[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH for-2.6] Fix association of -drive & -iscsi args
|
From: |
Daniel P. Berrange |
|
Subject: |
[Qemu-devel] [PATCH for-2.6] Fix association of -drive & -iscsi args |
|
Date: |
Fri, 22 Apr 2016 11:24:54 +0100 |
The iSCSI block driver is a bit strange in that it requires a
separate -iscsi arg to pass various values, instead of accepting
them directly with the -drive argument. Pino is working on fixing
that for 2.7:
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02011.html
The problem with the current solution is that the iSCSI block driver
finds the -iscsi arg by using an ID value based on the iSCSI IQN.
Unfortunately most real world IQNs contain a ':' character which
is not valid in QEMU ID strings.
We would like a solution for 2.6 so that libvirt can fix its long
standing CVE-2015-5160 whereby passwords are exposed in the CLI args.
I previously suggested escaping the IQN invalid characters in this
patch:
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02198.html
As well as being somewhat unpleasant John pointed out that it still
doesn't let us have a 1-1 mapping of -iscsi and -drive args.
This patch provides a different approach by letting the -drive arg
specify an explicit ID value via a new 'iscsi-id' property. If the
new prop is not specified, we fallback to the IQN, since we should
maintain compatibility in the unlikely event that someone is using
the current syntax.
Daniel P. Berrange (1):
block: add an 'iscsi-id' value to match -drive with -iscsi opts
block/iscsi.c | 35 +++++++++++++++++++++++------------
qemu-doc.texi | 12 +++++++++---
qemu-options.hx | 4 ++--
3 files changed, 34 insertions(+), 17 deletions(-)
--
2.5.5
- [Qemu-devel] [PATCH for-2.6] Fix association of -drive & -iscsi args,
Daniel P. Berrange <=
- [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Daniel P. Berrange, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Kevin Wolf, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Peter Lieven, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Daniel P. Berrange, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Kevin Wolf, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Daniel P. Berrange, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Peter Maydell, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Daniel P. Berrange, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6] block: add an 'iscsi-id' value to match -drive with -iscsi opts, Markus Armbruster, 2016/04/22