aboutsummaryrefslogtreecommitdiff
path: root/block.c
diff options
context:
space:
mode:
authorMarkus Armbruster <armbru@redhat.com>2009-10-27 18:41:44 +0100
committerAnthony Liguori <aliguori@us.ibm.com>2009-11-09 08:43:02 -0600
commiteb852011ab3c56bd1f8e9d2c7d0dfb3eb321430a (patch)
tree94af2a13cc119c6f43b3514373a2db2a81ed3f87 /block.c
parent39a51dfda835a75c0ebbfd92705b96e4de77f795 (diff)
Configurable block format whitelist
We have code for a quite a few block formats. While I trust that all of these formats are useful at least for some people in some circumstances, some of them are of a kind that friends don't let friends use in production. This patch provides an optional block format whitelist, default off. If a whitelist is configured with --block-drv-whitelist, QEMU proper can use only whitelisted formats. Other programs, like qemu-img, are not affected. Drivers for formats off the whitelist still participate in format probing, to ensure all programs probe exactly the same. Without that, QEMU proper would be prone to treat images with a format off the whitelist as raw when the image's format is probed. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Diffstat (limited to 'block.c')
-rw-r--r--block.c38
1 files changed, 37 insertions, 1 deletions
diff --git a/block.c b/block.c
index 05c83115b3..1e49bc05cc 100644
--- a/block.c
+++ b/block.c
@@ -61,6 +61,9 @@ BlockDriverState *bdrv_first;
static BlockDriver *first_drv;
+/* If non-zero, use only whitelisted block drivers */
+static int use_bdrv_whitelist;
+
int path_is_absolute(const char *path)
{
const char *p;
@@ -171,6 +174,30 @@ BlockDriver *bdrv_find_format(const char *format_name)
return NULL;
}
+static int bdrv_is_whitelisted(BlockDriver *drv)
+{
+ static const char *whitelist[] = {
+ CONFIG_BDRV_WHITELIST
+ };
+ const char **p;
+
+ if (!whitelist[0])
+ return 1; /* no whitelist, anything goes */
+
+ for (p = whitelist; *p; p++) {
+ if (!strcmp(drv->format_name, *p)) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+BlockDriver *bdrv_find_whitelisted_format(const char *format_name)
+{
+ BlockDriver *drv = bdrv_find_format(format_name);
+ return drv && bdrv_is_whitelisted(drv) ? drv : NULL;
+}
+
int bdrv_create(BlockDriver *drv, const char* filename,
QEMUOptionParameter *options)
{
@@ -427,7 +454,10 @@ int bdrv_open2(BlockDriverState *bs, const char *filename, int flags,
(flags & (BDRV_O_CACHE_MASK|BDRV_O_NATIVE_AIO));
else
open_flags = flags & ~(BDRV_O_FILE | BDRV_O_SNAPSHOT);
- ret = drv->bdrv_open(bs, filename, open_flags);
+ if (use_bdrv_whitelist && !bdrv_is_whitelisted(drv))
+ ret = -ENOTSUP;
+ else
+ ret = drv->bdrv_open(bs, filename, open_flags);
if ((ret == -EACCES || ret == -EPERM) && !(flags & BDRV_O_FILE)) {
ret = drv->bdrv_open(bs, filename, open_flags & ~BDRV_O_RDWR);
bs->read_only = 1;
@@ -1764,6 +1794,12 @@ void bdrv_init(void)
module_call_init(MODULE_INIT_BLOCK);
}
+void bdrv_init_with_whitelist(void)
+{
+ use_bdrv_whitelist = 1;
+ bdrv_init();
+}
+
void *qemu_aio_get(AIOPool *pool, BlockDriverState *bs,
BlockDriverCompletionFunc *cb, void *opaque)
{