Hide Forgot
Description of problem: Create a 'qcow' format volume with encryption, then refresh the pool, the new created encryption element in volume XML will gone. BTW, for 'qocw2' format, there's no problem. Version-Release number of selected component (if applicable): libvirt-1.2.8-15.el7.x86_64 How reproducible: 100% Steps to Reproduce: 1.# virsh vol-create default /tmp/encrypt_vol.xml Vol vol2 created from /tmp/encrypt_vol.xml # cat /tmp/encrypt_vol.xml <volume> <name>vol2</name> <target> <format type="qcow" /> <encryption format="default" /> </target> <capacity>1048576</capacity> <allocation>1048576</allocation> </volume> # virsh vol-dumpxml vol2 default <volume type='file'> <name>vol2</name> <key>/var/lib/libvirt/images/vol2</key> <source> </source> <capacity unit='bytes'>1048576</capacity> <allocation unit='bytes'>4096</allocation> <target> <path>/var/lib/libvirt/images/vol2</path> <format type='qcow'/> <permissions> <mode>0600</mode> <owner>0</owner> <group>0</group> <label>system_u:object_r:virt_image_t:s0</label> </permissions> <timestamps> <atime>1421913782.961073448</atime> <mtime>1421913782.961073448</mtime> <ctime>1421913782.990073353</ctime> </timestamps> <encryption format='qcow'> <secret type='passphrase' uuid='c8959746-c442-48b5-8b8c-0d394d5f7f1c'/> </encryption> </target> </volume> # virsh pool-refresh default Pool default refreshed # virsh vol-dumpxml vol2 default <volume type='file'> <name>vol2</name> <key>/var/lib/libvirt/images/vol2</key> <source> </source> <capacity unit='bytes'>1048576</capacity> <allocation unit='bytes'>4096</allocation> <target> <path>/var/lib/libvirt/images/vol2</path> <format type='qcow'/> <permissions> <mode>0600</mode> <owner>0</owner> <group>0</group> <label>system_u:object_r:virt_image_t:s0</label> </permissions> <timestamps> <atime>1421913793.043040089</atime> <mtime>1421913782.961073448</mtime> <ctime>1421913782.990073353</ctime> </timestamps> </target> </volume> 2. 3. Actual results: The <encryption> element part disappeared after refresh pool Expected results: The <encryption> element part still exist after refresh pool Additional info:
Upstream patch: https://www.redhat.com/archives/libvir-list/2015-January/msg00912.html
Fixed upstream by: commit 495accb047fe85dd17f181c2a19b34fd84ed89f5 Author: Ján Tomko <jtomko> AuthorDate: 2015-01-23 13:29:48 +0100 Commit: Ján Tomko <jtomko> CommitDate: 2015-01-26 16:13:02 +0100 Use correct location for qcow1 encryption header After the 8-byte size header, there are two one-byte headers and two bytes of padding before the crypt_header field. Our QCOW1_HDR_CRYPT constant did not skip the padding. http://git.qemu.org/?p=qemu.git;a=blob;f=block/qcow.c;h=ece22697#l41 https://bugzilla.redhat.com/show_bug.cgi?id=1185165 git describe: v1.2.12-rc2-3-g495accb
Verified on libvirt-1.2.14-1.el7.x86_64 # cat encrypt_vol.xml <volume> <name>BZ1185165</name> <target> <format type="qcow" /> <encryption format="default" /> </target> <capacity>1048576</capacity> <allocation>1048576</allocation> </volume> # virsh vol-create default encrypt_vol.xml Vol BZ1185165 created from encrypt_vol.xml # virsh vol-dumpxml BZ1185165 default <volume type='file'> <name>BZ1185165</name> <key>/var/lib/libvirt/images/BZ1185165</key> <source> </source> <capacity unit='bytes'>1048576</capacity> <allocation unit='bytes'>4096</allocation> <target> <path>/var/lib/libvirt/images/BZ1185165</path> <format type='qcow'/> <permissions> <mode>0600</mode> <owner>0</owner> <group>0</group> <label>system_u:object_r:virt_image_t:s0</label> </permissions> <timestamps> <atime>1430287892.598787017</atime> <mtime>1430287892.580787005</mtime> <ctime>1430287892.597787016</ctime> </timestamps> <encryption format='qcow'> <secret type='passphrase' uuid='3038ed40-163d-44c4-beb4-516514bea20a'/> </encryption> </target> </volume> # virsh pool-refresh default Pool default refreshed # virsh vol-dumpxml BZ1185165 default <volume type='file'> <name>BZ1185165</name> <key>/var/lib/libvirt/images/BZ1185165</key> <source> </source> <capacity unit='bytes'>1048576</capacity> <allocation unit='bytes'>4096</allocation> <target> <path>/var/lib/libvirt/images/BZ1185165</path> <format type='qcow'/> <permissions> <mode>0600</mode> <owner>0</owner> <group>0</group> <label>system_u:object_r:virt_image_t:s0</label> </permissions> <timestamps> <atime>1430287892.598787017</atime> <mtime>1430287892.580787005</mtime> <ctime>1430287892.597787016</ctime> </timestamps> <encryption format='qcow'> <secret type='passphrase' uuid='3038ed40-163d-44c4-beb4-516514bea20a'/> </encryption> </target> </volume>
Set it to verified status according to comment #4
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-2202.html