Re: [libvirt] [PATCH] Add copy-on-write image support

On Mon, Jan 12, 2009 at 09:19:02AM +0000, Miloslav Trma?? wrote:
> Hello,
> here's a version of the patch updated to apply against current CVS.

I've realized there's a slight problem with our idea to add a simple


element to the volume '<target>' section. Specifically when creating
a new image it is desirable to explicitly specify the format of the
backing store. Without this, QEMU will probe backing store format
and this opens a security problem - if the backing store was a raw
file, the guest could have written data into it, such that QEMU will
mis-probe it as QCow, and thus potentially be able to compromise
abuse it to read any file on the host.

I thus think it is better to have the backing store info outside
the target block, as a top level item, allowing the exact same
child elements are 'target' does. As an example, a QCow2 image, 
with a raw backing store would appear as:

    <format type='qcow2'/>
    <format type='raw'/>

I've updated your patch to work in this way and am in the process
of making it support LVM based COW/snapshotting too. I'll post
a complete patch with all this in soon..

