aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2015-05-12 17:09:21 +0100
committerKevin Wolf <kwolf@redhat.com>2015-05-22 17:08:01 +0200
commit8caf02127e92939fff39b63a7ff1a5834d320191 (patch)
treef4082246be8d80e43531c21bd68efa8240f78d61
parent6a11d5183fb7564a3d32007b46846312fd61a1c5 (diff)
qemu-io: prompt for encryption keys when required
The qemu-io tool does not check if the image is encrypted so historically would silently corrupt the sectors by writing plain text data into them instead of cipher text. The earlier commit turns this mistake into a fatal abort, so check for encryption and prompt for key when required. This enables us to add unit tests to ensure we don't break the ability of qemu-img to convert existing encrypted qcow2 files into a non-encrypted format. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
-rw-r--r--qemu-io.c21
1 files changed, 21 insertions, 0 deletions
diff --git a/qemu-io.c b/qemu-io.c
index ae5e274a7f..9bc83c6ec1 100644
--- a/qemu-io.c
+++ b/qemu-io.c
@@ -52,6 +52,7 @@ static const cmdinfo_t close_cmd = {
static int openfile(char *name, int flags, QDict *opts)
{
Error *local_err = NULL;
+ BlockDriverState *bs;
if (qemuio_blk) {
fprintf(stderr, "file open already, try 'help close'\n");
@@ -68,7 +69,27 @@ static int openfile(char *name, int flags, QDict *opts)
return 1;
}
+ bs = blk_bs(qemuio_blk);
+ if (bdrv_is_encrypted(bs)) {
+ char password[256];
+ printf("Disk image '%s' is encrypted.\n", name);
+ if (qemu_read_password(password, sizeof(password)) < 0) {
+ error_report("No password given");
+ goto error;
+ }
+ if (bdrv_set_key(bs, password) < 0) {
+ error_report("invalid password");
+ goto error;
+ }
+ }
+
+
return 0;
+
+ error:
+ blk_unref(qemuio_blk);
+ qemuio_blk = NULL;
+ return 1;
}
static void open_help(void)