Re: [libvirt] [PATCH] qemu: Put format=raw onto cmd line for SCSI passthrough
On Fri, Oct 12, 2018 at 02:27:26PM +0200, Michal Privoznik wrote:
On 10/12/2018 02:17 PM, Daniel P. Berrangé wrote:
> On Fri, Oct 12, 2018 at 01:14:51PM +0200, Michal Privoznik wrote:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1632833
>>
>> When doing a SCSI passthrough we don't put format= onto the
>> command line. This causes qemu to probe the format automatically
>> which ends up in a warning in the domain log and possible qemu
>> disabling writes to the first block (according to the warning
>> message).
>
> If the warning message is correct, this should have been reported
> as a security bug to libvirt and given a CVE.
Why is that? It the message is correct, qemu would prevent from writing
to the first block. No harm there.
Only QEMU >= 2.3.0 has that protection, so this is not
something we can rely to avoid calling it a CVE. It just
means distros when QEMU >=2.3.0 would not be affected by
the CVE.
> On the other hand if the warning from QEMU isn't correct,
then
> QEMU shouldn't have printed the warning about it being dangerous.
In my testing I was able to write to the first block. Therefore, IMO
qemu is throwing incorrect warning message.
>
> So something is missing here either way.
Sure, but that doesn't invalidate my patch, does it?
Only the commit message - if this is a security flaw, we must be more
explicit about it in the commit.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|