VirtualBox

Changeset 51899 in vbox for trunk/src/VBox/Devices/Storage


Ignore:
Timestamp:
Jul 7, 2014 10:34:49 AM (10 years ago)
Author:
vboxsync
Message:

Console,DrvVD: Make disk encryption completely configurable through medium properties

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/Devices/Storage/DrvVD.cpp

    r51754 r51899  
    189189    /** Cryptographic support
    190190     * @{ */
    191     /** Used algorithm, NULL means no encryption. */
    192     char                    *pszEncryptionAlgorithm;
    193     /** Stored key id, queried from the crypto filter. */
    194     char                    *pszKeyId;
     191    /** Pointer to the CFGM node containing the config of the crypto filter
     192     * if enable. */
     193    PCFGMNODE                pCfgCrypto;
    195194    /** Config interface for the encryption filter. */
    196195    VDINTERFACECONFIG        VDIfCfg;
     
    633632{
    634633    return CFGMR3QueryBytes((PCFGMNODE)pvUser, pszName, ppvData, cbData);
    635 }
    636 
    637 
    638 /*******************************************************************************
    639 *   VD Configuration interface implementation for the encryption support       *
    640 *******************************************************************************/
    641 
    642 static bool drvvdCfgEncAreKeysValid(void *pvUser, const char *pszValid)
    643 {
    644     return true;
    645 }
    646 
    647 static int drvvdCfgEncQuerySize(void *pvUser, const char *pszName, size_t *pcb)
    648 {
    649     PVBOXDISK pThis = (PVBOXDISK)pvUser;
    650     int rc = VINF_SUCCESS;
    651 
    652     if (!strcmp(pszName, "Algorithm"))
    653         *pcb = strlen(pThis->pszEncryptionAlgorithm) + 1;
    654     else if (!strcmp(pszName, "KeyId"))
    655         *pcb = strlen(pThis->pszKeyId) + 1;
    656     else
    657         rc = VERR_NOT_SUPPORTED;
    658 
    659     return rc;
    660 }
    661 
    662 static int drvvdCfgEncQuery(void *pvUser, const char *pszName, char *pszString, size_t cchString)
    663 {
    664     PVBOXDISK pThis = (PVBOXDISK)pvUser;
    665     int rc = VINF_SUCCESS;
    666 
    667     if (!strcmp(pszName, "Algorithm"))
    668         rc = RTStrCopy(pszString, cchString, pThis->pszEncryptionAlgorithm);
    669     else if (!strcmp(pszName, "KeyId"))
    670         rc = RTStrCopy(pszString, cchString, pThis->pszKeyId);
    671     else
    672         rc = VERR_NOT_SUPPORTED;
    673 
    674     return rc;
    675634}
    676635
     
    15911550    PVBOXDISK pThis = PDMIMEDIA_2_VBOXDISK(pInterface);
    15921551
    1593     if (   pThis->pszEncryptionAlgorithm
     1552    if (   pThis->pCfgCrypto
    15941553        && !pThis->pIfSecKey)
    15951554    {
     
    16511610          off, pvBuf, cbWrite, cbWrite, pvBuf));
    16521611
    1653     if (   pThis->pszEncryptionAlgorithm
     1612    if (   pThis->pCfgCrypto
    16541613        && !pThis->pIfSecKey)
    16551614    {
     
    17241683    int rc = VINF_SUCCESS;
    17251684
    1726     if (pThis->pszEncryptionAlgorithm)
     1685    if (pThis->pCfgCrypto)
    17271686    {
    17281687        PVDINTERFACE pVDIfFilter = NULL;
     
    17421701
    17431702            rc = VDInterfaceAdd(&pThis->VDIfCfg.Core, "DrvVD_Config", VDINTERFACETYPE_CONFIG,
    1744                                 pThis, sizeof(VDINTERFACECONFIG), &pVDIfFilter);
     1703                                pThis->pCfgCrypto, sizeof(VDINTERFACECONFIG), &pVDIfFilter);
    17451704            AssertRC(rc);
    17461705   
     
    19231882    PVBOXDISK pThis = PDMIMEDIAASYNC_2_VBOXDISK(pInterface);
    19241883
    1925     if (   pThis->pszEncryptionAlgorithm
     1884    if (   pThis->pCfgCrypto
    19261885        && !pThis->pIfSecKey)
    19271886    {
     
