From nobody Mon Apr 29 19:17:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1502311224830279.9733112875; Wed, 9 Aug 2017 13:40:24 -0700 (PDT) Received: from localhost ([::1]:49745 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXmB-0008AT-DV for importer@patchew.org; Wed, 09 Aug 2017 16:40:23 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51767) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXkA-0006lk-8N for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dfXk9-0008Jm-0U for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:18 -0400 Received: from mx1.redhat.com ([209.132.183.28]:46362) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dfXk4-0008HI-Sl; Wed, 09 Aug 2017 16:38:12 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CDD4312B62D; Wed, 9 Aug 2017 20:38:11 +0000 (UTC) Received: from red.redhat.com (ovpn-120-43.rdu2.redhat.com [10.10.120.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 04941600C6; Wed, 9 Aug 2017 20:38:10 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com CDD4312B62D Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=eblake@redhat.com From: Eric Blake To: qemu-devel@nongnu.org Date: Wed, 9 Aug 2017 15:38:04 -0500 Message-Id: <20170809203808.31725-2-eblake@redhat.com> In-Reply-To: <20170809203808.31725-1-eblake@redhat.com> References: <20170809203808.31725-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Wed, 09 Aug 2017 20:38:12 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 1/5] vpc: Check failure of bdrv_getlength() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" vpc_open() was checking for bdrv_getlength() failure in one, but not the other, location. Reported-by: Markus Armbruster Signed-off-by: Eric Blake Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Jeff Cody Reviewed-by: John Snow --- v2: error message tweak [Kevin] --- block/vpc.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/block/vpc.c b/block/vpc.c index 574879ba7c..82911ebead 100644 --- a/block/vpc.c +++ b/block/vpc.c @@ -219,6 +219,7 @@ static int vpc_open(BlockDriverState *bs, QDict *option= s, int flags, uint64_t pagetable_size; int disk_type =3D VHD_DYNAMIC; int ret; + int64_t bs_size; bs->file =3D bdrv_open_child(NULL, options, "file", bs, &child_file, false, errp); @@ -411,7 +412,13 @@ static int vpc_open(BlockDriverState *bs, QDict *optio= ns, int flags, } } - if (s->free_data_block_offset > bdrv_getlength(bs->file->bs)) { + bs_size =3D bdrv_getlength(bs->file->bs); + if (bs_size < 0) { + error_setg_errno(errp, -bs_size, "Unable to learn image size"); + ret =3D bs_size; + goto fail; + } + if (s->free_data_block_offset > bs_size) { error_setg(errp, "block-vpc: free_data_block_offset points aft= er " "the end of file. The image has been truncate= d."); ret =3D -EINVAL; --=20 2.13.4 From nobody Mon Apr 29 19:17:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1502311377382686.5479478316336; Wed, 9 Aug 2017 13:42:57 -0700 (PDT) Received: from localhost ([::1]:49761 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXoe-0002H7-1s for importer@patchew.org; Wed, 09 Aug 2017 16:42:56 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51820) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXkC-0006oP-CC for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dfXkA-0008LC-Ff for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:20 -0400 Received: from mx1.redhat.com ([209.132.183.28]:51930) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dfXk6-0008Ht-4E; Wed, 09 Aug 2017 16:38:14 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1204A14039F; Wed, 9 Aug 2017 20:38:13 +0000 (UTC) Received: from red.redhat.com (ovpn-120-43.rdu2.redhat.com [10.10.120.