From nobody Thu May 9 00:16:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1573699751; cv=none; d=zoho.com; s=zohoarc; b=K1jAwHMIeIDbC1PgcQptnlh3NEIBEvPYjp6mvDAlOEu9i4O0rHqRDQwvglXnK3nEOjWVPn5XgKTZobpK3LcrWReu2yMlpJTtmSTSqFUOlRa6qqgYvgEMQrakkQ1JNdfx+DxhGLtsMmUcFWChMV5UtI44tvlOwdLyj+MTZvzmX2s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1573699751; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=F5KfJZw91wf5m1kKdZNwl83D5d2HipSZlShdtFGzIwg=; b=GVtmcNFPe9P0eRCGeyX3ORTx2AzDZfd807KMmLLJ8qLCSGjwiF/HiAnRklp0AQ6HGsdPtFEZJ+9/rztM6HxtFdYL+G5Ttnn3VreeTwoNS5PvzvExMcm8jYGwvpxmKoCyE9gikiRfTdYDkBRfq32+/t+X/1pI7VbeC/8UWTSAg60= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1573699751314951.9909782517163; Wed, 13 Nov 2019 18:49:11 -0800 (PST) Received: from localhost ([::1]:53012 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV5C0-0006iz-7g for importer@patchew.org; Wed, 13 Nov 2019 21:49:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60399) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV59h-0005C1-Sq for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:47 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iV59g-0002x5-EG for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:45 -0500 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:20120 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iV59g-0002wJ-9C for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:44 -0500 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-290-q2bKG3BKPw6szDAfzx9qYQ-1; Wed, 13 Nov 2019 21:46:40 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1DE38107ACC5; Thu, 14 Nov 2019 02:46:39 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-242.phx2.redhat.com [10.3.116.242]) by smtp.corp.redhat.com (Postfix) with ESMTP id 93C8381759; Thu, 14 Nov 2019 02:46:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1573699603; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=F5KfJZw91wf5m1kKdZNwl83D5d2HipSZlShdtFGzIwg=; b=a4NmuSVo0DWAufHIlBpkOo1T/mDhlrO9ldMr7GWg2HutcryIfoOsUCjvOp9XSDLHA3SVMy 40vCSqEFQi1/gYu2Koh6KX8fG/ypXukmWrqfqAagUqUEMTdrNtKLzjHJQPR0v6FFZ/cki8 pCE+uSWzkH6llnbeo8iGPMFH3ski8PM= From: Eric Blake To: qemu-devel@nongnu.org Subject: [PATCH v3 1/4] nbd/server: Prefer heap over stack for parsing client names Date: Wed, 13 Nov 2019 20:46:32 -0600 Message-Id: <20191114024635.11363-2-eblake@redhat.com> In-Reply-To: <20191114024635.11363-1-eblake@redhat.com> References: <20191114024635.11363-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-MC-Unique: q2bKG3BKPw6szDAfzx9qYQ-1 X-Mimecast-Spam-Score: 0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 205.139.110.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , vsementsov@virtuozzo.com, Max Reitz , qemu-block@nongnu.org, mlevitsk@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" As long as we limit NBD names to 256 bytes (the bare minimum permitted by the standard), stack-allocation works for parsing a name received from the client. But as mentioned in a comment, we eventually want to permit up to the 4k maximum of the NBD standard, which is too large for stack allocation; so switch everything in the server to use heap allocation. For now, there is no change in actually supported name length. Signed-off-by: Eric Blake Reviewed-by: Maxim Levitsky Reviewed-by: Vladimir Sementsov-Ogievskiy --- include/block/nbd.h | 10 +++++----- nbd/server.c | 25 +++++++++++++++---------- 2 files changed, 20 insertions(+), 15 deletions(-) diff --git a/include/block/nbd.h b/include/block/nbd.h index 316fd705a9e4..c306423dc85c 100644 --- a/include/block/nbd.h +++ b/include/block/nbd.h @@ -226,11 +226,11 @@ enum { /* Maximum size of a single READ/WRITE data buffer */ #define NBD_MAX_BUFFER_SIZE (32 * 1024 * 1024) -/* Maximum size of an export name. The NBD spec requires 256 and - * suggests that servers support up to 4096, but we stick to only the - * required size so that we can stack-allocate the names, and because - * going larger would require an audit of more code to make sure we - * aren't overflowing some other buffer. */ +/* + * Maximum size of an export name. The NBD spec requires a minimum of + * 256 and recommends that servers support up to 4096; all users use + * malloc so we can bump this constant without worry. + */ #define NBD_MAX_NAME_SIZE 256 /* Two types of reply structures */ diff --git a/nbd/server.c b/nbd/server.c index d8d1e6245532..c63b76b22735 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -324,18 +324,20 @@ static int nbd_opt_skip(NBDClient *client, size_t siz= e, Error **errp) * uint32_t len (<=3D NBD_MAX_NAME_SIZE) * len bytes string (not 0-terminated) * - * @name should be enough to store NBD_MAX_NAME_SIZE+1. + * On success, @name will be allocated. * If @length is non-null, it will be set to the actual string length. * * Return -errno on I/O error, 0 if option was completely handled by * sending a reply about inconsistent lengths, or 1 on success. */ -static int nbd_opt_read_name(NBDClient *client, char *name, uint32_t *leng= th, +static int nbd_opt_read_name(NBDClient *client, char **name, uint32_t *len= gth, Error **errp) { int ret; uint32_t len; + g_autofree char *local_name =3D NULL; + *name =3D NULL; ret =3D nbd_opt_read(client, &len, sizeof(len), errp); if (ret <=3D 0) { return ret; @@ -347,15 +349,17 @@ static int nbd_opt_read_name(NBDClient *client, char = *name, uint32_t *length, "Invalid name length: %" PRIu32, len); } - ret =3D nbd_opt_read(client, name, len, errp); + local_name =3D g_malloc(len + 1); + ret =3D nbd_opt_read(client, local_name, len, errp); if (ret <=3D 0) { return ret; } - name[len] =3D '\0'; + local_name[len] =3D '\0'; if (length) { *length =3D len; } + *name =3D g_steal_pointer(&local_name); return 1; } @@ -427,7 +431,7 @@ static void nbd_check_meta_export(NBDClient *client) static int nbd_negotiate_handle_export_name(NBDClient *client, bool no_zer= oes, Error **errp) { - char name[NBD_MAX_NAME_SIZE + 1]; + g_autofree char *name; char buf[NBD_REPLY_EXPORT_NAME_SIZE] =3D ""; size_t len; int ret; @@ -441,10 +445,11 @@ static int nbd_negotiate_handle_export_name(NBDClient= *client, bool no_zeroes, [10 .. 133] reserved (0) [unless no_zeroes] */ trace_nbd_negotiate_handle_export_name(); - if (client->optlen >=3D sizeof(name)) { + if (client->optlen > NBD_MAX_NAME_SIZE) { error_setg(errp, "Bad length received"); return -EINVAL; } + name =3D g_malloc(client->optlen + 1); if (nbd_read(client->ioc, name, client->optlen, "export name", errp) <= 0) { return -EIO; } @@ -533,7 +538,7 @@ static int nbd_reject_length(NBDClient *client, bool fa= tal, Error **errp) static int nbd_negotiate_handle_info(NBDClient *client, Error **errp) { int rc; - char name[NBD_MAX_NAME_SIZE + 1]; + g_autofree char *name =3D NULL; NBDExport *exp; uint16_t requests; uint16_t request; @@ -551,7 +556,7 @@ static int nbd_negotiate_handle_info(NBDClient *client,= Error **errp) 2 bytes: N, number of requests (can be 0) N * 2 bytes: N requests */ - rc =3D nbd_opt_read_name(client, name, &namelen, errp); + rc =3D nbd_opt_read_name(client, &name, &namelen, errp); if (rc <=3D 0) { return rc; } @@ -957,7 +962,7 @@ static int nbd_negotiate_meta_queries(NBDClient *client, NBDExportMetaContexts *meta, Error *= *errp) { int ret; - char export_name[NBD_MAX_NAME_SIZE + 1]; + g_autofree char *export_name =3D NULL; NBDExportMetaContexts local_meta; uint32_t nb_queries; int i; @@ -976,7 +981,7 @@ static int nbd_negotiate_meta_queries(NBDClient *client, memset(meta, 0, sizeof(*meta)); - ret =3D nbd_opt_read_name(client, export_name, NULL, errp); + ret =3D nbd_opt_read_name(client, &export_name, NULL, errp); if (ret <=3D 0) { return ret; } --=20 2.21.0 From nobody Thu May 9 00:16:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1573699856; cv=none; d=zoho.com; s=zohoarc; b=BsFI39esThNw0bVPA+VVaWFrrpRcoFkppBub86jhpqjDq254zXZDUoimf0O7XTYpGji3CRs6LS5UCWaUH7qH5iauX4KNpdiaXuRYbUUEXnp1kSbZ3Ve/pfSyl/Uc/AeH3Nv6NhfvHJEIL0CytQD3FWPs1AdPqatJ7HL4v8kCFjI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1573699856; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=47xaOjcuo94e/5zHn1u4hTI+rbUhD+M67pRD//YF174=; b=PgSPbaECLHsStmVZlp46WxfP+eA676ykd8erlUR0z2S3h1YPcQqOmJ5iLh8eDJdtSOYI3q370dAtg8GKuSkjJ1gsGeiZwKkkDyEKSXqFJz16ZwKwDVBsdm1e0WgOSEvBpmGTlu53U8AGN0GqBSWRrvRwKQ3Iu9yx5JA/2XT0D54= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1573699856104970.1811851868832; Wed, 