Message ID | 1284740318-20838-3-git-send-email-kwolf@redhat.com |
---|---|
State | New |
Headers | show |
On 09/17/2010 11:18 AM, Kevin Wolf wrote: > Note that the flush is omitted intentionally in qcow2_free_clusters. If > anything, we can leak clusters here if we lose the writes. > > Signed-off-by: Kevin Wolf<kwolf@redhat.com> > Cluster leaking gets picked up by bdrv_check though, right? I think I've convinced myself that leaking clusters is not an acceptable behavior from a security perspective but as long as it's detectable via bdrv_check, qcow2 could implement an online check to address it. Regards, Anthony Liguori > --- > block/qcow2-refcount.c | 13 +++++++++++-- > 1 files changed, 11 insertions(+), 2 deletions(-) > > diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c > index 7dc75d1..4fc3f80 100644 > --- a/block/qcow2-refcount.c > +++ b/block/qcow2-refcount.c > @@ -261,6 +261,8 @@ static int64_t alloc_refcount_block(BlockDriverState *bs, int64_t cluster_index) > goto fail_block; > } > > + bdrv_flush(bs->file); > + > /* Initialize the new refcount block only after updating its refcount, > * update_refcount uses the refcount cache itself */ > memset(s->refcount_block_cache, 0, s->cluster_size); > @@ -551,8 +553,6 @@ fail: > dummy = update_refcount(bs, offset, cluster_offset - offset, -addend); > } > > - bdrv_flush(bs->file); > - > return ret; > } > > @@ -575,6 +575,8 @@ static int update_cluster_refcount(BlockDriverState *bs, > return ret; > } > > + bdrv_flush(bs->file); > + > return get_refcount(bs, cluster_index); > } > > @@ -626,6 +628,9 @@ int64_t qcow2_alloc_clusters(BlockDriverState *bs, int64_t size) > if (ret< 0) { > return ret; > } > + > + bdrv_flush(bs->file); > + > return offset; > } > > @@ -803,6 +808,10 @@ int qcow2_update_snapshot_refcount(BlockDriverState *bs, > if (ret< 0) { > goto fail; > } > + > + /* TODO Flushing once for the whole function should > + * be enough */ > + bdrv_flush(bs->file); > } > /* compressed clusters are never modified */ > refcount = 2; >
Am 17.09.2010 19:06, schrieb Anthony Liguori: > On 09/17/2010 11:18 AM, Kevin Wolf wrote: >> Note that the flush is omitted intentionally in qcow2_free_clusters. If >> anything, we can leak clusters here if we lose the writes. >> >> Signed-off-by: Kevin Wolf<kwolf@redhat.com> >> > > Cluster leaking gets picked up by bdrv_check though, right? > > I think I've convinced myself that leaking clusters is not an acceptable > behavior from a security perspective but as long as it's detectable via > bdrv_check, qcow2 could implement an online check to address it. Leaking clusters on crashes is unavoidable. But yes, qemu-img check does detect this. Kevin
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c index 7dc75d1..4fc3f80 100644 --- a/block/qcow2-refcount.c +++ b/block/qcow2-refcount.c @@ -261,6 +261,8 @@ static int64_t alloc_refcount_block(BlockDriverState *bs, int64_t cluster_index) goto fail_block; } + bdrv_flush(bs->file); + /* Initialize the new refcount block only after updating its refcount, * update_refcount uses the refcount cache itself */ memset(s->refcount_block_cache, 0, s->cluster_size); @@ -551,8 +553,6 @@ fail: dummy = update_refcount(bs, offset, cluster_offset - offset, -addend); } - bdrv_flush(bs->file); - return ret; } @@ -575,6 +575,8 @@ static int update_cluster_refcount(BlockDriverState *bs, return ret; } + bdrv_flush(bs->file); + return get_refcount(bs, cluster_index); } @@ -626,6 +628,9 @@ int64_t qcow2_alloc_clusters(BlockDriverState *bs, int64_t size) if (ret < 0) { return ret; } + + bdrv_flush(bs->file); + return offset; } @@ -803,6 +808,10 @@ int qcow2_update_snapshot_refcount(BlockDriverState *bs, if (ret < 0) { goto fail; } + + /* TODO Flushing once for the whole function should + * be enough */ + bdrv_flush(bs->file); } /* compressed clusters are never modified */ refcount = 2;
Note that the flush is omitted intentionally in qcow2_free_clusters. If anything, we can leak clusters here if we lose the writes. Signed-off-by: Kevin Wolf <kwolf@redhat.com> --- block/qcow2-refcount.c | 13 +++++++++++-- 1 files changed, 11 insertions(+), 2 deletions(-)