From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dietmar@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 0A0656352B
 for <pbs-devel@lists.proxmox.com>; Wed, 25 Nov 2020 08:29:37 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id EF37C15C87
 for <pbs-devel@lists.proxmox.com>; Wed, 25 Nov 2020 08:29:06 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [212.186.127.180])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 419F215C7D
 for <pbs-devel@lists.proxmox.com>; Wed, 25 Nov 2020 08:29:06 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 0E2FD43FB1
 for <pbs-devel@lists.proxmox.com>; Wed, 25 Nov 2020 08:29:06 +0100 (CET)
Date: Wed, 25 Nov 2020 08:28:53 +0100 (CET)
From: Dietmar Maurer <dietmar@proxmox.com>
To: Proxmox Backup Server development discussion <pbs-devel@lists.proxmox.com>, 
 =?UTF-8?Q?Fabian_Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
Message-ID: <270281567.389.1606289334340@webmail.proxmox.com>
In-Reply-To: <20201124130520.1058725-2-f.gruenbichler@proxmox.com>
References: <20201124130520.1058725-1-f.gruenbichler@proxmox.com>
 <20201124130520.1058725-2-f.gruenbichler@proxmox.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.4-Rev13
X-Originating-Client: open-xchange-appsuite
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.115 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [proxmox.com, commands.rs]
Subject: [pbs-devel] applied: [PATCH proxmox-backup-qemu 1/2] encryption key
 tracking: use fingerprint
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2020 07:29:37 -0000

applied both patches.

> On 11/24/2020 2:05 PM Fabian Gr=C3=BCnbichler <f.gruenbichler@proxmox.com=
> wrote:
>=20
> =20
> but accept old variant as well for now, to not invalidate bitmaps for
> freshly migrated VMs.
>=20
> Signed-off-by: Fabian Gr=C3=BCnbichler <f.gruenbichler@proxmox.com>
> ---
>=20
> Notes:
>     needs proxmox-backup with Fingerprint::bytes()
>=20
>  src/commands.rs | 13 +++++++++++--
>  1 file changed, 11 insertions(+), 2 deletions(-)
>=20
> diff --git a/src/commands.rs b/src/commands.rs
> index 7a24b7c..dcee5a1 100644
> --- a/src/commands.rs
> +++ b/src/commands.rs
> @@ -108,6 +108,8 @@ fn archive_name(device_name: &str) -> String {
>  const CRYPT_CONFIG_HASH_INPUT:&[u8] =3D b"this is just a static string t=
o protect against key changes";
> =20
>  /// Create an identifying digest for the crypt config
> +/// legacy version for VMs freshly migrated from old version
> +/// TODO: remove in PVE 7.0
>  pub(crate) fn crypt_config_digest(
>      config: Arc<CryptConfig>,
>  ) -> [u8;32] {
> @@ -152,7 +154,8 @@ pub(crate) fn check_last_encryption_key(
>      let digest_guard =3D PREVIOUS_CRYPT_CONFIG_DIGEST.lock().unwrap();
>      match (*digest_guard, config)  {
>          (Some(last_digest), Some(current_config)) =3D> {
> -            crypt_config_digest(current_config) =3D=3D last_digest
> +            current_config.fingerprint().bytes() =3D=3D &last_digest
> +                || crypt_config_digest(current_config) =3D=3D last_diges=
t
>          },
>          (None, None) =3D> true,
>          _ =3D> false,
> @@ -440,7 +443,13 @@ pub(crate) async fn finish_backup(
> =20
>      {
>          let crypt_config_digest =3D match crypt_config {
> -            Some(current_config) =3D> Some(crypt_config_digest(current_c=
onfig)),
> +            Some(current_config) =3D> {
> +                let fp =3D current_config
> +                    .fingerprint()
> +                    .bytes()
> +                    .to_owned();
> +                Some(fp)
> +            },
>              None =3D> None,
>          };
> =20
> --=20
> 2.20.1
>=20
>=20
>=20
> _______________________________________________
> pbs-devel mailing list
> pbs-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel