Am 07.03.2013 um 10:03 schrieb Kevin Wolf <kw...@redhat.com>: > Am 07.03.2013 um 09:56 hat Peter Lieven geschrieben: >> On 07.03.2013 09:50, Kevin Wolf wrote: >>> Am 06.03.2013 um 21:39 hat Paolo Bonzini geschrieben: >>>> Il 06/03/2013 20:03, Peter Lieven ha scritto: >>>>> Am 06.03.2013 19:48, schrieb Jeff Cody: >>>>>> On Wed, Mar 06, 2013 at 07:31:51PM +0100, Paolo Bonzini wrote: >>>>>>> Il 06/03/2013 19:14, Jeff Cody ha scritto: >>>>>>>> QCOW breaks with it using a normal raw posix file as a device. As a >>>>>>>> test: qemu-img create -f qcow test.qcow 5G. Now run qemu with that >>>>>>>> drive mounted, and try to partition and format it. QEMU now asserts. >>>>>>>> >>>>>>>> The nicety of being able to using truncate during a write call, >>>>>>>> especially for VHDX (which can have relatively large block/cluster >>>>>>>> sizes), so to grow the file sparsely in a dynamically allocated file. >>>>>>> >>>>>>> Perhaps we need two APIs, "truncate" and "revalidate". >>>>>>> >>>>>>> Truncate should be a no-op if (!bs->growable). >>>>>>> >>>>>>> Revalidate could be called by the block_resize monitor command with no >>>>>>> size specified. >>>>>>> >>>>>>> Paolo >>>>>> >>>>>> I think that is a good solution. Is it better to have "truncate" and >>>>>> "revalidate", or "truncate" and "grow", with grow being a subset of >>>>>> truncate, with fewer restrictions? There may still be operations >>>>>> where it is OK to grow a file, but not OK to shrink it. >>> >>> What semantics would the both operations have? Is truncate the same as >>> it used to be? I don't really understand what "revalidate" would do, it >>> sounds like a read-only operation from its name? >>> >>>>> Or as a first step: >>>>> >>>>> a) Call brdv_drain_all() only if the device is shrinked (independently of >>>>> !bs->growable) >>>>> b) Call brdv_drain_all() inside iscsi_truncate() because it is a special >>>>> requirement there >>>>> c) Fix the value of bs->growable for all drivers >>>> >>>> Let's start from (c). bdrv_file_open sets bs->growable = 1. I think it >>>> should be removed and only the file protocol should set it. >>> >>> This is probably right. >> >> If bs->growable is 1 for all drivers, whats the fix status of CVE-2008-0928? >> This >> flag was introduced as a fix for this problem. >> >> bdrv_check_byte_request() does nothing useful if bs->growable is 1. > > Don't ignore the difference between bdrv_open() and bdrv_file_open(). > Typically you have two BDSes: On top there is e.g. a qcow2 BDS that is > opened through bdrv_open() and has bs->growable = false. Its bs->file is > using the file protocol (raw-posix driver) and opened by > bdrv_file_open(). This one has bs->file->growable = true so that qcow2 > can write to newly allocated areas without calling bdrv_truncate() > first.
Sorry, I have to admin I am little confused by what is happening in bdrv_open(). However, what I can say is that bs->growable is 1 for an iSCSI backed harddrive and I wonder how this can happen if bdrv_file_open is not used for opening it because that is the only place where bs->growable is set to 1. cmdline: x86_64-softmmu/qemu-system-x86_64 -k de -enable-kvm -m 1024 -drive if=virtio,file=iscsi://172.21.200.31/iqn.2001-05.com.equallogic:0-8a0906-16470e107-713001aa6de511e0-001-test/0 -vnc :1 -boot dc -monitor stdio Peter > > Kevin