projects / qemu.git / blame
| Commit | Line | Data |
|---|---|---|
| 24342f2c KW |
1 | #!/bin/bash |
| 2 | # | |
| 3 | # qcow2 format input validation tests | |
| 4 | # | |
| 5 | # Copyright (C) 2013 Red Hat, Inc. | |
| 6 | # | |
| 7 | # This program is free software; you can redistribute it and/or modify | |
| 8 | # it under the terms of the GNU General Public License as published by | |
| 9 | # the Free Software Foundation; either version 2 of the License, or | |
| 10 | # (at your option) any later version. | |
| 11 | # | |
| 12 | # This program is distributed in the hope that it will be useful, | |
| 13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 15 | # GNU General Public License for more details. | |
| 16 | # | |
| 17 | # You should have received a copy of the GNU General Public License | |
| 18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 19 | # | |
| 20 | ||
| 21 | # creator | |
| 22 | [email protected] | |
| 23 | ||
| 24 | seq=`basename $0` | |
| 25 | echo "QA output created by $seq" | |
| 26 | ||
| 27 | here=`pwd` | |
| 24342f2c KW |
28 | status=1 # failure is the default! |
| 29 | ||
| 30 | _cleanup() | |
| 31 | { | |
| 6a83f8b5 KW |
32 | rm -f $TEST_IMG.snap |
| 33 | _cleanup_test_img | |
| 24342f2c KW |
34 | } |
| 35 | trap "_cleanup; exit \$status" 0 1 2 3 15 | |
| 36 | ||
| 37 | # get standard environment, filters and checks | |
| 38 | . ./common.rc | |
| 39 | . ./common.filter | |
| 40 | ||
| 41 | _supported_fmt qcow2 | |
| c5f7c0af | 42 | _supported_proto file |
| 24342f2c | 43 | _supported_os Linux |
| 5262caa7 HR |
44 | # Internal snapshots are (currently) impossible with refcount_bits=1 |
| 45 | _unsupported_imgopts 'refcount_bits=1[^0-9]' | |
| 24342f2c KW |
46 | |
| 47 | header_size=104 | |
| a1b3955c KW |
48 | |
| 49 | offset_backing_file_offset=8 | |
| 6d33e8e7 | 50 | offset_backing_file_size=16 |
| 2d51c32c KW |
51 | offset_l1_size=36 |
| 52 | offset_l1_table_offset=40 | |
| 8c7de283 | 53 | offset_refcount_table_offset=48 |
| 5dab2fad | 54 | offset_refcount_table_clusters=56 |
| ce48f2f4 KW |
55 | offset_nb_snapshots=60 |
| 56 | offset_snapshots_offset=64 | |
| 24342f2c KW |
57 | offset_header_size=100 |
| 58 | offset_ext_magic=$header_size | |
| 59 | offset_ext_size=$((header_size + 4)) | |
| 60 | ||
| b106ad91 KW |
61 | offset_l2_table_0=$((0x40000)) |
| 62 | ||
| 6a83f8b5 KW |
63 | offset_snap1=$((0x70000)) |
| 64 | offset_snap1_l1_offset=$((offset_snap1 + 0)) | |
| 65 | offset_snap1_l1_size=$((offset_snap1 + 8)) | |
| 66 | ||
| 24342f2c KW |
67 | echo |
| 68 | echo "== Huge header size ==" | |
| 69 | _make_test_img 64M | |
| 70 | poke_file "$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff" | |
| 71 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 72 | poke_file "$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff" | |
| 73 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 74 | ||
| a1b3955c KW |
75 | echo |
| 76 | echo "== Huge unknown header extension ==" | |
| 77 | _make_test_img 64M | |
| 78 | poke_file "$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff" | |
| 79 | poke_file "$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78" | |
| 80 | poke_file "$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff" | |
| 81 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 2ebafc85 KW |
82 | poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x$(printf %x $offset_ext_size)" |
| 83 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| a1b3955c KW |
84 | poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00" |
| 85 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 86 | ||
| 5dab2fad KW |
87 | echo |
| 88 | echo "== Huge refcount table size ==" | |
| 89 | _make_test_img 64M | |
| 90 | poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff" | |
| 91 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 92 | poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01" | |
| 93 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 94 | ||
| 8c7de283 KW |
95 | echo |
| 96 | echo "== Misaligned refcount table ==" | |
| 97 | _make_test_img 64M | |
| 98 | poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" | |
| 99 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 100 | ||
| 101 | echo | |
| 102 | echo "== Huge refcount offset ==" | |
| 103 | _make_test_img 64M | |
| 104 | poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00" | |
| 105 | poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f" | |
| 106 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 5dab2fad | 107 | |
| ce48f2f4 KW |
108 | echo |
| 109 | echo "== Invalid snapshot table ==" | |
| 110 | _make_test_img 64M | |
| 111 | poke_file "$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff" | |
| 112 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 113 | poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff" | |
| 114 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 115 | ||
| 116 | poke_file "$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00" | |
| 117 | poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff" | |
| 118 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 119 | ||
| 120 | poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" | |
| 121 | poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00" | |
| 122 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 123 | ||
| 124 | echo | |
| 125 | echo "== Hitting snapshot table size limit ==" | |
| 126 | _make_test_img 64M | |
| 127 | # Put the refcount table in a more or less safe place (16 MB) | |
| 128 | poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00" | |
| 129 | poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00" | |
| 130 | { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir | |
| 131 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 132 | ||
| 2d51c32c KW |
133 | echo |
| 134 | echo "== Invalid L1 table ==" | |
| 135 | _make_test_img 64M | |
| 136 | poke_file "$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff" | |
| 137 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 138 | poke_file "$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff" | |
| 139 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 140 | ||
| 141 | poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00" | |
| 142 | poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff" | |
| 143 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 144 | ||
| 145 | poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" | |
| 146 | poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01" | |
| 147 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 148 | ||
| 11b128f4 KW |
149 | echo |
| 150 | echo "== Invalid L1 table (with internal snapshot in the image) ==" | |
| 151 | _make_test_img 64M | |
| 152 | { $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 153 | poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00" | |
| 154 | _img_info | |
| 155 | ||
| 6d33e8e7 KW |
156 | echo |
| 157 | echo "== Invalid backing file size ==" | |
| 158 | _make_test_img 64M | |
| 159 | poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00" | |
| 160 | poke_file "$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff" | |
| 161 | { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 162 | ||
| b106ad91 KW |
163 | echo |
| 164 | echo "== Invalid L2 entry (huge physical offset) ==" | |
| 165 | _make_test_img 64M | |
| 166 | { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 167 | poke_file "$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00" | |
| 168 | { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 169 | poke_file "$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00" | |
| 170 | { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 171 | ||
| 6a83f8b5 KW |
172 | echo |
| 173 | echo "== Invalid snapshot L1 table ==" | |
| 174 | _make_test_img 64M | |
| 175 | { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir | |
| 176 | { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir | |
| 177 | poke_file "$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00" | |
| 178 | { $QEMU_IMG convert -s test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir | |
| 179 | ||
| 24342f2c KW |
180 | # success, all done |
| 181 | echo "*** done" | |
| 182 | rm -f $seq.full | |
| 183 | status=0 |