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0EF45600C6; Wed, 9 Aug 2017 20:38:11 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 1204A14039F Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=eblake@redhat.com From: Eric Blake To: qemu-devel@nongnu.org Date: Wed, 9 Aug 2017 15:38:05 -0500 Message-Id: <20170809203808.31725-3-eblake@redhat.com> In-Reply-To: <20170809203808.31725-1-eblake@redhat.com> References: <20170809203808.31725-1-eblake@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Wed, 09 Aug 2017 20:38:13 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 2/5] qcow: Change signature of get_cluster_offset() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The old signature has an ambiguous meaning for a return of 0: either no allocation was requested or necessary, or an error occurred (but any errno associated with the error is lost to the caller, which then has to assume EIO). Better is to follow the example of qcow2, by changing the signature to have a separate return value that cleanly distinguishes between failure and success, along with a parameter that cleanly holds a 64-bit value. Then update all callers. While auditing that all return paths return a negative errno (rather than -1), I also simplified places where we can pass NULL rather than a local Error that just gets thrown away. Suggested-by: Kevin Wolf Signed-off-by: Eric Blake --- block/qcow.c | 135 +++++++++++++++++++++++++++++++++----------------------= ---- 1 file changed, 76 insertions(+), 59 deletions(-) diff --git a/block/qcow.c b/block/qcow.c index c08cdc4a7b..d07bef6306 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -347,19 +347,21 @@ static int qcow_reopen_prepare(BDRVReopenState *state, * 'compressed_size'. 'compressed_size' must be > 0 and < * cluster_size * - * return 0 if not allocated. + * return 0 if not allocated, 1 if *result is assigned, and negative + * errno on failure. */ -static uint64_t get_cluster_offset(BlockDriverState *bs, - uint64_t offset, int allocate, - int compressed_size, - int n_start, int n_end) +static int get_cluster_offset(BlockDriverState *bs, + uint64_t offset, int allocate, + int compressed_size, + int n_start, int n_end, uint64_t *result) { BDRVQcowState *s =3D bs->opaque; - int min_index, i, j, l1_index, l2_index; + int min_index, i, j, l1_index, l2_index, ret; uint64_t l2_offset, *l2_table, cluster_offset, tmp; uint32_t min_count; int new_l2_table; + *result =3D 0; l1_index =3D offset >> (s->l2_bits + s->cluster_bits); l2_offset =3D s->l1_table[l1_index]; new_l2_table =3D 0; @@ -373,10 +375,12 @@ static uint64_t get_cluster_offset(BlockDriverState *= bs, /* update the L1 entry */ s->l1_table[l1_index] =3D l2_offset; tmp =3D cpu_to_be64(l2_offset); - if (bdrv_pwrite_sync(bs->file, - s->l1_table_offset + l1_index * sizeof(tmp), - &tmp, sizeof(tmp)) < 0) - return 0; + ret =3D bdrv_pwrite_sync(bs->file, + s->l1_table_offset + l1_index * sizeof(tmp), + &tmp, sizeof(tmp)); + if (ret < 0) { + return ret; + } new_l2_table =3D 1; } for(i =3D 0; i < L2_CACHE_SIZE; i++) { @@ -403,14 +407,17 @@ static uint64_t get_cluster_offset(BlockDriverState *= bs, l2_table =3D s->l2_cache + (min_index << s->l2_bits); if (new_l2_table) { memset(l2_table, 0, s->l2_size * sizeof(uint64_t)); - if (bdrv_pwrite_sync(bs->file, l2_offset, l2_table, - s->l2_size * sizeof(uint64_t)) < 0) - return 0; + ret =3D bdrv_pwrite_sync(bs->file, l2_offset, l2_table, + s->l2_size * sizeof(uint64_t)); + if (ret < 0) { + return ret; + } } else { - if (bdrv_pread(bs->file, l2_offset, l2_table, - s->l2_size * sizeof(uint64_t)) !=3D - s->l2_size * sizeof(uint64_t)) - return 0; + ret =3D bdrv_pread(bs->file, l2_offset, l2_table, + s->l2_size * sizeof(uint64_t)); + if (ret < 0) { + return ret; + } } s->l2_cache_offsets[min_index] =3D l2_offset; s->l2_cache_counts[min_index] =3D 1; @@ -427,16 +434,18 @@ static uint64_t get_cluster_offset(BlockDriverState *= bs, /* if the cluster is already compressed, we must decompress it in the case it is not completely overwritten */ - if (decompress_cluster(bs, cluster_offset) < 0) - return 0; + if (decompress_cluster(bs, cluster_offset) < 0) { + return -EIO; + } cluster_offset =3D bdrv_getlength(bs->file->bs); cluster_offset =3D (cluster_offset + s->cluster_size - 1) & ~(s->cluster_size - 1); /* write the cluster content */ - if (bdrv_pwrite(bs->file, cluster_offset, s->cluster_cache, - s->cluster_size) !