There are many existing qcow2 images that specify a backing file but no format. This has been the source of CVEs in the past, but has become more prominent of a problem now that libvirt has switched to -blockdev. With older -drive, at least the probing was always done by qemu (so the only risk of a changed format between successive boots of a guest was if qemu was upgraded and probed differently). But with newer -blockdev, libvirt must specify a format; if libvirt guesses raw where the image was formatted, this results in data corruption visible to the guest; conversely, if libvirt guesses qcow2 where qemu was using raw, this can result in potential security holes, so modern libvirt instead refuses to use images without explicit backing format. The change in libvirt to reject images without explicit backing format has pointed out that a number of tools have been far too reliant on probing in the past. It's time to set a better example in our own iotests of properly setting this parameter. iotest calls to create, rebase, and convert are all impacted to some degree. It's a bit annoying that we are inconsistent on command line - while all of those accept -o backing_file=...,backing_fmt=..., the shortcuts are different: create and rebase have -b and -F, while convert has -B but no -F. (amend has no shortcuts, but the previous patch just deprecated the use of amend to change backing chains). Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20200706203954.341758-9-eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
		
			
				
	
	
		
			399 lines
		
	
	
		
			14 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			399 lines
		
	
	
		
			14 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/usr/bin/env bash
 | |
| #
 | |
| # Test command line configuration of block devices and driver-specific options
 | |
| #
 | |
| # Copyright (C) 2013 Red Hat, Inc.
 | |
| #
 | |
| # This program is free software; you can redistribute it and/or modify
 | |
| # it under the terms of the GNU General Public License as published by
 | |
| # the Free Software Foundation; either version 2 of the License, or
 | |
| # (at your option) any later version.
 | |
| #
 | |
| # This program is distributed in the hope that it will be useful,
 | |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of
 | |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 | |
| # GNU General Public License for more details.
 | |
| #
 | |
| # You should have received a copy of the GNU General Public License
 | |
| # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 | |
| #
 | |
| 
 | |
| # creator
 | |
| owner=kwolf@redhat.com
 | |
| 
 | |
| seq=`basename $0`
 | |
| echo "QA output created by $seq"
 | |
| 
 | |
| status=1	# failure is the default!
 | |
| 
 | |
| _cleanup()
 | |
| {
 | |
| 	_cleanup_test_img
 | |
| }
 | |
| trap "_cleanup; exit \$status" 0 1 2 3 15
 | |
| 
 | |
| # get standard environment, filters and checks
 | |
| . ./common.rc
 | |
| . ./common.filter
 | |
| 
 | |
| _supported_fmt qcow2
 | |
| _supported_proto file
 | |
| # A compat=0.10 image is created in this test which does not support anything
 | |
| # other than refcount_bits=16;
 | |
| # it also will not support an external data file
 | |
| _unsupported_imgopts 'refcount_bits=\([^1]\|.\([^6]\|$\)\)' data_file
 | |
| _require_drivers nbd
 | |
| 
 | |
| do_run_qemu()
 | |
| {
 | |
|     echo Testing: "$@"
 | |
|     (
 | |
|         if ! test -t 0; then
 | |
|             while read cmd; do
 | |
|                 echo $cmd
 | |
|             done
 | |
|         fi
 | |
|         echo quit
 | |
|     ) | $QEMU -nographic -monitor stdio -serial none "$@"
 | |
|     echo
 | |
| }
 | |
| 
 | |
| run_qemu()
 | |
| {
 | |
|     do_run_qemu "$@" 2>&1 | _filter_testdir | _filter_qemu |
 | |
|         _filter_generated_node_ids | _filter_hmp
 | |
| }
 | |
| 
 | |
| size=128M
 | |
| device_id="drive0"
 | |
| 
 | |
| _make_test_img $size
 | |
| cp "$TEST_IMG" "$TEST_IMG.orig"
 | |
| mv "$TEST_IMG" "$TEST_IMG.base"
 | |
| _make_test_img -b "$TEST_IMG.base" -F $IMGFMT $size
 | |
| 
 | |
| echo
 | |
| echo === Unknown option ===
 | |
| echo
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,unknown_opt=,if=none,id=$device_id
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,unknown_opt=on,if=none,id=$device_id
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,unknown_opt=1234,if=none,id=$device_id
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,unknown_opt=foo,if=none,id=$device_id
 | |
| 
 | |
| echo
 | |
| echo === Unknown protocol option ===
 | |
| echo
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,file.unknown_opt=
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,file.unknown_opt=on
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,file.unknown_opt=1234
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,file.unknown_opt=foo
 | |
| 
 | |
| echo
 | |
| echo === Invalid format ===
 | |
| echo
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",format=foo
 | |
| run_qemu -drive file="$TEST_IMG",driver=foo
 | |
| run_qemu -drive file="$TEST_IMG",driver=raw,format=qcow2
 | |
| run_qemu -drive file="$TEST_IMG",driver=qcow2,format=qcow2
 | |
| 
 | |
| echo
 | |
| echo === Node names ===
 | |
| echo
 | |
| 
 | |
| # Maximum length: 31 characters
 | |
| run_qemu -drive file="$TEST_IMG",node-name=x123456789012345678901234567890
 | |
| run_qemu -drive file="$TEST_IMG",node-name=x1234567890123456789012345678901
 | |
| 
 | |
| # First character must be alphabetic
 | |
| # Following characters alphanumeric or -._
 | |
| run_qemu -drive file="$TEST_IMG",node-name=All-Types.of_all0wed_chars
 | |
| run_qemu -drive file="$TEST_IMG",node-name=123foo
 | |
| run_qemu -drive file="$TEST_IMG",node-name=_foo
 | |
| run_qemu -drive file="$TEST_IMG",node-name=foo#12
 | |
| 
 | |
| echo
 | |
| echo === Device without drive ===
 | |
| echo
 | |
| 
 | |
| case "$QEMU_DEFAULT_MACHINE" in
 | |
|   s390-ccw-virtio)
 | |
|       virtio_scsi=virtio-scsi-ccw
 | |
|       ;;
 | |
|   *)
 | |
|       virtio_scsi=virtio-scsi-pci
 | |
|       ;;
 | |
| esac
 | |
| 
 | |
| run_qemu -device $virtio_scsi -device scsi-hd |
 | |
|     sed -e "s/$virtio_scsi/VIRTIO_SCSI/"
 | |
| 
 | |
| echo
 | |
| echo === Overriding backing file ===
 | |
| echo
 | |
| 
 | |
| echo "info block" | run_qemu -drive file="$TEST_IMG",driver=qcow2,backing.file.filename="$TEST_IMG.orig",if=none,id=$device_id -nodefaults\
 | |
|                   | _filter_generated_node_ids
 | |
| 
 | |
| # Drivers that don't support backing files
 | |
| run_qemu -drive file="$TEST_IMG",driver=raw,backing.file.filename="$TEST_IMG.orig"
 | |
| run_qemu -drive file="$TEST_IMG",file.backing.driver=file,file.backing.filename="$TEST_IMG.orig"
 | |
| run_qemu -drive file="$TEST_IMG",file.backing.driver=qcow2,file.backing.file.filename="$TEST_IMG.orig"
 | |
| 
 | |
| echo
 | |
| echo === Enable and disable lazy refcounting on the command line, plus some invalid values ===
 | |
| echo
 | |
| 
 | |
| _make_test_img -o compat=1.1 "$size"
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,lazy-refcounts=on
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,lazy-refcounts=off
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,lazy-refcounts=
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,lazy-refcounts=42
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,lazy-refcounts=foo
 | |
| 
 | |
| 
 | |
| echo
 | |
| echo === With version 2 images enabling lazy refcounts must fail ===
 | |
| echo
 | |
| 
 | |
| _make_test_img -o compat=0.10 $size
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,lazy-refcounts=on
 | |
| run_qemu -drive file="$TEST_IMG",format=qcow2,lazy-refcounts=off
 | |
| 
 | |
