aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarkus Armbruster <armbru@redhat.com>2015-01-29 10:37:00 +0100
committerMax Reitz <mreitz@redhat.com>2015-02-06 11:46:32 -0500
commit4d2855a348c5e90f56584ab9777fc877965ca2e0 (patch)
treea18099246734fba4be68e2843ea917caf6701ace
parent2e3a0266bd84a9be9f5e23c1568db6eb7f3e9e94 (diff)
block: New bdrv_add_key(), convert monitor to use it
Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1422524221-8566-4-git-send-email-armbru@redhat.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
-rw-r--r--block.c29
-rw-r--r--blockdev.c24
-rw-r--r--include/block/block.h1
-rw-r--r--monitor.c16
-rw-r--r--qmp.c8
5 files changed, 47 insertions, 31 deletions
diff --git a/block.c b/block.c
index 49e0073ce9..84af3cd210 100644
--- a/block.c
+++ b/block.c
@@ -3713,6 +3713,35 @@ int bdrv_set_key(BlockDriverState *bs, const char *key)
return ret;
}
+/*
+ * Provide an encryption key for @bs.
+ * If @key is non-null:
+ * If @bs is not encrypted, fail.
+ * Else if the key is invalid, fail.
+ * Else set @bs's key to @key, replacing the existing key, if any.
+ * If @key is null:
+ * If @bs is encrypted and still lacks a key, fail.
+ * Else do nothing.
+ * On failure, store an error object through @errp if non-null.
+ */
+void bdrv_add_key(BlockDriverState *bs, const char *key, Error **errp)
+{
+ if (key) {
+ if (!bdrv_is_encrypted(bs)) {
+ error_set(errp, QERR_DEVICE_NOT_ENCRYPTED,
+ bdrv_get_device_name(bs));
+ } else if (bdrv_set_key(bs, key) < 0) {
+ error_set(errp, QERR_INVALID_PASSWORD);
+ }
+ } else {
+ if (bdrv_key_required(bs)) {
+ error_set(errp, QERR_DEVICE_ENCRYPTED,
+ bdrv_get_device_name(bs),
+ bdrv_get_encrypted_filename(bs));
+ }
+ }
+}
+
const char *bdrv_get_format_name(BlockDriverState *bs)
{
return bs->drv ? bs->drv->format_name : NULL;
diff --git a/blockdev.c b/blockdev.c
index 287d7af901..7d34960b96 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1793,7 +1793,6 @@ void qmp_block_passwd(bool has_device, const char *device,
Error *local_err = NULL;
BlockDriverState *bs;
AioContext *aio_context;
- int err;
bs = bdrv_lookup_bs(has_device ? device : NULL,
has_node_name ? node_name : NULL,
@@ -1806,16 +1805,8 @@ void qmp_block_passwd(bool has_device, const char *device,
aio_context = bdrv_get_aio_context(bs);
aio_context_acquire(aio_context);
- err = bdrv_set_key(bs, password);
- if (err == -EINVAL) {
- error_set(errp, QERR_DEVICE_NOT_ENCRYPTED, bdrv_get_device_name(bs));
- goto out;
- } else if (err < 0) {
- error_set(errp, QERR_INVALID_PASSWORD);
- goto out;
- }
+ bdrv_add_key(bs, password, errp);
-out:
aio_context_release(aio_context);
}
@@ -1833,18 +1824,7 @@ static void qmp_bdrv_open_encrypted(BlockDriverState *bs, const char *filename,
return;
}
- if (bdrv_key_required(bs)) {
- if (password) {
- if (bdrv_set_key(bs, password) < 0) {
- error_set(errp, QERR_INVALID_PASSWORD);
- }
- } else {
- error_set(errp, QERR_DEVICE_ENCRYPTED, bdrv_get_device_name(bs),
- bdrv_get_encrypted_filename(bs));
- }
- } else if (password) {
- error_set(errp, QERR_DEVICE_NOT_ENCRYPTED, bdrv_get_device_name(bs));
- }
+ bdrv_add_key(bs, password, errp);
}
void qmp_change_blockdev(const char *device, const char *filename,
diff --git a/include/block/block.h b/include/block/block.h
index 25a6d62d1b..321295e5f7 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -381,6 +381,7 @@ BlockDriverState *bdrv_next(BlockDriverState *bs);
int bdrv_is_encrypted(BlockDriverState *bs);
int bdrv_key_required(BlockDriverState *bs);
int bdrv_set_key(BlockDriverState *bs, const char *key);
+void bdrv_add_key(BlockDriverState *bs, const char *key, Error **errp);
int bdrv_query_missing_keys(void);
void bdrv_iterate_format(void (*it)(void *opaque, const char *name),
void *opaque);
diff --git a/monitor.c b/monitor.c
index 5a24311844..c3cc060b45 100644
--- a/monitor.c
+++ b/monitor.c
@@ -5368,9 +5368,12 @@ static void bdrv_password_cb(void *opaque, const char *password,
Monitor *mon = opaque;
BlockDriverState *bs = readline_opaque;
int ret = 0;
+ Error *local_err = NULL;
- if (bdrv_set_key(bs, password) != 0) {
- monitor_printf(mon, "invalid password\n");
+ bdrv_add_key(bs, password, &local_err);
+ if (local_err) {
+ monitor_printf(mon, "%s\n", error_get_pretty(local_err));
+ error_free(local_err);
ret = -EPERM;
}
if (mon->password_completion_cb)
@@ -5388,17 +5391,20 @@ int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
BlockCompletionFunc *completion_cb,
void *opaque)
{
+ Error *local_err = NULL;
int err;
- if (!bdrv_key_required(bs)) {
+ bdrv_add_key(bs, NULL, &local_err);
+ if (!local_err) {
if (completion_cb)
completion_cb(opaque, 0);
return 0;
}
+ /* Need a key for @bs */
+
if (monitor_ctrl_mode(mon)) {
- qerror_report(QERR_DEVICE_ENCRYPTED, bdrv_get_device_name(bs),
- bdrv_get_encrypted_filename(bs));
+ qerror_report_err(local_err);
return -1;
}
diff --git a/qmp.c b/qmp.c
index 7f2d25a492..20a9e9739f 100644
--- a/qmp.c
+++ b/qmp.c
@@ -154,6 +154,7 @@ SpiceInfo *qmp_query_spice(Error **errp)
void qmp_cont(Error **errp)
{
+ Error *local_err = NULL;
BlockDriverState *bs;
if (runstate_needs_reset()) {
@@ -167,10 +168,9 @@ void qmp_cont(Error **errp)
bdrv_iostatus_reset(bs);
}
for (bs = bdrv_next(NULL); bs; bs = bdrv_next(bs)) {
- if (bdrv_key_required(bs)) {
- error_set(errp, QERR_DEVICE_ENCRYPTED,
- bdrv_get_device_name(bs),
- bdrv_get_encrypted_filename(bs));
+ bdrv_add_key(bs, NULL, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
return;
}
}