=3D - s->cluster_size) - return -1; + ret =3D bdrv_pwrite(bs->file, cluster_offset, s->cluster_cache, + s->cluster_size); + if (ret < 0) { + return ret; + } } else { cluster_offset =3D bdrv_getlength(bs->file->bs); if (allocate =3D=3D 1) { @@ -454,20 +463,19 @@ static uint64_t get_cluster_offset(BlockDriverState *= bs, start_sect =3D (offset & ~(s->cluster_size - 1)) >> 9; for(i =3D 0; i < s->cluster_sectors; i++) { if (i < n_start || i >=3D n_end) { - Error *err =3D NULL; memset(s->cluster_data, 0x00, 512); if (qcrypto_block_encrypt(s->crypto, start_sec= t + i, s->cluster_data, BDRV_SECTOR_SIZE, - &err) < 0) { - error_free(err); - errno =3D EIO; - return -1; + NULL) < 0) { + return -EIO; + } + ret =3D bdrv_pwrite(bs->file, + cluster_offset + i * 512, + s->cluster_data, 512); + if (ret < 0) { + return ret; } - if (bdrv_pwrite(bs->file, - cluster_offset + i * 512, - s->cluster_data, 512) !=3D 512) - return -1; } } } @@ -479,23 +487,29 @@ static uint64_t get_cluster_offset(BlockDriverState *= bs, /* update L2 table */ tmp =3D cpu_to_be64(cluster_offset); l2_table[l2_index] =3D tmp; - if (bdrv_pwrite_sync(bs->file, l2_offset + l2_index * sizeof(tmp), - &tmp, sizeof(tmp)) < 0) - return 0; + ret =3D bdrv_pwrite_sync(bs->file, l2_offset + l2_index * sizeof(t= mp), + &tmp, sizeof(tmp)); + if (ret < 0) { + return ret; + } } - return cluster_offset; + *result =3D cluster_offset; + return 1; } static int64_t coroutine_fn qcow_co_get_block_status(BlockDriverState *bs, int64_t sector_num, int nb_sectors, int *pnum, BlockDriverState **= file) { BDRVQcowState *s =3D bs->opaque; - int index_in_cluster, n; + int index_in_cluster, n, ret; uint64_t cluster_offset; qemu_co_mutex_lock(&s->lock); - cluster_offset =3D get_cluster_offset(bs, sector_num << 9, 0, 0, 0, 0); + ret =3D get_cluster_offset(bs, sector_num << 9, 0, 0, 0, 0, &cluster_o= ffset); qemu_co_mutex_unlock(&s->lock); + if (ret < 0) { + return ret; + } index_in_cluster =3D sector_num & (s->cluster_sectors - 1); n =3D s->cluster_sectors - index_in_cluster; if (n > nb_sectors) @@ -572,7 +586,6 @@ static coroutine_fn int qcow_co_readv(BlockDriverState = *bs, int64_t sector_num, QEMUIOVector hd_qiov; uint8_t *buf; void *orig_buf; - Error *err =3D NULL; if (qiov->niov > 1) { buf =3D orig_buf =3D qemu_try_blockalign(bs, qiov->size); @@ -588,8 +601,11 @@ static coroutine_fn int qcow_co_readv(BlockDriverState= *bs, int64_t sector_num, while (nb_sectors !=3D 0) { /* prepare next request */ - cluster_offset =3D get_cluster_offset(bs, sector_num << 9, - 0, 0, 0, 0); + ret =3D get_cluster_offset(bs, sector_num << 9, + 0, 0, 0, 0, &cluster_offset); + if (ret < 0) { + break; + } index_in_cluster =3D sector_num & (s->cluster_sectors - 1); n =3D s->cluster_sectors - index_in_cluster; if (n > nb_sectors) { @@ -606,7 +622,7 @@ static coroutine_fn int qcow_co_readv(BlockDriverState = *bs, int64_t sector_num, ret =3D bdrv_co_readv(bs->backing, sector_num, n, &hd_qiov= ); qemu_co_mutex_lock(&s->lock); if (ret < 0) { - goto fail; + break; } } else { /* Note: in this case, no need to wait */ @@ -615,13 +631,15 @@ static coroutine_fn int qcow_co_readv(BlockDriverStat= e *bs, int64_t sector_num, } else if (cluster_offset & QCOW_OFLAG_COMPRESSED) { /* add AIO support for compressed blocks ? */ if (decompress_cluster(bs, cluster_offset) < 0) { - goto fail; + ret =3D -EIO; + break; } memcpy(buf, s->cluster_cache + index_in_cluster * 512, 512 * n); } else { if ((cluster_offset & 511) !