mirror of
https://github.com/qemu/qemu.git
synced 2025-01-26 15:40:11 +08:00
b66ff2c298
There are many existing qcow2 images that specify a backing file but no format. This has been the source of CVEs in the past, but has become more prominent of a problem now that libvirt has switched to -blockdev. With older -drive, at least the probing was always done by qemu (so the only risk of a changed format between successive boots of a guest was if qemu was upgraded and probed differently). But with newer -blockdev, libvirt must specify a format; if libvirt guesses raw where the image was formatted, this results in data corruption visible to the guest; conversely, if libvirt guesses qcow2 where qemu was using raw, this can result in potential security holes, so modern libvirt instead refuses to use images without explicit backing format. The change in libvirt to reject images without explicit backing format has pointed out that a number of tools have been far too reliant on probing in the past. It's time to set a better example in our own iotests of properly setting this parameter. iotest calls to create, rebase, and convert are all impacted to some degree. It's a bit annoying that we are inconsistent on command line - while all of those accept -o backing_file=...,backing_fmt=..., the shortcuts are different: create and rebase have -b and -F, while convert has -B but no -F. (amend has no shortcuts, but the previous patch just deprecated the use of amend to change backing chains). Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20200706203954.341758-9-eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
274 lines
6.2 KiB
Bash
Executable File
274 lines
6.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
#
|
|
# Test concurrent cluster allocations
|
|
#
|
|
# Copyright (C) 2012 Red Hat, Inc.
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#
|
|
|
|
# creator
|
|
owner=kwolf@redhat.com
|
|
|
|
seq=`basename $0`
|
|
echo "QA output created by $seq"
|
|
|
|
status=1 # failure is the default!
|
|
|
|
_cleanup()
|
|
{
|
|
_cleanup_test_img
|
|
}
|
|
trap "_cleanup; exit \$status" 0 1 2 3 15
|
|
|
|
# get standard environment, filters and checks
|
|
. ./common.rc
|
|
. ./common.filter
|
|
|
|
_supported_fmt qcow2
|
|
_supported_proto file
|
|
# data_file does not support compressed clusters
|
|
_unsupported_imgopts data_file
|
|
|
|
CLUSTER_SIZE=64k
|
|
size=128M
|
|
|
|
echo
|
|
echo "== creating backing file for COW tests =="
|
|
|
|
_make_test_img $size
|
|
|
|
backing_io()
|
|
{
|
|
local offset=$1
|
|
local sectors=$2
|
|
local op=$3
|
|
local pattern=0
|
|
local cur_sec=0
|
|
|
|
for ((i=0;i<=$((sectors - 1));i++)); do
|
|
cur_sec=$((offset / 65536 + i))
|
|
pattern=$(( ( (cur_sec % 128) + (cur_sec / 128)) % 128 ))
|
|
|
|
echo "$op -P $pattern $((cur_sec * 64))k 64k"
|
|
done
|
|
}
|
|
|
|
backing_io 0 32 write | $QEMU_IO "$TEST_IMG" | _filter_qemu_io
|
|
|
|
mv "$TEST_IMG" "$TEST_IMG.base"
|
|
|
|
_make_test_img -b "$TEST_IMG.base" -F $IMGFMT 6G
|
|
|
|
echo
|
|
echo "== Some concurrent requests touching the same cluster =="
|
|
|
|
overlay_io()
|
|
{
|
|
# Allocate middle of cluster 1, then write to somewhere before and after it
|
|
cat <<EOF
|
|
break write_aio A
|
|
aio_write -P 10 0x18000 0x2000
|
|
wait_break A
|
|
|
|
aio_write -P 11 0x12000 0x2000
|
|
aio_write -P 12 0x1c000 0x2000
|
|
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# Sequential write case: Alloc middle of cluster 2, then write overlapping
|
|
# to next cluster
|
|
cat <<EOF
|
|
break write_aio A
|
|
aio_write -P 20 0x28000 0x2000
|
|
wait_break A
|
|
aio_write -P 21 0x2a000 0x10000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# The same with a gap between both requests
|
|
cat <<EOF
|
|
break write_aio A
|
|
aio_write -P 40 0x48000 0x2000
|
|
wait_break A
|
|
aio_write -P 41 0x4c000 0x10000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# Sequential write, but the next cluster is already allocated
|
|
cat <<EOF
|
|
write -P 70 0x76000 0x8000
|
|
aio_flush
|
|
break write_aio A
|
|
aio_write -P 60 0x66000 0x2000
|
|
wait_break A
|
|
