Accepting request 746404 from home:bfrogers:branches:Virtualization
Fix two more qcow2 storage related bugs identified recently by upstream. OBS-URL: https://build.opensuse.org/request/show/746404 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=507
This commit is contained in:
parent
51e56b9cca
commit
3461fe0b46
@ -1,3 +1,3 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
version https://git-lfs.github.com/spec/v1
|
||||||
oid sha256:ab74c500798292a89444c80690bf83f6aad325186f5f98047951dd78c52c3bd0
|
oid sha256:4c674d3cdda7189a79c9f7babf6858dddc3bf621d19f43e80cacf8fb6c85cc12
|
||||||
size 59948
|
size 60840
|
||||||
|
33
qcow2-Fix-QCOW2_COMPRESSED_SECTOR_MASK.patch
Normal file
33
qcow2-Fix-QCOW2_COMPRESSED_SECTOR_MASK.patch
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
From: Max Reitz <mreitz@redhat.com>
|
||||||
|
Date: Mon, 28 Oct 2019 17:18:40 +0100
|
||||||
|
Subject: qcow2: Fix QCOW2_COMPRESSED_SECTOR_MASK
|
||||||
|
|
||||||
|
Git-commit: 24552feb6ae2f615b76c2b95394af43901f75046
|
||||||
|
|
||||||
|
Masks for L2 table entries should have 64 bit.
|
||||||
|
|
||||||
|
Fixes: b6c246942b14d3e0dec46a6c5868ed84e7dbea19
|
||||||
|
Buglink: https://bugs.launchpad.net/qemu/+bug/1850000
|
||||||
|
Cc: qemu-stable@nongnu.org
|
||||||
|
Signed-off-by: Max Reitz <mreitz@redhat.com>
|
||||||
|
Message-id: 20191028161841.1198-2-mreitz@redhat.com
|
||||||
|
Reviewed-by: Alberto Garcia <berto@igalia.com>
|
||||||
|
Signed-off-by: Max Reitz <mreitz@redhat.com>
|
||||||
|
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||||
|
---
|
||||||
|
block/qcow2.h | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/block/qcow2.h b/block/qcow2.h
|
||||||
|
index fc1b0d3c1e1e3110e86f36f0dcd9..359197f89fb9547d861d852cbf68 100644
|
||||||
|
--- a/block/qcow2.h
|
||||||
|
+++ b/block/qcow2.h
|
||||||
|
@@ -77,7 +77,7 @@
|
||||||
|
|
||||||
|
/* Defined in the qcow2 spec (compressed cluster descriptor) */
|
||||||
|
#define QCOW2_COMPRESSED_SECTOR_SIZE 512U
|
||||||
|
-#define QCOW2_COMPRESSED_SECTOR_MASK (~(QCOW2_COMPRESSED_SECTOR_SIZE - 1))
|
||||||
|
+#define QCOW2_COMPRESSED_SECTOR_MASK (~(QCOW2_COMPRESSED_SECTOR_SIZE - 1ULL))
|
||||||
|
|
||||||
|
/* Must be at least 2 to cover COW */
|
||||||
|
#define MIN_L2_CACHE_SIZE 2 /* cache entries */
|
66
qcow2-bitmap-Fix-uint64_t-left-shift-ove.patch
Normal file
66
qcow2-bitmap-Fix-uint64_t-left-shift-ove.patch
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
From: Tuguoyi <tu.guoyi@h3c.com>
|
||||||
|
Date: Fri, 1 Nov 2019 07:37:35 +0000
|
||||||
|
Subject: qcow2-bitmap: Fix uint64_t left-shift overflow
|
||||||
|
|
||||||
|
Git-commit: 570542ecb11e04b61ef4b3f4d0965a6915232a88
|
||||||
|
|
||||||
|
There are two issues in In check_constraints_on_bitmap(),
|
||||||
|
1) The sanity check on the granularity will cause uint64_t
|
||||||
|
integer left-shift overflow when cluster_size is 2M and the
|
||||||
|
granularity is BIGGER than 32K.
