[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-devel][PATCH]ioemu:fix up error when using qemu-img-xen to create img



Ian, could you also help to explain the meaning of "reintroduce the image 
format vulnerability"? Thanks! 

Best Regards, 
-- Dongxiao
-----Original Message-----
From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
[mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Xu, Dongxiao
Sent: 2009年5月4日 20:51
To: Ian Jackson; Li, Xin
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx; Zhang, Yang
Subject: RE: [Xen-devel][PATCH]ioemu:fix up error when using qemu-img-xen to 
create img

Hi, Ian, 
        Thanks for your ack. We think Yang's patch is right in this case. When 
creating image by command: "qemu-img-xen create -b base_image filename -f fmt", 
if the base_image is in the following case as you mentioned: 
1)  The filename does not refer to a block device.
2)  The format is not specified in the filename.
3)  The actual contents of the image is not auto-probed as any image format 
(eg, qcow, qcow2)
        This command could fail without Yang's patch. As we know, raw image 
could not be auto-probed. So if all the other file-type probing functions could 
not recognize the image format, then we should treat it as a raw file image. 
And if someday there are some other new "specific" image types, we should add 
"specific" auto-probe methods for them, and always reserve default format for 
raw type. Also this command is a typical usage model, and execution failure is 
not so friendly to end user, so we think that this default value is needed. 
Thanks!

Best Regards, 
-- Dongxiao

-----Original Message-----
From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
[mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Ian Jackson
Sent: 2009年5月1日 17:39
To: Li, Xin
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx; Zhang, Yang
Subject: RE: [Xen-devel][PATCH]ioemu:fix up error when using qemu-img-xen to 
create img

Li, Xin writes ("RE: [Xen-devel][PATCH]ioemu:fix up error when using 
qemu-img-xen to create img"):
> Ian, saw [you're] back, how do you think of this patch?

I replied to this yesterday.  Did you see my mail ?  Here it is again:

   > >+    else
   > >+        drv = &bdrv_raw;

   This appears to reintroduce the image format vulnerability.  Are you
   sure it's right ?

   The effect of your patch seems to be in this case:
     * the filename does not refer to a block device
     * the format is not specified in the filename
     * the actual contents of the image is not autodetected as any
       image format (eg, qcow or qcow2)
   In that case, without your patch, the open fails.  With your patch,
   the file is opened with bdrv_raw.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.