| echo
 | |
| echo === No medium ===
 | |
| echo
 | |
| 
 | |
| case "$QEMU_DEFAULT_MACHINE" in
 | |
|     pc)
 | |
|         run_qemu -drive if=floppy
 | |
|         run_qemu -drive if=ide,media=cdrom
 | |
|         run_qemu -drive if=ide
 | |
|         ;;
 | |
|      *)
 | |
|         ;;
 | |
| esac
 | |
| 
 | |
| run_qemu -drive if=virtio
 | |
| 
 | |
| case "$QEMU_DEFAULT_MACHINE" in
 | |
|     pc)
 | |
|         run_qemu -drive if=none,id=disk -device ide-cd,drive=disk
 | |
|         run_qemu -drive if=none,id=disk -device lsi53c895a -device scsi-cd,drive=disk
 | |
|         run_qemu -drive if=none,id=disk -device ide-drive,drive=disk
 | |
|         run_qemu -drive if=none,id=disk -device ide-hd,drive=disk
 | |
|         run_qemu -drive if=none,id=disk -device lsi53c895a -device scsi-disk,drive=disk
 | |
|         run_qemu -drive if=none,id=disk -device lsi53c895a -device scsi-hd,drive=disk
 | |
|         ;;
 | |
|      *)
 | |
|         ;;
 | |
| esac
 | |
| 
 | |
| echo
 | |
| echo === Attach to node in non-default iothread ===
 | |
| echo
 | |
| 
 | |
| case "$QEMU_DEFAULT_MACHINE" in
 | |
|     pc)
 | |
|         iothread="-drive file=$TEST_IMG,if=none,node-name=disk -object iothread,id=thread0 -device virtio-scsi,iothread=thread0,id=virtio-scsi0 -device scsi-hd,bus=virtio-scsi0.0,drive=disk,share-rw=on"
 | |
| 
 | |
|         # Can't add a device in the main thread while virtio-scsi0 uses the node
 | |
|         run_qemu $iothread -device ide-hd,drive=disk,share-rw=on
 | |
|         run_qemu $iothread -device virtio-blk-pci,drive=disk,share-rw=on
 | |
|         run_qemu $iothread -device lsi53c895a,id=lsi0 -device scsi-hd,bus=lsi0.0,drive=disk,share-rw=on
 | |
|         run_qemu $iothread -device virtio-scsi,id=virtio-scsi1 -device scsi-hd,bus=virtio-scsi1.0,drive=disk,share-rw=on
 | |
| 
 | |
|         # virtio-blk enables the iothread only when the driver initialises the
 | |
|         # device, so a second virtio-blk device can't be added even with the
 | |
|         # same iothread. virtio-scsi allows this.
 | |
|         run_qemu $iothread -device virtio-blk-pci,drive=disk,iohtread=iothread0,share-rw=on
 | |
|         run_qemu $iothread -device virtio-scsi,id=virtio-scsi1,iothread=thread0 -device scsi-hd,bus=virtio-scsi1.0,drive=disk,share-rw=on
 | |
|         ;;
 | |
|      *)
 | |
|         ;;
 | |
| esac
 | |
| 
 | |
| echo
 | |
| echo === Read-only ===
 | |
| echo
 | |
| 
 | |
| case "$QEMU_DEFAULT_MACHINE" in
 | |
|     pc)
 | |
|         run_qemu -drive file="$TEST_IMG",if=floppy,readonly=on
 | |
|         run_qemu -drive file="$TEST_IMG",if=ide,media=cdrom,readonly=on
 | |
|         run_qemu -drive file="$TEST_IMG",if=ide,readonly=on
 | |
|         ;;
 | |
|      *)
 | |
|         ;;
 | |
| esac
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",if=virtio,readonly=on
 | |
| 
 | |
| case "$QEMU_DEFAULT_MACHINE" in
 | |
|     pc)
 | |
|         run_qemu -drive file="$TEST_IMG",if=none,id=disk,readonly=on -device ide-cd,drive=disk
 | |
|         run_qemu -drive file="$TEST_IMG",if=none,id=disk,readonly=on -device lsi53c895a -device scsi-cd,drive=disk
 | |
|         run_qemu -drive file="$TEST_IMG",if=none,id=disk,readonly=on -device ide-drive,drive=disk
 | |
|         run_qemu -drive file="$TEST_IMG",if=none,id=disk,readonly=on -device ide-hd,drive=disk
 | |
|         run_qemu -drive file="$TEST_IMG",if=none,id=disk,readonly=on -device lsi53c895a -device scsi-disk,drive=disk
 | |
|         run_qemu -drive file="$TEST_IMG",if=none,id=disk,readonly=on -device lsi53c895a -device scsi-hd,drive=disk
 | |
|         ;;
 | |
|      *)
 | |
|         ;;
 | |
| esac
 | |
| 
 | |
| echo
 | |
| echo === Cache modes ===
 | |
| echo
 | |
| 
 | |
| # Cannot use the test image because cache=none might not work on the host FS
 | |
| # Use cdrom so that we won't get errors about missing media
