#include "qemu/osdep.h"
#include "block/block_int.h"
+#include "block/qdict.h"
#include "sysemu/block-backend.h"
#include "crypto/block.h"
#include "qapi/opts-visitor.h"
#include "qapi/qapi-visit-crypto.h"
-#include "qapi/qmp/qdict.h"
#include "qapi/qobject-input-visitor.h"
#include "qapi/error.h"
#include "qemu/option.h"
-#include "block/crypto.h"
+#include "crypto.h"
typedef struct BlockCrypto BlockCrypto;
struct BlockCryptoCreateData {
- const char *filename;
- QemuOpts *opts;
BlockBackend *blk;
uint64_t size;
};
Error **errp)
{
struct BlockCryptoCreateData *data = opaque;
- int ret;
+
+ if (data->size > INT64_MAX || headerlen > INT64_MAX - data->size) {
+ error_setg(errp, "The requested file size is too large");
+ return -EFBIG;
+ }
/* User provided size should reflect amount of space made
* available to the guest, so we must take account of that
* which will be used by the crypto header
*/
- data->size += headerlen;
-
- qemu_opt_set_number(data->opts, BLOCK_OPT_SIZE, data->size, &error_abort);
- ret = bdrv_create_file(data->filename, data->opts, errp);
- if (ret < 0) {
- return -1;
- }
-
- data->blk = blk_new_open(data->filename, NULL, NULL,
- BDRV_O_RDWR | BDRV_O_PROTOCOL, errp);
- if (!data->blk) {
- return -1;
- }
-
- return 0;
+ return blk_truncate(data->blk, data->size + headerlen, PREALLOC_MODE_OFF,
+ errp);
}
QCryptoBlockOpenOptions *
-block_crypto_open_opts_init(QCryptoBlockFormat format,
- QDict *opts,
- Error **errp)
+block_crypto_open_opts_init(QDict *opts, Error **errp)
{
Visitor *v;
- QCryptoBlockOpenOptions *ret = NULL;
- Error *local_err = NULL;
-
- ret = g_new0(QCryptoBlockOpenOptions, 1);
- ret->format = format;
+ QCryptoBlockOpenOptions *ret;
- v = qobject_input_visitor_new_keyval(QOBJECT(opts));
-
- visit_start_struct(v, NULL, NULL, 0, &local_err);
- if (local_err) {
- goto out;
- }
-
- switch (format) {
- case Q_CRYPTO_BLOCK_FORMAT_LUKS:
- visit_type_QCryptoBlockOptionsLUKS_members(
- v, &ret->u.luks, &local_err);
- break;
-
- case Q_CRYPTO_BLOCK_FORMAT_QCOW:
- visit_type_QCryptoBlockOptionsQCow_members(
- v, &ret->u.qcow, &local_err);
- break;
-
- default:
- error_setg(&local_err, "Unsupported block format %d", format);
- break;
- }
- if (!local_err) {
- visit_check_struct(v, &local_err);
+ v = qobject_input_visitor_new_flat_confused(opts, errp);
+ if (!v) {
+ return NULL;
}
- visit_end_struct(v, NULL);
+ visit_type_QCryptoBlockOpenOptions(v, NULL, &ret, errp);
- out:
- if (local_err) {
- error_propagate(errp, local_err);
- qapi_free_QCryptoBlockOpenOptions(ret);
- ret = NULL;
- }
visit_free(v);
return ret;
}
QCryptoBlockCreateOptions *
-block_crypto_create_opts_init(QCryptoBlockFormat format,
- QDict *opts,
- Error **errp)
+block_crypto_create_opts_init(QDict *opts, Error **errp)
{
Visitor *v;
- QCryptoBlockCreateOptions *ret = NULL;
- Error *local_err = NULL;
-
- ret = g_new0(QCryptoBlockCreateOptions, 1);
- ret->format = format;
-
- v = qobject_input_visitor_new_keyval(QOBJECT(opts));
-
- visit_start_struct(v, NULL, NULL, 0, &local_err);
- if (local_err) {
- goto out;
- }
+ QCryptoBlockCreateOptions *ret;
- switch (format) {
- case Q_CRYPTO_BLOCK_FORMAT_LUKS:
- visit_type_QCryptoBlockCreateOptionsLUKS_members(
- v, &ret->u.luks, &local_err);
- break;
-
