From nobody Thu May 9 02:08:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1582637170; cv=none; d=zohomail.com; s=zohoarc; b=RXkDJyk5CxGrkNwaBfr12Nx74ToWpsOij9p83IjoJAaaRjvlqGvoHwSbnG8Ovcej2o/rv5W9enxLwpygqvTHthnxOt1B38tGoP7owDLQrHsn4VdSdVVRAQDNo30RCZdajtb1RwR8jxtcjQnNPGmF/ckiiTBizGZEljTGJRUi2JY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582637170; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FkhRO6B/VBtKvIaIueI9l7/Bcgy17Nfm5P+d9F4ThJg=; b=O0VMH2faSeJ+iCgkQjZb1GOOPnmkSDBCjT/ah891z6F7pqiPNd+PqA8YKCqHaOLE3wDJeHnQb2KRJFAgT3FAzOF8L0H4jny/LrMFj8ZDxaQpQ2F/Z7n28JgURuG4YEFoO17LEZ6jsD81GSsAXiwDRD2c474v9ikeBoxXuhs6//k= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 158263717018486.22823244433778; Tue, 25 Feb 2020 05:26:10 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-353-TRIyLUyVOb2P93TBbRDySA-1; Tue, 25 Feb 2020 08:26:03 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id F38EF800D54; Tue, 25 Feb 2020 13:25:52 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C58365D9CD; Tue, 25 Feb 2020 13:25:52 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7F3661832962; Tue, 25 Feb 2020 13:25:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 01PDPovH008822 for ; Tue, 25 Feb 2020 08:25:50 -0500 Received: by smtp.corp.redhat.com (Postfix) id 64F1888859; Tue, 25 Feb 2020 13:25:50 +0000 (UTC) Received: from angien.redhat.com (unknown [10.43.2.48]) by smtp.corp.redhat.com (Postfix) with ESMTP id DE5566031E for ; Tue, 25 Feb 2020 13:25:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1582637168; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=FkhRO6B/VBtKvIaIueI9l7/Bcgy17Nfm5P+d9F4ThJg=; b=PnSbMMjyWDGMRqva/IwmcKjKu7pblfcc2vofA67r8GfwqXAnXTd/2P032GkteenVhamX0C SqzZ/g1bEupD9J5H4aAajZFRxXBt3cFAtgApWhREz9dv5VyKNrjEWZ5xM1NvOIU1TiU/7t IQrVXD4m4t4xfTYKOzQeAAu8+uUWf9s= X-MC-Unique: TRIyLUyVOb2P93TBbRDySA-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 1/3] qemu: domain: Convert detected 'iso' image format into 'raw' Date: Tue, 25 Feb 2020 14:25:43 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" While our code can detect ISO as a separate format, qemu does not use it as such and just passes it through as raw. Add conversion for detected parts of the backing chain so that the validation code does not reject it right away. Signed-off-by: Peter Krempa Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_domain.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 446a517df9..a28b51c10e 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -11493,6 +11493,10 @@ qemuDomainDetermineDiskChain(virQEMUDriverPtr driv= er, return -1; for (n =3D src->backingStore; virStorageSourceIsBacking(n); n =3D n->b= ackingStore) { + /* convert detected ISO format to 'raw' as qemu would not understa= nd it */ + if (n->format =3D=3D VIR_STORAGE_FILE_ISO) + n->format =3D VIR_STORAGE_FILE_RAW; + if (qemuDomainValidateStorageSource(n, priv->qemuCaps) < 0) return -1; --=20 2.24.1 From nobody Thu May 9 02:08:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1582637165; cv=none; d=zohomail.com; s=zohoarc; b=Bta1X+1c0jfCPxKSl/e+wVGzCfnBuNXw1jCamSghVs490jzkOQV2nL1hcJ/N74UIsc55IipBH+CepTDXl8GozPkwzs55OECC2cCsS3iqhoWdaq2q5gZKu2a0d9LWItvf1y0XzKFiJCDhX02OlC72DnIRwiWFFw4seJmeTzuOXx4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582637165; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=kOuoRFdTlbq5omDiaS/PEaUKXaXb8uIA4OjXR5awY9g=; b=McC9fh/nIrR5Ck0T3OjA4URfsnarUuLuGGZEZyZeI1adVfRuHItfWWGB83Bx8hVACWwrFyjcMKwpijMgczxeOzkz7/jsO73JPRyV6ViZxYohEM2JDBY4wQz8uboLvwRP+VIyPG1eG0Q6ei17aWIKwLrIu+Oj1IZedBM81MTu+Bc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1582637165123664.9281832997119; Tue, 