| Reported on: | 20100615 |
|---|---|
| Published on: | 20100712 |
| Fixed on: | 20100719 |
| Reported by: | Daniel Berrange |
|---|---|
| Patched by: | Daniel Berrange |
Prior to starting a guest, or when hotplugging or unplugging a device the libvirt SELinux, DAC and CGroups security drivers need to determine full file chain associated with a disk image. This is done by traversing backing file formats referenced in the disk headers. The code did not, however, honour the backing format encoded in disk image metadata, when recursing into disk image backing files so a raw file could be mis-identifed as another type of file.
The SELinux, DAC and CGroups code was not honouring backing formats so could be tricked into giving the VM access to files that were otherwise not permitted by its configuration. This can be done by taking what was expected to be a raw backing file and writing a qcow2 header into it.
Do not use any disks with raw backing files.
| Branch | master |
|---|---|
| Broken in: | v0.7.2 |
| Broken in: | v0.7.3 |
| Broken in: | v0.7.4 |
| Broken in: | v0.7.5 |
| Broken in: | v0.7.6 |
| Broken in: | v0.7.7 |
| Broken in: | v0.8.0 |
| Broken in: | v0.8.1 |
| Broken in: | v0.8.2 |
| Fixed in: | v0.8.3 |
| Broken by: | fe627697a3830cd2db0efcc201d8caa9e171263d |
| Broken by: | 15f5eaa09895d68b849a0b0ec458acdafe75d080 |
| Broken by: | 117d04fb1d388df700cc37c4d2a68189fab280c0 |
| Fixed by: | 68719c4bddb85fbcc931a5b7d99ac7c8a0af09b0 |