Patchwork virtio-blk: fail unaligned requests

login
register
mail settings
Submitter Christoph Hellwig
Date April 6, 2011, 6:28 p.m.
Message ID <20110406182834.GA471@lst.de>
Download mbox | patch
Permalink /patch/90047/
State New
Headers show

Comments

Christoph Hellwig - April 6, 2011, 6:28 p.m.
Like all block drivers virtio-blk should not allow small than block size
granularity access.  But given that the protocol specifies a 
byte unit length field we currently accept such requests, which cause
qemu to abort() in lower layers.  Add checks to the main read and
write handlers to catch them early.

Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Stefan Hajnoczi - April 7, 2011, 8:46 a.m.
On Wed, Apr 06, 2011 at 08:28:34PM +0200, Christoph Hellwig wrote:
> Like all block drivers virtio-blk should not allow small than block size
> granularity access.  But given that the protocol specifies a 
> byte unit length field we currently accept such requests, which cause
> qemu to abort() in lower layers.  Add checks to the main read and
> write handlers to catch them early.
> 
> Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com>
> Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com>
> Signed-off-by: Christoph Hellwig <hch@lst.de>

Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Kevin Wolf - April 7, 2011, 1:55 p.m.
Am 06.04.2011 20:28, schrieb Christoph Hellwig:
> Like all block drivers virtio-blk should not allow small than block size
> granularity access.  But given that the protocol specifies a 
> byte unit length field we currently accept such requests, which cause
> qemu to abort() in lower layers.  Add checks to the main read and
> write handlers to catch them early.
> 
> Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com>
> Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com>
> Signed-off-by: Christoph Hellwig <hch@lst.de>

Thanks, applied to the block branch.

Kevin

Patch

Index: qemu/hw/virtio-blk.c
===================================================================
--- qemu.orig/hw/virtio-blk.c	2011-03-30 11:46:10.268665534 -0700
+++ qemu/hw/virtio-blk.c	2011-03-30 11:49:45.655247322 -0700
@@ -290,6 +290,10 @@  static void virtio_blk_handle_write(Virt
         virtio_blk_rw_complete(req, -EIO);
         return;
     }
+    if (req->qiov.size % req->dev->conf->logical_block_size) {
+        virtio_blk_rw_complete(req, -EIO);
+        return;
+    }
 
     if (mrb->num_writes == 32) {
         virtio_submit_multiwrite(req->dev->bs, mrb);
@@ -317,6 +321,10 @@  static void virtio_blk_handle_read(VirtI
         virtio_blk_rw_complete(req, -EIO);
         return;
     }
+    if (req->qiov.size % req->dev->conf->logical_block_size) {
+        virtio_blk_rw_complete(req, -EIO);
+        return;
+    }
 
     acb = bdrv_aio_readv(req->dev->bs, sector, &req->qiov,
                          req->qiov.size / BDRV_SECTOR_SIZE,