[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 2/2] libxl: switch NetBSD image file handling to Qemu

On Thu, 2012-11-29 at 18:18 +0000, Brian Buhrow wrote:

> 2.  Examine the file and see if it has a signature for QCOW or QCOW2 format.
> (How does qemu figure out which it is?  Is it a simple bit of code that
> could be snagged for re-use?)  Alternatively, check to see if it's a raw
> image, and, if it is not, call qemu, otherwise, call vnd and use the
> existing backend  block driver.  

You should never probe for raw vs qcow (or any other container format)
in this way.

Imagine a VM with a "raw" disk. A malicious administrator of this VM
could write a qcow header to it turning it into a snapshot backed by any
path they like in dom0 (say /etc/shadow, ssh host keys, etc). Then they
reboot their guest, the probing determines that it is now a qcow image
with the given backing file, the VM admin simply reads from the disk to
get at the dom0 file.

The format of the image must always be specified by the user.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.