For ssh disks that are served by nbdkit, lookup the password from the configured secret and securely pass it to the nbdkit process using fd passing. Signed-off-by: Jonathon Jongsma <jjongsma@xxxxxxxxxx> --- src/qemu/qemu_nbdkit.c | 87 ++++++++++--------- .../disk-network-ssh-password.args.disk0 | 8 ++ ...k-network-ssh-password.args.disk0.pipe.778 | 1 + .../disk-network-ssh.args.disk1 | 8 ++ .../disk-network-ssh.args.disk1.pipe.778 | 1 + tests/qemunbdkittest.c | 1 + ...sk-network-ssh-password.x86_64-latest.args | 36 ++++++++ .../disk-network-ssh-password.xml | 34 ++++++++ tests/qemuxml2argvtest.c | 1 + 9 files changed, 138 insertions(+), 39 deletions(-) create mode 100644 tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 create mode 100644 tests/qemunbdkitdata/disk-network-ssh-password.args.disk0.pipe.778 create mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1 create mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1.pipe.778 create mode 100644 tests/qemuxml2argvdata/disk-network-ssh-password.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/disk-network-ssh-password.xml diff --git a/src/qemu/qemu_nbdkit.c b/src/qemu/qemu_nbdkit.c index 98f8b70391..39afad106a 100644 --- a/src/qemu/qemu_nbdkit.c +++ b/src/qemu/qemu_nbdkit.c @@ -999,6 +999,46 @@ qemuNbdkitCommandPassDataByPipe(virCommand *cmd, } +static int +qemuNbdkitProcessBuildCommandAuth(virStorageAuthDef *authdef, + virCommand *cmd) +{ + g_autoptr(virConnect) conn = NULL; + g_autofree uint8_t *secret = NULL; + size_t secretlen = 0; + int secrettype; + + if (!authdef) + return 0; + + if ((secrettype = virSecretUsageTypeFromString(authdef->secrettype)) < 0) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("invalid secret type %s"), + authdef->secrettype); + return -1; + } + + conn = virGetConnectSecret(); + if (virSecretGetSecretString(conn, + &authdef->seclookupdef, + secrettype, + &secret, + &secretlen) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("failed to get auth secret for storage")); + return -1; + } + + virCommandAddArgPair(cmd, "user", authdef->username); + + if (qemuNbdkitCommandPassDataByPipe(cmd, "password", + &secret, secretlen) < 0) + return -1; + + return 0; +} + + static int qemuNbdkitProcessBuildCommandCurl(qemuNbdkitProcess *proc, virCommand *cmd) @@ -1020,37 +1060,8 @@ qemuNbdkitProcessBuildCommandCurl(qemuNbdkitProcess *proc, } virCommandAddArgPair(cmd, "url", uristring); - if (proc->source->auth) { - g_autoptr(virConnect) conn = virGetConnectSecret(); - g_autofree uint8_t *secret = NULL; - size_t secretlen = 0; - int secrettype; - virStorageAuthDef *authdef = proc->source->auth; - - virCommandAddArgPair(cmd, "user", - proc->source->auth->username); - - if ((secrettype = virSecretUsageTypeFromString(proc->source->auth->secrettype)) < 0) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("invalid secret type %s"), - proc->source->auth->secrettype); - return -1; - } - - if (virSecretGetSecretString(conn, - &authdef->seclookupdef, - secrettype, - &secret, - &secretlen) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("failed to get auth secret for storage")); - return -1; - } - - if (qemuNbdkitCommandPassDataByPipe(cmd, "password", - &secret, secretlen) < 0) - return -1; - } + if (proc->source->auth && qemuNbdkitProcessBuildCommandAuth(proc->source->auth, cmd) < 0) + return -1; /* Create a pipe to send the cookies to the nbdkit process. */ if (proc->source->ncookies) { @@ -1079,7 +1090,6 @@ static int qemuNbdkitProcessBuildCommandSSH(qemuNbdkitProcess *proc, virCommand *cmd) { - const char *user = NULL; virStorageNetHostDef *host = &proc->source->hosts[0]; g_autofree char *portstr = g_strdup_printf("%u", host->port); @@ -1090,13 +1100,12 @@ qemuNbdkitProcessBuildCommandSSH(qemuNbdkitProcess *proc, virCommandAddArgPair(cmd, "port", portstr); virCommandAddArgPair(cmd, "path", proc->source->path); - if (proc->source->auth) - user = proc->source->auth->username; - else if (proc->source->ssh_user) - user = proc->source->ssh_user; - - if (user) - virCommandAddArgPair(cmd, "user", user); + if (proc->source->auth) { + if (qemuNbdkitProcessBuildCommandAuth(proc->source->auth, cmd) < 0) + return -1; + } else if (proc->source->ssh_user) { + virCommandAddArgPair(cmd, "user", proc->source->ssh_user); + } if (proc->source->ssh_host_key_check_disabled) virCommandAddArgPair(cmd, "verify-remote-host", "false"); diff --git a/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 new file mode 100644 index 0000000000..30711f7f07 --- /dev/null +++ b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0 @@ -0,0 +1,8 @@ +nbdkit \ +--unix /tmp/statedir-0/nbdkit-test-disk-0.socket \ +--foreground ssh \ +host=example.org \ +port=2222 \ +path=test2.img \ +user=testuser \ +password=-777 diff --git a/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0.pipe.778 b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0.pipe.778 new file mode 100644 index 0000000000..ccdd4033fc --- /dev/null +++ b/tests/qemunbdkitdata/disk-network-ssh-password.args.disk0.pipe.778 @@ -0,0 +1 @@ +iscsi-mycluster_myname-secret \ No newline at end of file diff --git a/tests/qemunbdkitdata/disk-network-ssh.args.disk1 b/tests/qemunbdkitdata/disk-network-ssh.args.disk1 new file mode 100644 index 0000000000..9a8a16c8d5 --- /dev/null +++ b/tests/qemunbdkitdata/disk-network-ssh.args.disk1 @@ -0,0 +1,8 @@ +nbdkit \ +--unix /tmp/statedir-1/nbdkit-test-disk-1.socket \ +--foreground ssh \ +host=example.org \ +port=2222 \ +path=test2.img \ +user=testuser \ +password=-777 diff --git a/tests/qemunbdkitdata/disk-network-ssh.args.disk1.pipe.778 b/tests/qemunbdkitdata/disk-network-ssh.args.disk1.pipe.778 new file mode 100644 index 0000000000..ccdd4033fc --- /dev/null +++ b/tests/qemunbdkitdata/disk-network-ssh.args.disk1.pipe.778 @@ -0,0 +1 @@ +iscsi-mycluster_myname-secret \ No newline at end of file diff --git a/tests/qemunbdkittest.c b/tests/qemunbdkittest.c index 5606e155eb..492077e56e 100644 --- a/tests/qemunbdkittest.c +++ b/tests/qemunbdkittest.c @@ -291,6 +291,7 @@ mymain(void) DO_TEST("disk-network-source-curl-nbdkit-backing", QEMU_NBDKIT_CAPS_PLUGIN_CURL); DO_TEST("disk-network-source-curl", QEMU_NBDKIT_CAPS_PLUGIN_CURL); DO_TEST("disk-network-ssh", QEMU_NBDKIT_CAPS_PLUGIN_SSH); + DO_TEST("disk-network-ssh-password", QEMU_NBDKIT_CAPS_PLUGIN_SSH); qemuTestDriverFree(&driver); diff --git a/tests/qemuxml2argvdata/disk-network-ssh-password.x86_64-latest.args b/tests/qemuxml2argvdata/disk-network-ssh-password.x86_64-latest.args new file mode 100644 index 0000000000..e22ba095b1 --- /dev/null +++ b/tests/qemuxml2argvdata/disk-network-ssh-password.x86_64-latest.args @@ -0,0 +1,36 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/tmp/lib/domain--1-QEMUGuest1 \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=QEMUGuest1,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-QEMUGuest1/master-key.aes"}' \ +-machine pc,usb=off,dump-guest-core=off,memory-backend=pc.ram \ +-accel kvm \ +-cpu qemu64 \ +-m 214 \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-no-acpi \ +-boot strict=on \ +-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ +-blockdev '{"driver":"nbd","server":{"type":"unix","path":"/tmp/lib/domain--1-QEMUGuest1/nbdkit-libvirt-1-storage.socket"},"node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}' \ +-blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw","file":"libvirt-1-storage"}' \ +-device '{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x2","drive":"libvirt-1-format","id":"virtio-disk0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxml2argvdata/disk-network-ssh-password.xml b/tests/qemuxml2argvdata/disk-network-ssh-password.xml new file mode 100644 index 0000000000..266acb761f --- /dev/null +++ b/tests/qemuxml2argvdata/disk-network-ssh-password.xml @@ -0,0 +1,34 @@ +<domain type='kvm'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219136</memory> + <currentMemory unit='KiB'>219136</currentMemory> + <vcpu placement='static'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <disk type='network' device='disk'> + <driver name='qemu' type='raw'/> + <source protocol='ssh' name='test2.img'> + <host name='example.org' port='2222'/> + <timeout seconds='1234'/> + <readahead size='1024'/> + <auth username='testuser'> + <secret type='iscsi' usage='mycluster_myname'/> + </auth> + </source> + <target dev='vda' bus='virtio'/> + </disk> + <controller type='usb' index='0'/> + <controller type='pci' index='0' model='pci-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 59f416ef72..6e610185b5 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1319,6 +1319,7 @@ mymain(void) DO_TEST_CAPS_LATEST_NBDKIT("disk-network-http-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL); DO_TEST_CAPS_LATEST("disk-network-ssh"); DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_SSH); + DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-password", QEMU_NBDKIT_CAPS_PLUGIN_SSH); driver.config->vxhsTLS = 0; VIR_FREE(driver.config->vxhsTLSx509certdir); DO_TEST_CAPS_LATEST("disk-no-boot"); -- 2.39.0