virtio-blk: fail unaligned requests

Like all block drivers virtio-blk should not allow small than block size
granularity access.  But given that the protocol specifies a
byte unit length field we currently accept such requests, which cause
qemu to abort() in lower layers.  Add checks to the main read and
write handlers to catch them early.

Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit is contained in:
Christoph Hellwig 2011-04-06 20:28:34 +02:00 committed by Kevin Wolf
parent 155eb9aa09
commit 52c050236e

View File

@ -290,6 +290,10 @@ static void virtio_blk_handle_write(VirtIOBlockReq *req, MultiReqBuffer *mrb)
virtio_blk_rw_complete(req, -EIO); virtio_blk_rw_complete(req, -EIO);
return; return;
} }
if (req->qiov.size % req->dev->conf->logical_block_size) {
virtio_blk_rw_complete(req, -EIO);
return;
}
if (mrb->num_writes == 32) { if (mrb->num_writes == 32) {
virtio_submit_multiwrite(req->dev->bs, mrb); virtio_submit_multiwrite(req->dev->bs, mrb);
@ -317,6 +321,10 @@ static void virtio_blk_handle_read(VirtIOBlockReq *req)
virtio_blk_rw_complete(req, -EIO); virtio_blk_rw_complete(req, -EIO);
return; return;
} }
if (req->qiov.size % req->dev->conf->logical_block_size) {
virtio_blk_rw_complete(req, -EIO);
return;
}
acb = bdrv_aio_readv(req->dev->bs, sector, &req->qiov, acb = bdrv_aio_readv(req->dev->bs, sector, &req->qiov,
req->qiov.size / BDRV_SECTOR_SIZE, req->qiov.size / BDRV_SECTOR_SIZE,