    19611920    PVBOXDISK pThis = PDMIMEDIAASYNC_2_VBOXDISK(pInterface);
    19621921
    1963     if (   pThis->pszEncryptionAlgorithm
     1922    if (   pThis->pCfgCrypto
    19641923        && !pThis->pIfSecKey)
    19651924    {
     
    20542013    PVBOXDISK pThis = PDMINS_2_DATA(pDrvIns, PVBOXDISK);
    20552014
    2056     Assert (!pThis->pszEncryptionAlgorithm);
     2015    Assert (!pThis->pCfgCrypto);
    20572016
    20582017    switch (enmXferDir)
     
    23732332        pThis->pszBwGroup = NULL;
    23742333    }
    2375     if (pThis->pszEncryptionAlgorithm)
    2376     {
    2377         MMR3HeapFree(pThis->pszEncryptionAlgorithm);
    2378         pThis->pszEncryptionAlgorithm = NULL;
    2379     }
    2380     if (pThis->pszKeyId)
    2381     {
    2382         MMR3HeapFree(pThis->pszKeyId);
    2383         pThis->pszKeyId = NULL;
    2384     }
    23852334}
    23862335
     
    24182367    pThis->uMergeSource                 = VD_LAST_IMAGE;
    24192368    pThis->uMergeTarget                 = VD_LAST_IMAGE;
    2420     pThis->pszEncryptionAlgorithm       = NULL;
     2369    pThis->pCfgCrypto                   = NULL;
    24212370    pThis->pIfSecKey                    = NULL;
    24222371
     
    28332782        /* Check VDConfig for encryption config. */
    28342783        if (pCfgVDConfig)
    2835         {
    2836             rc = CFGMR3QueryStringAlloc(pCfgVDConfig, "EncryptionAlgorithm", &pThis->pszEncryptionAlgorithm);
    2837             if (RT_FAILURE(rc) && rc != VERR_CFGM_VALUE_NOT_FOUND)
    2838             {
    2839                 rc = PDMDRV_SET_ERROR(pDrvIns, rc,
    2840                                       N_("DrvVD: Configuration error: Querying \"EncryptionAlgorithm\" as string failed"));
    2841                 break;
    2842             }
    2843             else
    2844                 rc = VINF_SUCCESS;
    2845         }
    2846 
    2847         if (pThis->pszEncryptionAlgorithm)
    2848         {
    2849             rc = CFGMR3QueryStringAlloc(pCfgVDConfig, "KeyId", &pThis->pszKeyId);
    2850             if (RT_FAILURE(rc))
    2851             {
    2852                 rc = PDMDRV_SET_ERROR(pDrvIns, rc,
    2853                                       N_("DrvVD: Configuration error: Querying \"KeyId\" as string failed"));
    2854                 break;
    2855             }
    2856 
     2784            pThis->pCfgCrypto = CFGMR3GetChild(pCfgVDConfig, "CRYPT");
     2785
     2786        if (pThis->pCfgCrypto)
     2787        {
    28572788            /* Setup VDConfig interface for disk encryption support. */
    2858             pThis->VDIfCfg.pfnAreKeysValid  = drvvdCfgEncAreKeysValid;
    2859             pThis->VDIfCfg.pfnQuerySize     = drvvdCfgEncQuerySize;
    2860             pThis->VDIfCfg.pfnQuery         = drvvdCfgEncQuery;
     2789            pThis->VDIfCfg.pfnAreKeysValid  = drvvdCfgAreKeysValid;
     2790            pThis->VDIfCfg.pfnQuerySize     = drvvdCfgQuerySize;
     2791            pThis->VDIfCfg.pfnQuery         = drvvdCfgQuery;
    28612792            pThis->VDIfCfg.pfnQueryBytes    = NULL;
    28622793
     
    31023033        && !pThis->fShareable
    31033034        && !fDiscard
    3104         && !pThis->pszEncryptionAlgorithm /* Disk encryption disables the block cache for security reasons */
     3035        && !pThis->pCfgCrypto /* Disk encryption disables the block cache for security reasons */
    31053036        && RT_SUCCESS(rc))
    31063037    {
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette