forked from pool/libvirt
Accepting request 781324 from Virtualization
OBS-URL: https://build.opensuse.org/request/show/781324 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=300
This commit is contained in:
commit
f86d403f4c
136
ae9e6c2a-qemu-allow-cond-format-probe.patch
Normal file
136
ae9e6c2a-qemu-allow-cond-format-probe.patch
Normal file
@ -0,0 +1,136 @@
|
|||||||
|
commit ae9e6c2a2b75d958995c661f7bb64ed4353a6404
|
||||||
|
Author: Peter Krempa <pkrempa@redhat.com>
|
||||||
|
Date: Mon Feb 17 10:08:25 2020 +0100
|
||||||
|
|
||||||
|
virStorageFileGetMetadataRecurse: Allow format probing under special circumstances
|
||||||
|
|
||||||
|
Allow format probing to work around lazy clients which did not specify
|
||||||
|
their format in the overlay. Format probing will be allowed only, if we
|
||||||
|
are able to probe the image, the probing result was successful and the
|
||||||
|
probed image does not have any backing or data file.
|
||||||
|
|
||||||
|
This relaxes the restrictions which were imposed in commit 3615e8b39bad
|
||||||
|
in cases when we know that the image probing will not result in security
|
||||||
|
issues or data corruption.
|
||||||
|
|
||||||
|
We perform the image format detection and in the case that we were able
|
||||||
|
to probe the format and the format does not specify a backing store (or
|
||||||
|
doesn't support backing store) we can use this format.
|
||||||
|
|
||||||
|
With pre-blockdev configurations this will restore the previous
|
||||||
|
behaviour for the images mentioned above as qemu would probe the format
|
||||||
|
anyways. It also improves error reporting compared to the old state as
|
||||||
|
we now report that the backing chain will be broken in case when there
|
||||||
|
is a backing file.
|
||||||
|
|
||||||
|
In blockdev configurations this ensures that libvirt will not cause data
|
||||||
|
corruption by ending the chain prematurely without notifying the user,
|
||||||
|
but still allows the old semantics when the users forgot to specify the
|
||||||
|
format.
|
||||||
|
|
||||||
|
Users thus don't have to re-invent when image format detection is safe
|
||||||
|
to do.
|
||||||
|
|
||||||
|
The price for this is that libvirt will need to keep the image format
|
||||||
|
detector still current and working or replace it by invocation of
|
||||||
|
qemu-img.
|
||||||
|
|
||||||
|
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||||
|
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||||
|
|
||||||
|
Index: libvirt-6.0.0/src/util/virstoragefile.c
|
||||||
|
===================================================================
|
||||||
|
--- libvirt-6.0.0.orig/src/util/virstoragefile.c
|
||||||
|
+++ libvirt-6.0.0/src/util/virstoragefile.c
|
||||||
|
@@ -4907,6 +4907,7 @@ virStorageFileGetMetadataRecurse(virStor
|
||||||
|
virHashTablePtr cycle,
|
||||||
|
unsigned int depth)
|
||||||
|
{
|
||||||
|
+ virStorageFileFormat orig_format = src->format;
|
||||||
|
int ret = -1;
|
||||||
|
const char *uniqueName;
|
||||||
|
ssize_t headerLen;
|
||||||
|
@@ -4919,10 +4920,17 @@ virStorageFileGetMetadataRecurse(virStor
|
||||||
|
src->path, src->format,
|
||||||
|
(unsigned int)uid, (unsigned int)gid);
|
||||||
|
|
||||||
|
+ if (src->format == VIR_STORAGE_FILE_AUTO_SAFE)
|
||||||
|
+ src->format = VIR_STORAGE_FILE_AUTO;
|
||||||
|
+
|
||||||
|
/* exit if we can't load information about the current image */
|
||||||
|
rv = virStorageFileSupportsBackingChainTraversal(src);
|
||||||
|
- if (rv <= 0)
|
||||||
|
+ if (rv <= 0) {
|
||||||
|
+ if (orig_format == VIR_STORAGE_FILE_AUTO)
|
||||||
|
+ return -2;
|
||||||
|
+
|
||||||
|
return rv;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (virStorageFileInitAs(src, uid, gid) < 0)
|
||||||
|
return -1;
|
||||||
|
@@ -4960,6 +4968,18 @@ virStorageFileGetMetadataRecurse(virStor
|
||||||
|
&backingFormat) < 0)
|
||||||
|
goto cleanup;
|
||||||
|
|
||||||
|
+ /* If we probed the format we MUST ensure that nothing else than the current
|
||||||
|
+ * image (this includes both backing files and external data store) is
|
||||||
|
+ * considered for security labelling and/or recursion. */
|
||||||
|
+ if (orig_format == VIR_STORAGE_FILE_AUTO) {
|
||||||
|
+ if (src->backingStoreRaw || src->externalDataStoreRaw) {
|
||||||
|
+ src->format = VIR_STORAGE_FILE_RAW;
|
||||||
|
+ VIR_FREE(src->backingStoreRaw);
|
||||||
|
+ VIR_FREE(src->externalDataStoreRaw);
|
||||||
|
+ return -2;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (src->backingStoreRaw) {
|
||||||
|
if ((rv = virStorageSourceNewFromBacking(src, &backingStore)) < 0)
|
||||||
|
goto cleanup;
|
||||||
|
@@ -4972,36 +4992,21 @@ virStorageFileGetMetadataRecurse(virStor
|
||||||
|
|
||||||
|
backingStore->format = backingFormat;
|
||||||
|
|
||||||
|
- if (backingStore->format == VIR_STORAGE_FILE_AUTO) {
|
||||||
|
- /* Assuming the backing store to be raw can lead to failures. We do
|
||||||
|
- * it only when we must not report an error to prevent losing VMs.
