9769489cb1
- kvm-qemu-storage-daemon-Add-vhost-user-blk-help.patch [bz#1962088] - kvm-qemu-storage-daemon-Fix-typo-in-vhost-user-blk-help.patch [bz#1962088] - kvm-virtiofsd-Drop-membership-of-all-supplementary-group.patch [bz#2046201] - kvm-block-rbd-fix-handling-of-holes-in-.bdrv_co_block_st.patch [bz#2034791] - kvm-block-rbd-workaround-for-ceph-issue-53784.patch [bz#2034791] - Resolves: bz#1962088 ([QSD] wrong help message for the fuse) - Resolves: bz#2046201 (CVE-2022-0358 qemu-kvm: QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 [rhel-9.0]) - Resolves: bz#2034791 (Booting from Local Snapshot Core Dumped Whose Backing File Is Based on RBD)
60 lines
2.1 KiB
Diff
60 lines
2.1 KiB
Diff
From d374d5aa4485a0c62d6b48eec64491cae2fd0873 Mon Sep 17 00:00:00 2001
|
|
From: Peter Lieven <pl@kamp.de>
|
|
Date: Thu, 13 Jan 2022 15:44:25 +0100
|
|
Subject: [PATCH 4/5] block/rbd: fix handling of holes in .bdrv_co_block_status
|
|
|
|
RH-Author: Stefano Garzarella <sgarzare@redhat.com>
|
|
RH-MergeRequest: 68: block/rbd: fix handling of holes in .bdrv_co_block_status
|
|
RH-Commit: [1/2] 8ef178b01885e3c292f7844ccff865b1a8d4faf0 (sgarzarella/qemu-kvm-c-9-s)
|
|
RH-Bugzilla: 2034791
|
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
|
|
RH-Acked-by: Hanna Reitz <hreitz@redhat.com>
|
|
|
|
the assumption that we can't hit a hole if we do not diff against a snapshot was wrong.
|
|
|
|
We can see a hole in an image if we diff against base if there exists an older snapshot
|
|
of the image and we have discarded blocks in the image where the snapshot has data.
|
|
|
|
Fix this by simply handling a hole like an unallocated area. There are no callbacks
|
|
for unallocated areas so just bail out if we hit a hole.
|
|
|
|
Fixes: 0347a8fd4c3faaedf119be04c197804be40a384b
|
|
Suggested-by: Ilya Dryomov <idryomov@gmail.com>
|
|
Cc: qemu-stable@nongnu.org
|
|
Signed-off-by: Peter Lieven <pl@kamp.de>
|
|
Message-Id: <20220113144426.4036493-2-pl@kamp.de>
|
|
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
|
|
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
|
|
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
|
|
(cherry picked from commit 9e302f64bb407a9bb097b626da97228c2654cfee)
|
|
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
|
|
---
|
|
block/rbd.c | 10 +++++-----
|
|
1 file changed, 5 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/block/rbd.c b/block/rbd.c
|
|
index def96292e0..20bb896c4a 100644
|
|
--- a/block/rbd.c
|
|
+++ b/block/rbd.c
|
|
@@ -1279,11 +1279,11 @@ static int qemu_rbd_diff_iterate_cb(uint64_t offs, size_t len,
|
|
RBDDiffIterateReq *req = opaque;
|
|
|
|
assert(req->offs + req->bytes <= offs);
|
|
- /*
|
|
- * we do not diff against a snapshot so we should never receive a callback
|
|
- * for a hole.
|
|
- */
|
|
- assert(exists);
|
|
+
|
|
+ /* treat a hole like an unallocated area and bail out */
|
|
+ if (!exists) {
|
|
+ return 0;
|
|
+ }
|
|
|
|
if (!req->exists && offs > req->offs) {
|
|
/*
|
|
--
|
|
2.27.0
|
|
|