Fix vhd crypt support:

- use full path to cryptsetup
- actually use the crypt dev after setting it up
- use the specified key-file name instead of the empty string

diff --git a/xenvm/vmact.ml b/xenvm/vmact.ml
index 7331156d7e59315db9aef0074a7b8d03d56106d2..8ca4e21bc466b5508f866bb019360cefb7c75d11 100644 (file)
--- a/xenvm/vmact.ml
+++ b/xenvm/vmact.ml
@@ -109,7 +109,7 @@ let cryptsetup_create name device cipher keysize keyfile =
                "--key-file"; keyfile
        ] in
        let _ =
-               try Forkhelpers.execute_command_get_output ~withpath:false "cryptsetup" opts
+               try Forkhelpers.execute_command_get_output ~withpath:true "/sbin/cryptsetup" opts
                with Forkhelpers.Spawn_internal_error (log, output, status) ->
                        let s = sprintf "output=%S status=%s" output (string_of_unix_process status) in
                        raise (Cryptsetup_failure ("create", name, s))
@@ -119,7 +119,7 @@ let cryptsetup_create name device cipher keysize keyfile =
 let cryptsetup_remove name =
        let opts = [ "remove"; name ] in
        let _ =
-               try Forkhelpers.execute_command_get_output ~withpath:false "cryptsetup" opts
+               try Forkhelpers.execute_command_get_output ~withpath:true "/sbin/cryptsetup" opts
                with Forkhelpers.Spawn_internal_error (log, output, status) ->
                        let s = sprintf "output=%S status=%s" output (string_of_unix_process status) in
                        raise (Cryptsetup_failure ("remove", name, s))
@@ -138,7 +138,7 @@ let add_disk_to_vm ~xs state disk =
                                          dc.disk_crypt_key_file
                ) disk.disk_crypt in
                state.vm_tap2_disks <- (disk, tap2dev, cryptdev) :: state.vm_tap2_disks;
-               tap2dev, Device.Vbd.Phys
+               (default tap2dev (may (fun x -> "/dev/mapper/" ^ x) cryptdev)), Device.Vbd.Phys
        | _ ->
                disk.disk_physpath, disk.disk_physty
                in

diff --git a/xenvm/vmconfig.ml b/xenvm/vmconfig.ml
index af905e845eb402853b37fa59693c1aed70bb6f24..f04188c12dc31b5c2cc63ea561881fff630f8ade 100644 (file)
--- a/xenvm/vmconfig.ml
+++ b/xenvm/vmconfig.ml
@@ -347,20 +347,13 @@ let config_disk_of_string s =
                | _ ->
                        failwith "need at least 5 arguments for disk"
                in
-       let crypt_cipher, crypt_key_size, crypt_key_file =
-               (try Some (List.assoc "cipher" kvs) with Not_found -> None),
-               (try Some (List.assoc "key-size" kvs) with Not_found -> None),
-               (try Some (List.assoc "key-file" kvs) with Not_found -> None)
-               in
        let dc =
-               if crypt_cipher = None && crypt_key_size = None && crypt_key_file = None then
-                       None
-               else
-                       Some {
-                               disk_crypt_cipher = (match crypt_cipher with None -> "aes-xts-plain" | Some c -> c);
-                               disk_crypt_key_size = (match crypt_key_size with None -> 256 | Some i -> int_of_string i);
-                               disk_crypt_key_file = "";
+               try Some {
+                               disk_crypt_key_file = (List.assoc "key-file" kvs);
+                               disk_crypt_cipher = (try (List.assoc "cipher" kvs) with Not_found -> "aes-xts-plain");
+                               disk_crypt_key_size = (try int_of_string (List.assoc "key-size" kvs) with Not_found -> 256);
                        }
+               with Not_found -> None
                in
        {
                disk_physpath = physpath;