5bd3336a65
Also make the iso-with-qcow2 image not use UDF since centos/rocky won't get that test coverage otherwise. Change-Id: Ic7f0cb19ee767f51225539e8821fc89dd45190af
185 lines
7.3 KiB
YAML
185 lines
7.3 KiB
YAML
# Manifest of OpenStack test images
|
|
#
|
|
# Schema:
|
|
# name: The base (short) name of the image file, used to form the file name
|
|
# and the image name when uploaded to glance
|
|
# format: The name of the format that glance and qemu-img consider this image
|
|
# to be. Appended as an extension to the name above to generate the
|
|
# output filename.
|
|
# usable: Boolean indicating whether or not this should be accepted by glance,
|
|
# nova, cinder, etc. This is sort of a loose thing that is hard to
|
|
# define because it may depend on config. Probably mostly useful for
|
|
# humans, but perhaps also test automation.
|
|
# insecure: Boolean indicating if this image will contain some
|
|
# security-sensitive exploit or other violation. These should never
|
|
# be acceptable to services properly checking for them.
|
|
# generated_by: If present, a series of shell commands used to generate the
|
|
# image.
|
|
# postprocess: Some symbolic name of a python function in generate.py that
|
|
# must be run after the generated_by commands (if present) to
|
|
# finish creation of the image.
|
|
# support_check: Some command to run to determine if OS tooling supports this
|
|
# format. Only to be used for situations where tooling like
|
|
# qemu does not support a given format.
|
|
images:
|
|
- name: standard-qcow2v3
|
|
format: qcow2
|
|
usable: true
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f qcow2 %(filename)s 10M
|
|
description: >-
|
|
This is a standard blank qcow2 file without any external linkage
|
|
- name: qcow-with-backing
|
|
format: qcow2
|
|
usable: false
|
|
insecure: true
|
|
generated_by:
|
|
- qemu-img create -f qcow2 -F raw -b /etc/hosts %(filename)s 10M
|
|
description: >-
|
|
This is a qcow2 file with a backing file, which can be manipulated to
|
|
expose files on a host machine if processed without checking what file
|
|
is being included.
|
|
- name: qcow-with-datafile
|
|
format: qcow2
|
|
usable: false
|
|
insecure: true
|
|
generated_by:
|
|
- qemu-img create -f qcow2 -o data_file=qcow-data-file,data_file_raw=on %(filename)s 10M
|
|
- rm qcow-data-file
|
|
description: >-
|
|
This is a qcow2 file with a data-file specified, which can both
|
|
reference external data like backing-file or embed a QMP JSON
|
|
specification for a more complex storage arrangement and do much more
|
|
damage to a host system.
|
|
- name: raw-blank
|
|
format: raw
|
|
usable: true
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f raw %(filename)s 1M
|
|
description: >-
|
|
A truly unformatted file, which should not match any other format. Since
|
|
qemu-img is used here, it's literally a file of zero bytes.
|
|
- name: gpt-blank
|
|
format: gpt
|
|
usable: true
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f raw %(filename)s 1M
|
|
- parted %(filename)s --script 'mklabel gpt'
|
|
description: >-
|
|
An image of a whole disk commonly seen in the PC/x86 space, with a
|
|
protective MBR and GPT paritition table.
|
|
- name: standard
|
|
format: qed
|
|
usable: false
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f qed %(filename)s 10M
|
|
description: >-
|
|
A blank QED formatted image, similar to qcow, but should not be supported
|
|
by any service.
