From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, peter.maydell@linaro.org, qemu-devel@nongnu.org
Subject: [PULL 09/38] vhost-user-blk-test: test discard/write zeroes invalid inputs
Date: Thu, 11 Mar 2021 15:47:42 +0100 [thread overview]
Message-ID: <20210311144811.313451-10-kwolf@redhat.com> (raw)
In-Reply-To: <20210311144811.313451-1-kwolf@redhat.com>
From: Stefan Hajnoczi <stefanha@redhat.com>
Exercise input validation code paths in
block/export/vhost-user-blk-server.c.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20210309094106.196911-5-stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
tests/qtest/vhost-user-blk-test.c | 124 ++++++++++++++++++++++++++++++
1 file changed, 124 insertions(+)
diff --git a/tests/qtest/vhost-user-blk-test.c b/tests/qtest/vhost-user-blk-test.c
index 61beee52d3..dc9d7a31ae 100644
--- a/tests/qtest/vhost-user-blk-test.c
+++ b/tests/qtest/vhost-user-blk-test.c
@@ -94,6 +94,124 @@ static uint64_t virtio_blk_request(QGuestAllocator *alloc, QVirtioDevice *d,
return addr;
}
+static void test_invalid_discard_write_zeroes(QVirtioDevice *dev,
+ QGuestAllocator *alloc,
+ QTestState *qts,
+ QVirtQueue *vq,
+ uint32_t type)
+{
+ QVirtioBlkReq req;
+ struct virtio_blk_discard_write_zeroes dwz_hdr;
+ struct virtio_blk_discard_write_zeroes dwz_hdr2[2];
+ uint64_t req_addr;
+ uint32_t free_head;
+ uint8_t status;
+
+ /* More than one dwz is not supported */
+ req.type = type;
+ req.data = (char *) dwz_hdr2;
+ dwz_hdr2[0].sector = 0;
+ dwz_hdr2[0].num_sectors = 1;
+ dwz_hdr2[0].flags = 0;
+ dwz_hdr2[1].sector = 1;
+ dwz_hdr2[1].num_sectors = 1;
+ dwz_hdr2[1].flags = 0;
+
+ virtio_blk_fix_dwz_hdr(dev, &dwz_hdr2[0]);
+ virtio_blk_fix_dwz_hdr(dev, &dwz_hdr2[1]);
+
+ req_addr = virtio_blk_request(alloc, dev, &req, sizeof(dwz_hdr2));
+
+ free_head = qvirtqueue_add(qts, vq, req_addr, 16, false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16, sizeof(dwz_hdr2), false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16 + sizeof(dwz_hdr2), 1, true,
+ false);
+
+ qvirtqueue_kick(qts, dev, vq, free_head);
+
+ qvirtio_wait_used_elem(qts, dev, vq, free_head, NULL,
+ QVIRTIO_BLK_TIMEOUT_US);
+ status = readb(req_addr + 16 + sizeof(dwz_hdr2));
+ g_assert_cmpint(status, ==, VIRTIO_BLK_S_UNSUPP);
+
+ guest_free(alloc, req_addr);
+
+ /* num_sectors must be less than config->max_write_zeroes_sectors */
+ req.type = type;
+ req.data = (char *) &dwz_hdr;
+ dwz_hdr.sector = 0;
+ dwz_hdr.num_sectors = 0xffffffff;
+ dwz_hdr.flags = 0;
+
+ virtio_blk_fix_dwz_hdr(dev, &dwz_hdr);
+
+ req_addr = virtio_blk_request(alloc, dev, &req, sizeof(dwz_hdr));
+
+ free_head = qvirtqueue_add(qts, vq, req_addr, 16, false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16, sizeof(dwz_hdr), false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16 + sizeof(dwz_hdr), 1, true,
+ false);
+
+ qvirtqueue_kick(qts, dev, vq, free_head);
+
+ qvirtio_wait_used_elem(qts, dev, vq, free_head, NULL,
+ QVIRTIO_BLK_TIMEOUT_US);
+ status = readb(req_addr + 16 + sizeof(dwz_hdr));
+ g_assert_cmpint(status, ==, VIRTIO_BLK_S_IOERR);
+
+ guest_free(alloc, req_addr);
