc6a3ab1401cdacc091..84c084260c23b9637e973be49a34470a2fea482f 100644 (file)
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -696,6 +696,9 @@ void qemuDomainSecretDiskDestroy(virDomainDiskDefPtr disk)
 bool qemuDomainSecretDiskCapable(virStorageSourcePtr src)
     ATTRIBUTE_NONNULL(1);
 
+bool qemuDomainDiskHasEncryptionSecret(virStorageSourcePtr src)
+    ATTRIBUTE_NONNULL(1);
+
 int qemuDomainSecretDiskPrepare(virConnectPtr conn,
                                 qemuDomainObjPrivatePtr priv,
                                 virDomainDiskDefPtr disk)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index d13474afcbfc81ea327984a179ab2bc2bdc89450..d67dd926ac03d043428d3fe3f2a9d997caa6917e 100644 (file)
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -2999,8 +2999,7 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
     /* Similarly, if this is possible a device using LUKS encryption, we
      * can remove the luks object password too
      */
-    if (!virStorageSourceIsEmpty(disk->src) && disk->src->encryption &&
-        disk->src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS) {
+    if (qemuDomainDiskHasEncryptionSecret(disk->src)) {
 
         if (!(encAlias =
               qemuDomainGetSecretAESAlias(disk->info.alias, true))) {