Historically there are two places where we format authentication and
encryption for a disk. The logich which formats it for backing files was
flawed though and didn't format it at all. This worked if the image
became a backing file through the means of a snapshot but not directly.
Force formatting of the source and encryption for any non-disk case to
fix the issue.
This caused problems in many places as we use the formatter to copy the
definition. Effectively any copy lost the secret definition.
https://bugzilla.redhat.com/show_bug.cgi?id=
1789310
https://bugzilla.redhat.com/show_bug.cgi?id=
1788898
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
virStorageFileFormatTypeToString(disk->store->format));
if (virDomainDiskSourceFormat(&childBuf, disk->store, sourcename,
- 0, false, storageSourceFormatFlags, NULL) < 0)
+ 0, false, storageSourceFormatFlags, true, NULL) < 0)
return -1;
}
* @policy: startup policy attribute value, if necessary
* @attrIndex: the 'index' attribute of <source> is formatted if true
* @flags: XML formatter flags
+ * @formatsecrets: Force formatting of <auth> and <encryption> under <source>
+ * regardless of the original definition state
* @xmlopt: XML formatter callbacks
*
* Formats @src into a <source> element. Note that this doesn't format the
int policy,
bool attrIndex,
unsigned int flags,
+ bool formatsecrets,
virDomainXMLOptionPtr xmlopt)
{
g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
* <auth> for a volume source type. The <auth> information is
* kept in the storage pool and would be overwritten anyway.
* So avoid formatting it for volumes. */
- if (src->auth && src->authInherited &&
+ if (src->auth && (src->authInherited || formatsecrets) &&
src->type != VIR_STORAGE_TYPE_VOLUME)
virStorageAuthDefFormat(&childBuf, src->auth);
/* If we found encryption as a child of <source>, then format it
* as we found it. */
- if (src->encryption && src->encryptionInherited &&
+ if (src->encryption && (src->encryptionInherited || formatsecrets) &&
virStorageEncryptionFormat(&childBuf, src->encryption) < 0)
return -1;
virBufferAsprintf(&childBuf, "<format type='%s'/>\n",
virStorageFileFormatTypeToString(backingStore->format));
if (virDomainDiskSourceFormat(&childBuf, backingStore, "source", 0, false,
- flags, xmlopt) < 0)
+ flags, true, xmlopt) < 0)
return -1;
if (virDomainDiskBackingStoreFormat(&childBuf, backingStore, xmlopt, flags) < 0)
virBufferEscapeString(&childBuf, "<format type='%s'/>\n", formatStr);
if (virDomainDiskSourceFormat(&childBuf, disk->mirror, "source", 0, true,
- flags, xmlopt) < 0)
+ flags, true, xmlopt) < 0)
return -1;
if (virDomainDiskBackingStoreFormat(&childBuf, disk->mirror, xmlopt, flags) < 0)
virStorageAuthDefFormat(buf, def->src->auth);
if (virDomainDiskSourceFormat(buf, def->src, "source", def->startupPolicy,
- true, flags, xmlopt) < 0)
+ true, flags, false, xmlopt) < 0)
return -1;
/* Don't format backingStore to inactive XMLs until the code for
int policy,
bool attrIndex,
unsigned int flags,
+ bool formatsecrets,
virDomainXMLOptionPtr xmlopt);
int
if (disk->src->format > 0)
virBufferEscapeString(buf, "<driver type='%s'/>\n",
virStorageFileFormatTypeToString(disk->src->format));
- if (virDomainDiskSourceFormat(buf, disk->src, "source", 0, false, 0,
+ if (virDomainDiskSourceFormat(buf, disk->src, "source", 0, false, 0, true,
xmlopt) < 0)
return -1;
virStorageTypeToString(src->type),
virStorageFileFormatTypeToString(src->format));
- if (virDomainDiskSourceFormat(&childBuf, src, "source", 0, true, xmlflags, xmlopt) < 0)
+ if (virDomainDiskSourceFormat(&childBuf, src, "source", 0, true, xmlflags, true, xmlopt) < 0)
return -1;
if (chain &&
virStorageFileFormatTypeToString(src->format));
if (virDomainDiskSourceFormat(&childBuf, src, "source", 0, false,
- VIR_DOMAIN_DEF_FORMAT_STATUS, xmlopt) < 0)
+ VIR_DOMAIN_DEF_FORMAT_STATUS, true, xmlopt) < 0)
return -1;
virXMLFormatElement(buf, "migrationSource", &attrBuf, &childBuf);
return -1;
}
- if (virDomainDiskSourceFormat(&buf, jsonsrc, "source", 0, false, 0,
+ if (virDomainDiskSourceFormat(&buf, jsonsrc, "source", 0, false, 0, true,
NULL) < 0 ||
!(actualxml = virBufferContentAndReset(&buf))) {
fprintf(stderr, "failed to format disk source xml\n");
</source>
<backingStore type='file'>
<format type='qcow2'/>
- <source file='/storage/guest_disks/base.qcow2'/>
+ <source file='/storage/guest_disks/base.qcow2'>
+ <encryption format='luks'>
+ <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
+ </encryption>
+ </source>
<backingStore/>
</backingStore>
<target dev='vdf' bus='virtio'/>
return -1;
}
- if (virDomainDiskSourceFormat(&buf, src, "source", 0, false, 0, NULL) < 0 ||
+ if (virDomainDiskSourceFormat(&buf, src, "source", 0, false, 0, true, NULL) < 0 ||
!(xml = virBufferContentAndReset(&buf))) {
fprintf(stderr, "failed to format disk source xml\n");
return -1;
projects / thirdparty / libvirt.git / commitdiff
