mirror of
https://github.com/qemu/qemu.git
synced 2026-04-06 14:10:28 +00:00
4adf36d940
When reading to / writing from non-growable exports, we cap the I/O size by `offset - blk_len`. This will underflow for accesses that are completely past the disk end. Check and handle that case explicitly. This is also enough to ensure that `offset + size` will not overflow; blk_len is int64_t, offset is uint32_t, `offset < blk_len`, so from `INT64_MAX + UINT32_MAX < UINT64_MAX` it follows that `offset + size` cannot overflow. Just one catch: We have to allow write accesses to growable exports past the EOF, so then we cannot rely on `offset < blk_len`, but have to verify explicitly that `offset + size` does not overflow. The negative consequences of not having this commit are luckily limited because blk_pread() and blk_pwrite() will reject post-EOF requests anyway, so a `size` underflow post-EOF will just result in an I/O error. So: - Post-EOF reads will incorrectly result in I/O errors instead of just 0-length reads. We will also attempt to allocate a very large buffer, which is wrong and not good, but not terrible. - Post-EOF writes on non-growable exports will result in I/O errors instead of 0-length writes (which generally indicate ENOSPC). - Post-EOF writes on growable exports can theoretically overflow on EOF and truncate the export down to a much too small size, but in practice, FUSE will never send an offset greater than signed INT_MAX, preventing a uint64_t overflow. (fuse_write_args_fill() in the kernel uses loff_t for the offset, which is signed.) Signed-off-by: Hanna Czenczek <hreitz@redhat.com> Message-ID: <20260309150856.26800-15-hreitz@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
221 lines
7.3 KiB
Plaintext
221 lines
7.3 KiB
Plaintext
QA output created by 308
|
|
=== Set up ===
|
|
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
|
|
wrote 67108864/67108864 bytes at offset 0
|
|
64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
{'execute': 'qmp_capabilities'}
|
|
{"return": {}}
|
|
{'execute': 'blockdev-add',
|
|
'arguments': {
|
|
'driver': 'file',
|
|
'node-name': 'node-protocol',
|
|
'filename': 'TEST_DIR/t.IMGFMT'
|
|
} }
|
|
{"return": {}}
|
|
{'execute': 'blockdev-add',
|
|
'arguments': {
|
|
'driver': 'IMGFMT',
|
|
'node-name': 'node-format',
|
|
'file': 'node-protocol'
|
|
} }
|
|
{"return": {}}
|
|
|
|
=== Mountpoint not present ===
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-err',
|
|
'node-name': 'node-format',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse'
|
|
} }
|
|
{"error": {"class": "GenericError", "desc": "Failed to stat 'TEST_DIR/t.IMGFMT.fuse': No such file or directory"}}
|
|
|
|
=== Mountpoint is a directory ===
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-err',
|
|
'node-name': 'node-format',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse'
|
|
} }
|
|
{"error": {"class": "GenericError", "desc": "'TEST_DIR/t.IMGFMT.fuse' is not a regular file"}}
|
|
|
|
=== Mountpoint is a regular file ===
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-mp',
|
|
'node-name': 'node-format',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse'
|
|
} }
|
|
{"return": {}}
|
|
Images are identical.
|
|
Permissions pre-chmod: 400
|
|
chmod: changing permissions of 'TEST_DIR/t.IMGFMT.fuse': Read-only file system
|
|
Permissions post-+w: 400
|
|
chmod: changing permissions of 'TEST_DIR/t.IMGFMT.fuse': Read-only file system
|
|
Permissions post-+x: 400
|
|
|
|
=== Mount over existing file ===
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-img',
|
|
'node-name': 'node-format',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT'
|
|
} }
|
|
{"return": {}}
|
|
Images are identical.
