Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client

From:	Kevin Wolf
Subject:	Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests
Date:	Fri, 22 Apr 2016 12:19:33 +0200
User-agent:	Mutt/1.5.21 (2010-09-15)

Am 22.04.2016 um 11:29 hat Peter Maydell geschrieben:
> On 22 April 2016 at 08:03, Kevin Wolf <address@hidden> wrote:
> > Am 21.04.2016 um 18:28 hat Peter Maydell geschrieben:
> >> On 21 April 2016 at 15:42, Eric Blake <address@hidden> wrote:
> >> > The NBD protocol does not (yet) force any alignment constraints
> >> > on clients.  Even though qemu NBD clients always send requests
> >> > that are aligned to 512 bytes, we must be prepared for non-qemu
> >> > clients that don't care about alignment (even if it means they
> >> > are less efficient).  Our use of blk_read() and blk_write() was
> >> > silently operating on the wrong file offsets when the client
> >> > made an unaligned request, corrupting the client's data (but
> >> > as the client already has control over the file we are serving,
> >> > I don't think it is a security hole, per se, just a data
> >> > corruption bug).
> >> >
> >> > Note that in the case of NBD_CMD_READ, an unaligned length could
> >> > cause us to return up to 511 bytes of uninitialized trailing
> >> > garbage from blk_try_blockalign() - hopefully nothing sensitive
> >> > from the heap's prior usage is ever leaked in that manner.
> >> >
> >> > Signed-off-by: Eric Blake <address@hidden>
> >> > ---
> >> >
> >> > It's late for 2.6, but as a data corruption bug fix, I think
> >> > it's worth having if there is still time.
> >>
> >> I want to tag rc3 today, but since it looks like there's going to
> >> be an rc4 for the virtio handler bug this can probably go into rc4
> >> if it gets review.
> >
> > Reviewed-by: Kevin Wolf <address@hidden>
> >
> > Peter, do you want a pull request (which I would have to do because
> > Paolo is away) or are you going to apply the patch directly?
> 
> If you're happy on the review and testing front I can apply it
> to master directly (I won't be able to do any testing beyond
> running "make check".)

I am. It's a trivial patch anyway, but I've also tested it with
qemu-iotests and by installing a guest on an NBD device. So if you like,
you can also add:

Tested-by: Kevin Wolf <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests, Eric Blake, 2016/04/21
- Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests, Peter Maydell, 2016/04/21
  - Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests, Kevin Wolf, 2016/04/22
    - Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests, Peter Maydell, 2016/04/22
    - Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests, Kevin Wolf <=
    - Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests, Peter Maydell, 2016/04/22
- Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests, Fam Zheng, 2016/04/22

Prev by Date: Re: [Qemu-devel] Performance regression using KVM/ARM
Next by Date: [Qemu-devel] [PATCH for-2.6] Fix association of -drive & -iscsi args
Previous by thread: Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests
Next by thread: Re: [Qemu-devel] [PATCH for-2.6?] nbd: Don't mishandle unaligned client requests
Index(es):
- Date
- Thread