Re: [Qemu-devel] [PATCH v6 13/18] qcow2: add support for LUKS encryption format

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Daniel P. Berrange" <berrange@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: qemu-devel@nongnu.org, qemu-block@nongnu.org,
	Max Reitz <mreitz@redhat.com>, Kevin Wolf <kwolf@redhat.com>,
	Alberto Garcia <berto@igalia.com>
Subject: Re: [Qemu-devel] [PATCH v6 13/18] qcow2: add support for LUKS encryption format
Date: Tue, 9 May 2017 15:05:38 +0100	[thread overview]
Message-ID: <20170509140538.GJ1669@redhat.com> (raw)
In-Reply-To: <b3f9f0dd-8925-4528-807e-3cf97a199298@redhat.com>

On Wed, Apr 26, 2017 at 12:46:18PM -0500, Eric Blake wrote:
> On 04/25/2017 10:38 AM, Daniel P. Berrange wrote:
> > This adds support for using LUKS as an encryption format
> > with the qcow2 file, using the new encrypt.format parameter
> > to request "luks" format. e.g.
> > 
> >   # qemu-img create --object secret,data=123456,id=sec0 \
> >        -f qcow2 -o encrypt.-format=luks,encrypt.key-secret=sec0 \
> 
> s/encrypt.-format/encrypt.format/
> 
> >        test.qcow2 10G
> > 
> 
> > 
> > Aside from all the cryptographic differences implied by
> > use of the LUKS format, there is one further key difference
> > between the use of legacy AES and LUKS encryption in qcow2.
> > For LUKS, the initialiazation vectors are generated using
> > the host physical sector as the input, rather than the
> > guest virtual sector. This guarantees unique initialization
> > vectors for all sectors when qcow2 internal snapshots are
> > used, thus giving stronger protection against watermarking
> > attacks.
> > 
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> 
> > @@ -165,6 +246,47 @@ static int qcow2_read_extensions(BlockDriverState *bs, uint64_t start_offset,
> >              }
> >              break;
> >  
> > +        case QCOW2_EXT_MAGIC_CRYPTO_HEADER: {
> > +            unsigned int cflags = 0;
> > +            if (s->crypt_method_header != QCOW_CRYPT_LUKS) {
> > +                error_setg(errp, "CRYPTO header extension only "
> > +                           "expected with LUKS encryption method");
> > +                return -EINVAL;
> > +            }
> > +            if (ext.len != sizeof(Qcow2CryptoHeaderExtension)) {
> > +                error_setg(errp, "CRYPTO header extension size %u, "
> > +                           "but expected size %zu", ext.len,
> > +                           sizeof(Qcow2CryptoHeaderExtension));
> > +                return -EINVAL;
> > +            }
> > +
> > +            ret = bdrv_pread(bs->file, offset, &s->crypto_header, ext.len);
> > +            if (ret < 0) {
> > +                error_setg_errno(errp, -ret,
> > +                                 "Unable to read CRYPTO header extension");
> > +                return ret;
> > +            }
> > +            be64_to_cpus(&s->crypto_header.offset);
> > +            be64_to_cpus(&s->crypto_header.length);
> > +
> > +            if ((s->crypto_header.offset % s->cluster_size) != 0) {
> > +                error_setg(errp, "Encryption header offset '%" PRIu64 "' is "
> > +                           "not a multiple of cluster size '%u'",
> > +                           s->crypto_header.offset, s->cluster_size);
> > +                return -EINVAL;
> > +            }
> 
> Do we need to sanity check that crypto_header.length is not bogus?

The only sanity check I can see would be to put an arbitrary size limit
on the length ? I'm a little loathe to do that since LUKSv2 is going to
make the header extensible, and/or future LUKSv1 changes might adjust
padding, both making the header longer than it would be today. I would
like qemu-img to be able to open such future files, even if it then
refuses support for the features.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

next prev parent reply	other threads:[~2017-05-09 14:05 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-04-25 15:38 [Qemu-devel] [PATCH v6 00/18]Convert QCow[2] to QCryptoBlock & add LUKS support Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 01/18] block: expose crypto option names / defs to other drivers Daniel P. Berrange
2017-04-26 13:26   ` Eric Blake
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 02/18] block: add ability to set a prefix for opt names Daniel P. Berrange
2017-04-26 13:28   ` Eric Blake
2017-04-26 13:50     ` Daniel P. Berrange
2017-04-26 14:12       ` Eric Blake
2017-04-26 14:13         ` Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 03/18] qcow: document another weakness of qcow AES encryption Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 04/18] qcow: require image size to be > 1 for new images Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 05/18] iotests: skip 042 with qcow which dosn't support zero sized images Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 06/18] iotests: skip 048 with qcow which doesn't support resize Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 07/18] block: deprecate "encryption=on" in favour of "encrypt.format=aes" Daniel P. Berrange
2017-04-26 14:14   ` Eric Blake
2017-05-11 12:55   ` Alberto Garcia
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 08/18] qcow: make encrypt_sectors encrypt in place Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 09/18] qcow: convert QCow to use QCryptoBlock for encryption Daniel P. Berrange
2017-04-26 15:12   ` Eric Blake
2017-05-11 14:05   ` Alberto Garcia
2017-05-11 14:09     ` Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 10/18] qcow2: make qcow2_encrypt_sectors encrypt in place Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 11/18] qcow2: convert QCow2 to use QCryptoBlock for encryption Daniel P. Berrange
2017-04-26 15:25   ` Eric Blake
2017-05-11 14:29   ` Alberto Garcia
2017-05-24 16:46     ` Daniel P. Berrange
2017-05-25 10:46       ` Alberto Garcia
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 12/18] qcow2: extend specification to cover LUKS encryption Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 13/18] qcow2: add support for LUKS encryption format Daniel P. Berrange
2017-04-26 17:46   ` Eric Blake
2017-05-09 14:05     ` Daniel P. Berrange [this message]
2017-05-11 14:44   ` Alberto Garcia
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 14/18] qcow2: add iotests to cover LUKS encryption support Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 15/18] iotests: enable tests 134 and 158 to work with qcow (v1) Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 16/18] block: rip out all traces of password prompting Daniel P. Berrange
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 17/18] block: remove all encryption handling APIs Daniel P. Berrange
2017-05-11 14:49   ` Alberto Garcia
2017-04-25 15:38 ` [Qemu-devel] [PATCH v6 18/18] block: pass option prefix down to crypto layer Daniel P. Berrange
2017-04-26 17:47   ` Eric Blake
2017-04-25 15:56 ` [Qemu-devel] [PATCH v6 00/18]Convert QCow[2] to QCryptoBlock & add LUKS support no-reply
2017-04-25 17:25 ` no-reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170509140538.GJ1669@redhat.com \
    --to=berrange@redhat.com \
    --cc=berto@igalia.com \
    --cc=eblake@redhat.com \
    --cc=kwolf@redhat.com \
    --cc=mreitz@redhat.com \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.