From 5ac882a6d7499e4a36103db071203bf4d1ddfe1f Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@suse.de>
Date: Tue, 10 Mar 2009 16:26:45 +0100
Subject: [PATCH 2/6] ioemu: Use the image format sent by blktapctrl

Currently the blktap backend in ioemu lets qemu guess which format an
image is in. This was a security problem and the blktap backend
doesn't work any more since this was fixed in qemu.

This patch changes ioemu to respect the format it gets from blktapctrl.

Signed-off-by: Kevin Wolf <kwolf@suse.de>
---
 hw/xen_blktap.c |   22 +++++++++++++++++++---
 hw/xen_blktap.h |   14 ++++++++++++++
 2 files changed, 33 insertions(+), 3 deletions(-)

Index: xen-4.1.1-testing/tools/ioemu-qemu-xen/hw/xen_blktap.c
===================================================================
--- xen-4.1.1-testing.orig/tools/ioemu-qemu-xen/hw/xen_blktap.c
+++ xen-4.1.1-testing/tools/ioemu-qemu-xen/hw/xen_blktap.c
@@ -230,9 +230,10 @@ static int map_new_dev(struct td_state *
 	return -1;
 }
 
-static int open_disk(struct td_state *s, char *path, int readonly)
+static int open_disk(struct td_state *s, char *path, int driver, int readonly)
 {
 	BlockDriverState* bs;
+	BlockDriver* drv;
 	char* devname;
 	static int devnumber = 0;
 	int i;
@@ -242,7 +243,22 @@ static int open_disk(struct td_state *s,
 	bs = bdrv_new(devname);
 	free(devname);
 
-	if (bdrv_open(bs, path, 0) != 0) {
+	/* Search for disk driver */
+	for (i = 0; blktap_drivers[i].idnum >= 0; i++) {
+		if (blktap_drivers[i].idnum == driver)
+			break;
+	}
+
+	if (blktap_drivers[i].idnum < 0) {
+		fprintf(stderr, "Could not find image format id %d\n", driver);
+		return -ENOMEM;
+	}
+
+	drv = blktap_drivers[i].drv;
+	DPRINTF("%s driver specified\n", drv ? drv->format_name : "No");
+
+	/* Open the image */
+	if (bdrv_open2(bs, path, 0, drv) != 0) {
 		fprintf(stderr, "Could not open image file %s\n", path);
 		return -ENOMEM;
 	}
@@ -521,7 +537,7 @@ static void handle_blktap_ctrlmsg(void*
 			s = state_init();
 
 			/*Open file*/
-			if (s == NULL || open_disk(s, path, msg->readonly)) {
+			if (s == NULL || open_disk(s, path, msg->drivertype, msg->readonly)) {
 				msglen = sizeof(msg_hdr_t);
 				msg->type = CTLMSG_IMG_FAIL;
 				msg->len = msglen;
Index: xen-4.1.1-testing/tools/ioemu-qemu-xen/hw/xen_blktap.h
===================================================================
--- xen-4.1.1-testing.orig/tools/ioemu-qemu-xen/hw/xen_blktap.h
+++ xen-4.1.1-testing/tools/ioemu-qemu-xen/hw/xen_blktap.h
@@ -53,4 +53,18 @@ typedef struct fd_list_entry {
 
 int init_blktap(void);
 
+typedef struct disk_info {
+	int idnum;
+	struct BlockDriver *drv;
+} disk_info_t;
+
+static disk_info_t blktap_drivers[] = {
+	{ DISK_TYPE_AIO, &bdrv_raw },
+	{ DISK_TYPE_SYNC, &bdrv_raw },
+	{ DISK_TYPE_VMDK, &bdrv_vmdk },
+	{ DISK_TYPE_QCOW, &bdrv_qcow },
+	{ DISK_TYPE_QCOW2, &bdrv_qcow2 },
+	{ -1, NULL }
+};
+
 #endif /*XEN_BLKTAP_H_*/