提交 4d2855a3 编写于 作者: M Markus Armbruster 提交者: Max Reitz

block: New bdrv_add_key(), convert monitor to use it

Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
Reviewed-by: NEric Blake <eblake@redhat.com>
Message-id: 1422524221-8566-4-git-send-email-armbru@redhat.com
Reviewed-by: NMax Reitz <mreitz@redhat.com>
Signed-off-by: NMax Reitz <mreitz@redhat.com>
上级 2e3a0266
...@@ -3713,6 +3713,35 @@ int bdrv_set_key(BlockDriverState *bs, const char *key) ...@@ -3713,6 +3713,35 @@ int bdrv_set_key(BlockDriverState *bs, const char *key)
return ret; return ret;
} }
/*
* Provide an encryption key for @bs.
* If @key is non-null:
* If @bs is not encrypted, fail.
* Else if the key is invalid, fail.
* Else set @bs's key to @key, replacing the existing key, if any.
* If @key is null:
* If @bs is encrypted and still lacks a key, fail.
* Else do nothing.
* On failure, store an error object through @errp if non-null.
*/
void bdrv_add_key(BlockDriverState *bs, const char *key, Error **errp)
{
if (key) {
if (!bdrv_is_encrypted(bs)) {
error_set(errp, QERR_DEVICE_NOT_ENCRYPTED,
bdrv_get_device_name(bs));
} else if (bdrv_set_key(bs, key) < 0) {
error_set(errp, QERR_INVALID_PASSWORD);
}
} else {
if (bdrv_key_required(bs)) {
error_set(errp, QERR_DEVICE_ENCRYPTED,
bdrv_get_device_name(bs),
bdrv_get_encrypted_filename(bs));
}
}
}
const char *bdrv_get_format_name(BlockDriverState *bs) const char *bdrv_get_format_name(BlockDriverState *bs)
{ {
return bs->drv ? bs->drv->format_name : NULL; return bs->drv ? bs->drv->format_name : NULL;
......
...@@ -1793,7 +1793,6 @@ void qmp_block_passwd(bool has_device, const char *device, ...@@ -1793,7 +1793,6 @@ void qmp_block_passwd(bool has_device, const char *device,
Error *local_err = NULL; Error *local_err = NULL;
BlockDriverState *bs; BlockDriverState *bs;
AioContext *aio_context; AioContext *aio_context;
int err;
bs = bdrv_lookup_bs(has_device ? device : NULL, bs = bdrv_lookup_bs(has_device ? device : NULL,
has_node_name ? node_name : NULL, has_node_name ? node_name : NULL,
...@@ -1806,16 +1805,8 @@ void qmp_block_passwd(bool has_device, const char *device, ...@@ -1806,16 +1805,8 @@ void qmp_block_passwd(bool has_device, const char *device,
aio_context = bdrv_get_aio_context(bs); aio_context = bdrv_get_aio_context(bs);
aio_context_acquire(aio_context); aio_context_acquire(aio_context);
err = bdrv_set_key(bs, password); bdrv_add_key(bs, password, errp);
if (err == -EINVAL) {
error_set(errp, QERR_DEVICE_NOT_ENCRYPTED, bdrv_get_device_name(bs));
goto out;
} else if (err < 0) {
error_set(errp, QERR_INVALID_PASSWORD);
goto out;
}
out:
aio_context_release(aio_context); aio_context_release(aio_context);
} }
...@@ -1833,18 +1824,7 @@ static void qmp_bdrv_open_encrypted(BlockDriverState *bs, const char *filename, ...@@ -1833,18 +1824,7 @@ static void qmp_bdrv_open_encrypted(BlockDriverState *bs, const char *filename,
return; return;
} }
if (bdrv_key_required(bs)) { bdrv_add_key(bs, password, errp);
if (password) {
if (bdrv_set_key(bs, password) < 0) {
error_set(errp, QERR_INVALID_PASSWORD);
}
} else {
error_set(errp, QERR_DEVICE_ENCRYPTED, bdrv_get_device_name(bs),
bdrv_get_encrypted_filename(bs));
}
} else if (password) {
error_set(errp, QERR_DEVICE_NOT_ENCRYPTED, bdrv_get_device_name(bs));
}
} }
void qmp_change_blockdev(const char *device, const char *filename, void qmp_change_blockdev(const char *device, const char *filename,
......
