124342f2cSKevin Wolf#!/bin/bash 224342f2cSKevin Wolf# 324342f2cSKevin Wolf# qcow2 format input validation tests 424342f2cSKevin Wolf# 524342f2cSKevin Wolf# Copyright (C) 2013 Red Hat, Inc. 624342f2cSKevin Wolf# 724342f2cSKevin Wolf# This program is free software; you can redistribute it and/or modify 824342f2cSKevin Wolf# it under the terms of the GNU General Public License as published by 924342f2cSKevin Wolf# the Free Software Foundation; either version 2 of the License, or 1024342f2cSKevin Wolf# (at your option) any later version. 1124342f2cSKevin Wolf# 1224342f2cSKevin Wolf# This program is distributed in the hope that it will be useful, 1324342f2cSKevin Wolf# but WITHOUT ANY WARRANTY; without even the implied warranty of 1424342f2cSKevin Wolf# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 1524342f2cSKevin Wolf# GNU General Public License for more details. 1624342f2cSKevin Wolf# 1724342f2cSKevin Wolf# You should have received a copy of the GNU General Public License 1824342f2cSKevin Wolf# along with this program. If not, see <http://www.gnu.org/licenses/>. 1924342f2cSKevin Wolf# 2024342f2cSKevin Wolf 2124342f2cSKevin Wolf# creator 2224342f2cSKevin Wolfowner=kwolf@redhat.com 2324342f2cSKevin Wolf 2424342f2cSKevin Wolfseq=`basename $0` 2524342f2cSKevin Wolfecho "QA output created by $seq" 2624342f2cSKevin Wolf 2724342f2cSKevin Wolfhere=`pwd` 2824342f2cSKevin Wolftmp=/tmp/$$ 2924342f2cSKevin Wolfstatus=1 # failure is the default! 3024342f2cSKevin Wolf 3124342f2cSKevin Wolf_cleanup() 3224342f2cSKevin Wolf{ 3324342f2cSKevin Wolf _cleanup_test_img 3424342f2cSKevin Wolf} 3524342f2cSKevin Wolftrap "_cleanup; exit \$status" 0 1 2 3 15 3624342f2cSKevin Wolf 3724342f2cSKevin Wolf# get standard environment, filters and checks 3824342f2cSKevin Wolf. ./common.rc 3924342f2cSKevin Wolf. ./common.filter 4024342f2cSKevin Wolf 4124342f2cSKevin Wolf_supported_fmt qcow2 4224342f2cSKevin Wolf_supported_proto generic 4324342f2cSKevin Wolf_supported_os Linux 4424342f2cSKevin Wolf 4524342f2cSKevin Wolfheader_size=104 46a1b3955cSKevin Wolf 47a1b3955cSKevin Wolfoffset_backing_file_offset=8 486d33e8e7SKevin Wolfoffset_backing_file_size=16 492d51c32cSKevin Wolfoffset_l1_size=36 502d51c32cSKevin Wolfoffset_l1_table_offset=40 518c7de283SKevin Wolfoffset_refcount_table_offset=48 525dab2fadSKevin Wolfoffset_refcount_table_clusters=56 53ce48f2f4SKevin Wolfoffset_nb_snapshots=60 54ce48f2f4SKevin Wolfoffset_snapshots_offset=64 5524342f2cSKevin Wolfoffset_header_size=100 5624342f2cSKevin Wolfoffset_ext_magic=$header_size 5724342f2cSKevin Wolfoffset_ext_size=$((header_size + 4)) 5824342f2cSKevin Wolf 59b106ad91SKevin Wolfoffset_l2_table_0=$((0x40000)) 60b106ad91SKevin Wolf 6124342f2cSKevin Wolfecho 6224342f2cSKevin Wolfecho "== Huge header size ==" 6324342f2cSKevin Wolf_make_test_img 64M 6424342f2cSKevin Wolfpoke_file "$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff" 6524342f2cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 6624342f2cSKevin Wolfpoke_file "$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff" 6724342f2cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 6824342f2cSKevin Wolf 69a1b3955cSKevin Wolfecho 70a1b3955cSKevin Wolfecho "== Huge unknown header extension ==" 71a1b3955cSKevin Wolf_make_test_img 64M 72a1b3955cSKevin Wolfpoke_file "$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff" 73a1b3955cSKevin Wolfpoke_file "$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78" 74a1b3955cSKevin Wolfpoke_file "$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff" 75a1b3955cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 76a1b3955cSKevin Wolfpoke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00" 77a1b3955cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 78a1b3955cSKevin Wolf 795dab2fadSKevin Wolfecho 805dab2fadSKevin Wolfecho "== Huge refcount table size ==" 815dab2fadSKevin Wolf_make_test_img 64M 825dab2fadSKevin Wolfpoke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff" 835dab2fadSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 845dab2fadSKevin Wolfpoke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01" 855dab2fadSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 865dab2fadSKevin Wolf 878c7de283SKevin Wolfecho 888c7de283SKevin Wolfecho "== Misaligned refcount table ==" 898c7de283SKevin Wolf_make_test_img 64M 908c7de283SKevin