From 0739f735f99a6f1760a422023c262c1aa542a2e5 Mon Sep 17 00:00:00 2001

From: Kevin Wolf <kwolf@redhat.com>

Date: Fri, 9 Jul 2021 18:41:41 +0200

Subject: [PATCH 19/43] block: Add option to use driver whitelist even in tools

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

RH-Author: Kevin Wolf <None>

RH-MergeRequest: 26: block: Disable unsupported/read-only block drivers even in tools

RH-Commit: [1/2] 6755d5ff4ef43f275ae530de2b2a568ffd2d3497 (kmwolf/centos-qemu-kvm)

RH-Bugzilla: 1957782

RH-Acked-by: Max Reitz <None>

RH-Acked-by: Richard W.M. Jones <None>

RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Currently, the block driver whitelists are only applied for the system

emulator. All other binaries still give unrestricted access to all block

drivers. There are use cases where this made sense because the main

concern was avoiding customers running VMs on less optimised block

drivers and getting bad performance. Allowing the same image format e.g.

as a target for 'qemu-img convert' is not a problem then.

However, if the concern is the supportability of the driver in general,

either in full or when used read-write, not applying the list driver

whitelist in tools doesn't help - especially since qemu-nbd and

qemu-storage-daemon now give access to more or less the same operations

in block drivers as running a system emulator.

In order to address this, introduce a new configure option that enforces

the driver whitelist in all binaries.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Message-Id: <20210709164141.254097-1-kwolf@redhat.com>

Reviewed-by: Eric Blake <eblake@redhat.com>

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

(cherry picked from commit e5f05f8c375157211c7da625a0d3f3ccdb4957d5)

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

---

 block.c     |  3 +++

 configure   | 14 ++++++++++++--

 meson.build |  1 +

 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/block.c b/block.c

index c5b887cec1..76ecede5af 100644

--- a/block.c

+++ b/block.c

@@ -5817,6 +5817,9 @@ BlockDriverState *bdrv_find_backing_image(BlockDriverState *bs,

 void bdrv_init(void)

 {

+#ifdef CONFIG_BDRV_WHITELIST_TOOLS

+    use_bdrv_whitelist = 1;

+#endif

     module_call_init(MODULE_INIT_BLOCK);

 }

diff --git a/configure b/configure

index 53b2fa583a..7edc08afb3 100755

--- a/configure

+++ b/configure

@@ -243,6 +243,7 @@ cross_prefix=""

 audio_drv_list=""

 block_drv_rw_whitelist=""

 block_drv_ro_whitelist=""

+block_drv_whitelist_tools="no"

 host_cc="cc"

 audio_win_int=""

 libs_qga=""

@@ -1029,6 +1030,10 @@ for opt do

   ;;

   --block-drv-ro-whitelist=*) block_drv_ro_whitelist=$(echo "$optarg" | sed -e 's/,/ /g')

   ;;

+  --enable-block-drv-whitelist-in-tools) block_drv_whitelist_tools="yes"

+  ;;

+  --disable-block-drv-whitelist-in-tools) block_drv_whitelist_tools="no"

+  ;;

   --enable-debug-tcg) debug_tcg="yes"

   ;;

   --disable-debug-tcg) debug_tcg="no"

@@ -1764,10 +1769,12 @@ Advanced options (experts only):

   --block-drv-whitelist=L  Same as --block-drv-rw-whitelist=L

   --block-drv-rw-whitelist=L

                            set block driver read-write whitelist

-                           (affects only QEMU, not qemu-img)

+                           (by default affects only QEMU, not tools like qemu-img)

   --block-drv-ro-whitelist=L

                            set block driver read-only whitelist

-                           (affects only QEMU, not qemu-img)

+                           (by default affects only QEMU, not tools like qemu-img)

+  --enable-block-drv-whitelist-in-tools

+                           use block whitelist also in tools instead of only QEMU

   --enable-trace-backends=B Set trace backend

                            Available backends: $trace_backend_list

   --with-trace-file=NAME   Full PATH,NAME of file to store traces

@@ -5571,6 +5578,9 @@ if test "$audio_win_int" = "yes" ; then

 fi

 echo "CONFIG_BDRV_RW_WHITELIST=$block_drv_rw_whitelist" >> $config_host_mak

 echo "CONFIG_BDRV_RO_WHITELIST=$block_drv_ro_whitelist" >> $config_host_mak

+if test "$block_drv_whitelist_tools" = "yes" ; then

+  echo "CONFIG_BDRV_WHITELIST_TOOLS=y" >> $config_host_mak

+fi

 if test "$xfs" = "yes" ; then

   echo "CONFIG_XFS=y" >> $config_host_mak

 fi

diff --git a/meson.build b/meson.build

index 06c15bd6d2..49b8164ade 100644

--- a/meson.build

+++ b/meson.build

@@ -2606,6 +2606,7 @@ summary_info += {'coroutine pool':    config_host['CONFIG_COROUTINE_POOL'] == '1

 if have_block

   summary_info += {'Block whitelist (rw)': config_host['CONFIG_BDRV_RW_WHITELIST']}

   summary_info += {'Block whitelist (ro)': config_host['CONFIG_BDRV_RO_WHITELIST']}

+  summary_info += {'Use block whitelist in tools': config_host.has_key('CONFIG_BDRV_WHITELIST_TOOLS')}

   summary_info += {'VirtFS support':    have_virtfs}

   summary_info += {'build virtiofs daemon': have_virtiofsd}

   summary_info += {'Live block migration': config_host.has_key('CONFIG_LIVE_BLOCK_MIGRATION')}

-- 

2.27.0