13 Nov 2019 18:50:56 -0800 (PST) Received: from localhost ([::1]:53028 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV5Dh-0000fJ-VK for importer@patchew.org; Wed, 13 Nov 2019 21:50:54 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60499) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV59n-0005JR-KJ for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:53 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iV59l-00034c-2L for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:51 -0500 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:58010 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iV59k-000335-UU for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:48 -0500 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-418-qqT1jtxxOIOskAzBQDAK6Q-1; Wed, 13 Nov 2019 21:46:44 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id CCE70DB60; Thu, 14 Nov 2019 02:46:43 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-242.phx2.redhat.com [10.3.116.242]) by smtp.corp.redhat.com (Postfix) with ESMTP id 56C9181759; Thu, 14 Nov 2019 02:46:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1573699608; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=47xaOjcuo94e/5zHn1u4hTI+rbUhD+M67pRD//YF174=; b=CIhN1Hf33arA2Gynx/vML8BENWEjc2nDwh0FFB6j9ORx61WQh1DTABju1g2Qj896kgDCR7 Oyc4VcLj69+U6+fX+n1pnLLtzvvEoFZpbIclzqDlcoFmThDcwh0l7nLAlB2qe3xiwlTHMp 0E4KnX5r86YwD6AmS0CG7/89oE6Qgpc= From: Eric Blake To: qemu-devel@nongnu.org Subject: [PATCH v3 2/4] bitmap: Enforce maximum bitmap name length Date: Wed, 13 Nov 2019 20:46:33 -0600 Message-Id: <20191114024635.11363-3-eblake@redhat.com> In-Reply-To: <20191114024635.11363-1-eblake@redhat.com> References: <20191114024635.11363-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-MC-Unique: qqT1jtxxOIOskAzBQDAK6Q-1 X-Mimecast-Spam-Score: 0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 205.139.110.61 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , vsementsov@virtuozzo.com, qemu-block@nongnu.org, Markus Armbruster , Max Reitz , mlevitsk@redhat.com, John Snow Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" We document that for qcow2 persistent bitmaps, the name cannot exceed 1023 bytes. It is inconsistent if transient bitmaps do not have to abide by the same limit, and it is unlikely that any existing client even cares about using bitmap names this long. It's time to codify that ALL bitmaps managed by qemu (whether persistent in qcow2 or not) have a documented maximum length. Signed-off-by: Eric Blake Reviewed-by: Maxim Levitsky Reviewed-by: Vladimir Sementsov-Ogievskiy --- qapi/block-core.json | 2 +- include/block/dirty-bitmap.h | 2 ++ block/dirty-bitmap.c | 12 +++++++++--- block/qcow2-bitmap.c | 2 ++ 4 files changed, 14 insertions(+), 4 deletions(-) diff --git a/qapi/block-core.json b/qapi/block-core.json index aa97ee264112..0cf68fea1450 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -2042,7 +2042,7 @@ # # @node: name of device/node which the bitmap is tracking # -# @name: name of the dirty bitmap +# @name: name of the dirty bitmap (must be less than 1024 bytes) # # @granularity: the bitmap granularity, default is 64k for # block-dirty-bitmap-add diff --git a/include/block/dirty-bitmap.h b/include/block/dirty-bitmap.h index 958e7474fb51..e2b20ecab9a3 100644 --- a/include/block/dirty-bitmap.h +++ b/include/block/dirty-bitmap.h @@ -14,6 +14,8 @@ typedef enum BitmapCheckFlags { BDRV_BITMAP_INCONSISTENT) #define BDRV_BITMAP_ALLOW_RO (BDRV_BITMAP_BUSY | BDRV_BITMAP_INCONSISTENT) +#define BDRV_BITMAP_MAX_NAME_SIZE 1023 + BdrvDirtyBitmap *bdrv_create_dirty_bitmap(BlockDriverState *bs, uint32_t granularity, const char *name, diff --git a/block/dirty-bitmap.c b/block/dirty-bitmap.c index 4bbb251b2c9c..7039e8252009 100644 --- a/block/dirty-bitmap.c +++ b/block/dirty-bitmap.c @@ -104,9 +104,15 @@ BdrvDirtyBitmap *bdrv_create_dirty_bitmap(BlockDriverS= tate *bs, assert(is_power_of_2(granularity) && granularity >=3D BDRV_SECTOR_SIZE= ); - if (name && bdrv_find_dirty_bitmap(bs, name)) { - error_setg(errp, "Bitmap