[libvirt] [PATCH] Forbid use of ':' in RBD pool names

Osier Yang jyang at redhat.com
Tue May 14 17:26:03 UTC 2013


On 13/05/13 21:18, Daniel Veillard wrote:
> On Mon, May 13, 2013 at 02:00:31PM +0100, Daniel P. Berrange wrote:
>> From: "Daniel P. Berrange" <berrange at redhat.com>
>>
>> The QEMU command line syntax for RBD disks is
>>
>>     file=rbd:pool/image:opt1=val1:opt2=val2...
>>
>> There is no way to escape the ':' if it appears in the
>> pool or image name. Thus it must be explicitly forbidden
>> if it occurs in the libvirt XML. People are known to
>> be abusing the lack of escaping in current libvirt to
>> pass arbitrary args to QEMU.
>    Urgh, :-(
>
>> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
>> ---
>>   src/qemu/qemu_command.c                            |  6 ++++
>>   ...qemuxml2argv-disk-drive-network-rbd-invalid.xml | 37 ++++++++++++++++++++++
>>   tests/qemuxml2argvtest.c                           |  5 +++
>>   3 files changed, 48 insertions(+)
>>   create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml
>>
>> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
>> index eddc263..c0cb250 100644
>> --- a/src/qemu/qemu_command.c
>> +++ b/src/qemu/qemu_command.c
>> @@ -2383,6 +2383,12 @@ qemuBuildRBDString(virConnectPtr conn,
>>       char *secret = NULL;
>>       size_t secret_size;
>>   
>> +    if (strchr(disk->src, ':')) {
>> +        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>> +                       _("':' not allowed in RBD source volume name"));
>> +        return -1;
>> +    }
>> +
>>       virBufferEscape(opt, ',', ",", "rbd:%s", disk->src);
>>       if (disk->auth.username) {
>>           virBufferEscape(opt, '\\', ":", ":id=%s", disk->auth.username);
>> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml
>> new file mode 100644
>> index 0000000..e8d3280
>> --- /dev/null
>> +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-rbd-invalid.xml
>> @@ -0,0 +1,37 @@
>> +<domain type='qemu'>
>> +  <name>QEMUGuest1</name>
>> +  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
>> +  <memory unit='KiB'>219136</memory>
>> +  <currentMemory unit='KiB'>219136</currentMemory>
>> +  <vcpu placement='static'>1</vcpu>
>> +  <os>
>> +    <type arch='i686' machine='pc'>hvm</type>
>> +    <boot dev='hd'/>
>> +  </os>
>> +  <clock offset='utc'/>
>> +  <on_poweroff>destroy</on_poweroff>
>> +  <on_reboot>restart</on_reboot>
>> +  <on_crash>destroy</on_crash>
>> +  <devices>
>> +    <emulator>/usr/bin/qemu</emulator>
>> +    <disk type='block' device='disk'>
>> +      <driver name='qemu' type='raw'/>
>> +      <source dev='/dev/HostVG/QEMUGuest1'/>
>> +      <target dev='hda' bus='ide'/>
>> +      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
>> +    </disk>
>> +    <disk type='network' device='disk'>
>> +      <driver name='qemu' type='raw'/>
>> +      <source protocol='rbd' name='poolname/imagename:rbd_cache=1:rbd_cache_size=67108864:rbd_cache_max_dirty=0'>
>>

This breaks domainschematest, as the pool name uses:

   <define name="genericName">
     <data type="string">
       <param name="pattern">[a-zA-Z0-9_\+\-]+</param>
     </data>
   </define>

Osier




More information about the libvir-list mailing list