- case Q_CRYPTO_BLOCK_FORMAT_QCOW:
- visit_type_QCryptoBlockOptionsQCow_members(
- v, &ret->u.qcow, &local_err);
- break;
-
- default:
- error_setg(&local_err, "Unsupported block format %d", format);
- break;
- }
- if (!local_err) {
- visit_check_struct(v, &local_err);
+ v = qobject_input_visitor_new_flat_confused(opts, errp);
+ if (!v) {
+ return NULL;
}
- visit_end_struct(v, NULL);
+ visit_type_QCryptoBlockCreateOptions(v, NULL, &ret, errp);
- out:
- if (local_err) {
- error_propagate(errp, local_err);
- qapi_free_QCryptoBlockCreateOptions(ret);
- ret = NULL;
- }
visit_free(v);
return ret;
}
}
cryptoopts = qemu_opts_to_qdict(opts, NULL);
+ qdict_put_str(cryptoopts, "format", QCryptoBlockFormat_str(format));
- open_opts = block_crypto_open_opts_init(format, cryptoopts, errp);
+ open_opts = block_crypto_open_opts_init(cryptoopts, errp);
if (!open_opts) {
goto cleanup;
}
ret = 0;
cleanup:
- QDECREF(cryptoopts);
+ qobject_unref(cryptoopts);
qapi_free_QCryptoBlockOpenOptions(open_opts);
return ret;
}
-static int block_crypto_create_generic(QCryptoBlockFormat format,
- const char *filename,
- QemuOpts *opts,
- Error **errp)
+static int block_crypto_co_create_generic(BlockDriverState *bs,
+ int64_t size,
+ QCryptoBlockCreateOptions *opts,
+ Error **errp)
{
- int ret = -EINVAL;
- QCryptoBlockCreateOptions *create_opts = NULL;
+ int ret;
+ BlockBackend *blk;
QCryptoBlock *crypto = NULL;
- struct BlockCryptoCreateData data = {
- .size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0),
- BDRV_SECTOR_SIZE),
- .opts = opts,
- .filename = filename,
- };
- QDict *cryptoopts;
+ struct BlockCryptoCreateData data;
- cryptoopts = qemu_opts_to_qdict(opts, NULL);
+ blk = blk_new(BLK_PERM_WRITE | BLK_PERM_RESIZE, BLK_PERM_ALL);
- create_opts = block_crypto_create_opts_init(format, cryptoopts, errp);
- if (!create_opts) {
- return -1;
+ ret = blk_insert_bs(blk, bs, errp);
+ if (ret < 0) {
+ goto cleanup;
}
- crypto = qcrypto_block_create(create_opts, NULL,
+ data = (struct BlockCryptoCreateData) {
+ .blk = blk,
+ .size = size,
+ };
+
+ crypto = qcrypto_block_create(opts, NULL,
block_crypto_init_func,
block_crypto_write_func,
&data,
ret = 0;
cleanup:
- QDECREF(cryptoopts);
qcrypto_block_free(crypto);
- blk_unref(data.blk);
- qapi_free_QCryptoBlockCreateOptions(create_opts);
+ blk_unref(blk);
return ret;
}
-static int block_crypto_truncate(BlockDriverState *bs, int64_t offset,
- PreallocMode prealloc, Error **errp)
+static int coroutine_fn
+block_crypto_co_truncate(BlockDriverState *bs, int64_t offset,
+ PreallocMode prealloc, Error **errp)
{
BlockCrypto *crypto = bs->opaque;
uint64_t payload_offset =
qcrypto_block_get_payload_offset(crypto->block);
- assert(payload_offset < (INT64_MAX - offset));
+
+ if (payload_offset > INT64_MAX - offset) {
+ error_setg(errp, "The requested file size is too large");
+ return -EFBIG;
+ }
offset += payload_offset;
- return bdrv_truncate(bs->file, offset, prealloc, errp);
+ return bdrv_co_truncate(bs->file, offset, prealloc, errp);
}
static void block_crypto_close(BlockDriverState *bs)
qcrypto_block_free(crypto->block);
}
+static int block_crypto_reopen_prepare(BDRVReopenState *state,
+ BlockReopenQueue *queue, Error **errp)
+{
+ /* nothing needs checking */
+ return 0;
+}
/*
