RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1957782 - VMDK support should be read-only
Summary: VMDK support should be read-only
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: qemu-kvm
Version: 9.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: beta
: ---
Assignee: Kevin Wolf
QA Contact: Tingting Mao
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-05-06 13:20 UTC by Ademar Reis
Modified: 2021-12-07 22:40 UTC (History)
10 users (show)

Fixed In Version: qemu-kvm-6.0.0-10.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-12-07 21:20:54 UTC
Type: Bug
Target Upstream Version:
Embargoed:
timao: needinfo+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Gitlab redhat/centos-stream/src qemu-kvm merge_requests 26 0 None None None 2021-07-22 11:30:31 UTC

Description Ademar Reis 2021-05-06 13:20:26 UTC 
The support for VMDK image format seems to be enabled as read-write in RHEL (see Bug #1955608). This image format is not actively maintained in upstream QEMU and we're not investing any resources in it.

I believe it should be supported as read-only due to conversion, but not read-write.
Comment 1 Richard W.M. Jones 2021-05-13 13:16:46 UTC 
We use this for “virt-v2v -i ova” and “-i vmx” so it cannot be removed
completely.  R/O is fine of course.  And I wouldn't trust the code that
we have for writing anyway, the format is much too baroque.
Comment 2 Daniel Berrangé 2021-05-14 11:39:37 UTC 
(In reply to Ademar Reis from comment #0)
> The support for VMDK image format seems to be enabled as read-write in RHEL
> (see Bug #1955608). This image format is not actively maintained in upstream
> QEMU and we're not investing any resources in it.
> 
> I believe it should be supported as read-only due to conversion, but not
> read-write.

The situation is more subtle than this.

QEMU classifies block drivers into two sets - read-write and read-only, but this applies to the system emulator only. The non-emulator tools always allow read-write.

The intent behind QEMU's approach was that qemu-system-x86_64 should only allow write access with known good quality drivers (ie have high performance and not likely to corrupt data). The other formats are allowed read-only with qemu-system-x86_64 as a way to consume data from other hypervisors.

qemu-img was allowed full read-write support to allow bi-directional data liberation to/from arbitrary disk formats.

In RHEL-8 today we have this in qemu-kvm.spec

%global block_drivers_list qcow2,raw,file,host_device,nbd,iscsi,rbd,blkdebug,luks,null-co,nvme,copy-on-read,throttle
%if 0%{have_gluster}
    %global block_drivers_list %{block_drivers_list},gluster
%endif

  --block-drv-rw-whitelist=%{block_drivers_list}
  --block-drv-ro-whitelist=vmdk,vhdx,vpc,https,ssh


IOW, VMDK is already blocked from read-write usage with qemu-system-x86-64, but is allowed with qemu-img.

The latter is the scenario where Bug #1955608 reported the perf limitations. 

Note, the read-write usage is also permitted in other tools like  qemu-io and qemu-nbd  - I think that qemu-nbd probably ought to honour the restricted read-write driver list.
Comment 5 Kevin Wolf 2021-07-07 07:36:10 UTC 
I guess we could introduce a configure option that makes tools respect the same list as the emulator.

This would affect more than just vmdk: The drivers in the list Daniel mentioned above (vmdk, vhdx, vpc, https, ssh) would all become read-only in tools. Additionally, all drivers that are compiled in, but not in either list, would be completely disabled (blklogwrites, blkverify, compress, ftp, ftps, host_cdrom, http, iser, null-aio, preallocate, quorum).

I think this is fine. None of them look like something you could need in qemu-img or other tools specifically when you don't need them in VMs.
Comment 6 Richard W.M. Jones 2021-07-07 08:46:24 UTC 
Virt-v2v uses "https" and "ssh", but only read-only.

Virt-v2v also uses "null-co" for writes (is this related to null-aio?).

In theory we can use "http" although probably no actual VMware
server only supports this and not "https".

Also virt-v2v is planning to use "compress" for qcow2 compression,
assuming this command is correct:
qemu-nbd --image-opts driver=compress,file.driver=qcow2,file.file.driver=file,file.file.filename=new.qcow2

"preallocate" looks interesting too.  Could it solve this bug?
https://bugzilla.redhat.com/show_bug.cgi?id=1845518
Comment 7 Kevin Wolf 2021-07-07 13:00:08 UTC 
(In reply to Richard W.M. Jones from comment #6)
> Virt-v2v also uses "null-co" for writes (is this related to null-aio?).

