rtl8139: fix possible out of bound access
[qemu/ar7.git] / block / blkverify.c
blob89bf4386e32eee170a42999beaf5d20d8c9118ee
1 /*
2 * Block protocol for block driver correctness testing
4 * Copyright (C) 2010 IBM, Corp.
6 * This work is licensed under the terms of the GNU GPL, version 2 or later.
7 * See the COPYING file in the top-level directory.
8 */
10 #include "qemu/osdep.h"
11 #include "qapi/error.h"
12 #include "qemu/sockets.h" /* for EINPROGRESS on Windows */
13 #include "block/block_int.h"
14 #include "qapi/qmp/qdict.h"
15 #include "qapi/qmp/qstring.h"
16 #include "qemu/cutils.h"
17 #include "qemu/option.h"
19 typedef struct {
20 BdrvChild *test_file;
21 } BDRVBlkverifyState;
23 typedef struct BlkverifyRequest {
24 Coroutine *co;
25 BlockDriverState *bs;
27 /* Request metadata */
28 bool is_write;
29 uint64_t offset;
30 uint64_t bytes;
31 int flags;
33 int (*request_fn)(BdrvChild *, int64_t, unsigned int, QEMUIOVector *,
34 BdrvRequestFlags);
36 int ret; /* test image result */
37 int raw_ret; /* raw image result */
39 unsigned int done; /* completion counter */
41 QEMUIOVector *qiov; /* user I/O vector */
42 QEMUIOVector *raw_qiov; /* cloned I/O vector for raw file */
43 } BlkverifyRequest;
45 static void GCC_FMT_ATTR(2, 3) blkverify_err(BlkverifyRequest *r,
46 const char *fmt, ...)
48 va_list ap;
50 va_start(ap, fmt);
51 fprintf(stderr, "blkverify: %s offset=%" PRId64 " bytes=%" PRId64 " ",
52 r->is_write ? "write" : "read", r->offset, r->bytes);
53 vfprintf(stderr, fmt, ap);
54 fprintf(stderr, "\n");
55 va_end(ap);
56 exit(1);
59 /* Valid blkverify filenames look like blkverify:path/to/raw_image:path/to/image */
60 static void blkverify_parse_filename(const char *filename, QDict *options,
61 Error **errp)
63 const char *c;
64 QString *raw_path;
67 /* Parse the blkverify: prefix */
68 if (!strstart(filename, "blkverify:", &filename)) {
69 /* There was no prefix; therefore, all options have to be already
70 present in the QDict (except for the filename) */
71 qdict_put_str(options, "x-image", filename);
72 return;
75 /* Parse the raw image filename */
76 c = strchr(filename, ':');
77 if (c == NULL) {
78 error_setg(errp, "blkverify requires raw copy and original image path");
79 return;
82 /* TODO Implement option pass-through and set raw.filename here */
83 raw_path = qstring_from_substr(filename, 0, c - filename);
84 qdict_put(options, "x-raw", raw_path);
86 /* TODO Allow multi-level nesting and set file.filename here */
87 filename = c + 1;
88 qdict_put_str(options, "x-image", filename);
91 static QemuOptsList runtime_opts = {
92 .name = "blkverify",
93 .head = QTAILQ_HEAD_INITIALIZER(runtime_opts.head),
94 .desc = {
96 .name = "x-raw",
97 .type = QEMU_OPT_STRING,
98 .help = "[internal use only, will be removed]",
101 .name = "x-image",
102 .type = QEMU_OPT_STRING,
103 .help = "[internal use only, will be removed]",
105 { /* end of list */ }
109 static int blkverify_open(BlockDriverState *bs, QDict *options, int flags,
110 Error **errp)
112 BDRVBlkverifyState *s = bs->opaque;
113 QemuOpts *opts;
114 Error *local_err = NULL;
115 int ret;
117 opts = qemu_opts_create(&runtime_opts, NULL, 0, &error_abort);
118 qemu_opts_absorb_qdict(opts, options, &local_err);
119 if (local_err) {
120 error_propagate(errp, local_err);
121 ret = -EINVAL;
122 goto fail;
125 /* Open the raw file */
126 bs->file = bdrv_open_child(qemu_opt_get(opts, "x-raw"), options, "raw",
127 bs, &child_file, false, &local_err);
128 if (local_err) {
129 ret = -EINVAL;
130 error_propagate(errp, local_err);
131 goto fail;
134 /* Open the test file */
135 s->test_file = bdrv_open_child(qemu_opt_get(opts, "x-image"), options,
136 "test", bs, &child_format, false,
137 &local_err);
138 if (local_err) {
139 ret = -EINVAL;
140 error_propagate(errp, local_err);
141 goto fail;
144 bs->supported_write_flags = BDRV_REQ_WRITE_UNCHANGED;
145 bs->supported_zero_flags = BDRV_REQ_WRITE_UNCHANGED;
147 ret = 0;
148 fail:
149 qemu_opts_del(opts);
150 return ret;
153 static void blkverify_close(BlockDriverState *bs)
155 BDRVBlkverifyState *s = bs->opaque;
157 bdrv_unref_child(bs, s->test_file);
158 s->test_file = NULL;
161 static int64_t blkverify_getlength(BlockDriverState *bs)
163 BDRVBlkverifyState *s = bs->opaque;
165 return bdrv_getlength(s->test_file->bs);
168 static void coroutine_fn blkverify_do_test_req(void *opaque)
170 BlkverifyRequest *r = opaque;
171 BDRVBlkverifyState *s = r->bs->opaque;
173 r->ret = r->request_fn(s->test_file, r->offset, r->bytes, r->qiov,