* 1 MB bounce buffer gives good performance / memory tradeoff
uint64_t offset = qcrypto_block_get_payload_offset(crypto->block);
assert(offset < INT64_MAX);
- assert(offset < len);
+
+ if (offset > len) {
+ return -EIO;
+ }
len -= offset;
bs, options, flags, errp);
}
-static int block_crypto_create_luks(const char *filename,
- QemuOpts *opts,
- Error **errp)
+static int coroutine_fn
+block_crypto_co_create_luks(BlockdevCreateOptions *create_options, Error **errp)
+{
+ BlockdevCreateOptionsLUKS *luks_opts;
+ BlockDriverState *bs = NULL;
+ QCryptoBlockCreateOptions create_opts;
+ int ret;
+
+ assert(create_options->driver == BLOCKDEV_DRIVER_LUKS);
+ luks_opts = &create_options->u.luks;
+
+ bs = bdrv_open_blockdev_ref(luks_opts->file, errp);
+ if (bs == NULL) {
+ return -EIO;
+ }
+
+ create_opts = (QCryptoBlockCreateOptions) {
+ .format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
+ .u.luks = *qapi_BlockdevCreateOptionsLUKS_base(luks_opts),
+ };
+
+ ret = block_crypto_co_create_generic(bs, luks_opts->size, &create_opts,
+ errp);
+ if (ret < 0) {
+ goto fail;
+ }
+
+ ret = 0;
+fail:
+ bdrv_unref(bs);
+ return ret;
+}
+
+static int coroutine_fn block_crypto_co_create_opts_luks(const char *filename,
+ QemuOpts *opts,
+ Error **errp)
{
- return block_crypto_create_generic(Q_CRYPTO_BLOCK_FORMAT_LUKS,
- filename, opts, errp);
+ QCryptoBlockCreateOptions *create_opts = NULL;
+ BlockDriverState *bs = NULL;
+ QDict *cryptoopts;
+ int64_t size;
+ int ret;
+
+ /* Parse options */
+ size = qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0);
+
+ cryptoopts = qemu_opts_to_qdict_filtered(opts, NULL,
+ &block_crypto_create_opts_luks,
+ true);
+
+ qdict_put_str(cryptoopts, "format", "luks");
+ create_opts = block_crypto_create_opts_init(cryptoopts, errp);
+ if (!create_opts) {
+ ret = -EINVAL;
+ goto fail;
+ }
+
+ /* Create protocol layer */
+ ret = bdrv_create_file(filename, opts, errp);
+ if (ret < 0) {
+ goto fail;
+ }
+
+ bs = bdrv_open(filename, NULL, NULL,
+ BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, errp);
+ if (!bs) {
+ ret = -EINVAL;
+ goto fail;
+ }
+
+ /* Create format layer */
+ ret = block_crypto_co_create_generic(bs, size, create_opts, errp);
+ if (ret < 0) {
+ goto fail;
+ }
+
+ ret = 0;
+fail:
+ bdrv_unref(bs);
+ qapi_free_QCryptoBlockCreateOptions(create_opts);
+ qobject_unref(cryptoopts);
+ return ret;
}
static int block_crypto_get_info_luks(BlockDriverState *bs,
.bdrv_probe = block_crypto_probe_luks,
.bdrv_open = block_crypto_open_luks,
.bdrv_close = block_crypto_close,
- .bdrv_child_perm = bdrv_format_default_perms,
- .bdrv_create = block_crypto_create_luks,
- .bdrv_truncate = block_crypto_truncate,
+ /* This driver doesn't modify LUKS metadata except when creating image.
+ * Allow share-rw=on as a special case. */
+ .bdrv_child_perm = bdrv_filter_default_perms,
+ .bdrv_co_create = block_crypto_co_create_luks,
+ .bdrv_co_create_opts = block_crypto_co_create_opts_luks,
+ .bdrv_co_truncate = block_crypto_co_truncate,
.create_opts = &block_crypto_create_opts_luks,
+ .bdrv_reopen_prepare = block_crypto_reopen_prepare,
.bdrv_refresh_limits = block_crypto_refresh_limits,
.bdrv_co_preadv = block_crypto_co_preadv,
.bdrv_co_pwritev = block_crypto_co_pwritev,
projects / qemu.git / blobdiff