[Libguestfs] [nbdkit PATCH 2/5] retry: Check size before transactions
Richard W.M. Jones
rjones at redhat.com
Fri Oct 4 12:34:36 UTC 2019
On Fri, Oct 04, 2019 at 01:31:49PM +0100, Richard W.M. Jones wrote:
> On Thu, Oct 03, 2019 at 09:54:37PM -0500, Eric Blake wrote:
> > Although it is unusual for a plugin to shrink size on reopen, it is
> > not impossible. Failure to check our bounds could result in violating
> > assumptions in the plugin that all requests are in-bounds. Note that
> > if the plugin gains a larger size, we merely never access the new tail
> > of the file (when the NBD protocol ever gains dynamic resize support,
> > we'll get to revisit how the retry filter fits in).
> >
> > Fixes: f0f0ec49
> > Signed-off-by: Eric Blake <eblake at redhat.com>
>
> I'm inclined to say we should document that the retry filter only
> works with reasonable plugins and document those assumptions, but as
> you've written the code now let's go with this.
For example one thing we might {do,have done} is to check that things
like size, can_* etc don't change after reopening.
However you've written the code and added the tests and it all looks
good, so:
ACK series
Thanks,
Rich.
> Rich.
>
> > filters/retry/retry.c | 23 +++++++++++++++++++++++
> > 1 file changed, 23 insertions(+)
> >
> > diff --git a/filters/retry/retry.c b/filters/retry/retry.c
> > index 840d7383..cf8f5246 100644
> > --- a/filters/retry/retry.c
> > +++ b/filters/retry/retry.c
> > @@ -148,6 +148,17 @@ struct retry_data {
> > int delay; /* Seconds to wait before retrying. */
> > };
> >
> > +static bool
> > +valid_range (struct nbdkit_next_ops *next_ops, void *nxdata,
> > + uint32_t count, uint64_t offset, bool is_write, int *err)
> > +{
> > + if ((int64_t) offset + count > next_ops->get_size (nxdata)) {
> > + *err = is_write ? ENOSPC : EIO;
> > + return false;
> > + }
> > + return true;
> > +}
> > +
> > static bool
> > do_retry (struct retry_handle *h,
> > struct retry_data *data,
> > @@ -204,6 +215,8 @@ retry_pread (struct nbdkit_next_ops *next_ops, void *nxdata,
> > int r;
> >
> > again:
> > + if (! valid_range (next_ops, nxdata, count, offset, false, err))
> > + return -1;
> > r = next_ops->pread (nxdata, buf, count, offset, flags, err);
> > if (r == -1 && do_retry (h, &data, next_ops, nxdata, err)) goto again;
> >
> > @@ -226,6 +239,8 @@ retry_pwrite (struct nbdkit_next_ops *next_ops, void *nxdata,
> > *err = EROFS;
> > return -1;
> > }
> > + if (! valid_range (next_ops, nxdata, count, offset, true, err))
> > + return -1;
> > if (next_ops->can_write (nxdata) != 1) {
> > *err = EROFS;
> > r = -1;
> > @@ -258,6 +273,8 @@ retry_trim (struct nbdkit_next_ops *next_ops, void *nxdata,
> > *err = EROFS;
> > return -1;
> > }
> > + if (! valid_range (next_ops, nxdata, count, offset, true, err))
> > + return -1;
> > if (next_ops->can_trim (nxdata) != 1) {
> > *err = EROFS;
> > r = -1;
> > @@ -312,6 +329,8 @@ retry_zero (struct nbdkit_next_ops *next_ops, void *nxdata,
> > *err = EROFS;
> > return -1;
> > }
> > + if (! valid_range (next_ops, nxdata, count, offset, true, err))
> > + return -1;
> > if (flags & NBDKIT_FLAG_FAST_ZERO &&
> > next_ops->can_fast_zero (nxdata) != 1) {
> > *err = EOPNOTSUPP;
> > @@ -347,6 +366,8 @@ retry_extents (struct nbdkit_next_ops *next_ops, void *nxdata,
> > size_t i;
> >
> > again:
> > + if (! valid_range (next_ops, nxdata, count, offset, false, err))
> > + return -1;
> > if (next_ops->can_extents (nxdata) != 1) {
> > *err = EIO;
> > r = -1;
> > @@ -390,6 +411,8 @@ retry_cache (struct nbdkit_next_ops *next_ops, void *nxdata,
> > int r;
> >
> > again:
> > + if (! valid_range (next_ops, nxdata, count, offset, false, err))
> > + return -1;
> > if (next_ops->can_cache (nxdata) <= NBDKIT_CACHE_NONE) {
> > *err = EIO;
> > r = -1;
> > --
> > 2.21.0
> >
> > _______________________________________________
> > Libguestfs mailing list
> > Libguestfs at redhat.com
> > https://www.redhat.com/mailman/listinfo/libguestfs
>
> --
> Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
> Read my programming and virtualization blog: http://rwmj.wordpress.com
> virt-builder quickly builds VMs from scratch
> http://libguestfs.org/virt-builder.1.html
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
More information about the Libguestfs
mailing list