=3D 0) { - goto fail; + ret =3D -EIO; + break; } hd_iov.iov_base =3D (void *)buf; hd_iov.iov_len =3D n * 512; @@ -637,8 +655,9 @@ static coroutine_fn int qcow_co_readv(BlockDriverState = *bs, int64_t sector_num, if (bs->encrypted) { assert(s->crypto); if (qcrypto_block_decrypt(s->crypto, sector_num, buf, - n * BDRV_SECTOR_SIZE, &err) < 0)= { - goto fail; + n * BDRV_SECTOR_SIZE, NULL) < 0)= { + ret =3D -EIO; + break; } } } @@ -649,7 +668,6 @@ static coroutine_fn int qcow_co_readv(BlockDriverState = *bs, int64_t sector_num, buf +=3D n * 512; } -done: qemu_co_mutex_unlock(&s->lock); if (qiov->niov > 1) { @@ -658,11 +676,6 @@ done: } return ret; - -fail: - error_free(err); - ret =3D -EIO; - goto done; } static coroutine_fn int qcow_co_writev(BlockDriverState *bs, int64_t secto= r_num, @@ -701,19 +714,20 @@ static coroutine_fn int qcow_co_writev(BlockDriverSta= te *bs, int64_t sector_num, if (n > nb_sectors) { n =3D nb_sectors; } - cluster_offset =3D get_cluster_offset(bs, sector_num << 9, 1, 0, - index_in_cluster, - index_in_cluster + n); + ret =3D get_cluster_offset(bs, sector_num << 9, 1, 0, + index_in_cluster, + index_in_cluster + n, &cluster_offset); + if (ret < 0) { + break; + } if (!cluster_offset || (cluster_offset & 511) !=3D 0) { ret =3D -EIO; break; } if (bs->encrypted) { - Error *err =3D NULL; assert(s->crypto); if (qcrypto_block_encrypt(s->crypto, sector_num, buf, - n * BDRV_SECTOR_SIZE, &err) < 0) { - error_free(err); + n * BDRV_SECTOR_SIZE, NULL) < 0) { ret =3D -EIO; break; } @@ -1001,8 +1015,11 @@ qcow_co_pwritev_compressed(BlockDriverState *bs, uin= t64_t offset, goto success; } qemu_co_mutex_lock(&s->lock); - cluster_offset =3D get_cluster_offset(bs, offset, 2, out_len, 0, 0); + ret =3D get_cluster_offset(bs, offset, 2, out_len, 0, 0, &cluster_offs= et); qemu_co_mutex_unlock(&s->lock); + if (ret < 0) { + goto fail; + } if (cluster_offset =3D=3D 0) { ret =3D -EIO; goto fail; --=20 2.13.4 From nobody Mon Apr 29 19:17:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1502311218790239.4673346475298; Wed, 9 Aug 2017 13:40:18 -0700 (PDT) Received: from localhost ([::1]:49743 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXm5-00085Z-Cv for importer@patchew.org; Wed, 09 Aug 2017 16:40:17 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51816) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXkC-0006oE-6j for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dfXkA-0008Lg-Ui for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:20 -0400 Received: from mx1.redhat.com ([209.132.183.28]:46810) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dfXk7-0008IP-BN; Wed, 09 Aug 2017 16:38:15 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4A1CA2F7C56; Wed, 9 Aug 2017 20:38:14 +0000 (UTC) Received: from red.redhat.com (ovpn-120-43.rdu2.redhat.com [10.10.120.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4AA85600C6; Wed, 9 Aug 2017 20:38:13 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 4A1CA2F7C56 Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=eblake@redhat.com From: Eric Blake To: qemu-devel@nongnu.org Date: Wed, 9 Aug 2017 15:38:06 -0500 Message-Id: <20170809203808.31725-4-eblake@redhat.com> In-Reply-To: <20170809203808.31725-1-eblake@redhat.com> References: <20170809203808.31725-1-eblake@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Wed, 09 Aug 2017 20:38:14 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 3/5] qcow: Check failure of bdrv_getlength() and bdrv_truncate() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Omitting the check for whether bdrv_getlength() and bdrv_truncate() failed meant that it was theoretically possible to return an incorrect offset to the caller. More likely, conditions for either of these functions to fail would also cause one of our other calls (such as bdrv_pread() or bdrv_pwrite_sync()) to also fail, but auditing that we are safe is difficult compared to just patching things to always forward on the error rather than ignoring it. Use osdep.h macros instead of open-coded