|
|
|
|
=== Double export ===
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-err',
|
|
'node-name': 'node-format',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse'
|
|
} }
|
|
{"error": {"class": "GenericError", "desc": "There already is a FUSE export on 'TEST_DIR/t.IMGFMT.fuse'"}}
|
|
|
|
=== Remove export ===
|
|
virtual size: 64 MiB (67108864 bytes)
|
|
{'execute': 'block-export-del',
|
|
'arguments': {
|
|
'id': 'export-mp'
|
|
} }
|
|
{"return": {}}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "export-mp"}}
|
|
virtual size: 0 B (0 bytes)
|
|
|
|
=== Writable export ===
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-mp',
|
|
'node-name': 'node-format',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true
|
|
} }
|
|
{"return": {}}
|
|
Writing to read-only export failed: OK
|
|
wrote 65536/65536 bytes at offset 1048576
|
|
64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
wrote 65536/65536 bytes at offset 1048576
|
|
64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
|
|
=== Resizing exports ===
|
|
{'execute': 'block-export-del',
|
|
'arguments': {
|
|
'id': 'export-mp'
|
|
} }
|
|
{"return": {}}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "export-mp"}}
|
|
{'execute': 'block-export-del',
|
|
'arguments': {
|
|
'id': 'export-img'
|
|
} }
|
|
{"return": {}}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "export-img"}}
|
|
{'execute': 'blockdev-del',
|
|
'arguments': {
|
|
'node-name': 'node-format'
|
|
} }
|
|
{"return": {}}
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-mp',
|
|
'node-name': 'node-protocol',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true
|
|
} }
|
|
{"return": {}}
|
|
|
|
--- Try growing non-growable export ---
|
|
(OK: Lengths of export and original are the same)
|
|
dd: error writing 'TEST_DIR/t.IMGFMT.fuse': No space left on device
|
|
1+0 records in
|
|
0+0 records out
|
|
dd: error writing 'TEST_DIR/t.IMGFMT.fuse': No space left on device
|
|
1+0 records in
|
|
0+0 records out
|
|
32768+0 records in
|
|
32768+0 records out
|
|
dd: TEST_DIR/t.IMGFMT.fuse: cannot skip to specified offset
|
|
0+0 records in
|
|
0+0 records out
|
|
|
|
--- Resize export ---
|
|
(OK: Lengths of export and original are the same)
|
|
OK: Post-truncate image size is as expected
|
|
OK: Disk usage grew with fallocate
|
|
0+1 records in
|
|
0+1 records out
|
|
|
|
--- Try growing growable export ---
|
|
{'execute': 'block-export-del',
|
|
'arguments': {
|
|
'id': 'export-mp'
|
|
} }
|
|
{"return": {}}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "export-mp"}}
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export-mp',
|
|
'node-name': 'node-protocol',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true, 'growable': true
|
|
} }
|
|
{"return": {}}
|
|
65536+0 records in
|
|
65536+0 records out
|
|
(OK: Lengths of export and original are the same)
|
|
OK: Post-grow image size is as expected
|
|
|
|
--- Shrink export ---
|
|
(OK: Lengths of export and original are the same)
|
|
OK: Post-truncate image size is as expected
|
|
|
|
=== Tear down ===
|
|
{'execute': 'quit'}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false, "reason": "host-qmp-quit"}}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "export-mp"}}
|
|
{"return": {}}
|
|
|
|
=== Compare copy with original ===
|
|
Images are identical.
|
|
|
|
=== Writing zeroes while unmapping ===
|
|
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
|
|
wrote 67108864/67108864 bytes at offset 0
|
|
64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
{'execute': 'qmp_capabilities'}
|
|
{"return": {}}
|
|
{'execute': 'blockdev-add',
|
|
'arguments': {
|
|
'driver': 'IMGFMT',
|
|
'node-name': 'node-format',
|
|
'file': {
|
|
'driver': 'file',
|
|
'filename': 'TEST_DIR/t.IMGFMT'
|
|
}
|
|
} }
|
|
{"return": {}}
|
|
{'execute': 'block-export-add',
|
|
'arguments': {
|
|
'type': 'fuse',
|
|
'id': 'export',
|
|
'node-name': 'node-format',
|
|
'mountpoint': 'TEST_DIR/t.IMGFMT.fuse', 'writable': true
|
|
} }
|
|
{"return": {}}
|
|
wrote 67108864/67108864 bytes at offset 0
|
|
64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
read 67108864/67108864 bytes at offset 0
|
|
64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
{'execute': 'quit'}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "SHUTDOWN", "data": {"guest": false, "reason": "host-qmp-quit"}}
|
|
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "export"}}
|
|
{"return": {}}
|
|
read 67108864/67108864 bytes at offset 0
|
|
64 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
|
|
*** done
|