[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 51/60] vmdk: Fix data corruption bug in WRITE and RE
|
From: |
Michael Tokarev |
|
Subject: |
[Qemu-devel] [PATCH 51/60] vmdk: Fix data corruption bug in WRITE and READ handling |
|
Date: |
Mon, 4 Feb 2013 14:41:01 +0400 |
From: Gerhard Wiesinger <address@hidden>
Fixed a MAJOR BUG in VMDK files on file boundaries on reads
and ALSO ON WRITES WHICH MIGHT CORRUPT THE IMAGE AND DATA!!!!!!
Triggered for example with the following VMDK file (partly listed):
RW 4193792 FLAT "XP-W1-f001.vmdk" 0
RW 2097664 FLAT "XP-W1-f002.vmdk" 0
RW 4193792 FLAT "XP-W1-f003.vmdk" 0
RW 512 FLAT "XP-W1-f004.vmdk" 0
RW 4193792 FLAT "XP-W1-f005.vmdk" 0
RW 2097664 FLAT "XP-W1-f006.vmdk" 0
RW 4193792 FLAT "XP-W1-f007.vmdk" 0
RW 512 FLAT "XP-W1-f008.vmdk" 0
Patch includes:
1.) Patch fixes wrong calculation on extent boundaries. Especially it
fixes the relativeness of the sector number to the current extent.
Verfied correctness with:
1.) Converted either with Virtualbox to VDI and then with qemu-img and
then with qemu-img only:
VBoxManage clonehd --format vdi /VM/XP-W/new/XP-W1.vmdk
~/.VirtualBox/Harddisks/XP-W1-new-test.vdi
./qemu-img convert -O raw ~/.VirtualBox/Harddisks/XP-W1-new-test.vdi
/root/QEMU/VM-XP-W1/XP-W1-via-VBOX.img
md5sum /root/QEMU/VM-XP-W/XP-W1-direct.img
md5sum /root/QEMU/VM-XP-W/XP-W1-via-VBOX.img
=> same MD5 hash
2.) Verified debug log files
3.) Run Windows XP successfully
4.) chkdsk run successfully without any errors
Signed-off-by: Gerhard Wiesinger <address@hidden>
Acked-by: Fam Zheng <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit b1649fae49a899a222c3ac53c5009dd6f23349e1)
Signed-off-by: Michael Tokarev <address@hidden>
---
block/vmdk.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/block/vmdk.c b/block/vmdk.c
index a55f756..f0448ba 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -1058,6 +1058,7 @@ static int vmdk_read(BlockDriverState *bs, int64_t
sector_num,
BDRVVmdkState *s = bs->opaque;
int ret;
uint64_t n, index_in_cluster;
+ uint64_t extent_begin_sector, extent_relative_sector_num;
VmdkExtent *extent = NULL;
uint64_t cluster_offset;
@@ -1069,7 +1070,9 @@ static int vmdk_read(BlockDriverState *bs, int64_t
sector_num,
ret = get_cluster_offset(
bs, extent, NULL,
sector_num << 9, 0, &cluster_offset);
- index_in_cluster = sector_num % extent->cluster_sectors;
+ extent_begin_sector = extent->end_sector - extent->sectors;
+ extent_relative_sector_num = sector_num - extent_begin_sector;
+ index_in_cluster = extent_relative_sector_num %
extent->cluster_sectors;
n = extent->cluster_sectors - index_in_cluster;
if (n > nb_sectors) {
n = nb_sectors;
@@ -1120,6 +1123,7 @@ static int vmdk_write(BlockDriverState *bs, int64_t
sector_num,
VmdkExtent *extent = NULL;
int n, ret;
int64_t index_in_cluster;
+ uint64_t extent_begin_sector, extent_relative_sector_num;
uint64_t cluster_offset;
VmdkMetaData m_data;
@@ -1162,7 +1166,9 @@ static int vmdk_write(BlockDriverState *bs, int64_t
sector_num,
if (ret) {
return -EINVAL;
}
- index_in_cluster = sector_num % extent->cluster_sectors;
+ extent_begin_sector = extent->end_sector - extent->sectors;
+ extent_relative_sector_num = sector_num - extent_begin_sector;
+ index_in_cluster = extent_relative_sector_num %
extent->cluster_sectors;
n = extent->cluster_sectors - index_in_cluster;
if (n > nb_sectors) {
n = nb_sectors;
--
1.7.10.4
- [Qemu-devel] [PATCH 12/60] intel_hda: do not call msi_reset when only device state needs resetting, (continued)
- [Qemu-devel] [PATCH 12/60] intel_hda: do not call msi_reset when only device state needs resetting, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 44/60] qcow2: Fix refcount table size calculation, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 43/60] qcow2: Fix avail_sectors in cluster allocation code, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 13/60] usb-audio: fix usb version, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 14/60] fpu/softfloat.c: Return correctly signed values from uint64_to_float32, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 40/60] nbd: fixes to read-only handling, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 60/60] migration: Fix madvise breakage if host and guest have different page sizes, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 39/60] m68k: Return semihosting errno values correctly, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 28/60] Fixes related to processing of qemu's -numa option, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 09/60] ahci: properly reset PxCMD on HBA reset, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 51/60] vmdk: Fix data corruption bug in WRITE and READ handling,
Michael Tokarev <=
- [Qemu-devel] [PATCH 59/60] target-xtensa: fix ITLB/DTLB page protection flags, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 55/60] arm_boot: Change initrd load address to "halfway through RAM", Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 06/60] fix doc of using raw values with sendkey, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 08/60] eepro100: Fix network hang when rx buffers run out, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 36/60] PPC: Bamboo: Fix memory size DT property, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 24/60] qxl: always update displaysurface on resize, Michael Tokarev, 2013/02/04
- [Qemu-devel] [PATCH 37/60] target-sparc64: disable VGA cirrus, Michael Tokarev, 2013/02/04
- Re: [Qemu-devel] [Qemu-stable] Patch queue for qemu-1.1.3 stable release, Doug Goldstein, 2013/02/04
- Re: [Qemu-devel] Patch queue for qemu-1.1.3 stable release, Michael Tokarev, 2013/02/19