already exists: %s", name); - return NULL; + if (name) { + if (bdrv_find_dirty_bitmap(bs, name)) { + error_setg(errp, "Bitmap already exists: %s", name); + return NULL; + } + if (strlen(name) > BDRV_BITMAP_MAX_NAME_SIZE) { + error_setg(errp, "Bitmap name too long: %s", name); + return NULL; + } } bitmap_size =3D bdrv_getlength(bs); if (bitmap_size < 0) { diff --git a/block/qcow2-bitmap.c b/block/qcow2-bitmap.c index ef9ef628a0d0..809bbc5d20c8 100644 --- a/block/qcow2-bitmap.c +++ b/block/qcow2-bitmap.c @@ -42,6 +42,8 @@ #define BME_MIN_GRANULARITY_BITS 9 #define BME_MAX_NAME_SIZE 1023 +QEMU_BUILD_BUG_ON(BME_MAX_NAME_SIZE !=3D BDRV_BITMAP_MAX_NAME_SIZE); + #if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX #error In the code bitmap table physical size assumed to fit into int #endif --=20 2.21.0 From nobody Thu May 9 00:16:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1573699850; cv=none; d=zoho.com; s=zohoarc; b=L8AHMg/9scrskK+Sx1grTR6DzVzKIfBl5yYBtELUbeiR7EcfpVvQSOrTMi44j3ssuXEudzDpBmpDdSDl5AkpCVDXZJvsxg9oA+/zB7uWR88SC2K3f5VQV4zf3+x1FTfpv1iGNZBnq9pCbeRs1ZMeaWmTYJv1sEocdnv9HpO5qC4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1573699850; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Ejgj3ctoRrU510Bgyle5Nj4SZCJcecSgiTyzrjpIQ0c=; b=P1xeWVFsodFVPM5dPR/cYAIBSqjm4x+kfs2bTP7DVSGMhbe974anOM+KhsHwCiKxOYuyIup9U+HuKtiL+vu5ByI0HIAjc5C1g2whdks9xfvYhw1Kpm/G0tT6T/4Uv4Oar4vfax56ud/noxSRHa7rxCxQknjW8xN/t5NLJYDWBzY= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 157369985095039.111249698745496; Wed, 13 Nov 2019 18:50:50 -0800 (PST) Received: from localhost ([::1]:53026 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV5Dd-0000aj-OO for importer@patchew.org; Wed, 13 Nov 2019 21:50:49 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60529) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV59p-0005KZ-Fx for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:56 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iV59n-00036l-8V for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:53 -0500 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:33234 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iV59l-000347-IQ for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:49 -0500 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-153-WWE7Uw4NPQOrKzbGBZqK0g-1; Wed, 13 Nov 2019 21:46:45 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8D8E11802CE0; Thu, 14 Nov 2019 02:46:44 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-242.phx2.redhat.com [10.3.116.242]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0CAD181759; Thu, 14 Nov 2019 02:46:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1573699608; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ejgj3ctoRrU510Bgyle5Nj4SZCJcecSgiTyzrjpIQ0c=; b=Ln1bPMDDgRZ4gmrKGqufbEri43jAwbftOlRJK0VxTWFclGv+0c9ftRYWmf5cLeE3ZBP9Lc I0WCdOX6palNR3oIvPIzcmQ/pfbOh+9xwLXoABnQAzVfPBWyPesOfFuWTqrto/+2qFciTj 8x+3/VxZ+lefdNlzfesOiS2yUMiqBjg= From: Eric Blake To: qemu-devel@nongnu.org Subject: [PATCH v3 3/4] nbd: Don't send oversize strings Date: Wed, 13 Nov 2019 20:46:34 -0600 Message-Id: <20191114024635.11363-4-eblake@redhat.com> In-Reply-To: <20191114024635.11363-1-eblake@redhat.com> References: <20191114024635.11363-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-MC-Unique: WWE7Uw4NPQOrKzbGBZqK0g-1 X-Mimecast-Spam-Score: 0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , vsementsov@virtuozzo.com, Max Reitz , qemu-block@nongnu.org, mlevitsk@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" Qemu as server currently won't accept export names larger than 256 bytes, nor create dirty bitmap names longer than 1023 bytes, so most uses of qemu as client or server have no reason to get anywhere near the NBD spec maximum of a 4k limit per string. However, we weren't actually enforcing things, ignoring when the remote side violates the protocol on input, and also having several code paths where we send oversize strings on output (for example, qemu-nbd --description could easily send more than 4k). Tighten things up as follows: client: - Perform bounds check on export