On 10/06/2017 08:13 PM, John Ferlan wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1490279 > > Turns out the virStorageBackendVolResizeLocal did not differentiate > whether the target volume was a LUKS volume or not and just blindly > did the ftruncate() on the target volume. > > Follow the volume creation logic (in general) and create a qemu-img > resize command to resize the target volume for LUKS ensuring that > the --object secret is provided as well as the '--image-opts' used > by the qemu-img resize logic to describe the path and secret ensuring > that it's using the luks driver on the volume of course. > > Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> > --- > src/storage/storage_util.c | 98 ++++++++++++++++++++++++++++++++++++++++++---- > 1 file changed, 90 insertions(+), 8 deletions(-) > > diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c > index e6d2747e8d..e485fa5a95 100644 > --- a/src/storage/storage_util.c > +++ b/src/storage/storage_util.c > @@ -1143,6 +1143,37 @@ storageBackendCreateQemuImgSecretObject(virCommandPtr cmd, > } > > > +/* Add a --image-opts to the qemu-img resize command line: > + * --image-opts driver=luks,file.filename=$volpath,key-secret=$secretAlias > + * > + * NB: format=raw is assumed > + */ > +static int > +storageBackendResizeQemuImgImageOpts(virCommandPtr cmd, > + const char *path, > + const char *secretAlias) > +{ > + virBuffer buf = VIR_BUFFER_INITIALIZER; > + char *commandStr = NULL; > + > + virBufferAsprintf(&buf, "driver=luks,key-secret=%s,file.filename=", > + secretAlias); > + virQEMUBuildBufferEscapeComma(&buf, path); > + > + if (virBufferCheckError(&buf) < 0) { > + virBufferFreeAndReset(&buf); > + return -1; > + } > + > + commandStr = virBufferContentAndReset(&buf); > + > + virCommandAddArgList(cmd, "--image-opts", commandStr, NULL); > + > + VIR_FREE(commandStr); > + return 0; > +} > + > + > /* Create a qemu-img virCommand from the supplied binary path, > * volume definitions and imgformat > */ > @@ -2286,12 +2317,17 @@ virStorageBackendVolRefreshLocal(virConnectPtr conn, > > > static int > -storageBackendResizeQemuImg(virStorageVolDefPtr vol, > +storageBackendResizeQemuImg(virConnectPtr conn, > + virStoragePoolObjPtr pool, > + virStorageVolDefPtr vol, > unsigned long long capacity) > { > int ret = -1; > - char *img_tool; > + char *img_tool = NULL; > virCommandPtr cmd = NULL; > + const char *type; > + char *secretPath = NULL; > + char *secretAlias = NULL; > > img_tool = virFindFileInPath("qemu-img"); > if (!img_tool) { > @@ -2300,19 +2336,56 @@ storageBackendResizeQemuImg(virStorageVolDefPtr vol, > return -1; > } > > + if (vol->target.encryption) { > + if (vol->target.format == VIR_STORAGE_FILE_RAW) > + type = "luks"; > + else > + type = virStorageFileFormatTypeToString(vol->target.format); > + > + storageBackendLoadDefaultSecrets(conn, vol); > + > + if (storageBackendCreateQemuImgCheckEncryption(vol->target.format, > + type, NULL, vol) < 0) > + goto cleanup; > + > + if (!(secretPath = > + storageBackendCreateQemuImgSecretPath(conn, pool, vol))) > + goto cleanup; > + > + if (virAsprintf(&secretAlias, "%s_luks0", vol->name) < 0) > + goto cleanup; > + } > + > /* Round capacity as qemu-img resize errors out on sizes which are not > * a multiple of 512 */ > capacity = VIR_ROUND_UP(capacity, 512); > > cmd = virCommandNew(img_tool); > - virCommandAddArgList(cmd, "resize", vol->target.path, NULL); > + if (!vol->target.encryption) { > + virCommandAddArgList(cmd, "resize", vol->target.path, NULL); > + } else { > + virCommandAddArgList(cmd, "resize", NULL); Or just virCommandAddArd(cmd, "resize"); > + > + if (storageBackendCreateQemuImgSecretObject(cmd, secretPath, > + secretAlias) < 0) > + goto cleanup; > + > + if (storageBackendResizeQemuImgImageOpts(cmd, vol->target.path, > + secretAlias) < 0) > + goto cleanup; > + } Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
