| Message ID | d58bbc353563bb9c83ffe90faaa36fadf683e332.1519921268.git.berto@igalia.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 03/01/2018 10:27 AM, Alberto Garcia wrote: > This function iterates over all snapshots of a qcow2 file in order to > expand all zero clusters, but it does not validate the snapshots' L1 > tables first. > > We now have a function to take care of this, so let's use it. > > We can also take the opportunity to replace the sector-based > bdrv_read() with bdrv_pread(). Doesn't my pending patch do that as well? https://lists.gnu.org/archive/html/qemu-devel/2018-02/msg06799.html I guess it remains to be seen in what order these patches are merged. > > Signed-off-by: Alberto Garcia <berto@igalia.com> > --- > block/qcow2-cluster.c | 20 +++++++++++++------- > tests/qemu-iotests/080 | 2 ++ > tests/qemu-iotests/080.out | 2 ++ > 3 files changed, 17 insertions(+), 7 deletions(-) Reviewed-by: Eric Blake <eblake@redhat.com>
Am 01.03.2018 um 17:27 hat Alberto Garcia geschrieben: > This function iterates over all snapshots of a qcow2 file in order to > expand all zero clusters, but it does not validate the snapshots' L1 > tables first. > > We now have a function to take care of this, so let's use it. > > We can also take the opportunity to replace the sector-based > bdrv_read() with bdrv_pread(). > > Signed-off-by: Alberto Garcia <berto@igalia.com> > --- > block/qcow2-cluster.c | 20 +++++++++++++------- > tests/qemu-iotests/080 | 2 ++ > tests/qemu-iotests/080.out | 2 ++ > 3 files changed, 17 insertions(+), 7 deletions(-) > > diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c > index e406b0f3b9..40167ac09c 100644 > --- a/block/qcow2-cluster.c > +++ b/block/qcow2-cluster.c > @@ -2092,11 +2092,18 @@ int qcow2_expand_zero_clusters(BlockDriverState *bs, > } > > for (i = 0; i < s->nb_snapshots; i++) { > - int l1_sectors = DIV_ROUND_UP(s->snapshots[i].l1_size * > - sizeof(uint64_t), BDRV_SECTOR_SIZE); > + int l1_size2; > + uint64_t *new_l1_table; > > - uint64_t *new_l1_table = > - g_try_realloc(l1_table, l1_sectors * BDRV_SECTOR_SIZE); > + ret = qcow2_validate_table(bs, s->snapshots[i].l1_table_offset, > + s->snapshots[i].l1_size, sizeof(uint64_t), > + QCOW_MAX_L1_SIZE, "", NULL); > + if (ret < 0) { > + return ret; Shouldn't this be goto fail? Kevin
On Tue 06 Mar 2018 03:54:26 PM CET, Kevin Wolf wrote: >> @@ -2092,11 +2092,18 @@ int qcow2_expand_zero_clusters(BlockDriverState *bs, >> } >> >> for (i = 0; i < s->nb_snapshots; i++) { >> - int l1_sectors = DIV_ROUND_UP(s->snapshots[i].l1_size * >> - sizeof(uint64_t), BDRV_SECTOR_SIZE); >> + int l1_size2; >> + uint64_t *new_l1_table; >> >> - uint64_t *new_l1_table = >> - g_try_realloc(l1_table, l1_sectors * BDRV_SECTOR_SIZE); >> + ret = qcow2_validate_table(bs, s->snapshots[i].l1_table_offset, >> + s->snapshots[i].l1_size, sizeof(uint64_t), >> + QCOW_MAX_L1_SIZE, "", NULL); >> + if (ret < 0) { >> + return ret; > > Shouldn't this be goto fail? You're right, this is a loop, and l1_table could have been initialized in previous iterations. I'll send a corrected version with this change, but first I'll wait a bit in case you see anything else in the series. Berto
Am 06.03.2018 um 16:01 hat Alberto Garcia geschrieben: > On Tue 06 Mar 2018 03:54:26 PM CET, Kevin Wolf wrote: > >> @@ -2092,11 +2092,18 @@ int qcow2_expand_zero_clusters(BlockDriverState *bs, > >> } > >> > >> for (i = 0; i < s->nb_snapshots; i++) { > >> - int l1_sectors = DIV_ROUND_UP(s->snapshots[i].l1_size * > >> - sizeof(uint64_t), BDRV_SECTOR_SIZE); > >> + int l1_size2; > >> + uint64_t *new_l1_table; > >> > >> - uint64_t *new_l1_table = > >> - g_try_realloc(l1_table, l1_sectors * BDRV_SECTOR_SIZE); > >> + ret = qcow2_validate_table(bs, s->snapshots[i].l1_table_offset, > >> + s->snapshots[i].l1_size, sizeof(uint64_t), > >> + QCOW_MAX_L1_SIZE, "", NULL); > >> + if (ret < 0) { > >> + return ret; > > > > Shouldn't this be goto fail? > > You're right, this is a loop, and l1_table could have been initialized > in previous iterations. > > I'll send a corrected version with this change, but first I'll wait a > bit in case you see anything else in the series. I've finished the review now, the rest looks correct. The only other thing I wondered is about the cases where you pass a NULL errp because the callers don't get an Error parameter, so they can't pass it on. Some of these callers already use error_report(), so it would be okay to use error_report_err() for an error returned by qcow2_validate_table(), too. I think that would improve the messages. Kevin