 | |
| 
 | |
| run_qemu -drive driver=null-co,read-zeroes=on,cache=none
 | |
| run_qemu -drive driver=null-co,read-zeroes=on,cache=directsync
 | |
| run_qemu -drive driver=null-co,read-zeroes=on,cache=writeback
 | |
| run_qemu -drive driver=null-co,read-zeroes=on,cache=writethrough
 | |
| run_qemu -drive driver=null-co,read-zeroes=on,cache=unsafe
 | |
| run_qemu -drive driver=null-co,cache=invalid_value
 | |
| 
 | |
| # Can't test direct=on here because O_DIRECT might not be supported on this FS
 | |
| # Test 142 checks the direct=on cases
 | |
| 
 | |
| for cache in writeback writethrough unsafe invalid_value; do
 | |
|     printf "info block %s\n" '' file backing backing-file | \
 | |
|     run_qemu -drive file="$TEST_IMG",cache=$cache,backing.file.filename="$TEST_IMG.base",backing.cache.no-flush=on,backing.node-name=backing,backing.file.node-name=backing-file,file.node-name=file,if=none,id=$device_id -nodefaults
 | |
| done
 | |
| 
 | |
| echo
 | |
| echo === Specifying the protocol layer ===
 | |
| echo
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",file.driver=file
 | |
| 
 | |
| echo
 | |
| echo === Leaving out required options ===
 | |
| echo
 | |
| 
 | |
| run_qemu -drive driver=file
 | |
| run_qemu -drive driver=file,filename=
 | |
| run_qemu -drive driver=nbd
 | |
| run_qemu -drive driver=raw
 | |
| run_qemu -drive file.driver=file
 | |
| run_qemu -drive file.driver=nbd
 | |
| run_qemu -drive file.driver=raw
 | |
| run_qemu -drive foo=bar
 | |
| 
 | |
| echo
 | |
| echo === Specifying both an option and its legacy alias ===
 | |
| echo
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",iops=1234,throttling.iops-total=5678
 | |
| run_qemu -drive file="$TEST_IMG",iops_rd=1234,throttling.iops-read=5678
 | |
| run_qemu -drive file="$TEST_IMG",iops_wr=1234,throttling.iops-write=5678
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",bps=1234,throttling.bps-total=5678
 | |
| run_qemu -drive file="$TEST_IMG",bps_rd=1234,throttling.bps-read=5678
 | |
| run_qemu -drive file="$TEST_IMG",bps_wr=1234,throttling.bps-write=5678
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",iops_max=1234,throttling.iops-total-max=5678
 | |
| run_qemu -drive file="$TEST_IMG",iops_rd_max=1234,throttling.iops-read-max=5678
 | |
| run_qemu -drive file="$TEST_IMG",iops_wr_max=1234,throttling.iops-write-max=5678
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",bps_max=1234,throttling.bps-total-max=5678
 | |
| run_qemu -drive file="$TEST_IMG",bps_rd_max=1234,throttling.bps-read-max=5678
 | |
| run_qemu -drive file="$TEST_IMG",bps_wr_max=1234,throttling.bps-write-max=5678
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",iops_size=1234,throttling.iops-size=5678
 | |
| run_qemu -drive file="$TEST_IMG",readonly=on,read-only=off
 | |
| 
 | |
| echo
 | |
| echo === Catching negative/large throttling values ===
 | |
| echo
 | |
| 
 | |
| run_qemu -drive file="$TEST_IMG",iops=-1
 | |
| run_qemu -drive file="$TEST_IMG",bps=-2
 | |
| run_qemu -drive file="$TEST_IMG",bps_rd=-3
 | |
| run_qemu -drive file="$TEST_IMG",bps_rd_max=-3
 | |
| run_qemu -drive file="$TEST_IMG",throttling.iops-total=-4
 | |
| run_qemu -drive file="$TEST_IMG",throttling.bps-total=-5
 | |
| # These are accepted
 | |
| run_qemu -drive file="$TEST_IMG",bps=0
 | |
| run_qemu -drive file="$TEST_IMG",bps=1
 | |
| run_qemu -drive file="$TEST_IMG",bps=1000000000000000
 | |
| # While these are not
 | |
| run_qemu -drive file="$TEST_IMG",bps=1000000000000001
 | |
| run_qemu -drive file="$TEST_IMG",bps=9999999999999999
 | |
| 
 | |
| echo
 | |
| echo === Parsing protocol from file name ===
 | |
| echo
 | |
| 
 | |
| # Protocol strings are supposed to be parsed from traditional option strings,
 | |
| # but not when using driver-specific options. We can distinguish them by the
 | |
| # error message for non-existing files.
