Re: [Qemu-devel] [PATCH 1/4] block: Correct bs->growable

[Kevin Wolf]

Am 12.07.2014 um 00:23 hat Max Reitz geschrieben:
> Currently, the field "growable" in a BDS is set iff the BDS is opened in
> protocol mode (with O_BDRV_PROTOCOL). However, not every protocol block
> driver allows growing: NBD, for instance, does not. On the other hand,
> a non-protocol block driver may allow growing: The raw driver does.
> 
> Fix this by correcting the "growable" field in the driver-specific open
> function for the BDS, if necessary.
> 
> Signed-off-by: Max Reitz <address@hidden>

I'm not sure I agree with bs->growable = true for raw. It's certainly
true that the backend can technically provide the functionality that
writes beyond EOF grow the file. That's not the point of bs->growable,
though.

The point of it was to _forbid_ it to grow even when it's technically
possible (non-file protocols weren't really a thing back then, apart
from vvfat, so the assumption was that it's always technically
possible). growable was introduced with bdrv_check_request(), which is
supposed to reject guest requests after the end of the virtual disk (and
this fixed a CVE, see commit 71d0770c). You're now disabling this check
for raw.

I think we need to make sure that bs->growable is only set if it is
opened for an image that has drv->requires_growing_file set and
therefore not directly used by a guest.

Well, except that with node-name a guest will be able to use any image
in the chain... Might this mean that it's really a BlockBackend
property?

Kevin