On Tue 06 Mar 2018 04:11:17 PM CET, Kevin Wolf wrote: > I've finished the review now, the rest looks correct. > > The only other thing I wondered is about the cases where you pass a > NULL errp because the callers don't get an Error parameter, so they > can't pass it on. Some of these callers already use error_report(), so > it would be okay to use error_report_err() for an error returned by > qcow2_validate_table(), too. I think that would improve the messages. Good idea, I'll change that and resend the series. Berto
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index e406b0f3b9..40167ac09c 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -2092,11 +2092,18 @@ int qcow2_expand_zero_clusters(BlockDriverState *bs, } for (i = 0; i < s->nb_snapshots; i++) { - int l1_sectors = DIV_ROUND_UP(s->snapshots[i].l1_size * - sizeof(uint64_t), BDRV_SECTOR_SIZE); + int l1_size2; + uint64_t *new_l1_table; - uint64_t *new_l1_table = - g_try_realloc(l1_table, l1_sectors * BDRV_SECTOR_SIZE); + ret = qcow2_validate_table(bs, s->snapshots[i].l1_table_offset, + s->snapshots[i].l1_size, sizeof(uint64_t), + QCOW_MAX_L1_SIZE, "", NULL); + if (ret < 0) { + return ret; + } + + l1_size2 = s->snapshots[i].l1_size * sizeof(uint64_t); + new_l1_table = g_try_realloc(l1_table, l1_size2); if (!new_l1_table) { ret = -ENOMEM; @@ -2105,9 +2112,8 @@ int qcow2_expand_zero_clusters(BlockDriverState *bs, l1_table = new_l1_table; - ret = bdrv_read(bs->file, - s->snapshots[i].l1_table_offset / BDRV_SECTOR_SIZE, - (void *)l1_table, l1_sectors); + ret = bdrv_pread(bs->file, s->snapshots[i].l1_table_offset, + l1_table, l1_size2); if (ret < 0) { goto fail; } diff --git a/tests/qemu-iotests/080 b/tests/qemu-iotests/080 index 6a10e7defa..5622604f83 100755 --- a/tests/qemu-iotests/080 +++ b/tests/qemu-iotests/080 @@ -177,6 +177,7 @@ _make_test_img 64M { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir poke_file "$TEST_IMG" "$offset_snap1_l1_offset" "\x00\x00\x00\x00\x00\x40\x02\x00" { $QEMU_IMG convert -s test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir +{ $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 | _filter_testdir echo echo "== Invalid snapshot L1 table size ==" @@ -185,6 +186,7 @@ _make_test_img 64M { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir poke_file "$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00" { $QEMU_IMG convert -s test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir +{ $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 | _filter_testdir # success, all done echo "*** done" diff --git a/tests/qemu-iotests/080.out b/tests/qemu-iotests/080.out index f0d9038d55..5d9030ab93 100644 --- a/tests/qemu-iotests/080.out +++ b/tests/qemu-iotests/080.out @@ -64,10 +64,12 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 wrote 512/512 bytes at offset 0 512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) qemu-img: Failed to load snapshot: Snapshot L1 table offset invalid +qemu-img: Error while amending options: Invalid argument == Invalid snapshot L1 table size == Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 wrote 512/512 bytes at offset 0 512 bytes, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) qemu-img: Failed to load snapshot: Snapshot L1 table too large +qemu-img: Error while amending options: File too large *** done
This function iterates over all snapshots of a qcow2 file in order to expand all zero clusters, but it does not validate the snapshots' L1 tables first. We now have a function to take care of this, so let's use it. We can also take the opportunity to replace the sector-based bdrv_read() with bdrv_pread(). Signed-off-by: Alberto Garcia <berto@igalia.com> --- block/qcow2-cluster.c | 20 +++++++++++++------- tests/qemu-iotests/080 | 2 ++ tests/qemu-iotests/080.out | 2 ++ 3 files changed, 17 insertions(+), 7 deletions(-)