qemu/block
Lukas Tschoke 8af037fe4c block/vhdx: fix dynamic VHDX BAT corruption
The corruption occurs when a BAT entry aligned to 4096 bytes is changed.

Specifically, the corruption occurs during the creation of the LOG Data
Descriptor. The incorrect behavior involves copying 4088 bytes from the
original 4096 bytes aligned offset to `tmp[8..4096]` and then copying
the new value for the first BAT entry to the beginning `tmp[0..8]`.
This results in all existing BAT entries inside the 4K region being
incorrectly moved by 8 bytes and the last entry being lost.

This bug did not cause noticeable corruption when only sequentially
writing once to an empty dynamic VHDX (e.g.
using `qemu-img convert -O vhdx -o subformat=dynamic ...`), but it
still resulted in invalid values for the (unused) Sector Bitmap BAT
entries.

Importantly, this corruption would only become noticeable after the
corrupted BAT is re-read from the file.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/727
Cc: qemu-stable@nongnu.org
Signed-off-by: Lukas Tschoke <lukts330@gmail.com>
Message-Id: <6cfb6d6b-adc5-7772-c8a5-6bae9a0ad668@gmail.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2023-04-11 13:53:03 +02:00
..
export block/export: Fix graph locking in blk_get_geometry() call 2023-03-27 15:16:05 +02:00
monitor *: Add missing includes of qemu/error-report.h 2023-03-22 15:06:57 +00:00
accounting.c block: add missed block_acct_setup with new block device init procedure 2022-09-30 18:42:34 +02:00
aio_task.c block/aio_task: assert max_busy_tasks is greater than 0 2021-10-05 18:56:41 +02:00
amend.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
backup.c Block layer patches 2023-02-24 15:09:39 +00:00
blkdebug.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
blkio.c block: Convert bdrv_get_info() to co_wrapper_mixed 2023-02-01 16:52:32 +01:00
blklogwrites.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
blkreplay.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
blkverify.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
block-backend.c block/export: Fix graph locking in blk_get_geometry() call 2023-03-27 15:16:05 +02:00
block-copy.c block: Mark bdrv_co_pwrite_zeroes() and callers GRAPH_RDLOCK 2023-02-23 19:49:14 +01:00
block-gen.h block-coroutine-wrapper.py: support also basic return types 2022-12-15 16:07:43 +01:00
block-ram-registrar.c block: add BlockRAMRegistrar 2022-10-26 14:56:42 -04:00
bochs.c block: Mark public read/write functions GRAPH_RDLOCK 2023-02-23 19:49:17 +01:00
cloop.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
commit.c Block layer patches 2023-02-24 15:09:39 +00:00
copy-before-write.c block: Mark preadv_snapshot/snapshot_block_status GRAPH_RDLOCK 2023-02-23 19:49:21 +01:00
copy-before-write.h block/copy-before-write.h: global state API + assertions 2022-03-04 18:18:25 +01:00
copy-on-read.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
copy-on-read.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
coroutines.h block: Mark bdrv_co_block_status() and callers GRAPH_RDLOCK 2023-02-23 19:49:07 +01:00
create.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
crypto.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
crypto.h nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
curl.c block: Handle curl 7.55.0, 7.85.0 version changes 2023-02-17 14:33:52 +01:00
dirty-bitmap.c block: Mark bdrv_*_dirty_bitmap() and callers GRAPH_RDLOCK 2023-02-23 19:49:32 +01:00
dmg-bz2.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
dmg-lzfse.c block/dmg: Ignore C99 prototype declaration mismatch from <lzfse.h> 2023-03-30 15:03:36 +02:00
dmg.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
dmg.h Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
file-posix.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
file-win32.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
filter-compress.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
gluster.c block: Convert bdrv_get_allocated_file_size() to co_wrapper 2023-02-01 16:52:32 +01:00
graph-lock.c graph-lock: TSA annotations for lock/unlock functions 2022-12-15 16:08:23 +01:00
io_uring.c block/io_uring: revert "Use io_uring_register_ring_fd() to skip fd operations" 2022-10-27 20:14:11 +02:00
io.c block: Mark bdrv_(un)register_buf() GRAPH_RDLOCK 2023-02-23 19:49:29 +01:00
iscsi-opts.c modules: add block module annotations 2021-07-09 18:20:27 +02:00
iscsi.c block: Mark bdrv_co_copy_range() GRAPH_RDLOCK 2023-02-23 19:49:20 +01:00
linux-aio.c misc: fix commonly doubled up words 2022-08-01 11:58:02 +02:00
meson.build block: Create no_co_wrappers for open functions 2023-02-17 11:22:19 +01:00
mirror.c Block layer patches 2023-02-24 15:09:39 +00:00
nbd.c block: Convert bdrv_refresh_total_sectors() to co_wrapper_mixed 2023-02-01 16:52:32 +01:00
nfs.c block: Convert bdrv_get_allocated_file_size() to co_wrapper 2023-02-01 16:52:32 +01:00
null.c block: Convert bdrv_get_allocated_file_size() to co_wrapper 2023-02-01 16:52:32 +01:00
nvme.c block: Convert bdrv_refresh_total_sectors() to co_wrapper_mixed 2023-02-01 16:52:32 +01:00
parallels-ext.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
parallels.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
parallels.h parallels: support bitmap extension for read-only mode 2021-03-08 14:56:55 +01:00
preallocate.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
progress_meter.c coroutine: Clean up superfluous inclusion of qemu/lockable.h 2023-01-19 10:18:28 +01:00
qapi-sysemu.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
qapi.c block: Clean up includes 2023-02-08 07:28:05 +01:00
qcow2-bitmap.c qcow2: Fix theoretical corruption in store_bitmap() error path 2023-01-24 18:26:41 +01:00
qcow2-cache.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
qcow2-cluster.c block: Mark public read/write functions GRAPH_RDLOCK 2023-02-23 19:49:17 +01:00
qcow2-refcount.c block: Convert bdrv_get_allocated_file_size() to co_wrapper 2023-02-01 16:52:32 +01:00
qcow2-snapshot.c qcow2: switch to *_co_* functions 2022-10-27 20:14:11 +02:00
qcow2-threads.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
qcow2.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
qcow2.h block: Mark bdrv_co_pwrite_sync() and callers GRAPH_RDLOCK 2023-02-23 19:49:18 +01:00
qcow.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
qed-check.c block: Mark bdrv_co_flush() and callers GRAPH_RDLOCK 2023-02-23 19:49:12 +01:00
qed-cluster.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed-l2-cache.c osdep: Move memalign-related functions to their own header 2022-03-07 13:16:49 +00:00
qed-table.c block: Mark public read/write functions GRAPH_RDLOCK 2023-02-23 19:49:17 +01:00
qed.c qed: remove spurious BDRV_POLL_WHILE() 2023-03-10 15:14:46 +01:00
qed.h block: Mark public read/write functions GRAPH_RDLOCK 2023-02-23 19:49:17 +01:00
quorum.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
raw-format.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
rbd.c block/rbd: Add support for layered encryption 2023-02-23 19:49:35 +01:00
replication.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
reqlist.c block/reqlist: add reqlist_wait_all() 2022-03-07 09:33:30 +01:00
snapshot-access.c block: Mark preadv_snapshot/snapshot_block_status GRAPH_RDLOCK 2023-02-23 19:49:21 +01:00
snapshot.c block/snapshot: drop indirection around bdrv_snapshot_fallback_ptr 2022-10-27 20:14:11 +02:00
ssh.c block: Convert bdrv_refresh_total_sectors() to co_wrapper_mixed 2023-02-01 16:52:32 +01:00
stream.c Block layer patches 2023-02-24 15:09:39 +00:00
throttle-groups.c block/throttle-groups: throttle_group_co_io_limits_intercept(): 64bit bytes 2021-02-03 08:14:00 -06:00
throttle.c block: Mark bdrv_co_refresh_total_sectors() and callers GRAPH_RDLOCK 2023-02-23 19:49:33 +01:00
trace-events nbd: trace long NBD operations 2022-06-29 10:57:02 +03:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vdi.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
vhdx-endian.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
vhdx-log.c block/vhdx: fix dynamic VHDX BAT corruption 2023-04-11 13:53:03 +02:00
vhdx.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
vhdx.h block/vhdx: Use IEC binary prefixes for size constants 2019-04-30 15:29:00 +02:00
vmdk.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
vpc.c block: Mark bdrv_co_create() and callers GRAPH_RDLOCK 2023-02-23 19:49:23 +01:00
vvfat.c block/vvfat: Remove pointless check of NDEBUG 2023-02-27 22:29:02 +01:00
win32-aio.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00
write-threshold.c include/block: Untangle inclusion loops 2023-01-20 07:24:28 +01:00