From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Daniel P. Berrange" <berrange@redhat.com>
Subject: Re: [PATCH] ioemu block device extent checks
Date: Wed, 27 Feb 2008 12:57:04 +0000
Message-ID: <20080227125704.GA13508@redhat.com>
References: <18363.1536.661607.292188@mariner.uk.xensource.com>
	<20080226204130.GC24548@redhat.com>
	<18373.18757.256451.327128@mariner.uk.xensource.com>
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <xen-devel-bounces@lists.xensource.com>
Content-Disposition: inline
In-Reply-To: <18373.18757.256451.327128@mariner.uk.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

On Wed, Feb 27, 2008 at 11:28:05AM +0000, Ian Jackson wrote:
Content-Description: message body text
> Daniel P. Berrange writes ("Re: [Xen-devel] [PATCH] ioemu block device extent checks"):
> >    The qcow driver though calls back into
> > the raw driver for performing I/O on its underlying file. The qcow 
> > driver relies on this file being grow-on-demand for purposes of allocating
> > new qcow sectors. The safety checks cause this allocation to fail and
> > it all goes downhill from there :-(  
> 
> Oh dear.  (I'm a bit surprised that it's taken this long to spot!)
> Here is a patch for xen-unstable which I think will fix it.  Could you
> give it a quick spin, if you have a suitable test setup ?
> 
> Sadly it's rather more intrusive than ideal, since it needs all of the
> drivers which are going to extend files via their parents to announce
> this, and a couple of bits of necessary infrastructure needed adding.

I don't think this is correct - it allows a -ve  size / nb_sectors
value when autoextenable is set, and allows out of bounds reads.

I sent a patch to qemu-devel yuesterday which also uses the auto-extend
flag, but has separate checks for read vs writes. When doing a write that
would extend the device it increases the total_sectors count so that the
subsequent reads can be validated to be within the written bounds.

http://lists.gnu.org/archive/html/qemu-devel/2008-02/msg00497.html

Regards,
Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=|