25 Feb 2020 05:26:05 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-368-iEQ7aQNbMUKFWiPTiKsu5A-1; Tue, 25 Feb 2020 08:26:00 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5ED4D18A6EC2; Tue, 25 Feb 2020 13:25:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 35FB21001DC0; Tue, 25 Feb 2020 13:25:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D46ED860F8; Tue, 25 Feb 2020 13:25:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 01PDPpfe008830 for ; Tue, 25 Feb 2020 08:25:51 -0500 Received: by smtp.corp.redhat.com (Postfix) id 3982E8AC30; Tue, 25 Feb 2020 13:25:51 +0000 (UTC) Received: from angien.redhat.com (unknown [10.43.2.48]) by smtp.corp.redhat.com (Postfix) with ESMTP id B2C786031E for ; Tue, 25 Feb 2020 13:25:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1582637162; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=kOuoRFdTlbq5omDiaS/PEaUKXaXb8uIA4OjXR5awY9g=; b=WnPrsswNWLe9cAqFseXmtW6TIfpfXkzyxlZrYeKwtblchI2E7m8MU+BzClGDYuXAPHtECZ QEIwj+iSt6cjrEdCel1QUGNp+Zb9mirC4R2Y5AK++HWKABow3m3raJxoNFljIxPxcDXOA2 0iEe5UHFTpojEXSwePdwUk+5RjIaJQc= X-MC-Unique: iEQ7aQNbMUKFWiPTiKsu5A-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 2/3] virStorageFileGetMetadataRecurse: Allow format probing under special circumstances Date: Tue, 25 Feb 2020 14:25:44 +0100 Message-Id: <4bc57c3a60c545ade6761b0852aec580b0936267.1582635160.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Allow format probing to work around lazy clients which did not specify their format in the overlay. Format probing will be allowed only, if we are able to probe the image, the probing result was successful and the probed image does not have any backing or data file. This relaxes the restrictions which were imposed in commit 3615e8b39bad in cases when we know that the image probing will not result in security issues or data corruption. We perform the image format detection and in the case that we were able to probe the format and the format does not specify a backing store (or doesn't support backing store) we can use this format. With pre-blockdev configurations this will restore the previous behaviour for the images mentioned above as qemu would probe the format anyways. It also improves error reporting compared to the old state as we now report that the backing chain will be broken in case when there is a backing file. In blockdev configurations this ensures that libvirt will not cause data corruption by ending the chain prematurely without notifying the user, but still allows the old semantics when the users forgot to specify the format. Users thus don't have to re-invent when image format detection is safe to do. The price for this is that libvirt will need to keep the image format detector still current and working or replace it by invocation of qemu-img. Signed-off-by: Peter Krempa Reviewed-by: Daniel P. Berrang=C3=A9 --- src/util/virstoragefile.c | 52 ++++++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c index d75d2a689a..b133cf17f1 100644 --- a/src/util/virstoragefile.c +++ b/src/util/virstoragefile.c @@ -4986,6 +4986,7 @@ virStorageFileGetMetadataRecurse(virStorageSourcePtr = src, virHashTablePtr cycle, unsigned int depth) { + virStorageFileFormat orig_format =3D src->format; size_t headerLen; int rv; g_autofree