From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55864) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKori-0003mJ-Op for qemu-devel@nongnu.org; Fri, 22 Aug 2014 09:26:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XKorc-0003Ap-FI for qemu-devel@nongnu.org; Fri, 22 Aug 2014 09:26:50 -0400 Received: from mx1.redhat.com ([209.132.183.28]:52044) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XKorc-0003AV-8o for qemu-devel@nongnu.org; Fri, 22 Aug 2014 09:26:44 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s7MDQgnd017670 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Fri, 22 Aug 2014 09:26:42 -0400 Message-ID: <53F7450B.5030809@redhat.com> Date: Fri, 22 Aug 2014 15:26:35 +0200 From: Max Reitz MIME-Version: 1.0 References: <1405117387-25539-1-git-send-email-mreitz@redhat.com> <1405117387-25539-2-git-send-email-mreitz@redhat.com> <20140820114059.GF6122@noname.redhat.com> <53F4F36D.8070905@redhat.com> <20140821081946.GC4452@noname.redhat.com> In-Reply-To: <20140821081946.GC4452@noname.redhat.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 1/4] block: Correct bs->growable List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Kevin Wolf Cc: qemu-devel@nongnu.org, Stefan Hajnoczi , armbru@redhat.com On 21.08.2014 10:19, Kevin Wolf wrote: > Am 20.08.2014 um 21:13 hat Max Reitz geschrieben: >> On 20.08.2014 13:40, Kevin Wolf wrote: >>> Am 12.07.2014 um 00:23 hat Max Reitz geschrieben: >>>> Currently, the field "growable" in a BDS is set iff the BDS is opened in >>>> protocol mode (with O_BDRV_PROTOCOL). However, not every protocol block >>>> driver allows growing: NBD, for instance, does not. On the other hand, >>>> a non-protocol block driver may allow growing: The raw driver does. >>>> >>>> Fix this by correcting the "growable" field in the driver-specific open >>>> function for the BDS, if necessary. >>>> >>>> Signed-off-by: Max Reitz >>> I'm not sure I agree with bs->growable = true for raw. It's certainly >>> true that the backend can technically provide the functionality that >>> writes beyond EOF grow the file. That's not the point of bs->growable, >>> though. >>> >>> The point of it was to _forbid_ it to grow even when it's technically >>> possible (non-file protocols weren't really a thing back then, apart >> >from vvfat, so the assumption was that it's always technically >>> possible). growable was introduced with bdrv_check_request(), which is >>> supposed to reject guest requests after the end of the virtual disk (and >>> this fixed a CVE, see commit 71d0770c). You're now disabling this check >>> for raw. >>> >>> I think we need to make sure that bs->growable is only set if it is >>> opened for an image that has drv->requires_growing_file set and >>> therefore not directly used by a guest. >>> >>> Well, except that with node-name a guest will be able to use any image >>> in the chain... Might this mean that it's really a BlockBackend >>> property? >> I guess I can make things easy for me by just introducing some >> "really_growable" or "writes_beyond_eof" field or something for the >> sake of this series. ;-) > Nah, don't evade the real solution... Using BDRV_O_PROTOCOL like we > currently do isn't quite right either. If you clear growable when > requires_growing_file isn't set for the parent, you should be fine. I > think. Or hope. But then using qcow2 over raw over file will throw a warning. *g* ...Okay, you're right, I can go with growable and just don't set it for raw. Max