rounding while in the area. Reported-by: Markus Armbruster Signed-off-by: Eric Blake --- v2: Rebase to new signature to not corrupt compressed clusters, and fix lock handling [Kevin], check for truncate overflow [Jeff] --- block/qcow.c | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/block/qcow.c b/block/qcow.c index d07bef6306..f450b00cfc 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -357,7 +357,8 @@ static int get_cluster_offset(BlockDriverState *bs, { BDRVQcowState *s =3D bs->opaque; int min_index, i, j, l1_index, l2_index, ret; - uint64_t l2_offset, *l2_table, cluster_offset, tmp; + int64_t l2_offset; + uint64_t *l2_table, cluster_offset, tmp; uint32_t min_count; int new_l2_table; @@ -370,8 +371,11 @@ static int get_cluster_offset(BlockDriverState *bs, return 0; /* allocate a new l2 entry */ l2_offset =3D bdrv_getlength(bs->file->bs); + if (l2_offset < 0) { + return l2_offset; + } /* round to cluster size */ - l2_offset =3D (l2_offset + s->cluster_size - 1) & ~(s->cluster_siz= e - 1); + l2_offset =3D QEMU_ALIGN_UP(l2_offset, s->cluster_size); /* update the L1 entry */ s->l1_table[l1_index] =3D l2_offset; tmp =3D cpu_to_be64(l2_offset); @@ -438,8 +442,10 @@ static int get_cluster_offset(BlockDriverState *bs, return -EIO; } cluster_offset =3D bdrv_getlength(bs->file->bs); - cluster_offset =3D (cluster_offset + s->cluster_size - 1) & - ~(s->cluster_size - 1); + if ((int64_t) cluster_offset < 0) { + return cluster_offset; + } + cluster_offset =3D QEMU_ALIGN_UP(cluster_offset, s->cluster_si= ze); /* write the cluster content */ ret =3D bdrv_pwrite(bs->file, cluster_offset, s->cluster_cache, s->cluster_size); @@ -448,12 +454,20 @@ static int get_cluster_offset(BlockDriverState *bs, } } else { cluster_offset =3D bdrv_getlength(bs->file->bs); + if ((int64_t) cluster_offset < 0) { + return cluster_offset; + } if (allocate =3D=3D 1) { /* round to cluster size */ - cluster_offset =3D (cluster_offset + s->cluster_size - 1) & - ~(s->cluster_size - 1); - bdrv_truncate(bs->file, cluster_offset + s->cluster_size, - PREALLOC_MODE_OFF, NULL); + cluster_offset =3D QEMU_ALIGN_UP(cluster_offset, s->cluste= r_size); + if (cluster_offset + s->cluster_size > INT64_MAX) { + return -E2BIG; + } + ret =3D bdrv_truncate(bs->file, cluster_offset + s->cluste= r_size, + PREALLOC_MODE_OFF, NULL); + if (ret < 0) { + return ret; + } /* if encrypted, we must initialize the cluster content which won't be written */ if (bs->encrypted && --=20 2.13.4 From nobody Mon Apr 29 19:17:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 150231157649012.751097270730497; Wed, 9 Aug 2017 13:46:16 -0700 (PDT) Received: from localhost ([::1]:49788 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXrr-0004uE-8s for importer@patchew.org; Wed, 09 Aug 2017 16:46:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51813) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXkC-0006o9-4H for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dfXkB-0008Ll-2c for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:20 -0400 Received: from mx1.redhat.com ([209.132.183.28]:46494) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dfXk8-0008Iw-F3; Wed, 09 Aug 2017 16:38:16 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 56BF112B62D; Wed, 9 Aug 2017 20:38:15 +0000 (UTC) Received: from red.redhat.com (ovpn-120-43.rdu2.redhat.com [10.10.120.