|
|
support_check: qemu-img -h | grep -q 'Supported.*qed'
|
|
- name: standard-iso9660
|
|
format: iso
|
|
usable: true
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f raw %(filename)s 1M
|
|
- mkisofs -V %(name)s -o %(filename)s /etc/hosts
|
|
description: >-
|
|
An ISO9660 image with a single file inside
|
|
- name: standard-udf
|
|
format: iso
|
|
usable: true
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f raw %(filename)s 1M
|
|
- mkisofs -udf -V %(name)s -o %(filename)s /etc/hosts
|
|
support_check: mkisofs -h 2>&1 | grep -iq udf
|
|
description: >-
|
|
A UDF filesystem (similar to ISO9660) with a single file inside
|
|
- name: iso-with-qcow2-in-system
|
|
format: iso
|
|
usable: false
|
|
insecure: true
|
|
generated_by:
|
|
- qemu-img create -f raw %(filename)s 1M
|
|
- mkisofs -V %(name)s -o %(filename)s /etc/hosts
|
|
- qemu-img create -f qcow2 tmp.qcow 10M
|
|
- dd if=tmp.qcow of=%(filename)s bs=32k count=1 conv=notrunc
|
|
- rm tmp.qcow
|
|
description: >-
|
|
An ISO9660 image with a single file inside, but with a qcow2 header in
|
|
the "system area" which can fool tools (like qemu-img) into thinking it
|
|
is a valid qcow2 file.
|
|
- name: vmdk-monolithicSparse
|
|
format: vmdk
|
|
usable: true
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f vmdk -o subformat=monolithicSparse %(filename)s 10M
|
|
description: >-
|
|
A VMDK file in monolithicSparse format (i.e. has a sparse header,
|
|
embedded descriptor and extents)
|
|
- name: vmdk-streamOptimized
|
|
format: vmdk
|
|
usable: true
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f vmdk -o subformat=streamOptimized %(filename)s 10M
|
|
description: >-
|
|
A VMDK file in streamOptimized format, similar to monolithicSparse,
|
|
without a footer.
|
|
- name: vmdk-monolithicFlat
|
|
format: vmdk
|
|
usable: false
|
|
insecure: false
|
|
generated_by:
|
|
- qemu-img create -f vmdk -o subformat=monolithicFlat %(filename)s 10M
|
|
- rm %(name)s-flat.vmdk
|
|
description: >-
|
|
A VMDK file in monolithicFlat format, which is actually just a text
|
|
descriptor that references external extent files. Not usable in
|
|
OpenStack because of this external reference, and thus should always be
|
|
rejected by services.
|
|
- name: vmdk-monolithicFlat-leak
|
|
format: vmdk
|
|
usable: false
|
|
insecure: true
|
|
generated_by:
|
|
- qemu-img create -f vmdk -o subformat=monolithicFlat %(filename)s 10M
|
|
- sed -i 's#%(name)s-flat.vmdk#/etc/hosts#' %(filename)s
|
|
- rm %(name)s-flat.vmdk
|
|
description: >-
|
|
A VMDK file in monolithicFlat format, which is actually just a text
|
|
descriptor that references external extent files. This case differs from
|
|
the one above in that it actually references a file that exists, which
|
|
can fool a checker into thinking it is valid.
|
|
- name: vmdk-sparse-with-url-backing
|
|
format: vmdk
|
|
usable: false
|
|
insecure: true
|
|
generated_by:
|
|
- qemu-img create -f vmdk -o subformat=monolithicSparse %(filename)s 10M
|
|
- dd if=%(filename)s bs=512 count=1 skip=1 | sed 's#%(filename)s#/etc/hosts#' | dd of=%(filename)s conv=notrunc seek=1
|
|
description: >-
|
|
A monolithicSparse VMDK file that references external extent files. This
|
|
is in an acceptable format, but is insafe as it would result in exposing
|
|
files on a host machine within the guest image.
|
|
- name: vmdk-sparse-with-footer
|
|
format: vmdk
|
|
usable: true
|
|
insecure: false
|
|
postprocess: footerify_vmdk
|
|
generated_by:
|
|
- qemu-img create -f vmdk -o subformat=monolithicSparse %(filename)s 10M
|
|
description: >-
|
|
A VMDK file in monolithicSparse format with a footer that overrides the
|
|
header. This footer must be supported specifically and checked for
|
|
sanity to make sure it does not reference a descriptor or other
|
|
resources that would not have been inspected in the stream by the time
|
|
we read the footer. Apparently vmware tooling generates these with a
|
|
footer frequently and thus is a format we need to (carefully) support.
|