All of lore.kernel.org
 help / color / mirror / Atom feed
From: Eric Blake <eblake@redhat.com>
To: Kevin Wolf <kwolf@redhat.com>, qemu-block@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
	vsementsov@virtuozzo.com, berto@igalia.com,
	qemu-devel@nongnu.org, mreitz@redhat.com
Subject: Re: [PATCH v7 04/10] qcow2: Support BDRV_REQ_ZERO_WRITE for truncate
Date: Tue, 28 Apr 2020 11:28:46 -0500	[thread overview]
Message-ID: <6e1df4f4-366f-2612-fd18-ba916fd1a622@redhat.com> (raw)
In-Reply-To: <20200424125448.63318-5-kwolf@redhat.com>

On 4/24/20 7:54 AM, Kevin Wolf wrote:
> If BDRV_REQ_ZERO_WRITE is set and we're extending the image, calling
> qcow2_cluster_zeroize() with flags=0 does the right thing: It doesn't
> undo any previous preallocation, but just adds the zero flag to all
> relevant L2 entries. If an external data file is in use, a write_zeroes
> request to the data file is made instead.
> 
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
>   block/qcow2-cluster.c |  2 +-
>   block/qcow2.c         | 34 ++++++++++++++++++++++++++++++++++
>   2 files changed, 35 insertions(+), 1 deletion(-)
> 

> +++ b/block/qcow2.c
> @@ -1726,6 +1726,7 @@ static int coroutine_fn qcow2_do_open(BlockDriverState *bs, QDict *options,
>   
>       bs->supported_zero_flags = header.version >= 3 ?
>                                  BDRV_REQ_MAY_UNMAP | BDRV_REQ_NO_FALLBACK : 0;
> +    bs->supported_truncate_flags = BDRV_REQ_ZERO_WRITE;

Is this really what we want for encrypted files, or would it be better as:

     if (bs->encrypted) {
         bs->supported_truncate_flags = 0;
     } else {
         bs->supported_truncate_flags = BDRV_REQ_ZERO_WRITE;
     }

At the qcow2 level, we can guarantee a read of 0 even for an encrypted 
image, but is that really what we want?  Is setting the qcow2 zero flag 
on the cluster done at the decrypted level (at which point we may be 
leaking information about guest contents via anyone that can read the 
qcow2 metadata) or at the encrypted level (at which point it's useless 
information, because knowing the underlying file reads as zero still 
decrypts into garbage)?


-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org



  parent reply	other threads:[~2020-04-28 16:35 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-24 12:54 [PATCH v7 00/10] block: Fix resize (extending) of short overlays Kevin Wolf
2020-04-24 12:54 ` [PATCH v7 01/10] block: Add flags to BlockDriver.bdrv_co_truncate() Kevin Wolf
2020-04-24 12:54 ` [PATCH v7 02/10] block: Add flags to bdrv(_co)_truncate() Kevin Wolf
2020-04-24 12:54 ` [PATCH v7 03/10] block-backend: Add flags to blk_truncate() Kevin Wolf
2020-04-24 12:54 ` [PATCH v7 04/10] qcow2: Support BDRV_REQ_ZERO_WRITE for truncate Kevin Wolf
2020-04-24 14:07   ` Max Reitz
2020-04-24 14:39   ` Eric Blake
2020-04-28 16:28   ` Eric Blake [this message]
2020-04-28 18:45     ` Kevin Wolf
2020-04-28 18:58       ` Eric Blake
2020-04-24 12:54 ` [PATCH v7 05/10] raw-format: " Kevin Wolf
2020-04-24 12:54 ` [PATCH v7 06/10] file-posix: " Kevin Wolf
2020-04-24 12:54 ` [PATCH v7 07/10] block: truncate: Don't make backing file data visible Kevin Wolf
2020-04-24 14:09   ` Max Reitz
2020-04-24 12:54 ` [PATCH v7 08/10] iotests: Filter testfiles out in filter_img_info() Kevin Wolf
2020-04-24 12:54 ` [PATCH v7 09/10] iotests: Test committing to short backing file Kevin Wolf
2020-04-24 14:14   ` Max Reitz
2020-04-24 14:49   ` Vladimir Sementsov-Ogievskiy
2020-04-24 14:16 ` [PATCH v7 00/10] block: Fix resize (extending) of short overlays Max Reitz
2020-04-24 14:27 ` [PATCH v7 10/10] qcow2: Forward ZERO_WRITE flag for full preallocation Kevin Wolf
2020-04-24 14:28   ` Max Reitz
2020-04-24 15:26   ` Vladimir Sementsov-Ogievskiy
2020-04-27 15:43 ` [PATCH v7 00/10] block: Fix resize (extending) of short overlays Kevin Wolf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6e1df4f4-366f-2612-fd18-ba916fd1a622@redhat.com \
    --to=eblake@redhat.com \
    --cc=berrange@redhat.com \
    --cc=berto@igalia.com \
    --cc=kwolf@redhat.com \
    --cc=mreitz@redhat.com \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    --cc=vsementsov@virtuozzo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.