qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 1/1] block_crypto_co_create_generic: clean up cr


From: Daniel P . Berrangé
Subject: Re: [Qemu-devel] [PATCH 1/1] block_crypto_co_create_generic: clean up created file on failure
Date: Wed, 20 Mar 2019 09:52:17 +0000
User-agent: Mutt/1.11.3 (2019-02-01)

On Tue, Mar 19, 2019 at 07:03:30PM -0300, Daniel Henrique Barboza wrote:
> When using a non-UTF8 secret to create a volume using qemu-img, the
> following error happens:
> 
> $ qemu-img create -f luks --object 
> secret,id=vol_1_encrypt0,file=vol_resize_pool.vol_1.secret.qzVQrI -o 
> key-secret=vol_1_encrypt0 /var/tmp/pool_target/vol_1 10240K
> 
> Formatting '/var/tmp/pool_target/vol_1', fmt=luks size=10485760 
> key-secret=vol_1_encrypt0
> qemu-img: /var/tmp/pool_target/vol_1: Data from secret vol_1_encrypt0 is not 
> valid UTF-8
> 
> However, the created file /var/tmp/pool_target/vol_1 is left behind in the
> file system after the failure. This behavior can be observed when creating
> the volume using Libvirt, via 'virsh vol-create', and then getting "volume
> target path already exist" errors when trying to re-create the volume.
> 
> The volume file is created inside block_crypto_co_create_opts_luks, in
> block/crypto.c. If the bdrv_create_file() call is successful but any
> succeeding step fails*, the existing 'fail' label does not take into
> account the created file, leaving it behind.
> 
> This patch fixes it by adding a flag to indicate whether bdrv_create_file()
> created the file, and then unlinking it in the 'fail' label if
> necessary.
> 
> * in our case, block_crypto_co_create_generic calls qcrypto_block_create,
> which calls qcrypto_block_luks_create, and this function fails when
> calling qcrypto_secret_lookup_as_utf8.
> 
> Reported-by: Srikanth Aithal <address@hidden>
> Signed-off-by: Daniel Henrique Barboza <address@hidden>
> ---
>  block/crypto.c | 9 +++++++++
>  1 file changed, 9 insertions(+)
> 
> diff --git a/block/crypto.c b/block/crypto.c
> index fd8c7cfac6..5b43424845 100644
> --- a/block/crypto.c
> +++ b/block/crypto.c
> @@ -533,6 +533,7 @@ static int coroutine_fn 
> block_crypto_co_create_opts_luks(const char *filename,
>      BlockDriverState *bs = NULL;
>      QDict *cryptoopts;
>      int64_t size;
> +    bool filecreated = false;
>      int ret;
>  
>      /* Parse options */
> @@ -554,6 +555,7 @@ static int coroutine_fn 
> block_crypto_co_create_opts_luks(const char *filename,
>      if (ret < 0) {
>          goto fail;
>      }
> +    filecreated = true;
>  
>      bs = bdrv_open(filename, NULL, NULL,
>                     BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, errp);
> @@ -569,7 +571,14 @@ static int coroutine_fn 
> block_crypto_co_create_opts_luks(const char *filename,
>      }
>  
>      ret = 0;
> +    goto cleanup;
> +
>  fail:
> +    if (filecreated) {
> +        unlink(filename);

You can't do this I'm afraid.

"filename" cannot be assumed to be a local file - it can be an arbitrary
block device backend string.

Contrary to what you might expect, given the call to bdrv_create_file,
we can't actually assume this method created the file either. The above
bdrv_create_file method may have merely formatted a pre-existing volume.

To fix this requires a "bdrv_delete" callback in the BlockDriver code,
and the actual deletion would need to be done in the "qemu-img create"
code.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|



reply via email to

[Prev in Thread] Current Thread [Next in Thread]