|
||||||
|
2) The way to calculate image size that the maximum bitmap
|
||||||
|
supported can map to is a bit incorrect.
|
||||||
|
This patch fix it by add a helper function to calculate the
|
||||||
|
number of bytes needed by a normal bitmap in image and compare
|
||||||
|
it to the maximum bitmap bytes supported by qemu.
|
||||||
|
|
||||||
|
Fixes: 5f72826e7fc62167cf3a
|
||||||
|
Signed-off-by: Guoyi Tu <tu.guoyi@h3c.com>
|
||||||
|
Message-id: 4ba40cd1e7ee4a708b40899952e49f22@h3c.com
|
||||||
|
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
|
||||||
|
Cc: qemu-stable@nongnu.org
|
||||||
|
Signed-off-by: Max Reitz <mreitz@redhat.com>
|
||||||
|
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||||
|
---
|
||||||
|
block/qcow2-bitmap.c | 14 +++++++++++---
|
||||||
|
1 file changed, 11 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/block/qcow2-bitmap.c b/block/qcow2-bitmap.c
|
||||||
|
index b2487101edec0bdde613c561da89..65034da1c0766603d273c200797d 100644
|
||||||
|
--- a/block/qcow2-bitmap.c
|
||||||
|
+++ b/block/qcow2-bitmap.c
|
||||||
|
@@ -142,6 +142,13 @@ static int check_table_entry(uint64_t entry, int cluster_size)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static int64_t get_bitmap_bytes_needed(int64_t len, uint32_t granularity)
|
||||||
|
+{
|
||||||
|
+ int64_t num_bits = DIV_ROUND_UP(len, granularity);
|
||||||
|
+
|
||||||
|
+ return DIV_ROUND_UP(num_bits, 8);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static int check_constraints_on_bitmap(BlockDriverState *bs,
|
||||||
|
const char *name,
|
||||||
|
uint32_t granularity,
|
||||||
|
@@ -150,6 +157,7 @@ static int check_constraints_on_bitmap(BlockDriverState *bs,
|
||||||
|
BDRVQcow2State *s = bs->opaque;
|
||||||
|
int granularity_bits = ctz32(granularity);
|
||||||
|
int64_t len = bdrv_getlength(bs);
|
||||||
|
+ int64_t bitmap_bytes;
|
||||||
|
|
||||||
|
assert(granularity > 0);
|
||||||
|
assert((granularity & (granularity - 1)) == 0);
|
||||||
|
@@ -171,9 +179,9 @@ static int check_constraints_on_bitmap(BlockDriverState *bs,
|
||||||
|
return -EINVAL;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if ((len > (uint64_t)BME_MAX_PHYS_SIZE << granularity_bits) ||
|
||||||
|
- (len > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size <<
|
||||||
|
- granularity_bits))
|
||||||
|
+ bitmap_bytes = get_bitmap_bytes_needed(len, granularity);
|
||||||
|
+ if ((bitmap_bytes > (uint64_t)BME_MAX_PHYS_SIZE) ||
|
||||||
|
+ (bitmap_bytes > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size))
|
||||||
|
{
|
||||||
|
error_setg(errp, "Too much space will be occupied by the bitmap. "
|
||||||
|
"Use larger granularity");
|
@ -1,3 +1,11 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Nov 7 19:02:39 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
- Fix two issues with qcow2 image processing which could affect
|
||||||
|
disk integrity
|
||||||
|
qcow2-Fix-QCOW2_COMPRESSED_SECTOR_MASK.patch
|
||||||
|
qcow2-bitmap-Fix-uint64_t-left-shift-ove.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Nov 6 20:43:48 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
Wed Nov 6 20:43:48 UTC 2019 - Bruce Rogers <brogers@suse.com>
|