174 r->flags);
175 r->done++;
176 qemu_coroutine_enter_if_inactive(r->co);
179 static void coroutine_fn blkverify_do_raw_req(void *opaque)
181 BlkverifyRequest *r = opaque;
183 r->raw_ret = r->request_fn(r->bs->file, r->offset, r->bytes, r->raw_qiov,
184 r->flags);
185 r->done++;
186 qemu_coroutine_enter_if_inactive(r->co);
189 static int coroutine_fn
190 blkverify_co_prwv(BlockDriverState *bs, BlkverifyRequest *r, uint64_t offset,
191 uint64_t bytes, QEMUIOVector *qiov, QEMUIOVector *raw_qiov,
192 int flags, bool is_write)
194 Coroutine *co_a, *co_b;
196 *r = (BlkverifyRequest) {
197 .co = qemu_coroutine_self(),
198 .bs = bs,
199 .offset = offset,
200 .bytes = bytes,
201 .qiov = qiov,
202 .raw_qiov = raw_qiov,
203 .flags = flags,
204 .is_write = is_write,
205 .request_fn = is_write ? bdrv_co_pwritev : bdrv_co_preadv,
208 co_a = qemu_coroutine_create(blkverify_do_test_req, r);
209 co_b = qemu_coroutine_create(blkverify_do_raw_req, r);
211 qemu_coroutine_enter(co_a);
212 qemu_coroutine_enter(co_b);
214 while (r->done < 2) {
215 qemu_coroutine_yield();
218 if (r->ret != r->raw_ret) {
219 blkverify_err(r, "return value mismatch %d != %d", r->ret, r->raw_ret);
222 return r->ret;
225 static int coroutine_fn
226 blkverify_co_preadv(BlockDriverState *bs, uint64_t offset, uint64_t bytes,
227 QEMUIOVector *qiov, int flags)
229 BlkverifyRequest r;
230 QEMUIOVector raw_qiov;
231 void *buf;
232 ssize_t cmp_offset;
233 int ret;
235 buf = qemu_blockalign(bs->file->bs, qiov->size);
236 qemu_iovec_init(&raw_qiov, qiov->niov);
237 qemu_iovec_clone(&raw_qiov, qiov, buf);
239 ret = blkverify_co_prwv(bs, &r, offset, bytes, qiov, &raw_qiov, flags,
240 false);
242 cmp_offset = qemu_iovec_compare(qiov, &raw_qiov);
243 if (cmp_offset != -1) {
244 blkverify_err(&r, "contents mismatch at offset %" PRId64,
245 offset + cmp_offset);
248 qemu_iovec_destroy(&raw_qiov);
249 qemu_vfree(buf);
251 return ret;
254 static int coroutine_fn
255 blkverify_co_pwritev(BlockDriverState *bs, uint64_t offset, uint64_t bytes,
256 QEMUIOVector *qiov, int flags)
258 BlkverifyRequest r;
259 return blkverify_co_prwv(bs, &r, offset, bytes, qiov, qiov, flags, true);
262 static int blkverify_co_flush(BlockDriverState *bs)
264 BDRVBlkverifyState *s = bs->opaque;
266 /* Only flush test file, the raw file is not important */
267 return bdrv_co_flush(s->test_file->bs);
270 static bool blkverify_recurse_is_first_non_filter(BlockDriverState *bs,
271 BlockDriverState *candidate)
273 BDRVBlkverifyState *s = bs->opaque;
275 bool perm = bdrv_recurse_is_first_non_filter(bs->file->bs, candidate);
277 if (perm) {
278 return true;
281 return bdrv_recurse_is_first_non_filter(s->test_file->bs, candidate);
284 static void blkverify_refresh_filename(BlockDriverState *bs, QDict *options)
286 BDRVBlkverifyState *s = bs->opaque;
288 /* bs->file->bs has already been refreshed */
289 bdrv_refresh_filename(s->test_file->bs);
291 if (bs->file->bs->full_open_options
292 && s->test_file->bs->full_open_options)
294 QDict *opts = qdict_new();
295 qdict_put_str(opts, "driver", "blkverify");
297 qdict_put(opts, "raw",
298 qobject_ref(bs->file->bs->full_open_options));
299 qdict_put(opts, "test",
300 qobject_ref(s->test_file->bs->full_open_options));
302 bs->full_open_options = opts;
305 if (bs->file->bs->exact_filename[0]
306 && s->test_file->bs->exact_filename[0])
308 int ret = snprintf(bs->exact_filename, sizeof(bs->exact_filename),
309 "blkverify:%s:%s",
310 bs->file->bs->exact_filename,
311 s->test_file->bs->exact_filename);
312 if (ret >= sizeof(bs->exact_filename)) {
313 /* An overflow makes the filename unusable, so do not report any */
314 bs->exact_filename[0] = 0;
319 static BlockDriver bdrv_blkverify = {
320 .format_name = "blkverify",
321 .protocol_name = "blkverify",
322 .instance_size = sizeof(BDRVBlkverifyState),
324 .bdrv_parse_filename = blkverify_parse_filename,
325 .bdrv_file_open = blkverify_open,
326 .bdrv_close = blkverify_close,
327 .bdrv_child_perm = bdrv_filter_default_perms,
328 .bdrv_getlength = blkverify_getlength,
329 .bdrv_refresh_filename = blkverify_refresh_filename,
331 .bdrv_co_preadv = blkverify_co_preadv,
332 .bdrv_co_pwritev = blkverify_co_pwritev,
333 .bdrv_co_flush = blkverify_co_flush,
335 .is_filter = true,
336 .bdrv_recurse_is_first_non_filter = blkverify_recurse_is_first_non_filter,
339 static void bdrv_blkverify_init(void)
341 bdrv_register(&bdrv_blkverify);
344 block_init(bdrv_blkverify_init);