[PATCH 1/2] kbase: backing_chains: Add steps how to securely probe image format

Peter Krempa pkrempa at redhat.com
Thu Feb 27 08:41:10 UTC 2020


We document steps how to fix images if they are rejected for missing
the 'backing file format' field. Document also how to securely probe
the image format if its unknown.

Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
 docs/kbase/backing_chains.rst | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/docs/kbase/backing_chains.rst b/docs/kbase/backing_chains.rst
index 12ed6253ac..af848ccb14 100644
--- a/docs/kbase/backing_chains.rst
+++ b/docs/kbase/backing_chains.rst
@@ -176,6 +176,21 @@ properly. ``$BACKING_IMAGE_PATH`` should be specified as a full absolute path.
 If relative referencing of the backing image is desired, the path must be
 relative to the location of image described by ``$IMAGE_PATH``.

+**Important:** If the ``$BACKING_IMAGE_FORMAT`` is not known it can be queried
+using ``qemu-img info $BACKING_IMAGE_PATH`` and looking for the ``file format:``
+field, but for security reasons should be used *only* if at least one of the
+following criteria is met:
+
+- ``file format`` is ``raw``
+- ``backing file`` is NOT present
+- ``backing file`` is present AND is correct/trusted
+
+Note that the last criteria may require manual inspection and thus should not
+be scripted unless the trust for the image can be expressed programatically.
+
+Also note that the above steps may need to be repeated recursively for any
+subsequent backing images.
+
 Missing images reported after after moving disk images into a different path
 ----------------------------------------------------------------------------

-- 
2.24.1




More information about the libvir-list mailing list