From: "Daniel P. Berrange" <berrange@redhat.com>
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: xen-devel@lists.xensource.com
Subject: Re: [PATCH] ioemu block device extent checks
Date: Wed, 27 Feb 2008 12:57:04 +0000 [thread overview]
Message-ID: <20080227125704.GA13508@redhat.com> (raw)
In-Reply-To: <18373.18757.256451.327128@mariner.uk.xensource.com>
On Wed, Feb 27, 2008 at 11:28:05AM +0000, Ian Jackson wrote:
Content-Description: message body text
> Daniel P. Berrange writes ("Re: [Xen-devel] [PATCH] ioemu block device extent checks"):
> > The qcow driver though calls back into
> > the raw driver for performing I/O on its underlying file. The qcow
> > driver relies on this file being grow-on-demand for purposes of allocating
> > new qcow sectors. The safety checks cause this allocation to fail and
> > it all goes downhill from there :-(
>
> Oh dear. (I'm a bit surprised that it's taken this long to spot!)
> Here is a patch for xen-unstable which I think will fix it. Could you
> give it a quick spin, if you have a suitable test setup ?
>
> Sadly it's rather more intrusive than ideal, since it needs all of the
> drivers which are going to extend files via their parents to announce
> this, and a couple of bits of necessary infrastructure needed adding.
I don't think this is correct - it allows a -ve size / nb_sectors
value when autoextenable is set, and allows out of bounds reads.
I sent a patch to qemu-devel yuesterday which also uses the auto-extend
flag, but has separate checks for read vs writes. When doing a write that
would extend the device it increases the total_sectors count so that the
subsequent reads can be validated to be within the written bounds.
http://lists.gnu.org/archive/html/qemu-devel/2008-02/msg00497.html
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
next prev parent reply other threads:[~2008-02-27 12:57 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-19 16:38 [PATCH] ioemu block device extent checks Ian Jackson
2008-02-26 20:41 ` Daniel P. Berrange
2008-02-27 11:28 ` Ian Jackson
2008-02-27 12:57 ` Daniel P. Berrange [this message]
2008-02-27 13:14 ` Ian Jackson
2008-02-27 13:21 ` Daniel P. Berrange
2008-03-04 10:16 ` Kevin Wolf
2008-03-04 10:08 ` Keir Fraser
2008-03-04 11:05 ` Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080227125704.GA13508@redhat.com \
--to=berrange@redhat.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.