[PATCH v2 1/3] iotests: Specify explicit backing format where sensible
Ján Tomko
jtomko at redhat.com
Thu Feb 27 09:19:55 UTC 2020
On a Wednesday in 2020, Eric Blake wrote:
>There are many existing qcow2 images that specify a backing file but
>no format. This has been the source of CVEs in the past, but has
>become more prominent of a problem now that libvirt has switched to
>-blockdev. With older -drive, at least the probing was always done by
>qemu (so the only risk of a changed format between successive boots of
>a guest was if qemu was upgraded and probed differently). But with
>newer -blockdev, libvirt must specify a format; if libvirt guesses raw
>where the image was formatted, this results in data corruption visible
>to the guest; conversely, if libvirt guesses qcow2 where qemu was
>using raw, this can result in potential security holes, so modern
>libvirt instead refuses to use images without explicit backing format.
>
>The change in libvirt to reject images without explicit backing format
>has pointed out that a number of tools have been far too reliant on
>probing in the past. It's time to set a better example in our own
>iotests of properly setting this parameter.
>
>iotest calls to create, rebase, convert, and amend are all impacted to
>some degree. It's a bit annoying that we are inconsistent on command
>line - while all of those accept -o backing_file=...,backing_fmt=...,
>the shortcuts are different: create and rebase have -b and -F, convert
>has -B but no -F, and amend has no shortcuts.
>
>Signed-off-by: Eric Blake <eblake at redhat.com>
>---
[...]
Test #225 still uses -b without a format:
./check -vmdk 225
QEMU -- "/home/jtomko/work/qemu/build/tests/qemu-iotests/../../x86_64-softmmu/qemu-system-x86_64" -nodefaults -display none -accel qtest
QEMU_IMG -- "/home/jtomko/work/qemu/build/tests/qemu-iotests/../../qemu-img"
QEMU_IO -- "/home/jtomko/work/qemu/build/tests/qemu-iotests/../../qemu-io" --cache writeback --aio threads -f vmdk
QEMU_NBD -- "/home/jtomko/work/qemu/build/tests/qemu-iotests/../../qemu-nbd"
IMGFMT -- vmdk
IMGPROTO -- file
PLATFORM -- Linux/x86_64 lpt 5.4.18-200.fc31.x86_64
TEST_DIR -- /home/jtomko/work/qemu/build/tests/qemu-iotests/scratch
SOCK_DIR -- /tmp/tmp.OQIdhLcITP
SOCKET_SCM_HELPER -- /home/jtomko/work/qemu/build/tests/qemu-iotests/socket_scm_helper
225 fail [10:02:31] [10:02:32] output mismatch (see 225.out.bad)
--- /home/jtomko/work/qemu/tests/qemu-iotests/225.out 2018-09-07 17:21:39.633931691 +0200
+++ /home/jtomko/work/qemu/build/tests/qemu-iotests/225.out.bad 2020-02-27 10:02:32.362755677 +0100
@@ -1,6 +1,7 @@
QA output created by 225
Formatting 'TEST_DIR/t.IMGFMT.base', fmt=IMGFMT size=1048576
Formatting 'TEST_DIR/t.IMGFMT.not_base', fmt=IMGFMT size=1048576
+qemu-img: warning: Deprecated use of backing file without explicit backing format (detected format of IMGFMT)
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1048576 backing_file=TEST_DIR/t.IMGFMT.base
=== Testing fitting VMDK backing image ===
Failures: 225
Failed 1 of 1 iotests
>diff --git a/tests/qemu-iotests/030 b/tests/qemu-iotests/030
>index aa911d266a13..322e31e2cd93 100755
>--- a/tests/qemu-iotests/030
>+++ b/tests/qemu-iotests/030
>@@ -32,8 +32,12 @@ class TestSingleDrive(iotests.QMPTestCase):
>
> def setUp(self):
> iotests.create_image(backing_img, TestSingleDrive.image_len)
>- qemu_img('create', '-f', iotests.imgfmt, '-o', 'backing_file=%s' % backing_img, mid_img)
>- qemu_img('create', '-f', iotests.imgfmt, '-o', 'backing_file=%s' % mid_img, test_img)
>+ qemu_img('create', '-f', iotests.imgfmt,
>+ '-o', 'backing_file=%s' % backing_img,
>+ '-F', 'raw', mid_img)
>+ qemu_img('create', '-f', iotests.imgfmt,
>+ '-o', 'backing_file=%s' % mid_img,
>+ '-F', iotests.imgfmt, test_img)
Consider not mixing shortcuts with -o options.
> qemu_io('-f', 'raw', '-c', 'write -P 0x1 0 512', backing_img)
> qemu_io('-f', iotests.imgfmt, '-c', 'write -P 0x1 524288 512', mid_img)
> self.vm = iotests.VM().add_drive("blkdebug::" + test_img,
With test #225 fixed:
Reviewed-by: Ján Tomko <jtomko at redhat.com>
Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20200227/7fca3871/attachment-0001.sig>
More information about the libvir-list
mailing list