diff options
| author | Daniel P. Berrange <berrange@redhat.com> | 2017-06-23 17:24:10 +0100 |
|---|---|---|
| committer | Max Reitz <mreitz@redhat.com> | 2017-07-11 17:44:56 +0200 |
| commit | b25b387fa5928e516cb2c9e7fde68e958bd7e50a (patch) | |
| tree | dc53af6ece398ec328ec8aa1ad4aa84c15e93ba2 /block/qcow2.h | |
| parent | 446d306d23c8b568affec104d74f84f48d5eaa24 (diff) | |
qcow2: convert QCow2 to use QCryptoBlock for encryption
This converts the qcow2 driver to make use of the QCryptoBlock
APIs for encrypting image content, using the legacy QCow2 AES
scheme.
With this change it is now required to use the QCryptoSecret
object for providing passwords, instead of the current block
password APIs / interactive prompting.
$QEMU \
-object secret,id=sec0,file=/home/berrange/encrypted.pw \
-drive file=/home/berrange/encrypted.qcow2,encrypt.key-secret=sec0
The test 087 could be simplified since there is no longer a
difference in behaviour when using blockdev_add with encrypted
images for the running vs stopped CPU state.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 20170623162419.26068-12-berrange@redhat.com
Reviewed-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Diffstat (limited to 'block/qcow2.h')
| -rw-r--r-- | block/qcow2.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/block/qcow2.h b/block/qcow2.h index 5a3f07e261..4b8961097e 100644 --- a/block/qcow2.h +++ b/block/qcow2.h @@ -25,7 +25,7 @@ #ifndef BLOCK_QCOW2_H #define BLOCK_QCOW2_H -#include "crypto/cipher.h" +#include "crypto/block.h" #include "qemu/coroutine.h" //#define DEBUG_ALLOC @@ -257,7 +257,8 @@ typedef struct BDRVQcow2State { CoMutex lock; - QCryptoCipher *cipher; /* current cipher, NULL if no key yet */ + QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */ + QCryptoBlock *crypto; /* Disk encryption format driver */ uint32_t crypt_method_header; uint64_t snapshots_offset; int snapshots_size; |