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8279B600C6; Wed, 9 Aug 2017 20:38:14 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 56BF112B62D Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=eblake@redhat.com From: Eric Blake To: qemu-devel@nongnu.org Date: Wed, 9 Aug 2017 15:38:07 -0500 Message-Id: <20170809203808.31725-5-eblake@redhat.com> In-Reply-To: <20170809203808.31725-1-eblake@redhat.com> References: <20170809203808.31725-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Wed, 09 Aug 2017 20:38:15 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 4/5] qcow2: Drop debugging dump_refcounts() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" It's been #if 0'd since its introduction in 2006, commit 585f8587. We can revive dead code if we need it, but in the meantime, it has bit-rotted (for example, not checking for failure in bdrv_getlength()). Signed-off-by: Eric Blake Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Jeff Cody Reviewed-by: Kevin Wolf Reviewed-by: John Snow --- block/qcow2.c | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/block/qcow2.c b/block/qcow2.c index d7c600b5a2..99407403ea 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -3798,27 +3798,6 @@ static ImageInfoSpecific *qcow2_get_specific_info(Bl= ockDriverState *bs) return spec_info; } -#if 0 -static void dump_refcounts(BlockDriverState *bs) -{ - BDRVQcow2State *s =3D bs->opaque; - int64_t nb_clusters, k, k1, size; - int refcount; - - size =3D bdrv_getlength(bs->file->bs); - nb_clusters =3D size_to_clusters(s, size); - for(k =3D 0; k < nb_clusters;) { - k1 =3D k; - refcount =3D get_refcount(bs, k); - k++; - while (k < nb_clusters && get_refcount(bs, k) =3D=3D refcount) - k++; - printf("%" PRId64 ": refcount=3D%d nb=3D%" PRId64 "\n", k, refcoun= t, - k - k1); - } -} -#endif - static int qcow2_save_vmstate(BlockDriverState *bs, QEMUIOVector *qiov, int64_t pos) { --=20 2.13.4 From nobody Mon Apr 29 19:17:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1502311379765438.4513439448116; Wed, 9 Aug 2017 13:42:59 -0700 (PDT) Received: from localhost ([::1]:49762 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXof-0002Jj-VB for importer@patchew.org; Wed, 09 Aug 2017 16:42:58 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51837) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dfXkD-0006p8-82 for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dfXkC-0008MM-7F for qemu-devel@nongnu.org; Wed, 09 Aug 2017 16:38:21 -0400 Received: from mx1.redhat.com ([209.132.183.28]:55320) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dfXk9-0008JU-FC; Wed, 09 Aug 2017 16:38:17 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 65D98166FFE; Wed, 9 Aug 2017 20:38:16 +0000 (UTC) Received: from red.redhat.com (ovpn-120-43.rdu2.redhat.com [10.10.120.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8D829600C6; Wed, 9 Aug 2017 20:38:15 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 65D98166FFE Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=eblake@redhat.com From: Eric Blake To: qemu-devel@nongnu.org Date: Wed, 9 Aug 2017 15:38:08 -0500 Message-Id: <20170809203808.31725-6-eblake@redhat.com> In-Reply-To: <20170809203808.31725-1-eblake@redhat.com> References: <20170809203808.31725-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Wed, 09 Aug 2017 20:38:16 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 5/5] qcow2: Check failure of bdrv_getlength() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" qcow2_co_pwritev_compressed() should not call bdrv_truncate() if determining the size failed. Reported-by: Markus Armbruster Signed-off-by: Eric Blake Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Jeff Cody Reviewed-by: Kevin Wolf Reviewed-by: John Snow --- block/qcow2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/block/qcow2.c b/block/qcow2.c index 99407403ea..40ba26c111 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -3282,12 +3282,15 @@ qcow2_co_pwritev_compressed(BlockDriverState *bs, u= int64_t offset, z_stream strm; int ret, out_len; uint8_t *buf, *out_buf; - uint64_t cluster_offset; + int64_t cluster_offset; if (bytes =3D=3D 0) { /* align end of file to a sector boundary to ease reading with sector based I/Os */ cluster_offset =3D bdrv_getlength(bs->file->bs); + if (cluster_offset < 0) { + return cluster_offset; + } return bdrv_truncate(bs->file, cluster_offset, PREALLOC_MODE_OFF, = NULL); } --=20 2.13.4