||||||
|
|
||||||
|
84
qemu.spec
84
qemu.spec
@ -154,46 +154,48 @@ Patch00028: util-iov-introduce-qemu_iovec_init_exten.patch
|
|||||||
Patch00029: block-Make-wait-mark-serialising-request.patch
|
Patch00029: block-Make-wait-mark-serialising-request.patch
|
||||||
Patch00030: block-Add-bdrv_co_get_self_request.patch
|
Patch00030: block-Add-bdrv_co_get_self_request.patch
|
||||||
Patch00031: block-file-posix-Let-post-EOF-fallocate-.patch
|
Patch00031: block-file-posix-Let-post-EOF-fallocate-.patch
|
||||||
Patch00032: XXX-dont-dump-core-on-sigabort.patch
|
Patch00032: qcow2-bitmap-Fix-uint64_t-left-shift-ove.patch
|
||||||
Patch00033: qemu-binfmt-conf-Modify-default-path.patch
|
Patch00033: qcow2-Fix-QCOW2_COMPRESSED_SECTOR_MASK.patch
|
||||||
Patch00034: qemu-cvs-gettimeofday.patch
|
Patch00034: XXX-dont-dump-core-on-sigabort.patch
|
||||||
Patch00035: qemu-cvs-ioctl_debug.patch
|
Patch00035: qemu-binfmt-conf-Modify-default-path.patch
|
||||||
Patch00036: qemu-cvs-ioctl_nodirection.patch
|
Patch00036: qemu-cvs-gettimeofday.patch
|
||||||
Patch00037: linux-user-add-binfmt-wrapper-for-argv-0.patch
|
Patch00037: qemu-cvs-ioctl_debug.patch
|
||||||
Patch00038: PPC-KVM-Disable-mmu-notifier-check.patch
|
Patch00038: qemu-cvs-ioctl_nodirection.patch
|
||||||
Patch00039: linux-user-binfmt-support-host-binaries.patch
|
Patch00039: linux-user-add-binfmt-wrapper-for-argv-0.patch
|
||||||
Patch00040: linux-user-Fake-proc-cpuinfo.patch
|
Patch00040: PPC-KVM-Disable-mmu-notifier-check.patch
|
||||||
Patch00041: linux-user-use-target_ulong.patch
|
Patch00041: linux-user-binfmt-support-host-binaries.patch
|
||||||
Patch00042: Make-char-muxer-more-robust-wrt-small-FI.patch
|
Patch00042: linux-user-Fake-proc-cpuinfo.patch
|
||||||
Patch00043: linux-user-lseek-explicitly-cast-non-set.patch
|
Patch00043: linux-user-use-target_ulong.patch
|
||||||
Patch00044: AIO-Reduce-number-of-threads-for-32bit-h.patch
|
Patch00044: Make-char-muxer-more-robust-wrt-small-FI.patch
|
||||||
Patch00045: xen_disk-Add-suse-specific-flush-disable.patch
|
Patch00045: linux-user-lseek-explicitly-cast-non-set.patch
|
||||||
Patch00046: qemu-bridge-helper-reduce-security-profi.patch
|
Patch00046: AIO-Reduce-number-of-threads-for-32bit-h.patch
|
||||||
Patch00047: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch
|
Patch00047: xen_disk-Add-suse-specific-flush-disable.patch
|
||||||
Patch00048: linux-user-properly-test-for-infinite-ti.patch
|
Patch00048: qemu-bridge-helper-reduce-security-profi.patch
|
||||||
Patch00049: roms-Makefile-pass-a-packaging-timestamp.patch
|
Patch00049: qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch
|
||||||
Patch00050: Raise-soft-address-space-limit-to-hard-l.patch
|
Patch00050: linux-user-properly-test-for-infinite-ti.patch
|
||||||
Patch00051: increase-x86_64-physical-bits-to-42.patch
|
Patch00051: roms-Makefile-pass-a-packaging-timestamp.patch
|
||||||
Patch00052: vga-Raise-VRAM-to-16-MiB-for-pc-0.15-and.patch
|
Patch00052: Raise-soft-address-space-limit-to-hard-l.patch
|
||||||
Patch00053: i8254-Fix-migration-from-SLE11-SP2.patch
|
Patch00053: increase-x86_64-physical-bits-to-42.patch
|
||||||
Patch00054: acpi_piix4-Fix-migration-from-SLE11-SP2.patch
