From: Markus Armbruster <armbru@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: qemu-devel@nongnu.org, kwolf@redhat.com, jdurgin@redhat.com,
jcody@redhat.com, mreitz@redhat.com
Subject: Re: [Qemu-devel] [PATCH RFC v3 for-2.9 10/11] Revert "rbd: add support for getting password from QCryptoSecret object"
Date: Mon, 27 Mar 2017 20:36:37 +0200 [thread overview]
Message-ID: <87d1d2efd6.fsf@dusky.pond.sub.org> (raw)
In-Reply-To: <405ce7e5-b356-f37e-892d-a39cb3a52fc5@redhat.com> (Eric Blake's message of "Mon, 27 Mar 2017 12:15:05 -0500")
Eric Blake <eblake@redhat.com> writes:
> On 03/27/2017 08:26 AM, Markus Armbruster wrote:
>> This reverts commit 60390a2192e7b38aee18db6ce7fb740498709737.
>>
>> The commit's rationale
>>
>> Currently RBD passwords must be provided on the command line
>> via
>>
>> $QEMU -drive file=rbd:pool/image:id=myname:\
>> key=QVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMUE=:\
>> auth_supported=cephx
>>
>> This is insecure because the key is visible in the OS process
>> listing.
>>
>> is invalid. You can easily avoid passing keys on the command line by
>> using "keyfile" instead of "key". In fact, the Ceph documentation
>> calls use of key "not recommended". But the most common way to
>> provide keys is a keyring. The default keyrings should be just fine
>> for most users. When they aren't, you can configure your own keyrings
>> with "keyring" or override the key with "keyfile".
>>
>> The commit adds parameter password-secret to -drive. Support for it
>> was included in -blockdev, but reverted in the previous commit due to
>> concerns about the QMP interface. Revert it from -drive, too.
>>
>> Cc: Daniel P. Berrange <berrange@redhat.com>
>> Signed-off-by: Markus Armbruster <armbru@redhat.com>
>> ---
>> block/rbd.c | 47 -----------------------------------------------
>> 1 file changed, 47 deletions(-)
>
> Are we sure this won't be breaking existing libvirt clients?
I somehow misread the date on commit 60390a2. It's actually too late to
revert it. We'll have to live with this. I'll drop this patch and
rework 11/11.
next prev parent reply other threads:[~2017-03-27 18:36 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-27 13:26 [Qemu-devel] [PATCH RFC v3 for-2.9 00/11] rbd: Clean up API and code Markus Armbruster
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 01/11] rbd: Reject -blockdev server.*.{numeric, to, ipv4, ipv6} Markus Armbruster
2017-03-27 16:03 ` Max Reitz
2017-03-27 19:56 ` Jeff Cody
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 02/11] rbd: Fix to cleanly reject -drive without pool or image Markus Armbruster
2017-03-27 16:10 ` Max Reitz
2017-03-27 16:12 ` Max Reitz
2017-03-27 18:23 ` Markus Armbruster
2017-03-27 18:58 ` Markus Armbruster
2017-03-27 21:33 ` Jeff Cody
2017-03-28 7:54 ` Markus Armbruster
2017-03-28 11:56 ` Jeff Cody
2017-03-28 12:16 ` Jeff Cody
2017-03-27 21:34 ` Jeff Cody
2017-03-28 7:31 ` Markus Armbruster
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 03/11] rbd: Don't limit length of parameter values Markus Armbruster
2017-03-27 16:22 ` Max Reitz
2017-03-28 2:12 ` Jeff Cody
2017-03-28 8:14 ` Markus Armbruster
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 04/11] rbd: Clean up after the previous commit Markus Armbruster
2017-03-27 16:27 ` Max Reitz
2017-03-28 2:13 ` Jeff Cody
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 05/11] rbd: Don't accept -drive driver=rbd, keyvalue-pairs= Markus Armbruster
2017-03-27 16:29 ` Max Reitz
2017-03-27 18:26 ` Markus Armbruster
2017-03-28 2:15 ` Jeff Cody
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 06/11] rbd: Clean up runtime_opts, fix -drive to reject filename Markus Armbruster
2017-03-27 16:38 ` Max Reitz
2017-03-28 2:16 ` Jeff Cody
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 07/11] rbd: Clean up qemu_rbd_create()'s detour through QemuOpts Markus Armbruster
2017-03-27 16:42 ` Max Reitz
2017-03-27 18:27 ` Markus Armbruster
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 08/11] rbd: Revert -blockdev and -drive parameter auth-supported Markus Armbruster
2017-03-27 16:51 ` Max Reitz
2017-03-27 17:03 ` Eric Blake
2017-03-27 18:31 ` Markus Armbruster
2017-03-27 19:00 ` Eric Blake
2017-03-27 19:14 ` Markus Armbruster
2017-03-27 19:27 ` Eric Blake
2017-03-27 19:30 ` Eric Blake
2017-03-28 8:24 ` Markus Armbruster
2017-03-28 13:26 ` Eric Blake
2017-03-28 2:23 ` Jeff Cody
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 09/11] rbd: Revert -blockdev parameter password-secret Markus Armbruster
2017-03-27 16:52 ` Max Reitz
2017-03-27 17:10 ` Eric Blake
2017-03-28 2:32 ` Jeff Cody
2017-03-28 3:51 ` Jeff Cody
2017-03-28 7:58 ` Markus Armbruster
2017-04-03 11:37 ` Daniel P. Berrange
2017-04-03 12:42 ` Max Reitz
2017-04-03 13:04 ` Daniel P. Berrange
2017-04-03 13:06 ` Jeff Cody
2017-04-03 13:06 ` Max Reitz
2017-04-11 13:11 ` Markus Armbruster
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 10/11] Revert "rbd: add support for getting password from QCryptoSecret object" Markus Armbruster
2017-03-27 17:15 ` Eric Blake
2017-03-27 18:36 ` Markus Armbruster [this message]
2017-03-27 13:26 ` [Qemu-devel] [PATCH RFC v3 for-2.9 11/11] rbd: Fix bugs around -drive parameter "server" Markus Armbruster
2017-03-27 17:25 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87d1d2efd6.fsf@dusky.pond.sub.org \
--to=armbru@redhat.com \
--cc=eblake@redhat.com \
--cc=jcody@redhat.com \
--cc=jdurgin@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.