It provides the same functionality, but using different code paths. null-co is whitelisted, so this wouldn't be a problem.

> In theory we can use "http" although probably no actual VMware
> server only supports this and not "https".
> 
> Also virt-v2v is planning to use "compress" for qcow2 compression,
> assuming this command is correct:
> qemu-nbd --image-opts
> driver=compress,file.driver=qcow2,file.file.driver=file,file.file.
> filename=new.qcow2

I think there are some restrictions for compressed writes like that you can't write twice to the same cluster with it, but if you're starting with an empty image and writing sequentially to it, this looks good to me. (Though I don't think I've ever tried out the 'compress' filter myself.)

If you want to use this, please open a bug so that we can explicitly enable the driver. Same for 'http' if you think it could be used, though it may have been intentional to support only 'https'?

> "preallocate" looks interesting too.  Could it solve this bug?
> https://bugzilla.redhat.com/show_bug.cgi?id=1845518

Looks unrelated. This is the commit message and documentation for the 'preallocate' filter:

commit 33fa2222eb044147e75e5ec395e1fd53328bc9fb
Author: Vladimir Sementsov-Ogievskiy <vsementsov>
Date:   Wed Oct 21 17:58:46 2020 +0300

    block: introduce preallocate filter
    
    It's intended to be inserted between format and protocol nodes to
    preallocate additional space (expanding protocol file) on writes
    crossing EOF. It improves performance for file-systems with slow
    allocation.

##
# @BlockdevOptionsPreallocate:
#
# Filter driver intended to be inserted between format and protocol node
# and do preallocation in protocol node on write.
#
# @prealloc-align: on preallocation, align file length to this number,
#                  default 1048576 (1M)
#
# @prealloc-size: how much to preallocate, default 134217728 (128M)
#
# Since: 6.0
##
Comment 8 Richard W.M. Jones 2021-07-07 16:03:48 UTC 
Here's the feature request about "compress":
https://bugzilla.redhat.com/show_bug.cgi?id=1980035

Looking back over my email, it seems we did deliberately
disable "http" because virt-v2v does not use it (only "https"),
so let's not touch that one.
Comment 11 Yanan Fu 2021-07-26 12:36:51 UTC 
QE bot(pre verify): Set 'Verified:Tested,SanityOnly' as gating/tier1 test pass.
Comment 14 Tingting Mao 2021-07-27 12:24:49 UTC 
Hi Kevin,

Tried to verify this bug as below, booting from and converting to an image with VMDK all failed with read-only prompt, but creating an image with VMDK works. Could you please help to check whether the results are as expected?

Plus, could you please help to check whether the test scenarios are enough? If not, what else should I test?

Thanks in advance.



Tested with:
qemu-kvm-6.0.0-10.el9
kernel-5.14.0-0.rc2.23.el9.x86_64


Steps and results:
1. Create an image with VMDK format. ---------------------------> Success.
# qemu-img create -f vmdk testtt.vmdk 2G
Formatting 'testtt.vmdk', fmt=vmdk size=2147483648 compat6=off hwversion=undefined
# echo $?
0

2. Boot up a guest from a VMDK image. -------------------------------> Fail with read-only.
qemu-kvm: -blockdev driver=vmdk,node-name=my,file=my_file: Driver 'vmdk' can only be used for read-only devices

3. Convert an image to a VMDK image. -----------------------------------> Fail with read-only.
# qemu-img convert -f qcow2 -O vmdk test.qcow2 tgt.vmdk -p
qemu-img: Could not open 'tgt.vmdk': Driver 'vmdk' can only be used for read-only devices

4. Convert a VMDK image to another image with other format. --------------------------------------> Success.
# qemu-img convert -f vmdk -O raw test.vmdk tgt.img -p
    (100.00/100%)
# echo $?
0
Comment 15 Tingting Mao 2021-08-03 11:05:06 UTC 
Confirmed with Kevin via IRC, the test scenarios are enough to set this bug as verified. So I will clear the needinfo. Thanks Kevin.
Note You need to log in before you can comment on or make changes to this bug.