Blame SOURCES/libvirt-kbase-backing_chains-Add-steps-how-to-securely-probe-image-format.patch

d76c62
From 9146b5849b0dfc2ee59eea09712cc7f5f88c88f2 Mon Sep 17 00:00:00 2001
d76c62
Message-Id: <9146b5849b0dfc2ee59eea09712cc7f5f88c88f2@dist-git>
d76c62
From: Peter Krempa <pkrempa@redhat.com>
d76c62
Date: Fri, 28 Feb 2020 10:24:45 +0100
d76c62
Subject: [PATCH] kbase: backing_chains: Add steps how to securely probe image
d76c62
 format
d76c62
MIME-Version: 1.0
d76c62
Content-Type: text/plain; charset=UTF-8
d76c62
Content-Transfer-Encoding: 8bit
d76c62
d76c62
We document steps how to fix images if they are rejected for missing
d76c62
the 'backing file format' field. Document also how to securely probe
d76c62
the image format if it's unknown.
d76c62
d76c62
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
d76c62
Reviewed-by: Ján Tomko <jtomko@redhat.com>
d76c62
(cherry picked from commit 82d5b762f11b50abb710c751251f28d4325a4c91)
d76c62
d76c62
https://bugzilla.redhat.com/show_bug.cgi?id=1798148
d76c62
Message-Id: <039ebfe436c361b067ef73a7c0bb16db1e410044.1582881363.git.pkrempa@redhat.com>
d76c62
Reviewed-by: Ján Tomko <jtomko@redhat.com>
d76c62
---
d76c62
 docs/kbase/backing_chains.rst | 15 +++++++++++++++
d76c62
 1 file changed, 15 insertions(+)
d76c62
d76c62
diff --git a/docs/kbase/backing_chains.rst b/docs/kbase/backing_chains.rst
d76c62
index 12ed6253ac..af848ccb14 100644
d76c62
--- a/docs/kbase/backing_chains.rst
d76c62
+++ b/docs/kbase/backing_chains.rst
d76c62
@@ -176,6 +176,21 @@ properly. ``$BACKING_IMAGE_PATH`` should be specified as a full absolute path.
d76c62
 If relative referencing of the backing image is desired, the path must be
d76c62
 relative to the location of image described by ``$IMAGE_PATH``.
d76c62
 
d76c62
+**Important:** If the ``$BACKING_IMAGE_FORMAT`` is not known it can be queried
d76c62
+using ``qemu-img info $BACKING_IMAGE_PATH`` and looking for the ``file format:``
d76c62
+field, but for security reasons should be used *only* if at least one of the
d76c62
+following criteria is met:
d76c62
+
d76c62
+- ``file format`` is ``raw``
d76c62
+- ``backing file`` is NOT present
d76c62
+- ``backing file`` is present AND is correct/trusted
d76c62
+
d76c62
+Note that the last criteria may require manual inspection and thus should not
d76c62
+be scripted unless the trust for the image can be expressed programatically.
d76c62
+
d76c62
+Also note that the above steps may need to be repeated recursively for any
d76c62
+subsequent backing images.
d76c62
+
d76c62
 Missing images reported after after moving disk images into a different path
d76c62
 ----------------------------------------------------------------------------
d76c62
 
d76c62
-- 
d76c62
2.25.1
d76c62