name and dirty bitmap request prior to handing it to server - Validate that copied server replies are not too long (ignoring NBD_INFO_* replies that are not copied is not too bad) server: - Perform bounds check on export name and description prior to advertising it to client - Reject client name or metadata query that is too long - Adjust things to allow full 4k name limit rather than previous 256 byte limit Signed-off-by: Eric Blake Reviewed-by: Maxim Levitsky Reviewed-by: Vladimir Sementsov-Ogievskiy --- include/block/nbd.h | 8 ++++---- block/nbd.c | 10 ++++++++++ blockdev-nbd.c | 5 +++++ nbd/client.c | 18 +++++++++++++++--- nbd/server.c | 20 +++++++++++++++----- qemu-nbd.c | 9 +++++++++ 6 files changed, 58 insertions(+), 12 deletions(-) diff --git a/include/block/nbd.h b/include/block/nbd.h index c306423dc85c..7f46932d80f1 100644 --- a/include/block/nbd.h +++ b/include/block/nbd.h @@ -227,11 +227,11 @@ enum { #define NBD_MAX_BUFFER_SIZE (32 * 1024 * 1024) /* - * Maximum size of an export name. The NBD spec requires a minimum of - * 256 and recommends that servers support up to 4096; all users use - * malloc so we can bump this constant without worry. + * Maximum size of a protocol string (export name, meta context name, + * etc.). Use malloc rather than stack allocation for storage of a + * string. */ -#define NBD_MAX_NAME_SIZE 256 +#define NBD_MAX_STRING_SIZE 4096 /* Two types of reply structures */ #define NBD_SIMPLE_REPLY_MAGIC 0x67446698 diff --git a/block/nbd.c b/block/nbd.c index 123976171cf4..5f18f78a9471 100644 --- a/block/nbd.c +++ b/block/nbd.c @@ -1832,6 +1832,10 @@ static int nbd_process_options(BlockDriverState *bs,= QDict *options, } s->export =3D g_strdup(qemu_opt_get(opts, "export")); + if (s->export && strlen(s->export) > NBD_MAX_STRING_SIZE) { + error_setg(errp, "export name too long to send to server"); + goto error; + } s->tlscredsid =3D g_strdup(qemu_opt_get(opts, "tls-creds")); if (s->tlscredsid) { @@ -1849,6 +1853,11 @@ static int nbd_process_options(BlockDriverState *bs,= QDict *options, } s->x_dirty_bitmap =3D g_strdup(qemu_opt_get(opts, "x-dirty-bitmap")); + if (s->x_dirty_bitmap && strlen(s->x_dirty_bitmap) > NBD_MAX_STRING_SI= ZE) { + error_setg(errp, "x-dirty-bitmap query too long to send to server"= ); + goto error; + } + s->reconnect_delay =3D qemu_opt_get_number(opts, "reconnect-delay", 0); ret =3D 0; @@ -1859,6 +1868,7 @@ static int nbd_process_options(BlockDriverState *bs, = QDict *options, qapi_free_SocketAddress(s->saddr); g_free(s->export); g_free(s->tlscredsid); + g_free(s->x_dirty_bitmap); } qemu_opts_del(opts); return ret; diff --git a/blockdev-nbd.c b/blockdev-nbd.c index 6a8b206e1d74..8c20baa4a4b9 100644 --- a/blockdev-nbd.c +++ b/blockdev-nbd.c @@ -162,6 +162,11 @@ void qmp_nbd_server_add(const char *device, bool has_n= ame, const char *name, name =3D device; } + if (strlen(name) > NBD_MAX_STRING_SIZE) { + error_setg(errp, "export name '%s' too long", name); + return; + } + if (nbd_export_find(name)) { error_setg(errp, "NBD server already has export named '%s'", name); return; diff --git a/nbd/client.c b/nbd/client.c index f6733962b49b..ba173108baab 100644 --- a/nbd/client.c +++ b/nbd/client.c @@ -289,8 +289,8 @@ static int nbd_receive_list(QIOChannel *ioc, char **nam= e, char **description, return -1; } len -=3D sizeof(namelen); - if (len < namelen) { - error_setg(errp, "incorrect option name length"); + if (len < namelen || namelen > NBD_MAX_STRING_SIZE) { + error_setg(errp, "incorrect name length in server's list response"= ); nbd_send_opt_abort(ioc); return -1; } @@ -303,6 +303,12 @@ static int nbd_receive_list(QIOChannel *ioc, char **na= me, char **description, local_name[namelen] =3D '\0'; len -=3D namelen; if (len) { + if (len > NBD_MAX_STRING_SIZE) { + error_setg(errp, "incorrect description length in server's " + "list response"); + nbd_send_opt_abort(ioc); + return -1; + } local_desc =3D g_malloc(len + 1); if (nbd_read(ioc, local_desc, len, "export description", errp) < 0= ) { nbd_send_opt_abort(ioc); @@ -479,6 +485,10 @@ static int nbd_opt_info_or_go(QIOChannel *ioc, uint32_= t opt, break; default: + /* + * Not