+
+ /* sector must be less than the device capacity */
+ req.type = type;
+ req.data = (char *) &dwz_hdr;
+ dwz_hdr.sector = TEST_IMAGE_SIZE / 512 + 1;
+ dwz_hdr.num_sectors = 1;
+ dwz_hdr.flags = 0;
+
+ virtio_blk_fix_dwz_hdr(dev, &dwz_hdr);
+
+ req_addr = virtio_blk_request(alloc, dev, &req, sizeof(dwz_hdr));
+
+ free_head = qvirtqueue_add(qts, vq, req_addr, 16, false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16, sizeof(dwz_hdr), false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16 + sizeof(dwz_hdr), 1, true,
+ false);
+
+ qvirtqueue_kick(qts, dev, vq, free_head);
+
+ qvirtio_wait_used_elem(qts, dev, vq, free_head, NULL,
+ QVIRTIO_BLK_TIMEOUT_US);
+ status = readb(req_addr + 16 + sizeof(dwz_hdr));
+ g_assert_cmpint(status, ==, VIRTIO_BLK_S_IOERR);
+
+ guest_free(alloc, req_addr);
+
+ /* reserved flag bits must be zero */
+ req.type = type;
+ req.data = (char *) &dwz_hdr;
+ dwz_hdr.sector = 0;
+ dwz_hdr.num_sectors = 1;
+ dwz_hdr.flags = ~VIRTIO_BLK_WRITE_ZEROES_FLAG_UNMAP;
+
+ virtio_blk_fix_dwz_hdr(dev, &dwz_hdr);
+
+ req_addr = virtio_blk_request(alloc, dev, &req, sizeof(dwz_hdr));
+
+ free_head = qvirtqueue_add(qts, vq, req_addr, 16, false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16, sizeof(dwz_hdr), false, true);
+ qvirtqueue_add(qts, vq, req_addr + 16 + sizeof(dwz_hdr), 1, true,
+ false);
+
+ qvirtqueue_kick(qts, dev, vq, free_head);
+
+ qvirtio_wait_used_elem(qts, dev, vq, free_head, NULL,
+ QVIRTIO_BLK_TIMEOUT_US);
+ status = readb(req_addr + 16 + sizeof(dwz_hdr));
+ g_assert_cmpint(status, ==, VIRTIO_BLK_S_UNSUPP);
+
+ guest_free(alloc, req_addr);
+}
+
/* Returns the request virtqueue so the caller can perform further tests */
static QVirtQueue *test_basic(QVirtioDevice *dev, QGuestAllocator *alloc)
{
@@ -235,6 +353,9 @@ static QVirtQueue *test_basic(QVirtioDevice *dev, QGuestAllocator *alloc)
g_free(data);
guest_free(alloc, req_addr);
+
+ test_invalid_discard_write_zeroes(dev, alloc, qts, vq,
+ VIRTIO_BLK_T_WRITE_ZEROES);
}
if (features & (1u << VIRTIO_BLK_F_DISCARD)) {
@@ -263,6 +384,9 @@ static QVirtQueue *test_basic(QVirtioDevice *dev, QGuestAllocator *alloc)
g_assert_cmpint(status, ==, 0);
guest_free(alloc, req_addr);
+
+ test_invalid_discard_write_zeroes(dev, alloc, qts, vq,
+ VIRTIO_BLK_T_DISCARD);
}
if (features & (1u << VIRTIO_F_ANY_LAYOUT)) {
--
2.29.2
next prev parent reply other threads:[~2021-03-11 15:18 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-11 14:47 [PULL 00/38] Block layer patches and object-add QAPIfication Kevin Wolf
2021-03-11 14:47 ` [PULL 01/38] block: remove format defaults from QemuOpts in bdrv_create_file() Kevin Wolf
2021-03-11 14:47 ` [PULL 02/38] storage-daemon: Call job_cancel_sync_all() on shutdown Kevin Wolf
2021-03-11 14:47 ` [PULL 03/38] stream: Don't crash when node permission is denied Kevin Wolf
2021-03-11 14:47 ` [PULL 04/38] curl: Store BDRVCURLState pointer in CURLSocket Kevin Wolf
2021-03-11 14:47 ` [PULL 05/38] curl: Disconnect sockets from CURLState Kevin Wolf
2021-03-11 14:47 ` [PULL 06/38] block/export: disable VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD for now Kevin Wolf
