[1/2] vvfat: allow some writes to bootsector

Message ID	20220903162302.3176003-2-hpoussin@reactos.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: =?utf-8?q?Herv=C3=A9_Poussineau?= <hpoussin@reactos.org> To: Kevin Wolf <kwolf@redhat.com>, Hanna Reitz <hreitz@redhat.com>, qemu-block@nongnu.org Cc: qemu-devel@nongnu.org, =?utf-8?q?Herv=C3=A9_Poussineau?= <hpoussin@reactos.org> Subject: [PATCH 1/2] vvfat: allow some writes to bootsector Date: Sat, 3 Sep 2022 18:23:01 +0200 Message-Id: <20220903162302.3176003-2-hpoussin@reactos.org> In-Reply-To: <20220903162302.3176003-1-hpoussin@reactos.org> References: <20220903162302.3176003-1-hpoussin@reactos.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2a01:4f8:1c17:5ae1::1; envelope-from=hpoussin@reactos.org; helo=iserv.reactos.org X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	Fix some problems with vvfat in R/W mode \| expand [0/2] Fix some problems with vvfat in R/W mode [1/2] vvfat: allow some writes to bootsector [2/2] vvfat: allow spaces in file names

Message ID

20220903162302.3176003-2-hpoussin@reactos.org (mailing list archive)

State

New, archived

Headers

From: =?utf-8?q?Herv=C3=A9_Poussineau?= <hpoussin@reactos.org>
To: Kevin Wolf <kwolf@redhat.com>, Hanna Reitz <hreitz@redhat.com>,
 qemu-block@nongnu.org
Cc: qemu-devel@nongnu.org,
 =?utf-8?q?Herv=C3=A9_Poussineau?= <hpoussin@reactos.org>
Subject: [PATCH 1/2] vvfat: allow some writes to bootsector
Date: Sat,  3 Sep 2022 18:23:01 +0200
Message-Id: <20220903162302.3176003-2-hpoussin@reactos.org>
In-Reply-To: <20220903162302.3176003-1-hpoussin@reactos.org>
References: <20220903162302.3176003-1-hpoussin@reactos.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2a01:4f8:1c17:5ae1::1;
 envelope-from=hpoussin@reactos.org; helo=iserv.reactos.org
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

Fix some problems with vvfat in R/W mode | expand

Commit Message

Hervé Poussineau Sept. 3, 2022, 4:23 p.m. UTC

'reserved1' field in bootsector is used to mark volume dirty, or need to verify.
Allow writes to bootsector which only changes the 'reserved1' field.

This fixes I/O errors on Windows guests.

Resolves: https://bugs.launchpad.net/qemu/+bug/1889421
Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
---
 block/vvfat.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

Comments

Kevin Wolf Sept. 29, 2022, 2:10 p.m. UTC | #1

Am 03.09.2022 um 18:23 hat Hervé Poussineau geschrieben:
> 'reserved1' field in bootsector is used to mark volume dirty, or need to verify.
> Allow writes to bootsector which only changes the 'reserved1' field.
> 
> This fixes I/O errors on Windows guests.
> 
> Resolves: https://bugs.launchpad.net/qemu/+bug/1889421
> Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
> ---
>  block/vvfat.c | 18 +++++++++++++++++-
>  1 file changed, 17 insertions(+), 1 deletion(-)
> 
> diff --git a/block/vvfat.c b/block/vvfat.c
> index d6dd919683d..35057a51c67 100644
> --- a/block/vvfat.c
> +++ b/block/vvfat.c
> @@ -2993,11 +2993,27 @@ DLOG(checkpoint());
>  
>      vvfat_close_current_file(s);
>  
> +    if (sector_num == s->offset_to_bootsector && nb_sectors == 1) {
> +        /*
> +         * Write on bootsector. Allow only changing the reserved1 field,
> +         * used to mark volume dirtiness
> +         */
> +        const unsigned char *initial = s->first_sectors
> +                                       + s->offset_to_bootsector * 0x200;
> +        for (i = 0; i < 0x200; i++) {
> +            if (i != offsetof(bootsector_t, u.fat16.reserved1) &&

I think you need to check the FAT version (s->fat_type) before accessing
u.fat16. For FAT32, the "reserved" field is at a different offset (but
seems to have the same meaning).

> +                initial[i] != buf[i]) {
> +                fprintf(stderr, "Tried to write to protected bootsector\n");
> +                return -1;
> +            }
> +        }
> +        return 0;
> +    }

Should we update s->first_sectors with the new value so that the guest
would actually read back what it wrote instead of having the change
disappear magically?

>      /*
>       * Some sanity checks:
>       * - do not allow writing to the boot sector
>       */
> -
>      if (sector_num < s->offset_to_fat)
>          return -1;

