[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-stable] [PATCH for 2.9] qcow2: avoid nb_sectors int overflow at ze
|
From: |
Anton Nefedov |
|
Subject: |
[Qemu-stable] [PATCH for 2.9] qcow2: avoid nb_sectors int overflow at zero/discard |
|
Date: |
Tue, 24 Oct 2017 11:56:02 +0300 |
during discard, signed integer overflow leads to end_offset possibly
be less than offset,
that in turn makes nb_clusters (to discard) much bigger than expected,
leading to a possible data loss, operation taking very long and
image growing large as discard will allocate L2 tables for all that
huge amount of clusters
One possibility where nb_sectors is large enough (>=2^21) is vm_state
discard at snapshot creation.
Fixed on master in 2.10 with:
d2cb36af2b0040d421b347e6e4e803e07220f78d
Author: Eric Blake <address@hidden>
Date: Sat May 6 19:05:52 2017 -0500
qcow2: Discard/zero clusters by byte count
Signed-off-by: Anton Nefedov <address@hidden>
Signed-off-by: Denis V. Lunev <address@hidden>
---
block/qcow2.h | 6 +++---
block/qcow2-cluster.c | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/block/qcow2.h b/block/qcow2.h
index f8aeb08..da43054 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -545,9 +545,9 @@ uint64_t
qcow2_alloc_compressed_cluster_offset(BlockDriverState *bs,
int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, QCowL2Meta *m);
int qcow2_discard_clusters(BlockDriverState *bs, uint64_t offset,
- int nb_sectors, enum qcow2_discard_type type, bool full_discard);
-int qcow2_zero_clusters(BlockDriverState *bs, uint64_t offset, int nb_sectors,
- int flags);
+ uint64_t nb_sectors, enum qcow2_discard_type type, bool full_discard);
+int qcow2_zero_clusters(BlockDriverState *bs, uint64_t offset,
+ uint64_t nb_sectors, int flags);
int qcow2_expand_zero_clusters(BlockDriverState *bs,
BlockDriverAmendStatusCB *status_cb,
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 100398c..1bb681c 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -1510,7 +1510,7 @@ static int discard_single_l2(BlockDriverState *bs,
uint64_t offset,
}
int qcow2_discard_clusters(BlockDriverState *bs, uint64_t offset,
- int nb_sectors, enum qcow2_discard_type type, bool full_discard)
+ uint64_t nb_sectors, enum qcow2_discard_type type, bool full_discard)
{
BDRVQcow2State *s = bs->opaque;
uint64_t end_offset;
@@ -1591,8 +1591,8 @@ static int zero_single_l2(BlockDriverState *bs, uint64_t
offset,
return nb_clusters;
}
-int qcow2_zero_clusters(BlockDriverState *bs, uint64_t offset, int nb_sectors,
- int flags)
+int qcow2_zero_clusters(BlockDriverState *bs, uint64_t offset,
+ uint64_t nb_sectors, int flags)
{
BDRVQcow2State *s = bs->opaque;
uint64_t nb_clusters;
--
2.7.4
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-stable] [PATCH for 2.9] qcow2: avoid nb_sectors int overflow at zero/discard,
Anton Nefedov <=