From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Hanna Reitz" <hreitz@redhat.com>,
"Gerd Hoffmann" <kraxel@redhat.com>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Cleber Rosa" <crosa@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Eric Blake" <eblake@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Eduardo Habkost" <eduardo@habkost.net>,
"Stefan Weil" <sw@weilnetz.de>, "Kevin Wolf" <kwolf@redhat.com>,
"Thomas Huth" <thuth@redhat.com>,
"Hyman Huang" <yong.huang@smartx.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"John Snow" <jsnow@redhat.com>,
qemu-block@nongnu.org, "Daniel P. Berrangé" <berrange@redhat.com>
Subject: [PULL 16/17] crypto: Introduce 'detached-header' field in QCryptoBlockInfoLUKS
Date: Fri, 9 Feb 2024 14:05:04 +0000 [thread overview]
Message-ID: <20240209140505.2536635-17-berrange@redhat.com> (raw)
In-Reply-To: <20240209140505.2536635-1-berrange@redhat.com>
From: Hyman Huang <yong.huang@smartx.com>
When querying the LUKS disk with the qemu-img tool or other APIs,
add information about whether the LUKS header is detached.
Additionally, update the test case with the appropriate
modification.
Signed-off-by: Hyman Huang <yong.huang@smartx.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/block-luks.c | 2 ++
qapi/crypto.json | 3 +++
tests/qemu-iotests/210.out | 4 ++++
3 files changed, 9 insertions(+)
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index ab52c9dce1..3ee928fb5a 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -1271,6 +1271,7 @@ qcrypto_block_luks_open(QCryptoBlock *block,
block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
block->payload_offset = luks->header.payload_offset_sector *
block->sector_size;
+ block->detached_header = (block->payload_offset == 0) ? true : false;
return 0;
@@ -1895,6 +1896,7 @@ static int qcrypto_block_luks_get_info(QCryptoBlock *block,
info->u.luks.master_key_iters = luks->header.master_key_iterations;
info->u.luks.uuid = g_strndup((const char *)luks->header.uuid,
sizeof(luks->header.uuid));
+ info->u.luks.detached_header = block->detached_header;
for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
slot = g_new0(QCryptoBlockInfoLUKSSlot, 1);
diff --git a/qapi/crypto.json b/qapi/crypto.json
index 22c6cce3ae..ad8dd37175 100644
--- a/qapi/crypto.json
+++ b/qapi/crypto.json
@@ -317,6 +317,8 @@
#
# @hash-alg: the master key hash algorithm
#
+# @detached-header: whether the LUKS header is detached (Since 9.0)
+#
# @payload-offset: offset to the payload data in bytes
#
# @master-key-iters: number of PBKDF2 iterations for key material
@@ -333,6 +335,7 @@
'ivgen-alg': 'QCryptoIVGenAlgorithm',
'*ivgen-hash-alg': 'QCryptoHashAlgorithm',
'hash-alg': 'QCryptoHashAlgorithm',
+ 'detached-header': 'bool',
'payload-offset': 'int',
'master-key-iters': 'int',
'uuid': 'str',
diff --git a/tests/qemu-iotests/210.out b/tests/qemu-iotests/210.out
index 96d9f749dd..94b29b2120 100644
--- a/tests/qemu-iotests/210.out
+++ b/tests/qemu-iotests/210.out
@@ -18,6 +18,7 @@ virtual size: 128 MiB (134217728 bytes)
encrypted: yes
Format specific information:
ivgen alg: plain64
+ detached header: false
hash alg: sha256
cipher alg: aes-256
uuid: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
@@ -70,6 +71,7 @@ virtual size: 64 MiB (67108864 bytes)
encrypted: yes
Format specific information:
ivgen alg: plain64
+ detached header: false
hash alg: sha1
cipher alg: aes-128
uuid: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
@@ -125,6 +127,7 @@ virtual size: 0 B (0 bytes)
encrypted: yes
Format specific information:
ivgen alg: plain64
+ detached header: false
hash alg: sha256
cipher alg: aes-256
uuid: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
@@ -195,6 +198,7 @@ virtual size: 0 B (0 bytes)
encrypted: yes
Format specific information:
ivgen alg: plain64
+ detached header: false
hash alg: sha256
cipher alg: aes-256
uuid: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
--
2.43.0
next prev parent reply other threads:[~2024-02-09 14:07 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-09 14:04 [PULL 00/17] Misc fixes patches Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 01/17] meson: sort C warning flags alphabetically Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 02/17] crypto: Introduce SM4 symmetric cipher algorithm Daniel P. Berrangé
2024-06-07 14:27 ` Peter Maydell
2024-02-09 14:04 ` [PULL 03/17] qemu_init: increase NOFILE soft limit on POSIX Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 04/17] ui: drop VNC feature _MASK constants Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 05/17] softmmu: remove obsolete comment about libvirt timeouts Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 06/17] scripts: drop comment about autogenerated CPU API file Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 07/17] docs: fix highlighting of CPU ABI header rows Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 08/17] docs: re-generate x86_64 ABI compatibility CSV Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 09/17] chardev: close QIOChannel before unref'ing Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 10/17] io: add trace event when cancelling TLS handshake Daniel P. Berrangé
2024-02-09 14:04 ` [PULL 11/17] crypto: Support LUKS volume with detached header Daniel P. Berrangé
2024-02-09 14:05 ` [PULL 12/17] qapi: Make parameter 'file' optional for BlockdevCreateOptionsLUKS Daniel P. Berrangé
2024-02-09 14:05 ` [PULL 13/17] crypto: Modify the qcrypto_block_create to support creation flags Daniel P. Berrangé
2024-02-09 14:05 ` [PULL 14/17] block: Support detached LUKS header creation using blockdev-create Daniel P. Berrangé
2024-02-09 14:05 ` [PULL 15/17] block: Support detached LUKS header creation using qemu-img Daniel P. Berrangé
2024-02-09 14:05 ` Daniel P. Berrangé [this message]
2024-02-09 14:05 ` [PULL 17/17] tests: Add case for LUKS volume with detached header Daniel P. Berrangé
2024-02-12 18:31 ` [PULL 00/17] Misc fixes patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240209140505.2536635-17-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=crosa@redhat.com \
--cc=eblake@redhat.com \
--cc=eduardo@habkost.net \
--cc=hreitz@redhat.com \
--cc=jsnow@redhat.com \
--cc=kraxel@redhat.com \
--cc=kwolf@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=sw@weilnetz.de \
--cc=thuth@redhat.com \
--cc=yong.huang@smartx.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.