From: Eric Blake <eblake@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>, Kevin Wolf <kwolf@redhat.com>
Cc: Qemu-block <qemu-block@nongnu.org>,
Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>,
QEMU Developers <qemu-devel@nongnu.org>,
Stefan Hajnoczi <stefanha@redhat.com>,
Max Reitz <mreitz@redhat.com>
Subject: Re: [PATCH for-4.2? v3 0/8] block: Fix resize (extending) of short overlays
Date: Fri, 22 Nov 2019 10:41:13 -0600 [thread overview]
Message-ID: <713adac7-b997-6723-6b07-f527d0b804ac@redhat.com> (raw)
In-Reply-To: <CAFEAcA_JU9GfNYDuD2K0MKmAD7GZ7vBUHsXU+WS-6mvPCvf8ig@mail.gmail.com>
On 11/22/19 10:17 AM, Peter Maydell wrote:
> On Fri, 22 Nov 2019 at 16:08, Kevin Wolf <kwolf@redhat.com> wrote:
>>
>> See patch 4 for the description of the bug fixed.
>
> I guess my questions for trying to answer the "for-4.2?"
> question in the subject are:
> 1) is this a security (leaking data into the guest) bug ?
> 2) is this a regression?
> 3) is this something a lot of people are likely to run into?
My thoughts (although Kevin's may be more definitive):
1) yes, there is a security aspect: certain resize or commit actions can
result in the guest seeing a revival of stale data that the guest may
have thought that it previously scrubbed. Similarly, the tail end of
the series proves via iotests that we have an actual case of data
corruption after a block commit without this patch
2) no, this is a long-standing bug, we've only recently noticed it
3) no, it is uncommon to have an overlay with a size shorter than its
backing file (it's not even all that common to have an overlay longer
than the backing file), so this is a corner case not many people will
hit. It's even less common to have the difference in overlay sizes also
coincide with formats that introduce the speed penalty of a longer
blocking due to the added zeroing.
>
> Eyeballing of the diffstat plus the fact we're on v4 of
> the patchset already makes me a little uneasy about
> putting it into rc3, but if the bug we're fixing matters
> enough we can do it.
In terms of diffstat, the v3 series was much smaller in impact. Both
versions add robustness, where the difference between v3 and v4 is
whether we introduce a speed penalty on an unlikely setup (v3) or reject
any operation where it would require a speed penalty to avoid data
problems (v4). I think all the patches in v3 were reviewed, but I'll go
ahead and review v4 as well.
Because of point 1, I am leaning towards some version of this patch
series (whether 3 or 4) making -rc3; but point 2 (it is not a 4.2
regression) also seems to be a reasonable justification for slipping
this to 5.0.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
next prev parent reply other threads:[~2019-11-22 16:45 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-22 16:05 [PATCH for-4.2? v3 0/8] block: Fix resize (extending) of short overlays Kevin Wolf
2019-11-22 16:05 ` [PATCH v3 1/8] block: bdrv_co_do_pwrite_zeroes: 64 bit 'bytes' parameter Kevin Wolf
2019-11-22 16:05 ` [PATCH v3 2/8] block: Add no_fallback parameter to bdrv_co_truncate() Kevin Wolf
2019-11-22 16:48 ` Eric Blake
2019-11-25 12:00 ` Max Reitz
2019-11-25 15:06 ` Alberto Garcia
2019-11-25 16:05 ` Kevin Wolf
2019-11-22 16:05 ` [PATCH v3 3/8] qcow2: Declare BDRV_REQ_NO_FALLBACK supported Kevin Wolf
2019-11-22 18:03 ` Eric Blake
2019-11-25 12:02 ` Max Reitz
2019-11-25 14:53 ` Alberto Garcia
2019-11-22 16:05 ` [PATCH v3 4/8] block: truncate: Don't make backing file data visible Kevin Wolf
2019-11-22 18:06 ` Eric Blake
2019-11-25 12:08 ` Max Reitz
2019-11-22 16:05 ` [PATCH v3 5/8] iotests: Add qemu_io_log() Kevin Wolf
2019-11-22 16:05 ` [PATCH v3 6/8] iotests: Fix timeout in run_job() Kevin Wolf
2019-11-22 16:05 ` [PATCH v3 7/8] iotests: Support job-complete " Kevin Wolf
2019-11-22 16:05 ` [PATCH v3 8/8] iotests: Test committing to short backing file Kevin Wolf
2019-11-22 18:09 ` Eric Blake
2019-11-25 9:56 ` Vladimir Sementsov-Ogievskiy
2019-11-25 12:19 ` Max Reitz
2019-11-22 16:17 ` [PATCH for-4.2? v3 0/8] block: Fix resize (extending) of short overlays Peter Maydell
2019-11-22 16:41 ` Eric Blake [this message]
2019-11-25 12:21 ` Max Reitz
2019-11-25 12:24 ` Max Reitz
2019-12-10 17:46 ` Kevin Wolf
2019-12-11 7:09 ` Max Reitz
2019-12-19 9:24 ` Vladimir Sementsov-Ogievskiy
2019-12-19 10:13 ` Kevin Wolf
2019-12-19 10:20 ` Vladimir Sementsov-Ogievskiy
2020-02-05 13:43 ` Vladimir Sementsov-Ogievskiy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=713adac7-b997-6723-6b07-f527d0b804ac@redhat.com \
--to=eblake@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=vsementsov@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.