On Fri, Oct 12, 2018 at 02:27:26PM +0200, Michal Privoznik wrote:
On 10/12/2018 02:17 PM, Daniel P. Berrangé wrote:
On Fri, Oct 12, 2018 at 01:14:51PM +0200, Michal Privoznik wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=1632833
When doing a SCSI passthrough we don't put format= onto the command line. This causes qemu to probe the format automatically which ends up in a warning in the domain log and possible qemu disabling writes to the first block (according to the warning message).
If the warning message is correct, this should have been reported as a security bug to libvirt and given a CVE.
Why is that? It the message is correct, qemu would prevent from writing to the first block. No harm there.
Only QEMU >= 2.3.0 has that protection, so this is not something we can rely to avoid calling it a CVE. It just means distros when QEMU >=2.3.0 would not be affected by the CVE.
On the other hand if the warning from QEMU isn't correct, then QEMU shouldn't have printed the warning about it being dangerous.
In my testing I was able to write to the first block. Therefore, IMO qemu is throwing incorrect warning message.
So something is missing here either way.
Sure, but that doesn't invalidate my patch, does it?
Only the commit message - if this is a security flaw, we must be more explicit about it in the commit. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|