[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images |
Date: |
Wed, 8 Aug 2007 21:24:28 +0100 |
User-agent: |
Mutt/1.4.1i |
On Wed, Aug 08, 2007 at 04:52:58PM -0300, Jorge Luc?ngeli Obes wrote:
> This patch makes QEMU check for command line options stored in qcow2 images.
I think it is a bad idea from a security POV to automatically extract & use
command line args from a disk image like this without the admin explicitly
requesting this capability.
eg If I grabbed a demo disk image from a vendors' or community website I would
certainly not trust whatever args may happen to be embedded in the disk image
and thus do not want QEMU to be automatically running using them.
I'd recommend having some command line flag to turn this capability on. For
example a '--args PATH-TO-DISK' flag,
qemu --args $HOME/fedora.qcow
Would extract args from the disk image & us them.
While traditional
qemu $HOME/fedora.qcow
would *not* extract args.
> diff --git a/qemu/vl.c b/qemu/vl.c
> index 4ad39f1..1d28794 100644
> --- a/qemu/vl.c
> +++ b/qemu/vl.c
> @@ -7000,6 +7012,58 @@ int main(int argc, char **argv)
> nb_nics = 0;
> /* default mac address of the first network interface */
>
> + bdrv_init();
> +
> + drv = bdrv_find_format("qcow2");
> +
> + if (argc > 1 && argv[1][0] != '-') {
> + bs = bdrv_new("");
> + if (!bs) {
> + fprintf(stderr, "Not enough memory");
> + exit(1);
> + }
> + if (bdrv_open2(bs, argv[1], 0, drv) < 0) {
> + fprintf(stderr, "Could not open '%s'", argv[1]);
> + bdrv_delete(bs);
> + exit(1);
> + }
> +
> + tmpannot = bdrv_get_annot(bs, "commandline_args");
> + if (tmpannot) {
> + pstrcpy(annot, 1024, tmpannot);
> +
> + do {
> + tok = strtok(nbtoks == 0? tmpannot : NULL, " ");
> +
> + if (tok != NULL)
> + nbtoks++;
> + else
> + done = 1;
> + } while (!done);
> +
> + free(tmpannot);
> +
> + if (nbtoks > 0) {
> + char **argvprime = malloc((nbtoks + argc) * sizeof(char*));
> +
> + for (i = 0; i < argc; i++)
> + argvprime[i] = argv[i];
> +
> + for (i = 0; i < nbtoks; i++)
> + argvprime[i + argc] = strtok(i == 0? annot : NULL, " ");
> +
> + argv = argvprime;
> + argc = argc + nbtoks;
> +
> + for (i = 0; i < nbtoks + 2; i++)
> + printf("argv[%d] = %s\n", i, argv[i]);
> +
> + }
> + }
> +
> + bdrv_delete(bs);
> + }
> +
> optind = 1;
> for(;;) {
> if (optind >= argc)
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
- [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Jorge Lucángeli Obes, 2007/08/08
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images,
Daniel P. Berrange <=
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Anthony Liguori, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Daniel P. Berrange, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Avi Kivity, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Anthony Liguori, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Avi Kivity, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Anthony Liguori, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Avi Kivity, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Brian Wheeler, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, Anthony Liguori, 2007/08/09
- Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images, dmc, 2007/08/09