From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=42406 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Q7XVE-0000Wx-V1
	for qemu-devel@nongnu.org; Wed, 06 Apr 2011 14:30:54 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <hch@lst.de>) id 1Q7XT2-0006o1-4v
	for qemu-devel@nongnu.org; Wed, 06 Apr 2011 14:28:37 -0400
Received: from verein.lst.de ([213.95.11.211]:47052 helo=newverein.lst.de)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <hch@lst.de>)
	id 1Q7XT1-0006nm-RQ
	for qemu-devel@nongnu.org; Wed, 06 Apr 2011 14:28:36 -0400
Date: Wed, 6 Apr 2011 20:28:34 +0200
From: Christoph Hellwig <hch@lst.de>
Message-ID: <20110406182834.GA471@lst.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Subject: [Qemu-devel] [PATCH] virtio-blk: fail unaligned requests
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Conor Murphy <conor_murphy_virt@hotmail.com>

Like all block drivers virtio-blk should not allow small than block size
granularity access.  But given that the protocol specifies a 
byte unit length field we currently accept such requests, which cause
qemu to abort() in lower layers.  Add checks to the main read and
write handlers to catch them early.

Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>

Index: qemu/hw/virtio-blk.c
===================================================================
--- qemu.orig/hw/virtio-blk.c	2011-03-30 11:46:10.268665534 -0700
+++ qemu/hw/virtio-blk.c	2011-03-30 11:49:45.655247322 -0700
@@ -290,6 +290,10 @@ static void virtio_blk_handle_write(Virt
         virtio_blk_rw_complete(req, -EIO);
         return;
     }
+    if (req->qiov.size % req->dev->conf->logical_block_size) {
+        virtio_blk_rw_complete(req, -EIO);
+        return;
+    }
 
     if (mrb->num_writes == 32) {
         virtio_submit_multiwrite(req->dev->bs, mrb);
@@ -317,6 +321,10 @@ static void virtio_blk_handle_read(VirtI
         virtio_blk_rw_complete(req, -EIO);
         return;
     }
+    if (req->qiov.size % req->dev->conf->logical_block_size) {
+        virtio_blk_rw_complete(req, -EIO);
+        return;
+    }
 
     acb = bdrv_aio_readv(req->dev->bs, sector, &req->qiov,
                          req->qiov.size / BDRV_SECTOR_SIZE,