|
||||||
|
- * Otherwise report an error.
|
||||||
|
- */
|
||||||
|
- if (report_broken) {
|
||||||
|
+ if ((rv = virStorageFileGetMetadataRecurse(backingStore, parent,
|
||||||
|
+ uid, gid,
|
||||||
|
+ report_broken,
|
||||||
|
+ cycle, depth + 1)) < 0) {
|
||||||
|
+ if (!report_broken)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ if (rv == -2) {
|
||||||
|
virReportError(VIR_ERR_OPERATION_INVALID,
|
||||||
|
_("format of backing image '%s' of image '%s' was not specified in the image metadata "
|
||||||
|
"(See https://libvirt.org/kbase/backing_chains.html for troubleshooting)"),
|
||||||
|
src->backingStoreRaw, NULLSTR(src->path));
|
||||||
|
- return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
- backingStore->format = VIR_STORAGE_FILE_RAW;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if (backingStore->format == VIR_STORAGE_FILE_AUTO_SAFE)
|
||||||
|
- backingStore->format = VIR_STORAGE_FILE_AUTO;
|
||||||
|
-
|
||||||
|
- if ((ret = virStorageFileGetMetadataRecurse(backingStore, parent,
|
||||||
|
- uid, gid,
|
||||||
|
- report_broken,
|
||||||
|
- cycle, depth + 1)) < 0) {
|
||||||
|
- if (report_broken)
|
||||||
|
- goto cleanup;
|
||||||
|
-
|
||||||
|
- /* if we fail somewhere midway, just accept and return a
|
||||||
|
- * broken chain */
|
||||||
|
- ret = 0;
|
||||||
|
- goto cleanup;
|
||||||
|
+ return -1;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
/* add terminator */
|
@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Mar 3 23:22:42 UTC 2020 - James Fehlig <jfehlig@suse.com>
|
||||||
|
|
||||||
|
- qemu: Allow format probing under special circumstances
|
||||||
|
ae9e6c2a-qemu-allow-cond-format-probe.patch
|
||||||
|
bsc#1165588
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Feb 5 22:51:48 UTC 2020 - James Fehlig <jfehlig@suse.com>
|
Wed Feb 5 22:51:48 UTC 2020 - James Fehlig <jfehlig@suse.com>
|
||||||
|
|
||||||
|
@ -342,6 +342,7 @@ Patch0: 6c1dddaf-libxl-shutdown-inhibit.patch
|
|||||||
Patch1: 849052ec-libxl-support-credit2.patch
|
Patch1: 849052ec-libxl-support-credit2.patch
|
||||||
Patch2: 72ed254b-drop-exec-perms-bashcompletion.patch
|
Patch2: 72ed254b-drop-exec-perms-bashcompletion.patch
|
||||||
Patch3: e092daac-prohib-parallel-tunneled-mig.patch
|
Patch3: e092daac-prohib-parallel-tunneled-mig.patch
|
||||||
|
Patch4: ae9e6c2a-qemu-allow-cond-format-probe.patch
|
||||||
# Patches pending upstream review
|
# Patches pending upstream review
|
||||||
Patch100: libxl-dom-reset.patch
|
Patch100: libxl-dom-reset.patch
|
||||||
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
|
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
|
||||||
@ -879,6 +880,7 @@ libvirt plugin for NSS for translating domain names into IP addresses.
|
|||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
|
%patch4 -p1
|
||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
%patch101 -p1
|
%patch101 -p1
|
||||||
%patch150 -p1
|
%patch150 -p1
|
||||||
|
Loading…
Reference in New Issue
Block a user