Bug 1336659
Summary: | Core dump when re-launch guest with encrypted block device | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | yduan |
Component: | qemu-kvm-rhev | Assignee: | Markus Armbruster <armbru> |
Status: | CLOSED ERRATA | QA Contact: | FuXiangChun <xfu> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 7.3 | CC: | chayang, hreitz, juzhang, knoel, mrezanin, virt-maint, xfu |
Target Milestone: | rc | Keywords: | Regression |
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | qemu-kvm-rhev-2.6.0-17.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-11-07 21:09:40 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
yduan
2016-05-17 07:22:49 UTC
qcow2 encryption has been broken upstream (accidentally) as of qemu 2.4.0 (with exactly the failure seen here). After noticing this, upstream commit 8c0dcbc4ad2bf4f9f3b27c637b357e87cad70ec7 simply disabled qcow2 encryption support. Simply backporting that commit (and thus officially and completely disabling support) seems like the correct resolution to me. Max Fix included in qemu-kvm-rhev-2.6.0-17.el7 Reproduced with qemu-kvm-rhev-2.6.0-12.el7 Steps: 1. create an encrypted qcow2 image 2. boot guest with it attached and set password 3. after guest boot, format it and write data onto it 4. shutdown then restart Result: qemu-kvm core dumped: qemu-kvm: block/qcow2.c:1467: qcow2_co_readv: Assertion `s->cipher' failed. Program received signal SIGABRT, Aborted. (gdb) bt #0 0x00007fffec5031d7 in raise () from /lib64/libc.so.6 #1 0x00007fffec5048c8 in abort () from /lib64/libc.so.6 #2 0x00007fffec4fc146 in __assert_fail_base () from /lib64/libc.so.6 #3 0x00007fffec4fc1f2 in __assert_fail () from /lib64/libc.so.6 #4 0x000055555591768e in qcow2_co_readv (bs=0x555556c56800, sector_num=0, remaining_sectors=1, qiov=0x7fffffffd380) at block/qcow2.c:1467 #5 0x000055555593d02d in bdrv_aligned_preadv (bs=bs@entry=0x555556c56800, req=req@entry=0x555559d7bf00, offset=offset@entry=0, bytes=bytes@entry=512, align=align@entry=512, qiov=0x7fffffffd380, flags=flags@entry=0) at block/io.c:938 #6 0x000055555593d3e5 in bdrv_co_do_preadv (bs=0x555556c56800, offset=0, bytes=512, qiov=<optimized out>, flags=(unknown: 0)) at block/io.c:1030 #7 0x0000555555931206 in blk_co_preadv (blk=<optimized out>, offset=<optimized out>, bytes=<optimized out>, qiov=<optimized out>, flags=<optimized out>) at block/block-backend.c:695 #8 0x000055555593124c in blk_read_entry (opaque=0x7fffffffd3a0) at block/block-backend.c:728 #9 0x000055555599fd0a in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) at util/coroutine-ucontext.c:78 -- Verified pass with qemu-kvm-rhev-2.6.0-24.el7. qemu-kvm instance refused to start on error: qemu-kvm: -drive file=foo.qcow2,format=qcow2,if=none,id=drive-scsi0-1-0,cache=none,aio=native: Use of AES-CBC encrypted qcow2 images is no longer supported in system emulators You can use 'qemu-img convert' to convert your image to an alternative supported format, such as unencrypted qcow2, or raw with the LUKS format instead. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2673.html |