On 10/12/2018 02:17 PM, Daniel P. Berrangé wrote:
On Fri, Oct 12, 2018 at 01:14:51PM +0200, Michal Privoznik wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=1632833
When doing a SCSI passthrough we don't put format= onto the command line. This causes qemu to probe the format automatically which ends up in a warning in the domain log and possible qemu disabling writes to the first block (according to the warning message).
If the warning message is correct, this should have been reported as a security bug to libvirt and given a CVE.
Why is that? It the message is correct, qemu would prevent from writing to the first block. No harm there.
On the other hand if the warning from QEMU isn't correct, then QEMU shouldn't have printed the warning about it being dangerous.
In my testing I was able to write to the first block. Therefore, IMO qemu is throwing incorrect warning message.
So something is missing here either way.
Sure, but that doesn't invalidate my patch, does it? Michal