mirror of https://gitee.com/openkylin/qemu.git
backup: Make sure that source and target size match
Since the introduction of a backup filter node in commit00e30f05d
, the backup block job crashes when the target image is smaller than the source image because it will try to write after the end of the target node without having BLK_PERM_RESIZE. (Previously, the BlockBackend layer would have caught this and errored out gracefully.) We can fix this and even do better than the old behaviour: Check that source and target have the same image size at the start of the block job and unshare BLK_PERM_RESIZE. (This permission was already unshared before the same commit00e30f05d
, but the BlockBackend that was used to make the restriction was removed without a replacement.) This will immediately error out when starting the job instead of only when writing to a block that doesn't exist in the target. Longer target than source would technically work because we would never write to blocks that don't exist, but semantically these are invalid, too, because a backup is supposed to create a copy, not just an image that starts with a copy. Fixes:00e30f05de
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1778593 Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com> Message-Id: <20200430142755.315494-4-kwolf@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit is contained in:
parent
58226634c4
commit
958a04bd32
|
@ -148,8 +148,10 @@ static void backup_top_child_perm(BlockDriverState *bs, BdrvChild *c,
|
||||||
*
|
*
|
||||||
* Share write to target (child_file), to not interfere
|
* Share write to target (child_file), to not interfere
|
||||||
* with guest writes to its disk which may be in target backing chain.
|
* with guest writes to its disk which may be in target backing chain.
|
||||||
|
* Can't resize during a backup block job because we check the size
|
||||||
|
* only upfront.
|
||||||
*/
|
*/
|
||||||
*nshared = BLK_PERM_ALL;
|
*nshared = BLK_PERM_ALL & ~BLK_PERM_RESIZE;
|
||||||
*nperm = BLK_PERM_WRITE;
|
*nperm = BLK_PERM_WRITE;
|
||||||
} else {
|
} else {
|
||||||
/* Source child */
|
/* Source child */
|
||||||
|
@ -159,7 +161,7 @@ static void backup_top_child_perm(BlockDriverState *bs, BdrvChild *c,
|
||||||
if (perm & BLK_PERM_WRITE) {
|
if (perm & BLK_PERM_WRITE) {
|
||||||
*nperm = *nperm | BLK_PERM_CONSISTENT_READ;
|
*nperm = *nperm | BLK_PERM_CONSISTENT_READ;
|
||||||
}
|
}
|
||||||
*nshared &= ~BLK_PERM_WRITE;
|
*nshared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -192,11 +194,13 @@ BlockDriverState *bdrv_backup_top_append(BlockDriverState *source,
|
||||||
{
|
{
|
||||||
Error *local_err = NULL;
|
Error *local_err = NULL;
|
||||||
BDRVBackupTopState *state;
|
BDRVBackupTopState *state;
|
||||||
BlockDriverState *top = bdrv_new_open_driver(&bdrv_backup_top_filter,
|
BlockDriverState *top;
|
||||||
filter_node_name,
|
|
||||||
BDRV_O_RDWR, errp);
|
|
||||||
bool appended = false;
|
bool appended = false;
|
||||||
|
|
||||||
|
assert(source->total_sectors == target->total_sectors);
|
||||||
|
|
||||||
|
top = bdrv_new_open_driver(&bdrv_backup_top_filter, filter_node_name,
|
||||||
|
BDRV_O_RDWR, errp);
|
||||||
if (!top) {
|
if (!top) {
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
|
@ -340,7 +340,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
|
||||||
BlockCompletionFunc *cb, void *opaque,
|
BlockCompletionFunc *cb, void *opaque,
|
||||||
JobTxn *txn, Error **errp)
|
JobTxn *txn, Error **errp)
|
||||||
{
|
{
|
||||||
int64_t len;
|
int64_t len, target_len;
|
||||||
BackupBlockJob *job = NULL;
|
BackupBlockJob *job = NULL;
|
||||||
int64_t cluster_size;
|
int64_t cluster_size;
|
||||||
BdrvRequestFlags write_flags;
|
BdrvRequestFlags write_flags;
|
||||||
|
@ -405,6 +405,18 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
target_len = bdrv_getlength(target);
|
||||||
|
if (target_len < 0) {
|
||||||
|
error_setg_errno(errp, -target_len, "Unable to get length for '%s'",
|
||||||
|
bdrv_get_device_or_node_name(bs));
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (target_len != len) {
|
||||||
|
error_setg(errp, "Source and target image have different sizes");
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
cluster_size = backup_calculate_cluster_size(target, errp);
|
cluster_size = backup_calculate_cluster_size(target, errp);
|
||||||
if (cluster_size < 0) {
|
if (cluster_size < 0) {
|
||||||
goto error;
|
goto error;
|
||||||
|
|
Loading…
Reference in New Issue