char *buf =3D NULL; @@ -4995,10 +4996,17 @@ virStorageFileGetMetadataRecurse(virStorageSourcePt= r src, NULLSTR(src->path), src->format, (unsigned int)uid, (unsigned int)gid); + if (src->format =3D=3D VIR_STORAGE_FILE_AUTO_SAFE) + src->format =3D VIR_STORAGE_FILE_AUTO; + /* exit if we can't load information about the current image */ rv =3D virStorageFileSupportsBackingChainTraversal(src); - if (rv <=3D 0) + if (rv <=3D 0) { + if (orig_format =3D=3D VIR_STORAGE_FILE_AUTO) + return -2; + return rv; + } if (virStorageFileGetMetadataRecurseReadHeader(src, parent, uid, gid, &buf, &headerLen, cycle= ) < 0) @@ -5007,6 +5015,18 @@ virStorageFileGetMetadataRecurse(virStorageSourcePtr= src, if (virStorageFileGetMetadataInternal(src, buf, headerLen) < 0) return -1; + /* If we probed the format we MUST ensure that nothing else than the c= urrent + * image (this includes both backing files and external data store) is + * considered for security labelling and/or recursion. */ + if (orig_format =3D=3D VIR_STORAGE_FILE_AUTO) { + if (src->backingStoreRaw || src->externalDataStoreRaw) { + src->format =3D VIR_STORAGE_FILE_RAW; + VIR_FREE(src->backingStoreRaw); + VIR_FREE(src->externalDataStoreRaw); + return -2; + } + } + if (src->backingStoreRaw) { if ((rv =3D virStorageSourceNewFromBacking(src, &backingStore)) < = 0) return -1; @@ -5015,33 +5035,21 @@ virStorageFileGetMetadataRecurse(virStorageSourcePt= r src, if (rv =3D=3D 1) return 0; - if (backingStore->format =3D=3D VIR_STORAGE_FILE_AUTO) { - /* Assuming the backing store to be raw can lead to failures. = We do - * it only when we must not report an error to prevent losing = VMs. - * Otherwise report an error. - */ - if (report_broken) { + if ((rv =3D virStorageFileGetMetadataRecurse(backingStore, parent, + uid, gid, + report_broken, + cycle, depth + 1)) < 0)= { + if (!report_broken) + return 0; + + if (rv =3D=3D -2) { virReportError(VIR_ERR_OPERATION_INVALID, _("format of backing image '%s' of image '%= s' was not specified in the image metadata " "(See https://libvirt.org/kbase/backing_c= hains.html for troubleshooting)"), src->backingStoreRaw, NULLSTR(src->path)); - return -1; } - backingStore->format =3D VIR_STORAGE_FILE_RAW; - } - - if (backingStore->format =3D=3D VIR_STORAGE_FILE_AUTO_SAFE) - backingStore->format =3D VIR_STORAGE_FILE_AUTO; - - if (virStorageFileGetMetadataRecurse(backingStore, parent, - uid, gid, - report_broken, - cycle, depth + 1) < 0) { - if (report_broken) - return -1; - else - return 0; + return -1; } backingStore->id =3D depth; --=20 2.24.1 From nobody Thu May 9 02:08:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1582637170; cv=none; d=zohomail.com; s=zohoarc; b=m/i0B3bJyPeWevi2gahlVWPdkADxv3VS/IU8VH0GLoA1rYZRqOSAAtCTxdUorhTaCrL3l/G2UOr/vmVaXXa8Y3+/ThmbKQVdkifapTqdalW752mQ7n1HRhFGxlpAr+UcDr7JN0U22SLnAx3cybY7GN3YrirWcHdH75fk72xbowA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1582637170; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=OvgaBdqiXWBxDnUPwVXzI//0INiXzTpPvW+Yj8kyMhM=; b=iyGNHOpFUls+JijfRFTDPJn/ALV5RsKHPmRrC4SIkL/i230ZEAxf3cBy+0/wJBJkdyWKhzaOowto87jel4JYp3xT0WmrplLKOHsgs/ZpmvnHBZkdd7VrsgIBhz6hKFP8lctBdyS3+260CYtrokvHS8CGGIcdi18ogT6YDEgazPg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1582637170189289.4689297324809; Tue, 25 Feb 2020 05:26:10 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-317-w5o-u98LOjSTbSW4k0aihQ-1; Tue, 25 Feb 2020 08:26:06 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 