From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Max Reitz <mreitz@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>,
qemu-devel@nongnu.org, qemu-block@nongnu.org,
Kevin Wolf <kwolf@redhat.com>
Subject: Re: [Qemu-devel] [PATCH 1/2] qcow2: include LUKS payload overhead in qemu-img measure
Date: Mon, 21 Jan 2019 13:45:44 +0000 [thread overview]
Message-ID: <20190121134544.GC3683@redhat.com> (raw)
In-Reply-To: <5786786a-1389-81a3-2c9a-fbeca0be10a9@redhat.com>
On Mon, Jan 21, 2019 at 02:15:03PM +0100, Max Reitz wrote:
> On 21.01.19 14:08, Max Reitz wrote:
> > On 15.01.19 12:10, Stefan Hajnoczi wrote:
> >> LUKS encryption reserves clusters for its own payload data. The size of
> >> this area must be included in the qemu-img measure calculation so that
> >> we arrive at the correct minimum required image size.
> >>
> >> (Ab)use the qcrypto_block_create() API to determine the payload
> >> overhead. We discard the payload data that qcrypto thinks will be
> >> written to the image.
> >>
> >> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> >> ---
> >> block/qcow2.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++-
> >> 1 file changed, 50 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/block/qcow2.c b/block/qcow2.c
> >> index 4897abae5e..7ab93a5d2f 100644
> >> --- a/block/qcow2.c
> >> +++ b/block/qcow2.c
> >
> > [...]
> >
> >> @@ -4274,6 +4294,35 @@ static BlockMeasureInfo *qcow2_measure(QemuOpts *opts, BlockDriverState *in_bs,
> >> has_backing_file = !!optstr;
> >> g_free(optstr);
> >>
> >> + optstr = qemu_opt_get_del(opts, BLOCK_OPT_ENCRYPT_FORMAT);
> >> + has_luks = optstr && strcmp(optstr, "luks") == 0;
> >> + g_free(optstr);
> >> +
> >> + if (has_luks) {
> >> + QCryptoBlockCreateOptions cryptoopts = {
> >> + .format = Q_CRYPTO_BLOCK_FORMAT_LUKS,
> >> + };
> >> + QCryptoBlock *crypto;
> >> + size_t headerlen;
> >> +
> >> + optstr = qemu_opt_get_del(opts, "encrypt.key-secret");
> >> + cryptoopts.u.luks.has_key_secret = !!optstr;
> >> + cryptoopts.u.luks.key_secret = optstr;
> >
> > I wonder if you couldn't just make some secret up here (if the user
> > doesn't specify anything). Its content shouldn't matter, right?
>
> And now I wonder whether other options may not have actual influence on
> the crypto header size. I suppose in theory the cipher algorithm may
> cause a difference, although it's probably not enough to warrant another
> cluster...
The LUKS header comprises three parts
- A field size initial header with general config properties
- A series of fixed size key slot headers, one per slot, fixed
at 8 slots in the code
- A series of regions of key material, one per slot.
The last one is a problem - the size of the key slot regions is
the number of anti-forensic stripes (4096) multipled by the size
of the master key. The latter depends on the size of the cipher
key. This is referred to as "splitkeylen" in the code creating
this. The overall space reserved for headers is then determined
by:
luks->header.payload_offset =
(QCRYPTO_BLOCK_LUKS_KEY_SLOT_OFFSET /
QCRYPTO_BLOCK_LUKS_SECTOR_SIZE) +
(ROUND_UP(DIV_ROUND_UP(splitkeylen, QCRYPTO_BLOCK_LUKS_SECTOR_SIZE),
(QCRYPTO_BLOCK_LUKS_KEY_SLOT_OFFSET /
QCRYPTO_BLOCK_LUKS_SECTOR_SIZE)) *
QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS);
So for AES-128 key materials takes 0.5 MB, while for AES-256 key material
takes 1 MB, so adding together you get 1052672 byte for header in AES-128
and 2068480 bytes for AES-256, rounded up to qcow2 cluster size (whatever
that is configured to be)
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2019-01-21 13:46 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-15 11:10 [Qemu-devel] [PATCH 0/2] qcow2: include LUKS payload overhead in qemu-img measure Stefan Hajnoczi
2019-01-15 11:10 ` [Qemu-devel] [PATCH 1/2] " Stefan Hajnoczi
2019-01-21 13:08 ` Max Reitz
2019-01-21 13:15 ` Max Reitz
2019-01-21 13:29 ` Max Reitz
2019-01-21 13:45 ` Daniel P. Berrangé [this message]
2019-01-21 14:46 ` Stefan Hajnoczi
2019-01-15 11:10 ` [Qemu-devel] [PATCH 2/2] iotests: add LUKS payload overhead to 178 qemu-img measure test Stefan Hajnoczi
2019-01-21 13:13 ` Max Reitz
2019-01-15 11:49 ` [Qemu-devel] [PATCH 0/2] qcow2: include LUKS payload overhead in qemu-img measure Philippe Mathieu-Daudé
2019-01-21 1:51 ` no-reply
2019-01-21 10:35 ` [Qemu-devel] [Qemu-block] " Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190121134544.GC3683@redhat.com \
--to=berrange@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).