Comment 4 for bug 853330

Originally I thought it would be enough to simply:
  * check if image had a backing store, if not, convert it to raw
  * use the raw image

However, this shows that that is insufficient, as the attacker could put inside the first level qcow image a second level qcow image that. That one would survive.

So, my revised solution would be to:
 * check if image has backing store, if so, convert it to raw
 * check file format of 'raw' image, if it is not raw, raise error
 * use raw image