From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 46/54] block: fix data type casting for crypto payload offset
Date: Fri, 6 Oct 2017 17:54:14 +0200 [thread overview]
Message-ID: <20171006155422.10135-47-kwolf@redhat.com> (raw)
In-Reply-To: <20171006155422.10135-1-kwolf@redhat.com>
From: "Daniel P. Berrange" <berrange@redhat.com>
The crypto APIs report the offset of the data payload as an uint64_t
type, but the block driver is casting to size_t or ssize_t which will
potentially truncate.
Most of the block APIs use int64_t for offsets meanwhile, so even if
using uint64_t in the crypto block driver we are still at risk of
truncation.
Change the block crypto driver to use uint64_t, but add asserts that
the value is less than INT64_MAX.
Reviewed-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-id: 20170927125340.12360-4-berrange@redhat.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
---
block/crypto.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/block/crypto.c b/block/crypto.c
index 684cabeaf8..61f5d77bc0 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -364,8 +364,9 @@ static int block_crypto_truncate(BlockDriverState *bs, int64_t offset,
PreallocMode prealloc, Error **errp)
{
BlockCrypto *crypto = bs->opaque;
- size_t payload_offset =
+ uint64_t payload_offset =
qcrypto_block_get_payload_offset(crypto->block);
+ assert(payload_offset < (INT64_MAX - offset));
offset += payload_offset;
@@ -395,8 +396,9 @@ block_crypto_co_readv(BlockDriverState *bs, int64_t sector_num,
uint8_t *cipher_data = NULL;
QEMUIOVector hd_qiov;
int ret = 0;
- size_t payload_offset =
+ uint64_t payload_offset =
qcrypto_block_get_payload_offset(crypto->block) / 512;
+ assert(payload_offset < (INT64_MAX / 512));
qemu_iovec_init(&hd_qiov, qiov->niov);
@@ -462,8 +464,9 @@ block_crypto_co_writev(BlockDriverState *bs, int64_t sector_num,
uint8_t *cipher_data = NULL;
QEMUIOVector hd_qiov;
int ret = 0;
- size_t payload_offset =
+ uint64_t payload_offset =
qcrypto_block_get_payload_offset(crypto->block) / 512;
+ assert(payload_offset < (INT64_MAX / 512));
qemu_iovec_init(&hd_qiov, qiov->niov);
@@ -524,7 +527,9 @@ static int64_t block_crypto_getlength(BlockDriverState *bs)
BlockCrypto *crypto = bs->opaque;
int64_t len = bdrv_getlength(bs->file->bs);
- ssize_t offset = qcrypto_block_get_payload_offset(crypto->block);
+ uint64_t offset = qcrypto_block_get_payload_offset(crypto->block);
+ assert(offset < INT64_MAX);
+ assert(offset < len);
len -= offset;
--
2.13.6
next prev parent reply other threads:[~2017-10-06 15:55 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-06 15:53 [Qemu-devel] [PULL 00/54] Block layer patches Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 01/54] block: Typo fix in copy_on_readv() Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 02/54] block: Make bdrv_img_create() size selection easier to read Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 03/54] hbitmap: Rename serialization_granularity to serialization_align Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 04/54] qcow2: Ensure bitmap serialization is aligned Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 05/54] dirty-bitmap: Drop unused functions Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 06/54] dirty-bitmap: Avoid size query failure during truncate Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 07/54] dirty-bitmap: Change bdrv_dirty_bitmap_size() to report bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 08/54] dirty-bitmap: Track bitmap size by bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 09/54] dirty-bitmap: Change bdrv_dirty_bitmap_*serialize*() to take bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 10/54] qcow2: Switch sectors_covered_by_bitmap_cluster() to byte-based Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 11/54] dirty-bitmap: Set iterator start by offset, not sector Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 12/54] dirty-bitmap: Change bdrv_dirty_iter_next() to report byte offset Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 13/54] dirty-bitmap: Change bdrv_get_dirty_count() to report bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 14/54] dirty-bitmap: Change bdrv_get_dirty_locked() to take bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 15/54] dirty-bitmap: Change bdrv_[re]set_dirty_bitmap() to use bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 16/54] mirror: Switch mirror_dirty_init() to byte-based iteration Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 17/54] qcow2: Switch qcow2_measure() " Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 18/54] qcow2: Switch load_bitmap_data() " Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 19/54] qcow2: Switch store_bitmap_data() " Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 20/54] dirty-bitmap: Switch bdrv_set_dirty() to bytes Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 21/54] dirty-bitmap: Convert internal hbitmap size/granularity Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 22/54] hw/block/onenand: Remove dead code block Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 23/54] qemu-iotests: remove dead code Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 24/54] qemu-iotests: get rid of AWK_PROG Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 25/54] qemu-iotests: move "check" code out of common.rc Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 26/54] qemu-iotests: cleanup and fix search for programs Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 27/54] qemu-iotests: limit non-_PROG-suffixed variables to common.rc Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 28/54] qemu-iotests: do not include common.rc in "check" Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 29/54] qemu-iotests: disintegrate more parts of common.config Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 30/54] qemu-iotests: fix uninitialized variable Kevin Wolf
2017-10-06 15:53 ` [Qemu-devel] [PULL 31/54] qemu-iotests: get rid of $iam Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 32/54] qemu-iotests: merge "check" and "common" Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 33/54] block: Introduce BdrvChildRole.update_filename Kevin Wolf
2017-11-03 18:34 ` Peter Maydell
2017-10-06 15:54 ` [Qemu-devel] [PULL 34/54] commit: Support multiple roots above top node Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 35/54] qemu-iotests: Allow QMP pretty printing in common.qemu Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 36/54] qemu-iotests: Test commit block job where top has two parents Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 37/54] commit: Remove overlay_bs Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 38/54] qemu-io: Add -C for opening with copy-on-read Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 39/54] block: Uniform handling of 0-length bdrv_get_block_status() Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 40/54] iotests: Restore stty settings on completion Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 41/54] block: Add blkdebug hook for copy-on-read Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 42/54] block: Perform copy-on-read in loop Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 43/54] iotests: Add test 197 for covering copy-on-read Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 44/54] block: use 1 MB bounce buffers for crypto instead of 16KB Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs Kevin Wolf
2017-10-06 15:54 ` Kevin Wolf [this message]
2017-10-06 15:54 ` [Qemu-devel] [PULL 47/54] block: convert crypto driver to bdrv_co_preadv|pwritev Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 48/54] block: convert qcrypto_block_encrypt|decrypt to take bytes offset Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 49/54] block: support passthrough of BDRV_REQ_FUA in crypto driver Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 50/54] block/mirror: check backing in bdrv_mirror_top_refresh_filename Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 51/54] iotests: Fix 195 if IMGFMT is part of TEST_DIR Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 52/54] qcow2: fix return error code in qcow2_truncate() Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 53/54] qcow2: truncate the tail of the image file after shrinking the image Kevin Wolf
2017-10-06 15:54 ` [Qemu-devel] [PULL 54/54] block/mirror: check backing in bdrv_mirror_top_flush Kevin Wolf
2017-10-06 18:01 ` [Qemu-devel] [PULL 00/54] Block layer patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171006155422.10135-47-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).