20713801E7B; Tue, 25 Feb 2020 13:26:00 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E7A818AC30; Tue, 25 Feb 2020 13:25:59 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9DF2A8B2CD; Tue, 25 Feb 2020 13:25:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 01PDPqjw008839 for ; Tue, 25 Feb 2020 08:25:52 -0500 Received: by smtp.corp.redhat.com (Postfix) id 0F0276031E; Tue, 25 Feb 2020 13:25:52 +0000 (UTC) Received: from angien.redhat.com (unknown [10.43.2.48]) by smtp.corp.redhat.com (Postfix) with ESMTP id 897308C06B for ; Tue, 25 Feb 2020 13:25:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1582637169; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=OvgaBdqiXWBxDnUPwVXzI//0INiXzTpPvW+Yj8kyMhM=; b=gJ6LKhCLEgX/a/oEBUIVFY/UuJXf4efARmqA8DKBILRXjQkG0mkT/Tslt+07JjLt6KIxMP FuB0AJ0IjGg13zplu0US+gl9pW33l79crILCrdqWvrKVjKmjRDy7RfYb9qaBAMmMDEy5VY V6MkhLRdk5BKEpuq4uqD54ZPUKlPyuU= X-MC-Unique: w5o-u98LOjSTbSW4k0aihQ-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 3/3] kbase: backing_chains: Clarify some aspects of image probing Date: Tue, 25 Feb 2020 14:25:45 +0100 Message-Id: <961149572f84ab483534f6ca72744c2d11f176d5.1582635160.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Signed-off-by: Peter Krempa Reviewed-by: Daniel P. Berrang=C3=A9 --- docs/kbase/backing_chains.rst | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/docs/kbase/backing_chains.rst b/docs/kbase/backing_chains.rst index 3b3f0583e5..12ed6253ac 100644 --- a/docs/kbase/backing_chains.rst +++ b/docs/kbase/backing_chains.rst @@ -46,14 +46,17 @@ system used on the host so that the hypervisor can acce= ss the files and possibly also directly to configure the hypervisor to use the appropriate images. T= hus it's important to properly setup the formats and paths of the backing imag= es. +Any externally created image should always use the -F switch of ``qemu-img= `` +to specify the format of the backing file to avoid probing. + Image detection caveats ----------------------- Detection of the backing chain requires libvirt to read and understand the ``backing file`` field recorded in the image metadata and also being able = to recurse and read the backing file. Due to security implications libvirt -will not attempt to detect the format of the backing image if the image me= tadata -doesn't contain it. +will refuse to use backing images of any image whose format was not specif= ied +explicitly in the XML or the overlay image itself. Libvirt also might lack support for a network disk storage technology and = thus may be unable to visit and detect backing chains on such storage. This may @@ -104,6 +107,8 @@ Note that it's also possible to partially specify the c= hain in the XML but omit the terminating element. This will result into probing from the last speci= fied ```` +Any image specified explicitly will not be probed for backing file or form= at. + Manual image creation =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D @@ -113,6 +118,13 @@ them properly so that they work with libvirt as expect= ed. The created disk images must contain the format of the backing image in the metadata. This means that the **-F** parameter of ``qemu-img`` must always be used. +:: + + qemu-img -f qcow2 -F qcow2 -b /path/to/backing /path/to/overlay + +Note that if '/path/to/backing' is relative the path is considered relativ= e to +the location of '/path/to/overlay'. + Troubleshooting =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --=20 2.24.1