This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] [PATCH] ioemu block device extent checks

To: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] ioemu block device extent checks
From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Date: Wed, 27 Feb 2008 12:57:04 +0000
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 27 Feb 2008 04:57:35 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <18373.18757.256451.327128@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <18363.1536.661607.292188@xxxxxxxxxxxxxxxxxxxxxxxx> <20080226204130.GC24548@xxxxxxxxxx> <18373.18757.256451.327128@xxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.1i
On Wed, Feb 27, 2008 at 11:28:05AM +0000, Ian Jackson wrote:
Content-Description: message body text
> Daniel P. Berrange writes ("Re: [Xen-devel] [PATCH] ioemu block device extent 
> checks"):
> >    The qcow driver though calls back into
> > the raw driver for performing I/O on its underlying file. The qcow 
> > driver relies on this file being grow-on-demand for purposes of allocating
> > new qcow sectors. The safety checks cause this allocation to fail and
> > it all goes downhill from there :-(  
> Oh dear.  (I'm a bit surprised that it's taken this long to spot!)
> Here is a patch for xen-unstable which I think will fix it.  Could you
> give it a quick spin, if you have a suitable test setup ?
> Sadly it's rather more intrusive than ideal, since it needs all of the
> drivers which are going to extend files via their parents to announce
> this, and a couple of bits of necessary infrastructure needed adding.

I don't think this is correct - it allows a -ve  size / nb_sectors
value when autoextenable is set, and allows out of bounds reads.

I sent a patch to qemu-devel yuesterday which also uses the auto-extend
flag, but has separate checks for read vs writes. When doing a write that
would extend the device it increases the total_sectors count so that the
subsequent reads can be validated to be within the written bounds.


|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

Xen-devel mailing list