mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-23 22:25:25 +00:00
Libvirt provides a portable, long term stable C API for managing the
virtualization technologies provided by many operating systems. It
includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware
vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER
Hypervisor.
a93402d48b
When QEMU opens a backing store for a QCow2 file, it will normally auto-probe for the format of the backing store, rather than assuming it has the same format as the referencing file. There is a QCow2 extension that allows an explicit format for the backing store to be embedded in the referencing file. This closes the auto-probing security hole in QEMU. This backing store format can be useful for libvirt users of virStorageFileGetMetadata, so extract this data and report it. QEMU does not require disk image backing store files to be in the same format the file linkee. It will auto-probe the disk format for the backing store when opening it. If the backing store was intended to be a raw file this could be a security hole, because a guest may have written data into its disk that then makes the backing store look like a qcow2 file. If it can trick QEMU into thinking the raw file is a qcow2 file, it can access arbitrary files on the host by adding further backing store links. To address this, callers of virStorageFileGetMeta need to be told of the backing store format. If no format is declared, they can make a decision whether to allow format probing or not. |
||
---|---|---|
.gnulib@1629006348 | ||
build-aux | ||
daemon | ||
docs | ||
examples | ||
include | ||
m4 | ||
po | ||
proxy | ||
python | ||
src | ||
tests | ||
tools | ||
.gitignore | ||
.gitmodules | ||
.mailmap | ||
.x-sc_avoid_ctype_macros | ||
.x-sc_avoid_if_before_free | ||
.x-sc_avoid_write | ||
.x-sc_m4_quote_check | ||
.x-sc_prohibit_always_true_header_tests | ||
.x-sc_prohibit_asprintf | ||
.x-sc_prohibit_gethostby | ||
.x-sc_prohibit_gethostname | ||
.x-sc_prohibit_gettext_noop | ||
.x-sc_prohibit_have_config_h | ||
.x-sc_prohibit_HAVE_MBRTOWC | ||
.x-sc_prohibit_nonreentrant | ||
.x-sc_prohibit_readlink | ||
.x-sc_prohibit_strcmp | ||
.x-sc_prohibit_strcmp_and_strncmp | ||
.x-sc_prohibit_strncpy | ||
.x-sc_prohibit_test_minus_ao | ||
.x-sc_prohibit_VIR_ERR_NO_MEMORY | ||
.x-sc_require_config_h | ||
.x-sc_require_config_h_first | ||
.x-sc_trailing_blank | ||
.x-sc_unmarked_diagnostics | ||
acinclude.m4 | ||
AUTHORS | ||
autobuild.sh | ||
autogen.sh | ||
bootstrap | ||
bootstrap.conf | ||
cfg.mk | ||
ChangeLog-old | ||
configure.ac | ||
COPYING.LIB | ||
HACKING | ||
libvirt.pc.in | ||
libvirt.spec.in | ||
Makefile.am | ||
Makefile.nonreentrant | ||
mingw32-libvirt.spec.in | ||
README | ||
README-hacking | ||
TODO |
LibVirt : simple API for virtualization Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). It is free software available under the GNU Lesser General Public License. Virtualization of the Linux Operating System means the ability to run multiple instances of Operating Systems concurrently on a single hardware system where the basic resources are driven by a Linux instance. The library aim at providing long term stable C API initially for the Xen paravirtualization but should be able to integrate other virtualization mechanisms if needed. Daniel Veillard <veillard@redhat.com>