I have another idea that I hope will solve the problem in a more
complete way. The fundamental issue is that it's impossible to probe
raw images reliably. We can probe qcow2, vmdk, etc but not raw.
So, let's do the following: have raw_probe() always fail. Probing
shouldn't be a heuristic, it should be an absolute. We can't prove it's
a raw image, so we should always fail.
To accomodate current use-cases with raw, let's introduce a new format
called "probed_raw". probed_raw's semantics will be the following:
The signature of a probed_raw will be ~{'QFI\xfb', 'VMDK', 'COWD',
'OOOM', ...}. If the signature is 'QRAW', then instead of reading the
first sector at offset 0, we read the first sector at offset LENGTH. If
the signature is 'QRAW', LENGTH is computed by calculating FILE_SIZE - 512.
For probed_raw, write requests to sector 0 are checked. If the first
four bytes is an invalid probed_raw signature or QRAW, we write a QRAW
signature to file offset 0 and copy the first sector to the end of the
file redirecting reads and writes to the end of file.
An approach like this has the following properties:
1) We can make the bdrv_probe check 100% reliable and return a boolean.
2) In the cases where we known format=raw, none of this code is ever
invoked.
3) probed_raw images usually look exactly like raw images in most cases
4) In the degenerate cases, probe_raw images are still mountable in the
normal way.
5) Even after the QRAW signature is applied, if the guest writes a valid
signature, we can truncate the file and make it appear as a normal raw
image.
Christoph/Markus/Stefan, does this seem like a more reasonable approach?