xref: /openbmc/qemu/tests/qemu-iotests/080 (revision 2822c1b6) 
1#!/bin/bash
2#
3# qcow2 format input validation tests
4#
5# Copyright (C) 2013 Red Hat, Inc.
6#
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program.  If not, see <http://www.gnu.org/licenses/>.
19#
20
21# creator
22owner=kwolf@redhat.com
23
24seq=`basename $0`
25echo "QA output created by $seq"
26
27here=`pwd`
28tmp=/tmp/$$
29status=1	# failure is the default!
30
31_cleanup()
32{
33    rm -f $TEST_IMG.snap
34    _cleanup_test_img
35}
36trap "_cleanup; exit \$status" 0 1 2 3 15
37
38# get standard environment, filters and checks
39. ./common.rc
40. ./common.filter
41
42_supported_fmt qcow2
43_supported_proto file
44_supported_os Linux
45
46header_size=104
47
48offset_backing_file_offset=8
49offset_backing_file_size=16
50offset_l1_size=36
51offset_l1_table_offset=40
52offset_refcount_table_offset=48
53offset_refcount_table_clusters=56
54offset_nb_snapshots=60
55offset_snapshots_offset=64
56offset_header_size=100
57offset_ext_magic=$header_size
58offset_ext_size=$((header_size + 4))
59
60offset_l2_table_0=$((0x40000))
61
62offset_snap1=$((0x70000))
63offset_snap1_l1_offset=$((offset_snap1 + 0))
64offset_snap1_l1_size=$((offset_snap1 + 8))
65
66echo
67echo "== Huge header size =="
68_make_test_img 64M
69poke_file "$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff"
70{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
71poke_file "$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff"
72{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
73
74echo
75echo "== Huge unknown header extension =="
76_make_test_img 64M
77poke_file "$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff"
78poke_file "$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78"
79poke_file "$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff"
80{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
81poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x$(printf %x $offset_ext_size)"
82{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
83poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
84{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
85
86echo
87echo "== Huge refcount table size =="
88_make_test_img 64M
89poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff"
90{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
91poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01"
92{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
93
94echo
95echo "== Misaligned refcount table =="
96_make_test_img 64M
97poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
98{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
99
100echo
101echo "== Huge refcount offset =="
102_make_test_img 64M
103poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
104poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f"
105{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
106
107echo
108echo "== Invalid snapshot table =="
109_make_test_img 64M
110poke_file "$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff"
111{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
112poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff"
113{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
114
115poke_file "$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
116poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff"
117{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
118
119poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
120poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00"
121{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
122
123echo
124echo "== Hitting snapshot table size limit =="
125_make_test_img 64M
126# Put the refcount table in a more or less safe place (16 MB)
127poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00"
128poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00"
129{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
130{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
131
132echo
133echo "== Invalid L1 table =="
134_make_test_img 64M
135poke_file "$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff"
136{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
137poke_file "$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff"
138{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
139
140poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00"
141poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff"
142{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
143
144poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
145poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01"
146{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
147
148echo
149echo "== Invalid L1 table (with internal snapshot in the image) =="
150_make_test_img 64M
151{ $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
152poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00"
153_img_info
154
155echo
156echo "== Invalid backing file size =="
157_make_test_img 64M
158poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00"
159poke_file "$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff"
160{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
161
162echo
163echo "== Invalid L2 entry (huge physical offset) =="
164_make_test_img 64M
165{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
166poke_file "$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00"
167{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
168poke_file "$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00"
169{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
170
171echo
172echo "== Invalid snapshot L1 table =="
173_make_test_img 64M
174{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
175{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
176poke_file "$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00"
177{ $QEMU_IMG convert -s test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir
178
179# success, all done
180echo "*** done"
181rm -f $seq.full
182status=0
183