2021-03-11 14:47 ` [PULL 07/38] test: new qTest case to test the vhost-user-blk-server Kevin Wolf
2021-03-11 14:47 ` [PULL 08/38] tests/qtest: add multi-queue test case to vhost-user-blk-test Kevin Wolf
2021-03-11 14:47 ` Kevin Wolf [this message]
2021-03-11 14:47 ` [PULL 10/38] tests: Drop 'props' from object-add calls Kevin Wolf
2021-03-11 14:47 ` [PULL 11/38] qapi/qom: Drop deprecated 'props' from object-add Kevin Wolf
2021-03-11 14:47 ` [PULL 12/38] qapi/qom: Add ObjectOptions for iothread Kevin Wolf
2021-03-11 14:47 ` [PULL 13/38] qapi/qom: Add ObjectOptions for authz-* Kevin Wolf
2021-03-11 14:47 ` [PULL 14/38] qapi/qom: Add ObjectOptions for cryptodev-* Kevin Wolf
2021-03-11 14:47 ` [PULL 15/38] qapi/qom: Add ObjectOptions for dbus-vmstate Kevin Wolf
2021-03-11 14:47 ` [PULL 16/38] qapi/qom: Add ObjectOptions for memory-backend-* Kevin Wolf
2021-03-11 14:47 ` [PULL 17/38] qapi/qom: Add ObjectOptions for rng-*, deprecate 'opened' Kevin Wolf
2021-03-11 14:47 ` [PULL 18/38] qapi/qom: Add ObjectOptions for throttle-group Kevin Wolf
2021-03-11 14:47 ` [PULL 19/38] qapi/qom: Add ObjectOptions for secret*, deprecate 'loaded' Kevin Wolf
2021-03-11 14:47 ` [PULL 20/38] qapi/qom: Add ObjectOptions for tls-*, " Kevin Wolf
2021-03-11 14:47 ` [PULL 21/38] qapi/qom: Add ObjectOptions for can-* Kevin Wolf
2021-03-11 14:47 ` [PULL 22/38] qapi/qom: Add ObjectOptions for colo-compare Kevin Wolf
2021-03-11 14:47 ` [PULL 23/38] qapi/qom: Add ObjectOptions for filter-* Kevin Wolf
2021-03-11 14:47 ` [PULL 24/38] qapi/qom: Add ObjectOptions for pr-manager-helper Kevin Wolf
2021-03-11 14:47 ` [PULL 25/38] qapi/qom: Add ObjectOptions for confidential-guest-support Kevin Wolf
2021-03-11 14:47 ` [PULL 26/38] qapi/qom: Add ObjectOptions for input-* Kevin Wolf
2021-03-11 14:48 ` [PULL 27/38] qapi/qom: Add ObjectOptions for x-remote-object Kevin Wolf
2021-03-11 14:48 ` [PULL 28/38] qapi/qom: QAPIfy object-add Kevin Wolf
2021-03-11 14:48 ` [PULL 29/38] qom: Make "object" QemuOptsList optional Kevin Wolf
2021-03-11 14:48 ` [PULL 30/38] qemu-storage-daemon: Implement --object with qmp_object_add() Kevin Wolf
2021-03-11 14:48 ` [PULL 31/38] qom: Remove user_creatable_add_dict() Kevin Wolf
2021-03-11 14:48 ` [PULL 32/38] qom: Factor out user_creatable_process_cmdline() Kevin Wolf
2021-03-11 14:48 ` [PULL 33/38] qemu-io: Use user_creatable_process_cmdline() for --object Kevin Wolf
2021-03-11 14:48 ` [PULL 34/38] qemu-nbd: " Kevin Wolf
2021-03-11 14:48 ` [PULL 35/38] qom: Add user_creatable_add_from_str() Kevin Wolf
2021-03-11 14:48 ` [PULL 36/38] qemu-img: Use user_creatable_process_cmdline() for --object Kevin Wolf
2021-03-11 14:48 ` [PULL 37/38] hmp: QAPIfy object_add Kevin Wolf
2021-03-11 14:48 ` [PULL 38/38] qom: Add user_creatable_parse_str() Kevin Wolf
2021-03-12 18:56 ` [PULL 00/38] Block layer patches and object-add QAPIfication Peter Maydell
2021-03-15 12:08 ` Kevin Wolf
2021-03-15 12:10 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210311144811.313451-10-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).