Re: [PATCH v2 0/5] qemu: Forbid old qcow/qcow2 encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, May 30, 2018 at 16:14:31 -0400, John Ferlan wrote:
> 
> 
> On 05/23/2018 10:13 AM, Peter Krempa wrote:
> > The old qcow/qcow2 encryption format is so broken that qemu decided to
> > drop it completely. This series forbids the use of such images even with
> > qemus prior to this and removes all the cruft necessary to support it.
> > 
> > v2:
> >  - fixed check to include the qcow format too
> >  - reworded the error message slightly
> >  - split second patch into two with proper justification for the
> >    user-alias test since checking LUKS there actually makes sense
> > 
> > Peter Krempa (5):
> >   tests: qemuxml2argv: Drop disk encryption from 'interface-server' test
> >   tests: qemuxml2argv: Verify that disk secret alias is correct with
> >     user-aliases
> >   tests: qemublock: Switch to qcow2+luks in test files
> >   qemu: domain: Forbid storage with old QCOW2 encryption
> >   qemu: Remove code for setting up disk passphrases
> > 
> 
> Why not remove it from storage as well? It's not like anything could or
> would want to use whatever the storage driver created. There's always
> the fall back to indicate to use qemu-img for the die hards.

If we've ever supported the use case of converting a qcow2 encrypted
volume even into a unencrypted volume, we should keep that for allowing
migration from those volumes.

Attachment: signature.asc
Description: PGP signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux