qemu/tests/qemu-iotests/group
Daniel P. Berrangé 087ab8e775 block: always fill entire LUKS header space with zeros
When initializing the LUKS header the size with default encryption
parameters will currently be 2068480 bytes. This is rounded up to
a multiple of the cluster size, 2081792, with 64k sectors. If the
end of the header is not the same as the end of the cluster we fill
the extra space with zeros. This was forgetting that not even the
space allocated for the header will be fully initialized, as we
only write key material for the first key slot. The space left
for the other 7 slots is never written to.

An optimization to the ref count checking code:

  commit a5fff8d4b4 (refs/bisect/bad)
  Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
  Date:   Wed Feb 27 16:14:30 2019 +0300

    qcow2-refcount: avoid eating RAM

made the assumption that every cluster which was allocated would
have at least some data written to it. This was violated by way
the LUKS header is only partially written, with much space simply
reserved for future use.

Depending on the cluster size this problem was masked by the
logic which wrote zeros between the end of the LUKS header and
the end of the cluster.

$ qemu-img create --object secret,id=cluster_encrypt0,data=123456 \
   -f qcow2 -o cluster_size=2k,encrypt.iter-time=1,\
               encrypt.format=luks,encrypt.key-secret=cluster_encrypt0 \
               cluster_size_check.qcow2 100M
  Formatting 'cluster_size_check.qcow2', fmt=qcow2 size=104857600
    encrypt.format=luks encrypt.key-secret=cluster_encrypt0
    encrypt.iter-time=1 cluster_size=2048 lazy_refcounts=off refcount_bits=16

$ qemu-img check --object secret,id=cluster_encrypt0,data=redhat \
    'json:{"driver": "qcow2", "encrypt.format": "luks", \
           "encrypt.key-secret": "cluster_encrypt0", \
           "file.driver": "file", "file.filename": "cluster_size_check.qcow2"}'
ERROR: counting reference for region exceeding the end of the file by one cluster or more: offset 0x2000 size 0x1f9000
Leaked cluster 4 refcount=1 reference=0
...snip...
Leaked cluster 130 refcount=1 reference=0

1 errors were found on the image.
Data may be corrupted, or further writes to the image may corrupt it.

127 leaked clusters were found on the image.
This means waste of disk space, but no harm to data.
Image end offset: 268288

The problem only exists when the disk image is entirely empty. Writing
data to the disk image payload will solve the problem by causing the
end of the file to be extended further.

The change fixes it by ensuring that the entire allocated LUKS header
region is fully initialized with zeros. The qemu-img check will still
fail for any pre-existing disk images created prior to this change,
unless at least 1 byte of the payload is written to.

Fully writing zeros to the entire LUKS header is a good idea regardless
as it ensures that space has been allocated on the host filesystem (or
whatever block storage backend is used).

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200207135520.2669430-1-berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
2020-02-20 16:43:42 +01:00

294 lines
4.7 KiB
Plaintext

#
# QA groups control file
# Defines test groups
#
# Some notes about the groups:
#
# - do not start group names with a digit
#
# - quick : Tests in this group should finish within some few seconds.
#
# - img : Tests in this group can be used to excercise the qemu-img tool.
#
# - auto : Tests in this group are used during "make check" and should be
# runnable in any case. That means they should run with every QEMU binary
# (also non-x86), with every QEMU configuration (i.e. must not fail if
# an optional feature is not compiled in - but reporting a "skip" is ok),
# work at least with the qcow2 file format, work with all kind of host
# filesystems and users (e.g. "nobody" or "root") and must not take too
# much memory and disk space (since CI pipelines tend to fail otherwise).
#
#
# test-group association ... one line per test
#
001 rw auto quick
002 rw auto quick
003 rw auto
004 rw auto quick
005 img auto quick
# 006 was removed, do not reuse
007 snapshot auto
008 rw auto quick
009 rw auto quick
010 rw auto quick
011 rw auto quick
012 auto quick
013 rw auto
014 rw
015 rw snapshot
# 016 was removed, do not reuse
017 rw backing auto quick
018 rw backing auto quick
019 rw backing auto quick
020 rw backing auto quick
021 io auto quick
022 rw snapshot auto
023 rw
024 rw backing auto quick
025 rw auto quick
026 rw blkdbg
027 rw auto quick
028 rw backing quick
029 rw auto quick
030 rw auto backing
031 rw auto quick
032 rw auto quick
033 rw auto quick
034 rw auto backing quick
035 rw auto quick
036 rw auto quick
037 rw auto backing quick
038 rw auto backing quick
039 rw auto quick
040 rw auto
041 rw auto backing
042 rw auto quick
043 rw auto backing
044 rw
045 rw quick
046 rw auto aio quick
047 rw auto quick
048 img auto quick
049 rw auto
050 rw auto backing quick
051 rw
052 rw auto backing quick
053 rw auto quick
054 rw auto quick
055 rw
056 rw backing
057 rw
058 rw quick
059 rw quick
060 rw auto quick
061 rw auto
062 rw auto quick
063 rw auto quick
064 rw quick
065 rw quick
066 rw auto quick
067 rw quick
068 rw quick
069 rw auto quick
070 rw quick
071 rw auto quick
072 rw auto quick
073 rw auto quick
074 rw auto quick
075 rw quick
076 io
077 rw quick
078 rw quick
079 rw auto
080 rw auto
081 rw quick
082 rw quick
083 rw
084 img quick
085 rw
086 rw auto quick
087 rw quick
088 rw quick
089 rw auto quick
090 rw auto quick
091 rw migration
092 rw quick
093 throttle
094 rw quick
095 rw quick
096 rw quick
097 rw auto backing
098 rw auto backing quick
099 rw auto quick
# 100 was removed, do not reuse
101 rw quick
102 rw quick
103 rw auto quick
104 rw auto
105 rw auto quick
106 rw quick
107 rw auto quick
108 rw auto quick
109 rw
110 rw auto backing quick
111 rw auto quick
112 rw
113 rw quick
114 rw auto quick
115 rw
116 rw quick
117 rw auto
118 rw
119 rw quick
120 rw auto quick
121 rw
122 rw
123 rw quick
124 rw backing
125 rw
126 rw auto backing
127 rw auto backing quick
128 rw quick
129 rw quick
130 rw quick
131 rw quick
132 rw quick
133 auto quick
134 rw auto quick
135 rw
136 rw
137 rw auto
138 rw auto quick
139 rw quick
140 rw auto quick
141 rw auto quick
142
143 auto quick
144 rw quick
145 quick
146 quick
147 img
148 rw quick
149 rw sudo
150 rw auto quick
151 rw
152 rw quick
153 rw quick
154 rw auto backing quick
155 rw
156 rw auto quick
157 quick
158 rw auto quick
159 rw auto quick
160 rw quick
161 rw auto quick
162 quick
163 rw
165 rw quick
169 rw quick migration
170 rw auto quick
171 rw quick
172 auto
173 rw
174 auto
175 quick
176 rw auto backing
177 rw auto quick
178 img
179 rw auto quick
181 rw auto migration
182 rw quick
183 rw migration
184 rw auto quick
185 rw
186 rw auto
187 rw auto
188 rw quick
189 rw
190 rw auto quick
191 rw auto
192 rw auto quick
194 rw migration quick
195 rw auto quick
196 rw quick migration
197 rw quick
198 rw
199 rw migration
200 rw
201 rw migration
202 rw quick
203 rw auto migration
204 rw quick
205 rw quick
206 rw
207 rw
208 rw quick
209 rw quick
210 rw
211 rw quick
212 rw quick
213 rw quick
214 rw auto
215 rw quick
216 rw quick
217 rw auto quick
218 rw quick
219 rw
220 rw auto
221 rw quick
222 rw quick
223 rw quick
224 rw quick
225 rw quick
226 auto quick
227 quick
228 rw quick
229 auto quick
231 quick
232 quick
233 quick
234 quick migration
235 quick
236 quick
237 rw quick
238 quick
239 rw quick
240 quick
241 rw quick
242 rw quick
243 rw quick
244 rw auto quick
245 rw
246 rw quick
247 rw quick
248 rw quick
249 rw auto quick
250 rw quick
251 rw auto quick
252 rw auto backing quick
253 rw quick
254 rw backing quick
255 rw quick
256 rw auto quick
257 rw
258 rw quick
260 rw quick
261 rw
262 rw quick migration
263 rw quick
264 rw
265 rw auto quick
266 rw quick
267 rw auto quick snapshot
268 rw auto quick
270 rw backing quick
272 rw
273 backing quick
277 rw quick
279 rw backing quick
280 rw migration quick
281 rw quick
283 auto quick
284 rw