 | |
| 
 | |
| run_qemu -hda foo:bar
 | |
| run_qemu -drive file=foo:bar
 | |
| run_qemu -drive file.filename=foo:bar
 | |
| 
 | |
| run_qemu -hda "file:$TEST_IMG"
 | |
| run_qemu -drive file="file:$TEST_IMG"
 | |
| run_qemu -drive file.filename="file:$TEST_IMG"
 | |
| 
 | |
| echo
 | |
| echo === Snapshot mode ===
 | |
| echo
 | |
| 
 | |
| $QEMU_IO -c "write -P 0x11 0 4k" "$TEST_IMG" | _filter_qemu_io
 | |
| 
 | |
| 
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file="$TEST_IMG",if=none,id=$device_id -snapshot | _filter_qemu_io
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file="$TEST_IMG",snapshot=on,if=none,id=$device_id | _filter_qemu_io
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file.filename="$TEST_IMG",driver=qcow2,snapshot=on,if=none,id=$device_id\
 | |
|                                                  | _filter_qemu_io
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file.filename="$TEST_IMG",driver=qcow2,if=none,id=$device_id -snapshot\
 | |
|                                                  | _filter_qemu_io
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file="file:$TEST_IMG",if=none,id=$device_id -snapshot | _filter_qemu_io
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file="file:$TEST_IMG",snapshot=on,if=none,id=$device_id | _filter_qemu_io
 | |
| 
 | |
| # Opening a read-only file r/w with snapshot=on
 | |
| chmod u-w "$TEST_IMG"
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file="$TEST_IMG",if=none,id=$device_id -snapshot | _filter_qemu_io
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file="$TEST_IMG",snapshot=on,if=none,id=$device_id | _filter_qemu_io
 | |
| chmod u+w "$TEST_IMG"
 | |
| 
 | |
| $QEMU_IO -c "read -P 0x11 0 4k" "$TEST_IMG" | _filter_qemu_io
 | |
| 
 | |
| echo "qemu-io $device_id \"write -P 0x22 0 4k\"" | run_qemu -drive file="$TEST_IMG",snapshot=off,if=none,id=$device_id | _filter_qemu_io
 | |
| 
 | |
| $QEMU_IO -c "read -P 0x22 0 4k" "$TEST_IMG" | _filter_qemu_io
 | |
| 
 | |
| printf %b "qemu-io $device_id \"write -P 0x33 0 4k\"\ncommit $device_id\n" |
 | |
|     run_qemu -drive file="$TEST_IMG",snapshot=on,if=none,id=$device_id |
 | |
|     _filter_qemu_io
 | |
| 
 | |
| $QEMU_IO -c "read -P 0x33 0 4k" "$TEST_IMG" | _filter_qemu_io
 | |
| 
 | |
| # Using snapshot=on with a non-existent TMPDIR
 | |
| if [ "${VALGRIND_QEMU_VM}" == "y" ]; then
 | |
|     _casenotrun "Valgrind needs a valid TMPDIR for itself"
 | |
| fi
 | |
| VALGRIND_QEMU_VM= \
 | |
| TMPDIR=/nonexistent run_qemu -drive driver=null-co,snapshot=on
 | |
| 
 | |
| # Using snapshot=on together with read-only=on
 | |
| echo "info block" |
 | |
|     run_qemu -drive file="$TEST_IMG",snapshot=on,read-only=on,if=none,id=$device_id |
 | |
|     _filter_qemu_io |
 | |
|     sed -e 's#"[^"]*/vl\.[A-Za-z0-9]\{6\}"#SNAPSHOT_PATH#g'
 | |
| 
 | |
| 
 | |
| # success, all done
 | |
| echo "*** done"
 | |
| rm -f $seq.full
 | |
| status=0
 |