aio_write -P 61 0x6a000 0xe000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# Sequential write, but the next cluster is already allocated
|
|
# and phyiscally in the right position
|
|
cat <<EOF
|
|
write -P 89 0x80000 0x1000
|
|
write -P 90 0x96000 0x8000
|
|
aio_flush
|
|
discard 0x80000 0x10000
|
|
aio_flush
|
|
break write_aio A
|
|
aio_write -P 80 0x86000 0x2000
|
|
wait_break A
|
|
aio_write -P 81 0x8a000 0xe000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# Sequential write, and the next cluster is compressed
|
|
cat <<EOF
|
|
write -P 109 0xa0000 0x1000
|
|
write -c -P 110 0xb0000 0x10000
|
|
aio_flush
|
|
discard 0xa0000 0x10000
|
|
aio_flush
|
|
break write_aio A
|
|
aio_write -P 100 0xa6000 0x2000
|
|
wait_break A
|
|
aio_write -P 101 0xaa000 0xe000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# Reverse sequential write
|
|
cat <<EOF
|
|
break write_aio A
|
|
aio_write -P 121 0xdc000 0x2000
|
|
wait_break A
|
|
aio_write -P 120 0xc4000 0x18000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# Reverse sequential write with a gap
|
|
cat <<EOF
|
|
break write_aio A
|
|
aio_write -P 141 0xfc000 0x2000
|
|
wait_break A
|
|
aio_write -P 140 0xe4000 0x14000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
|
|
# Allocate an area in the middle and then overwrite with a larger request
|
|
cat <<EOF
|
|
break write_aio A
|
|
aio_write -P 161 0x10c000 0x8000
|
|
wait_break A
|
|
aio_write -P 160 0x104000 0x18000
|
|
resume A
|
|
aio_flush
|
|
EOF
|
|
}
|
|
|
|
overlay_io | $QEMU_IO blkdebug::"$TEST_IMG" | _filter_qemu_io |\
|
|
sed -e 's/bytes at offset [0-9]*/bytes at offset XXX/g'
|
|
|
|
echo
|
|
echo "== Verify image content =="
|
|
|
|
verify_io()
|
|
{
|
|
if ($QEMU_IMG info -U -f "$IMGFMT" "$TEST_IMG" | grep "compat: 0.10" > /dev/null); then
|
|
# In v2 images clusters are not discarded when there is a backing file.
|
|
# Keep the variable empty so that the previous value can be used as
|
|
# the default below
|
|
discarded=
|
|
else
|
|
# Discarded clusters are zeroed for v3 or later
|
|
discarded=0
|
|
fi
|
|
|
|
echo read -P 0 0 0x10000
|
|
|
|
echo read -P 1 0x10000 0x2000
|
|
echo read -P 11 0x12000 0x2000
|
|
echo read -P 1 0x14000 0x4000
|
|
echo read -P 10 0x18000 0x2000
|
|
echo read -P 1 0x1a000 0x2000
|
|
echo read -P 12 0x1c000 0x2000
|
|
echo read -P 1 0x1e000 0x2000
|
|
|
|
echo read -P 2 0x20000 0x8000
|
|
echo read -P 20 0x28000 0x2000
|
|
echo read -P 21 0x2a000 0x10000
|
|
echo read -P 3 0x3a000 0x6000
|
|
|
|
echo read -P 4 0x40000 0x8000
|
|
echo read -P 40 0x48000 0x2000
|
|
echo read -P 4 0x4a000 0x2000
|
|
echo read -P 41 0x4c000 0x10000
|
|
echo read -P 5 0x5c000 0x4000
|
|
|
|
echo read -P 6 0x60000 0x6000
|
|
echo read -P 60 0x66000 0x2000
|
|
echo read -P 6 0x68000 0x2000
|
|
echo read -P 61 0x6a000 0xe000
|
|
echo read -P 70 0x78000 0x6000
|
|
echo read -P 7 0x7e000 0x2000
|
|
|
|
echo read -P ${discarded:-89} 0x80000 0x1000
|
|
echo read -P ${discarded:-8} 0x81000 0x5000
|
|
echo read -P 80 0x86000 0x2000
|
|
echo read -P ${discarded:-8} 0x88000 0x2000
|
|
echo read -P 81 0x8a000 0xe000
|
|
echo read -P 90 0x98000 0x6000
|
|
echo read -P 9 0x9e000 0x2000
|
|
|
|
echo read -P ${discarded:-109} 0xa0000 0x1000
|
|
echo read -P ${discarded:-10} 0xa1000 0x5000
|
|
echo read -P 100 0xa6000 0x2000
|
|
echo read -P ${discarded:-10} 0xa8000 0x2000
|
|
echo read -P 101 0xaa000 0xe000
|
|
echo read -P 110 0xb8000 0x8000
|
|
|
|
echo read -P 12 0xc0000 0x4000
|
|
echo read -P 120 0xc4000 0x18000
|
|
echo read -P 121 0xdc000 0x2000
|
|
echo read -P 13 0xde000 0x2000
|
|
|
|
echo read -P 14 0xe0000 0x4000
|
|
echo read -P 140 0xe4000 0x14000
|
|
echo read -P 15 0xf8000 0x4000
|
|
echo read -P 141 0xfc000 0x2000
|
|
echo read -P 15 0xfe000 0x2000
|
|
|
|
echo read -P 16 0x100000 0x4000
|
|
echo read -P 160 0x104000 0x8000
|
|
# Undefined content for 0x10c000 0x8000
|
|
echo read -P 160 0x114000 0x8000
|
|
echo read -P 17 0x11c000 0x4000
|
|
}
|
|
|
|
verify_io | $QEMU_IO "$TEST_IMG" | _filter_qemu_io
|
|
|
|
_check_test_img
|
|
|
|
# success, all done
|
|
echo "*** done"
|
|
rm -f $seq.full
|
|
status=0
|