LIO: untaint values read from remote config

The LIO backend for ZFS over iSCSI fetches the json-config periodically from
the target.
This patch reduces the stored config values to those which are actually used
and additonally untaints the values read from the remote host's config-file.

Since the LUN index is used in calls to targetcli on the remote host (via
run_command), untainting prevents the call to crash when run with '-T'.

Tested by creating a zfs over iscsi backed VM, starting it, adding disks,
resizing disks, removing disks, creating snapshots, rolling back to a snapshot.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>

diff --git a/PVE/Storage/LunCmd/LIO.pm b/PVE/Storage/LunCmd/LIO.pm
index 15ddabf380b4d6de3aceea0547fe88f52ed528fd..f9e7143d1c30dde88fa9c02e8315e4288078be96 100644 (file)
--- a/PVE/Storage/LunCmd/LIO.pm
+++ b/PVE/Storage/LunCmd/LIO.pm
@@ -154,8 +154,22 @@ my $parser = sub {
        # find correct TPG
        foreach my $tpg (@{$target->{tpgs}}) {
            if ($tpg->{tag} == $tpg_tag) {
+               my $res = [];
+               foreach my $lun (@{$tpg->{luns}}) {
+                   my ($idx, $storage_object);
+                   if ($lun->{index} =~ /^(\d+)$/) {
+                       $idx = $1;
+                   }
+                   if ($lun->{storage_object} =~ m|^($BACKSTORE/.*)$|) {
+                       $storage_object = $1;
+                   }
+                   die "Invalid lun definition in config!\n"
+                       if !(defined($idx) && defined($storage_object));
+                   push @$res, { index => $idx, storage_object => $storage_object };
+               }
+
                my $id = "$scfg->{portal}.$scfg->{target}";
-               $SETTINGS->{$id} = $tpg;
+               $SETTINGS->{$id}->{luns} = $res;
                $haveTarget = 1;
                last;
            }