zeroinit: fix regression with filename parsing

As reported in the community forum [0], cloning or importing images to RBD storages (without the krbd setting) was broken. This is a result of no filename parsing happening anymore in bdrv_open_child() after commit b242e7f ("backport fix for CVE-2024-4467"), which the zeroinit relied on for passing along the RBD filename+key-value pairs. There is a dedicated function for opening the file child which still does filename parsing. Use that for opening the file child. Role and flags should still be the same as with the manual bdrv_open_child(), because the zeroinit driver is a filter, and the assignment bs->file is also done by bdrv_open_file_child(). Fixes: b242e7f ("backport fix for CVE-2024-4467") Signed-off-by: Fiona Ebner <f.ebner@proxmox.com> [0]: https://forum.proxmox.com/threads/qemu-9-0-available-on-pve-no-subscription-as-of-now.149772/post-681620 FG: added missing link Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2025-01-18 10:04:14 +03:00 · 2024-07-08 12:09:20 +02:00 · 2024-07-08 12:09:20 +02:00 · 54d1666680
commit 54d1666680
parent 49125e1708
1 changed files with 9 additions and 15 deletions
--- a/debian/patches/pve/0019-PVE-block-add-the-zeroinit-block-driver-filter.patch
+++ b/debian/patches/pve/0019-PVE-block-add-the-zeroinit-block-driver-filter.patch
@ -5,12 +5,13 @@ Subject: [PATCH] PVE: block: add the zeroinit block driver filter

 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 [FE: adapt to changed function signatures
-     adhere to block graph lock requirements]
+     adhere to block graph lock requirements
+     use dedicated function to open file child]
 Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
 ---
 block/meson.build |   1 +
- block/zeroinit.c  | 214 ++++++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 215 insertions(+)
+ block/zeroinit.c  | 207 ++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 208 insertions(+)
 create mode 100644 block/zeroinit.c

 diff --git a/block/meson.build b/block/meson.build
@ -27,10 +28,10 @@ index e1f03fd773..b530e117b5 100644
 system_ss.add(when: 'CONFIG_TCG', if_true: files('blkreplay.c'))
 diff --git a/block/zeroinit.c b/block/zeroinit.c
 new file mode 100644
-index 0000000000..696558d8d6
+index 0000000000..7998c9332d
 --- /dev/null
 +++ b/block/zeroinit.c
-@@ -0,0 +1,214 @@
+@@ -0,0 +1,207 @@
 +/*
 + * Filter to fake a zero-initialized block device.
 + *
@ -96,7 +97,6 @@ index 0000000000..696558d8d6
 +                          Error **errp)
 +{
 +    BDRVZeroinitState *s = bs->opaque;
-+    BdrvChild *file = NULL;
 +    QemuOpts *opts;
 +    Error *local_err = NULL;
 +    int ret;
@ -112,15 +112,9 @@ index 0000000000..696558d8d6
 +    }
 +
 +    /* Open the raw file */
-+    file = bdrv_open_child(qemu_opt_get(opts, "x-next"), options, "next", bs,
-+                           &child_of_bds,
-+                           BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY, false,
-+                           &local_err);
-+    bdrv_graph_wrlock();
-+    bs->file = file;
-+    bdrv_graph_wrunlock();
-+    if (local_err) {
-+        ret = -EINVAL;
+    ret = bdrv_open_file_child(qemu_opt_get(opts, "x-next"), options, "next",
+                               bs, &local_err);
+    if (ret < 0) {
 +        error_propagate(errp, local_err);
 +        goto fail;
 +    }