[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] Add copy-on-write image support

On Mon, Jan 12, 2009 at 09:19:02AM +0000, Miloslav Trma?? wrote:
> Hello,
> here's a version of the patch updated to apply against current CVS.

I've realized there's a slight problem with our idea to add a simple


element to the volume '<target>' section. Specifically when creating
a new image it is desirable to explicitly specify the format of the
backing store. Without this, QEMU will probe backing store format
and this opens a security problem - if the backing store was a raw
file, the guest could have written data into it, such that QEMU will
mis-probe it as QCow, and thus potentially be able to compromise
abuse it to read any file on the host.

I thus think it is better to have the backing store info outside
the target block, as a top level item, allowing the exact same
child elements are 'target' does. As an example, a QCow2 image, 
with a raw backing store would appear as:

    <format type='qcow2'/>
    <format type='raw'/>

I've updated your patch to work in this way and am in the process
of making it support LVM based COW/snapshotting too. I'll post
a complete patch with all this in soon..

|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]