On Fri, Oct 12, 2018 at 01:14:51PM +0200, Michal Privoznik wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1632833 > > When doing a SCSI passthrough we don't put format= onto the > command line. This causes qemu to probe the format automatically > which ends up in a warning in the domain log and possible qemu > disabling writes to the first block (according to the warning > message). If the warning message is correct, this should have been reported as a security bug to libvirt and given a CVE. On the other hand if the warning from QEMU isn't correct, then QEMU shouldn't have printed the warning about it being dangerous. So something is missing here either way. > > Based-on-work-of: Paolo Bonzini <pbonzini@xxxxxxxxxx> > Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> > --- > src/qemu/qemu_command.c | 2 +- > tests/qemuxml2argvdata/hostdev-scsi-lsi.args | 2 +- > tests/qemuxml2argvdata/hostdev-scsi-readonly.args | 2 +- > tests/qemuxml2argvdata/hostdev-scsi-virtio-scsi.args | 2 +- > 4 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c > index 269276f2f9..1ff593c657 100644 > --- a/src/qemu/qemu_command.c > +++ b/src/qemu/qemu_command.c > @@ -4841,7 +4841,7 @@ qemuBuildSCSIHostdevDrvStr(virDomainHostdevDefPtr dev, > } else { > if (!(source = qemuBuildSCSIHostHostdevDrvStr(dev))) > goto error; > - virBufferAsprintf(&buf, "file=/dev/%s,if=none", source); > + virBufferAsprintf(&buf, "file=/dev/%s,if=none,format=raw", source); > } > VIR_FREE(source); > > diff --git a/tests/qemuxml2argvdata/hostdev-scsi-lsi.args b/tests/qemuxml2argvdata/hostdev-scsi-lsi.args > index d05e2a8bf8..f2048fe920 100644 > --- a/tests/qemuxml2argvdata/hostdev-scsi-lsi.args > +++ b/tests/qemuxml2argvdata/hostdev-scsi-lsi.args > @@ -25,6 +25,6 @@ server,nowait \ > -drive file=/dev/HostVG/QEMUGuest2,format=raw,if=none,id=drive-ide0-0-0 \ > -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,\ > bootindex=1 \ > --drive file=/dev/sg0,if=none,id=drive-hostdev0 \ > +-drive file=/dev/sg0,if=none,format=raw,id=drive-hostdev0 \ > -device scsi-generic,bus=scsi0.0,scsi-id=7,drive=drive-hostdev0,id=hostdev0 \ > -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 > diff --git a/tests/qemuxml2argvdata/hostdev-scsi-readonly.args b/tests/qemuxml2argvdata/hostdev-scsi-readonly.args > index c6336ca441..0d5a0d327d 100644 > --- a/tests/qemuxml2argvdata/hostdev-scsi-readonly.args > +++ b/tests/qemuxml2argvdata/hostdev-scsi-readonly.args > @@ -25,7 +25,7 @@ server,nowait \ > -drive file=/dev/HostVG/QEMUGuest2,format=raw,if=none,id=drive-ide0-0-0 \ > -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,\ > bootindex=1 \ > --drive file=/dev/sg0,if=none,id=drive-hostdev0,readonly=on \ > +-drive file=/dev/sg0,if=none,format=raw,id=drive-hostdev0,readonly=on \ > -device scsi-generic,bus=scsi0.0,channel=0,scsi-id=4,lun=8,\ > drive=drive-hostdev0,id=hostdev0 \ > -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 > diff --git a/tests/qemuxml2argvdata/hostdev-scsi-virtio-scsi.args b/tests/qemuxml2argvdata/hostdev-scsi-virtio-scsi.args > index 4bf4ce7f82..13a1e9fe95 100644 > --- a/tests/qemuxml2argvdata/hostdev-scsi-virtio-scsi.args > +++ b/tests/qemuxml2argvdata/hostdev-scsi-virtio-scsi.args > @@ -25,7 +25,7 @@ server,nowait \ > -drive file=/dev/HostVG/QEMUGuest2,format=raw,if=none,id=drive-ide0-0-0 \ > -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,\ > bootindex=1 \ > --drive file=/dev/sg0,if=none,id=drive-hostdev0 \ > +-drive file=/dev/sg0,if=none,format=raw,id=drive-hostdev0 \ > -device scsi-generic,bus=scsi0.0,channel=0,scsi-id=4,lun=8,\ > drive=drive-hostdev0,id=hostdev0 \ > -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 > -- > 2.18.1 > > -- > libvir-list mailing list > libvir-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/libvir-list Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