|
Patch00054: vga-Raise-VRAM-to-16-MiB-for-pc-0.15-and.patch
|
||||||
Patch00055: Switch-order-of-libraries-for-mpath-supp.patch
|
Patch00055: i8254-Fix-migration-from-SLE11-SP2.patch
|
||||||
Patch00056: Make-installed-scripts-explicitly-python.patch
|
Patch00056: acpi_piix4-Fix-migration-from-SLE11-SP2.patch
|
||||||
Patch00057: hw-smbios-handle-both-file-formats-regar.patch
|
Patch00057: Switch-order-of-libraries-for-mpath-supp.patch
|
||||||
Patch00058: xen-add-block-resize-support-for-xen-dis.patch
|
Patch00058: Make-installed-scripts-explicitly-python.patch
|
||||||
Patch00059: tests-qemu-iotests-Triple-timeout-of-i-o.patch
|
Patch00059: hw-smbios-handle-both-file-formats-regar.patch
|
||||||
Patch00060: tests-Fix-block-tests-to-be-compatible-w.patch
|
Patch00060: xen-add-block-resize-support-for-xen-dis.patch
|
||||||
Patch00061: xen-ignore-live-parameter-from-xen-save-.patch
|
Patch00061: tests-qemu-iotests-Triple-timeout-of-i-o.patch
|
||||||
Patch00062: Conditionalize-ui-bitmap-installation-be.patch
|
Patch00062: tests-Fix-block-tests-to-be-compatible-w.patch
|
||||||
Patch00063: tests-change-error-message-in-test-162.patch
|
Patch00063: xen-ignore-live-parameter-from-xen-save-.patch
|
||||||
Patch00064: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch
|
Patch00064: Conditionalize-ui-bitmap-installation-be.patch
|
||||||
Patch00065: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch
|
Patch00065: tests-change-error-message-in-test-162.patch
|
||||||
Patch00066: hw-intc-exynos4210_gic-provide-more-room.patch
|
Patch00066: hw-usb-hcd-xhci-Fix-GCC-9-build-warning.patch
|
||||||
Patch00067: configure-only-populate-roms-if-softmmu.patch
|
Patch00067: hw-usb-dev-mtp-Fix-GCC-9-build-warning.patch
|
||||||
Patch00068: pc-bios-s390-ccw-net-avoid-warning-about.patch
|
Patch00068: hw-intc-exynos4210_gic-provide-more-room.patch
|
||||||
Patch00069: roms-change-cross-compiler-naming-to-be-.patch
|
Patch00069: configure-only-populate-roms-if-softmmu.patch
|
||||||
Patch00070: tests-Disable-some-block-tests-for-now.patch
|
Patch00070: pc-bios-s390-ccw-net-avoid-warning-about.patch
|
||||||
Patch00071: test-add-mapping-from-arch-of-i686-to-qe.patch
|
Patch00071: roms-change-cross-compiler-naming-to-be-.patch
|
||||||
|
Patch00072: tests-Disable-some-block-tests-for-now.patch
|
||||||
|
Patch00073: test-add-mapping-from-arch-of-i686-to-qe.patch
|
||||||
# Patches applied in roms/seabios/:
|
# Patches applied in roms/seabios/:
|
||||||
Patch01000: seabios-use-python2-explicitly-as-needed.patch
|
Patch01000: seabios-use-python2-explicitly-as-needed.patch
|
||||||
Patch01001: seabios-switch-to-python3-as-needed.patch
|
Patch01001: seabios-switch-to-python3-as-needed.patch
|
||||||
@ -955,6 +957,8 @@ This package provides a service file for starting and stopping KSM.
|
|||||||
%patch00069 -p1
|
%patch00069 -p1
|
||||||
%patch00070 -p1
|
%patch00070 -p1
|
||||||
%patch00071 -p1
|
%patch00071 -p1
|
||||||
|
%patch00072 -p1
|
||||||
|
%patch00073 -p1
|
||||||
%patch01000 -p1
|
%patch01000 -p1
|
||||||
%patch01001 -p1
|
%patch01001 -p1
|
||||||
%patch01002 -p1
|
%patch01002 -p1
|
||||||
|
Loading…
Reference in New Issue
Block a user