thebeanogamer / rpms / qemu-kvm

Forked from rpms/qemu-kvm 6 months ago
Clone
Blob Blame History Raw
From 55767ddb818ef53eee50777bd276cbf7e7813bfb Mon Sep 17 00:00:00 2001
From: Markus Armbruster <armbru@redhat.com>
Date: Fri, 31 Oct 2014 16:29:54 +0100
Subject: [PATCH 17/19] virtio-blk: Treat read/write beyond end as invalid

Message-id: <1414772996-17272-4-git-send-email-armbru@redhat.com>
Patchwork-id: 62019
O-Subject: [PATCH RHEL-7.1 qemu-kvm 3/5] virtio-blk: Treat read/write beyond end as invalid
Bugzilla: 1085232
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
RH-Acked-by: Fam Zheng <famz@redhat.com>

The block layer fails such reads and writes just fine.  However, they
then get treated like valid operations that fail: the error action
gets executed.  Unwanted; reporting the error to the guest is the only
sensible action.

Reject them before passing them to the block layer.  This bypasses the
error action and I/O accounting.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 3c2daac0b98952a858277878cb11294256b39e43)
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 hw/block/virtio-blk.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index ffb311c..4f6aa22 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -284,12 +284,19 @@ static void virtio_blk_handle_flush(VirtIOBlockReq *req, MultiReqBuffer *mrb)
 static bool virtio_blk_sect_range_ok(VirtIOBlock *dev,
                                      uint64_t sector, size_t size)
 {
+    uint64_t nb_sectors = size >> BDRV_SECTOR_BITS;
+    uint64_t total_sectors;
+
     if (sector & dev->sector_mask) {
         return false;
     }
     if (size % dev->conf->logical_block_size) {
         return false;
     }
+    bdrv_get_geometry(dev->bs, &total_sectors);
+    if (sector > total_sectors || nb_sectors > total_sectors - sector) {
+        return false;
+    }
     return true;
 }
 
-- 
1.8.3.1