worth the bother to check if NBD_INFO_NAME or + * NBD_INFO_DESCRIPTION exceed NBD_MAX_STRING_SIZE. + */ trace_nbd_opt_info_unknown(type, nbd_info_lookup(type)); if (nbd_drop(ioc, len, errp) < 0) { error_prepend(errp, "Failed to read info payload: "); @@ -645,9 +655,11 @@ static int nbd_send_meta_query(QIOChannel *ioc, uint32= _t opt, char *p; data_len =3D sizeof(export_len) + export_len + sizeof(queries); + assert(export_len <=3D NBD_MAX_STRING_SIZE); if (query) { query_len =3D strlen(query); data_len +=3D sizeof(query_len) + query_len; + assert(query_len <=3D NBD_MAX_STRING_SIZE); } else { assert(opt =3D=3D NBD_OPT_LIST_META_CONTEXT); } @@ -1009,7 +1021,7 @@ int nbd_receive_negotiate(AioContext *aio_context, QI= OChannel *ioc, bool zeroes; bool base_allocation =3D info->base_allocation; - assert(info->name); + assert(info->name && strlen(info->name) <=3D NBD_MAX_STRING_SIZE); trace_nbd_receive_negotiate_name(info->name); result =3D nbd_start_negotiate(aio_context, ioc, tlscreds, hostname, o= utioc, diff --git a/nbd/server.c b/nbd/server.c index c63b76b22735..d28123c562be 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -321,7 +321,7 @@ static int nbd_opt_skip(NBDClient *client, size_t size,= Error **errp) /* nbd_opt_read_name * * Read a string with the format: - * uint32_t len (<=3D NBD_MAX_NAME_SIZE) + * uint32_t len (<=3D NBD_MAX_STRING_SIZE) * len bytes string (not 0-terminated) * * On success, @name will be allocated. @@ -344,7 +344,7 @@ static int nbd_opt_read_name(NBDClient *client, char **= name, uint32_t *length, } len =3D cpu_to_be32(len); - if (len > NBD_MAX_NAME_SIZE) { + if (len > NBD_MAX_STRING_SIZE) { return nbd_opt_invalid(client, errp, "Invalid name length: %" PRIu32, len); } @@ -379,6 +379,7 @@ static int nbd_negotiate_send_rep_list(NBDClient *clien= t, NBDExport *exp, trace_nbd_negotiate_send_rep_list(name, desc); name_len =3D strlen(name); desc_len =3D strlen(desc); + assert(name_len <=3D NBD_MAX_STRING_SIZE && desc_len <=3D NBD_MAX_STRI= NG_SIZE); len =3D name_len + desc_len + sizeof(len); ret =3D nbd_negotiate_send_rep_len(client, NBD_REP_SERVER, len, errp); if (ret < 0) { @@ -445,7 +446,7 @@ static int nbd_negotiate_handle_export_name(NBDClient *= client, bool no_zeroes, [10 .. 133] reserved (0) [unless no_zeroes] */ trace_nbd_negotiate_handle_export_name(); - if (client->optlen > NBD_MAX_NAME_SIZE) { + if (client->optlen > NBD_MAX_STRING_SIZE) { error_setg(errp, "Bad length received"); return -EINVAL; } @@ -613,6 +614,7 @@ static int nbd_negotiate_handle_info(NBDClient *client,= Error **errp) if (exp->description) { size_t len =3D strlen(exp->description); + assert(len <=3D NBD_MAX_STRING_SIZE); rc =3D nbd_negotiate_send_info(client, NBD_INFO_DESCRIPTION, len, exp->description, errp); if (rc < 0) { @@ -757,6 +759,7 @@ static int nbd_negotiate_send_meta_context(NBDClient *c= lient, {.iov_base =3D (void *)context, .iov_len =3D strlen(context)} }; + assert(iov[1].iov_len <=3D NBD_MAX_STRING_SIZE); if (client->opt =3D=3D NBD_OPT_LIST_META_CONTEXT) { context_id =3D 0; } @@ -905,7 +908,7 @@ static int nbd_meta_qemu_query(NBDClient *client, NBDEx= portMetaContexts *meta, * Parse namespace name and call corresponding function to parse body of t= he * query. * - * The only supported namespace now is 'base'. + * The only supported namespaces are 'base' and 'qemu'. * * The function aims not wasting time and memory to read long unknown name= space * names. @@ -931,6 +934,10 @@ static int nbd_negotiate_meta_query(NBDClient *client, } len =3D cpu_to_be32(len); + if (len > NBD_MAX_STRING_SIZE) { + trace_nbd_negotiate_meta_query_skip("length too long"); + return nbd_opt_skip(client, len, errp); + } if (len < ns_len) { trace_nbd_negotiate_meta_query_skip("length too short"); return nbd_opt_skip(client, len, errp); @@ -1492,7 +1499,7 @@ NBDExport *nbd_export_new(BlockDriverState *bs, uint6= 4_t dev_offset, * access since the export could be available before migration handove= r. * ctx was acquired in the caller. */ - assert(name); + assert(name && strlen(name) <=3D NBD_MAX_STRING_SIZE); ctx =3D bdrv_get_aio_context(bs); bdrv_invalidate_cache(bs, NULL); @@ -1518,6 +1525,7 @@ NBDExport *nbd_export_new(BlockDriverState *bs, uint6= 4_t dev_offset, assert(dev_offset <=3D INT64_MAX); exp->dev_offset =3D dev_offset; exp->name =3D g_strdup(name); + assert(!desc || strlen(desc) <=3D NBD_MAX_STRING_SIZE); exp->description =3D g_strdup(desc); exp->nbdflags =3D (NBD_FLAG_HAS_FLAGS | NBD_FLAG_SEND_FLUSH | NBD_FLAG_SEND_FUA | NBD_FLAG_SEND_CACHE); @@ -1564,8 +1572,10 @@ NBDExport *nbd_export_new(BlockDriverState *bs, uint= 64_t dev_offset, bdrv_dirty_bitmap_set_busy(bm, true); exp->export_bitmap =3D bm; + assert(strlen(bitmap) <=3D BDRV_BITMAP_MAX_NAME_SIZE); exp->export_bitmap_context =3D g_strdup_printf("qemu:dirty-bitmap:= %s", bitmap); + assert(strlen(exp->export_bitmap_context) < NBD_MAX_STRING_SIZE); } exp->close =3D close; diff --git a/qemu-nbd.c b/qemu-nbd.c index caacf0ed7379..108a51f7eb01 100644 --- a/qemu-nbd.c +++ b/qemu-nbd.c @@ -833,9 +833,18 @@ int main(int argc, char **argv) break; case 'x': export_name =3D optarg; + if (strlen(export_name) > NBD_MAX_STRING_SIZE) { + error_report("export name '%s' too long", export_name); + exit(EXIT_FAILURE); + } break; case 'D': export_description =3D optarg; + if (strlen(export_description) > NBD_MAX_STRING_SIZE) { + error_report("export description '%s' too long", + export_description); + exit(EXIT_FAILURE); + } break; case 'v': verbose =3D 1; --=20 2.21.0 From nobody Thu May 9 00:16:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1573699768; cv=none; d=zoho.com; s=zohoarc; b=RSzpXLHhnysqG6u9uJtx1eZ2Hgvgfp47VAVilD/d8LKG7lwQ7KaxgjcIbp2fHspldnCOHcNN+an3iX53tlExnOAS3RdPrF+zPHN4ZPIzp7jrkdso2C3tg+4M3XWI365mej6W2lA+6XqAkERyWYHKEwmR3S6FGSE9tTE8GRZfoAc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1573699768; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=J7z2yKPRqBwi9Wqh62KGTjKYh04AMJZ9wTmL+Gpav9c=; b=W1A5jar9VVifyiiWoTFJyhhTMWkTr0K834GMqfA5Vt/fhaHHKa4Z7j7Cc/2Tc6ox3Lk7Y+3kk9BaRm4jzt6ctBV2nbGByHmMdG9NMur9xR2sFl4ZN9Wom5Nr2R/l9BZZGgYZRiDzgljfnat1mg5OS51ou1xBcZIMsVf8RQgum/E= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1573699768644561.3728045592691; Wed, 13 Nov 2019 18:49:28 -0800 (PST) Received: from localhost ([::1]:53014 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV5CG-0007Aa-7B for importer@patchew.org; Wed, 13 Nov 2019 21:49:24 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:60560) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iV59t-0005OS-6W for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iV59p-00038w-Ct for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:55 -0500 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:30011 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iV59n-00035p-GH for qemu-devel@nongnu.org; Wed, 13 Nov 2019 21:46:51 -0500 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-249-CqbNV_p_MGac4qL8stAWRw-1; Wed, 13 Nov 2019 21:46:46 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7B61A801E6A; Thu, 14 Nov 2019 02:46:45 +0000 (UTC) Received: from blue.redhat.com (ovpn-116-242.phx2.redhat.com [10.3.116.242]) by smtp.corp.redhat.com (Postfix) with ESMTP id CDBE181759; Thu, 14 Nov 2019 02:46:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1573699609; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=J7z2yKPRqBwi9Wqh62KGTjKYh04AMJZ9wTmL+Gpav9c=; b=bUYyP6tQFBmkJPfJx0oIJqG8/GPL5821Eh5GA0Ef+G4FADtGHJGek4o4dRtnA8W+c+NGDW tYLdV+srnBfP+jVrE0KsW18rqAAJK+rgcs0hJFGvKbIJ8fSbb5BzRRQfRgybf0XeRqRuJ9 lAvx1RE5Z5c/8cHDPa3EXj7odi3kxAE= From: Eric Blake To: qemu-devel@nongnu.org Subject: [PATCH v3 for-5.0 4/4] nbd: Allow description when creating NBD blockdev Date: Wed, 13 Nov 2019 20:46:35 -0600 Message-Id: <20191114024635.11363-5-eblake@redhat.com> In-Reply-To: <20191114024635.11363-1-eblake@redhat.com> References: <20191114024635.11363-1-eblake@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-MC-Unique: CqbNV_p_MGac4qL8stAWRw-1 X-Mimecast-Spam-Score: 0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , vsementsov@virtuozzo.com, qemu-block@nongnu.org, Markus Armbruster , "Dr. David Alan Gilbert" , Max Reitz , mlevitsk@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" Allow blockdevs to match the