Kevin

Hervé Poussineau Sept. 29, 2022, 7:53 p.m. UTC | #2

Le 29/09/2022 à 16:10, Kevin Wolf a écrit :
> Am 03.09.2022 um 18:23 hat Hervé Poussineau geschrieben:
>> 'reserved1' field in bootsector is used to mark volume dirty, or need to verify.
>> Allow writes to bootsector which only changes the 'reserved1' field.
>>
>> This fixes I/O errors on Windows guests.
>>
>> Resolves: https://bugs.launchpad.net/qemu/+bug/1889421
>> Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
>> ---
>>   block/vvfat.c | 18 +++++++++++++++++-
>>   1 file changed, 17 insertions(+), 1 deletion(-)
>>
>> diff --git a/block/vvfat.c b/block/vvfat.c
>> index d6dd919683d..35057a51c67 100644
>> --- a/block/vvfat.c
>> +++ b/block/vvfat.c
>> @@ -2993,11 +2993,27 @@ DLOG(checkpoint());
>>   
>>       vvfat_close_current_file(s);
>>   
>> +    if (sector_num == s->offset_to_bootsector && nb_sectors == 1) {
>> +        /*
>> +         * Write on bootsector. Allow only changing the reserved1 field,
>> +         * used to mark volume dirtiness
>> +         */
>> +        const unsigned char *initial = s->first_sectors
>> +                                       + s->offset_to_bootsector * 0x200;
>> +        for (i = 0; i < 0x200; i++) {
>> +            if (i != offsetof(bootsector_t, u.fat16.reserved1) &&
> 
> I think you need to check the FAT version (s->fat_type) before accessing
> u.fat16. For FAT32, the "reserved" field is at a different offset (but
> seems to have the same meaning).

I didn't do this, because only fat16 part of bootsector is ever used.
In init_directories(), only fat16 part is initialized, with the comment:
	/* LATER TODO: if FAT32, this is wrong */
I wanted to be consistent between init_directories() and the check.

> 
>> +                initial[i] != buf[i]) {
>> +                fprintf(stderr, "Tried to write to protected bootsector\n");
>> +                return -1;
>> +            }
>> +        }
>> +        return 0;
>> +    }
> 
> Should we update s->first_sectors with the new value so that the guest
> would actually read back what it wrote instead of having the change
> disappear magically?

Windows guests don't seem to care if the written value disappears. They only want the write to succeed.

> 
>>       /*
>>        * Some sanity checks:
>>        * - do not allow writing to the boot sector
>>        */
>> -
>>       if (sector_num < s->offset_to_fat)
>>           return -1;
> 
> Kevin
>

Kevin Wolf Sept. 30, 2022, 9:57 a.m. UTC | #3

Am 29.09.2022 um 21:53 hat Hervé Poussineau geschrieben:
> Le 29/09/2022 à 16:10, Kevin Wolf a écrit :
> > Am 03.09.2022 um 18:23 hat Hervé Poussineau geschrieben:
> > > 'reserved1' field in bootsector is used to mark volume dirty, or need to verify.
> > > Allow writes to bootsector which only changes the 'reserved1' field.
> > > 
> > > This fixes I/O errors on Windows guests.
> > > 
> > > Resolves: https://bugs.launchpad.net/qemu/+bug/1889421
> > > Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>
> > > ---
> > >   block/vvfat.c | 18 +++++++++++++++++-
> > >   1 file changed, 17 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/block/vvfat.c b/block/vvfat.c
> > > index d6dd919683d..35057a51c67 100644
> > > --- a/block/vvfat.c
> > > +++ b/block/vvfat.c
> > > @@ -2993,11 +2993,27 @@ DLOG(checkpoint());
> > >       vvfat_close_current_file(s);
> > > +    if (sector_num == s->offset_to_bootsector && nb_sectors == 1) {
> > > +        /*
> > > +         * Write on bootsector. Allow only changing the reserved1 field,
> > > +         * used to mark volume dirtiness
> > > +         */
> > > +        const unsigned char *initial = s->first_sectors
> > > +                                       + s->offset_to_bootsector * 0x200;
> > > +        for (i = 0; i < 0x200; i++) {
> > > +            if (i != offsetof(bootsector_t, u.fat16.reserved1) &&
> > 
> > I think you need to check the FAT version (s->fat_type) before accessing
> > u.fat16. For FAT32, the "reserved" field is at a different offset (but
> > seems to have the same meaning).
> 
> I didn't do this, because only fat16 part of bootsector is ever used.
> In init_directories(), only fat16 part is initialized, with the comment:
> 	/* LATER TODO: if FAT32, this is wrong */
> I wanted to be consistent between init_directories() and the check.

Oh, indeed. I guess this means FAT32 is completely broken... Fair
enough, though maybe we could add a similar comment here, then.

> > > +                initial[i] != buf[i]) {
> > > +                fprintf(stderr, "Tried to write to protected bootsector\n");
> > > +                return -1;
> > > +            }
> > > +        }
> > > +        return 0;
> > > +    }
> > 
> > Should we update s->first_sectors with the new value so that the guest
> > would actually read back what it wrote instead of having the change
> > disappear magically?
> 
> Windows guests don't seem to care if the written value disappears.
> They only want the write to succeed.

But it would be arguably more correct, wouldn't it? Some other OS might
care.

Kevin

diff --git a/block/vvfat.c b/block/vvfat.c
index d6dd919683d..35057a51c67 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -2993,11 +2993,27 @@  DLOG(checkpoint());
 
     vvfat_close_current_file(s);
 
+    if (sector_num == s->offset_to_bootsector && nb_sectors == 1) {
+        /*
+         * Write on bootsector. Allow only changing the reserved1 field,
+         * used to mark volume dirtiness
+         */
+        const unsigned char *initial = s->first_sectors
+                                       + s->offset_to_bootsector * 0x200;
+        for (i = 0; i < 0x200; i++) {
+            if (i != offsetof(bootsector_t, u.fat16.reserved1) &&
+                initial[i] != buf[i]) {
+                fprintf(stderr, "Tried to write to protected bootsector\n");
+                return -1;
+            }
+        }
+        return 0;
+    }
+
     /*
      * Some sanity checks:
      * - do not allow writing to the boot sector
      */
-
     if (sector_num < s->offset_to_fat)
         return -1;

[1/2] vvfat: allow some writes to bootsector

Commit Message

Comments

Patch