[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-block] [PATCH v2 2/2] block: fix write with zero flag set and

From: Anton Nefedov
Subject: Re: [Qemu-block] [PATCH v2 2/2] block: fix write with zero flag set and iovector provided
Date: Mon, 12 Feb 2018 19:11:35 +0300
User-agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2

On 12/2/2018 6:03 PM, Alberto Garcia wrote:
On Mon 12 Feb 2018 02:14:01 PM CET, Anton Nefedov wrote:
The normal bdrv_co_pwritev() use is either
   - BDRV_REQ_ZERO_WRITE clear and iovector provided
   - BDRV_REQ_ZERO_WRITE set and iovector == NULL

   - the flag clear and iovector == NULL is an assertion failure
     in bdrv_co_do_zero_pwritev()
   - the flag set and iovector provided is in fact allowed
     (the flag prevails and zeroes are written)

However the alignment logic does not support the latter case so the
padding areas get overwritten with zeroes.

Oh, so this doesn't simply write zeroes in [offset, offset+bytes), but
also in the head and tail areas, instead of keeping the previous

This is a pretty serious bug, but I assume it can't be triggered
(bdrv_pwrite_zeroes() is used in complete clusters). Did you check if
there was any other scenario where this could happen?

I was a bit lazy to look deep but as far as I can say currently it's
only bdrv_pwrite_zeroes(). It's mostly called for large extents like
clusters, but not everywhere, another case is I guess
qcow2_crypto_hdr_init_func(); also it's probably not guaranteed (though
being quite exotic) that the cluster size is not smaller than the
protocol driver alignment requirements.

At least external (block.h) write interfaces don't accept or set any

reply via email to

[Prev in Thread] Current Thread [Next in Thread]