feature already present in qemu-nbd -D. Enhance iotest 223 to cover it. Signed-off-by: Eric Blake Reviewed-by: Maxim Levitsky Reviewed-by: Vladimir Sementsov-Ogievskiy --- qapi/block.json | 9 ++++++--- blockdev-nbd.c | 9 ++++++++- monitor/hmp-cmds.c | 4 ++-- tests/qemu-iotests/223 | 2 +- tests/qemu-iotests/223.out | 1 + 5 files changed, 18 insertions(+), 7 deletions(-) diff --git a/qapi/block.json b/qapi/block.json index 145c268bb646..7898104dae42 100644 --- a/qapi/block.json +++ b/qapi/block.json @@ -250,9 +250,12 @@ # @name: Export name. If unspecified, the @device parameter is used as the # export name. (Since 2.12) # +# @description: Free-form description of the export, up to 4096 bytes. +# (Since 5.0) +# # @writable: Whether clients should be able to write to the device via the # NBD connection (default false). - +# # @bitmap: Also export the dirty bitmap reachable from @device, so the # NBD client can use NBD_OPT_SET_META_CONTEXT with # "qemu:dirty-bitmap:NAME" to inspect the bitmap. (since 4.0) @@ -263,8 +266,8 @@ # Since: 1.3.0 ## { 'command': 'nbd-server-add', - 'data': {'device': 'str', '*name': 'str', '*writable': 'bool', - '*bitmap': 'str' } } + 'data': {'device': 'str', '*name': 'str', '*description': 'str', + '*writable': 'bool', '*bitmap': 'str' } } ## # @NbdServerRemoveMode: diff --git a/blockdev-nbd.c b/blockdev-nbd.c index 8c20baa4a4b9..de2f2ff71320 100644 --- a/blockdev-nbd.c +++ b/blockdev-nbd.c @@ -144,6 +144,7 @@ void qmp_nbd_server_start(SocketAddressLegacy *addr, } void qmp_nbd_server_add(const char *device, bool has_name, const char *nam= e, + bool has_description, const char *description, bool has_writable, bool writable, bool has_bitmap, const char *bitmap, Error **errp) { @@ -167,6 +168,11 @@ void qmp_nbd_server_add(const char *device, bool has_n= ame, const char *name, return; } + if (has_description && strlen(description) > NBD_MAX_STRING_SIZE) { + error_setg(errp, "description '%s' too long", description); + return; + } + if (nbd_export_find(name)) { error_setg(errp, "NBD server already has export named '%s'", name); return; @@ -195,7 +201,8 @@ void qmp_nbd_server_add(const char *device, bool has_na= me, const char *name, writable =3D false; } - exp =3D nbd_export_new(bs, 0, len, name, NULL, bitmap, !writable, !wri= table, + exp =3D nbd_export_new(bs, 0, len, name, description, bitmap, + !writable, !writable, NULL, false, on_eject_blk, errp); if (!exp) { goto out; diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c index b2551c16d129..574c6321c9d0 100644 --- a/monitor/hmp-cmds.c +++ b/monitor/hmp-cmds.c @@ -2352,7 +2352,7 @@ void hmp_nbd_server_start(Monitor *mon, const QDict *= qdict) continue; } - qmp_nbd_server_add(info->value->device, false, NULL, + qmp_nbd_server_add(info->value->device, false, NULL, false, NULL, true, writable, false, NULL, &local_err); if (local_err !=3D NULL) { @@ -2374,7 +2374,7 @@ void hmp_nbd_server_add(Monitor *mon, const QDict *qd= ict) bool writable =3D qdict_get_try_bool(qdict, "writable", false); Error *local_err =3D NULL; - qmp_nbd_server_add(device, !!name, name, true, writable, + qmp_nbd_server_add(device, !!name, name, false, NULL, true, writable, false, NULL, &local_err); hmp_handle_error(mon, &local_err); } diff --git a/tests/qemu-iotests/223 b/tests/qemu-iotests/223 index b5a80e50bbc1..c708e479325e 100755 --- a/tests/qemu-iotests/223 +++ b/tests/qemu-iotests/223 @@ -144,7 +144,7 @@ _send_qemu_cmd $QEMU_HANDLE '{"execute":"nbd-server-add= ", "bitmap":"b3"}}' "error" # Missing bitmap _send_qemu_cmd $QEMU_HANDLE '{"execute":"nbd-server-add", "arguments":{"device":"n", "name":"n2", "writable":true, - "bitmap":"b2"}}' "return" + "description":"some text", "bitmap":"b2"}}' "return" $QEMU_NBD_PROG -L -k "$SOCK_DIR/nbd" echo diff --git a/tests/qemu-iotests/223.out b/tests/qemu-iotests/223.out index 23b34fcd202e..16d597585b4f 100644 --- a/tests/qemu-iotests/223.out +++ b/tests/qemu-iotests/223.out @@ -49,6 +49,7 @@ exports available: 2 base:allocation qemu:dirty-bitmap:b export: 'n2' + description: some text size: 4194304 flags: 0xced ( flush fua trim zeroes df cache fast-zero ) min block: 1 --=20 2.21.0