...@@ -381,6 +381,7 @@ BlockDriverState *bdrv_next(BlockDriverState *bs); ...@@ -381,6 +381,7 @@ BlockDriverState *bdrv_next(BlockDriverState *bs);
int bdrv_is_encrypted(BlockDriverState *bs); int bdrv_is_encrypted(BlockDriverState *bs);
int bdrv_key_required(BlockDriverState *bs); int bdrv_key_required(BlockDriverState *bs);
int bdrv_set_key(BlockDriverState *bs, const char *key); int bdrv_set_key(BlockDriverState *bs, const char *key);
void bdrv_add_key(BlockDriverState *bs, const char *key, Error **errp);
int bdrv_query_missing_keys(void); int bdrv_query_missing_keys(void);
void bdrv_iterate_format(void (*it)(void *opaque, const char *name), void bdrv_iterate_format(void (*it)(void *opaque, const char *name),
void *opaque); void *opaque);
......
...@@ -5368,9 +5368,12 @@ static void bdrv_password_cb(void *opaque, const char *password, ...@@ -5368,9 +5368,12 @@ static void bdrv_password_cb(void *opaque, const char *password,
Monitor *mon = opaque; Monitor *mon = opaque;
BlockDriverState *bs = readline_opaque; BlockDriverState *bs = readline_opaque;
int ret = 0; int ret = 0;
Error *local_err = NULL;
if (bdrv_set_key(bs, password) != 0) { bdrv_add_key(bs, password, &local_err);
monitor_printf(mon, "invalid password\n"); if (local_err) {
monitor_printf(mon, "%s\n", error_get_pretty(local_err));
error_free(local_err);
ret = -EPERM; ret = -EPERM;
} }
if (mon->password_completion_cb) if (mon->password_completion_cb)
...@@ -5388,17 +5391,20 @@ int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs, ...@@ -5388,17 +5391,20 @@ int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
BlockCompletionFunc *completion_cb, BlockCompletionFunc *completion_cb,
void *opaque) void *opaque)
{ {
Error *local_err = NULL;
int err; int err;
if (!bdrv_key_required(bs)) { bdrv_add_key(bs, NULL, &local_err);
if (!local_err) {
if (completion_cb) if (completion_cb)
completion_cb(opaque, 0); completion_cb(opaque, 0);
return 0; return 0;
} }
/* Need a key for @bs */
if (monitor_ctrl_mode(mon)) { if (monitor_ctrl_mode(mon)) {
qerror_report(QERR_DEVICE_ENCRYPTED, bdrv_get_device_name(bs), qerror_report_err(local_err);
bdrv_get_encrypted_filename(bs));
return -1; return -1;
} }
......
...@@ -154,6 +154,7 @@ SpiceInfo *qmp_query_spice(Error **errp) ...@@ -154,6 +154,7 @@ SpiceInfo *qmp_query_spice(Error **errp)
void qmp_cont(Error **errp) void qmp_cont(Error **errp)
{ {
Error *local_err = NULL;
BlockDriverState *bs; BlockDriverState *bs;
if (runstate_needs_reset()) { if (runstate_needs_reset()) {
...@@ -167,10 +168,9 @@ void qmp_cont(Error **errp) ...@@ -167,10 +168,9 @@ void qmp_cont(Error **errp)
bdrv_iostatus_reset(bs); bdrv_iostatus_reset(bs);
} }
for (bs = bdrv_next(NULL); bs; bs = bdrv_next(bs)) { for (bs = bdrv_next(NULL); bs; bs = bdrv_next(bs)) {
if (bdrv_key_required(bs)) { bdrv_add_key(bs, NULL, &local_err);
error_set(errp, QERR_DEVICE_ENCRYPTED, if (local_err) {
bdrv_get_device_name(bs), error_propagate(errp, local_err);
bdrv_get_encrypted_filename(bs));
return; return;
} }
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册