Wolfpoke_file "$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" 918c7de283SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 928c7de283SKevin Wolf 938c7de283SKevin Wolfecho 948c7de283SKevin Wolfecho "== Huge refcount offset ==" 958c7de283SKevin Wolf_make_test_img 64M 968c7de283SKevin Wolfpoke_file "$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00" 978c7de283SKevin Wolfpoke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f" 988c7de283SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 995dab2fadSKevin Wolf 100ce48f2f4SKevin Wolfecho 101ce48f2f4SKevin Wolfecho "== Invalid snapshot table ==" 102ce48f2f4SKevin Wolf_make_test_img 64M 103ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff" 104ce48f2f4SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 105ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff" 106ce48f2f4SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 107ce48f2f4SKevin Wolf 108ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00" 109ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff" 110ce48f2f4SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 111ce48f2f4SKevin Wolf 112ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" 113ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00" 114ce48f2f4SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 115ce48f2f4SKevin Wolf 116ce48f2f4SKevin Wolfecho 117ce48f2f4SKevin Wolfecho "== Hitting snapshot table size limit ==" 118ce48f2f4SKevin Wolf_make_test_img 64M 119ce48f2f4SKevin Wolf# Put the refcount table in a more or less safe place (16 MB) 120ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00" 121ce48f2f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00" 122ce48f2f4SKevin Wolf{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir 123ce48f2f4SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 124ce48f2f4SKevin Wolf 1252d51c32cSKevin Wolfecho 1262d51c32cSKevin Wolfecho "== Invalid L1 table ==" 1272d51c32cSKevin Wolf_make_test_img 64M 1282d51c32cSKevin Wolfpoke_file "$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff" 1292d51c32cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 1302d51c32cSKevin Wolfpoke_file "$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff" 1312d51c32cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 1322d51c32cSKevin Wolf 1332d51c32cSKevin Wolfpoke_file "$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00" 1342d51c32cSKevin Wolfpoke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff" 1352d51c32cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 1362d51c32cSKevin Wolf 1372d51c32cSKevin Wolfpoke_file "$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" 1382d51c32cSKevin Wolfpoke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01" 1392d51c32cSKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 1402d51c32cSKevin Wolf 1416d33e8e7SKevin Wolfecho 142*11b128f4SKevin Wolfecho "== Invalid L1 table (with internal snapshot in the image) ==" 143*11b128f4SKevin Wolf_make_test_img 64M 144*11b128f4SKevin Wolf{ $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 145*11b128f4SKevin Wolfpoke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00" 146*11b128f4SKevin Wolf_img_info 147*11b128f4SKevin Wolf 148*11b128f4SKevin Wolfecho 1496d33e8e7SKevin Wolfecho "== Invalid backing file size ==" 1506d33e8e7SKevin Wolf_make_test_img 64M 1516d33e8e7SKevin Wolfpoke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00" 1526d33e8e7SKevin Wolfpoke_file "$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff" 1536d33e8e7SKevin Wolf{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 1546d33e8e7SKevin Wolf 155b106ad91SKevin Wolfecho 156b106ad91SKevin Wolfecho "== Invalid L2 entry (huge physical offset) ==" 157b106ad91SKevin Wolf_make_test_img 64M 158b106ad91SKevin Wolf{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 159b106ad91SKevin Wolfpoke_file "$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00" 160b106ad91SKevin Wolf{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 161b106ad91SKevin Wolfpoke_file "$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00" 162b106ad91SKevin Wolf{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir 163b106ad91SKevin Wolf 16424342f2cSKevin Wolf# success, all done 16524342f2cSKevin Wolfecho "*** done" 16624342f2cSKevin Wolfrm -f $seq.full 16724342f2cSKevin Wolfstatus=0 168