On Thu, Jan 09, 2020 at 14:47:22 +0000, Martin Wilck wrote:
On Thu, 2020-01-09 at 14:34 +0000, Daniel P. Berrangé wrote:
[...]
>
> - Run qemu-img rebase to set the backing_fmt
>
> or
>
> - Update the guest XML to set the <backingStore> format value
>
> or
>
> - Update the /etc/libvirt/qemu.conf to set capability_filters
> to disable "blockdev"
I wasn't aware of this option, thanks. I'd actually looked for
a way to revert libvirt's behavior to what it did in previous versions.
Please DO NOT use this in production. This is for debugging and
workarounds. This may break stuff in the future and is not officially
supported. The comment in the file should say so.
> Always assuming the format is raw certainly avoids the security
> danger, but is unhelpful to users who relied on scenario (2).
>
> I'm inclined to say we should make scenario (2)/(3) into a hard
> error. Only allow scenario (1) to run normally.
>
> ie, we should probe the disk format for the backing file, and
> if it is *not* raw, then report an immediate error, with the
> error message pointing to the kbase page explaining how to
> fix this. This will help the 99% common case identify the
> fix more quickly, with no obvious downside that I see.
Sounds good. I'd appreciate mention of the capability_filters option on
the kbase page.
No. That is not a proper fix unfortunately.