cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

182 (4574B)

      1#!/usr/bin/env bash
      2# group: rw quick
      3#
      4# Test image locking for POSIX locks
      5#
      6# Copyright 2017 Red Hat, Inc.
      7#
      8# This program is free software; you can redistribute it and/or modify
      9# it under the terms of the GNU General Public License as published by
     10# the Free Software Foundation; either version 2 of the License, or
     11# (at your option) any later version.
     12#
     13# This program is distributed in the hope that it will be useful,
     14# but WITHOUT ANY WARRANTY; without even the implied warranty of
     15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     16# GNU General Public License for more details.
     17#
     18# You should have received a copy of the GNU General Public License
     19# along with this program.  If not, see <http://www.gnu.org/licenses/>.
     20#
     21
     22# creator
     23owner=famz@redhat.com
     24
     25seq="$(basename $0)"
     26echo "QA output created by $seq"
     27
     28tmp=/tmp/$$
     29status=1	# failure is the default!
     30
     31_cleanup()
     32{
     33    _cleanup_test_img
     34    _rm_test_img "$TEST_IMG.overlay"
     35    rm -f "$SOCK_DIR/nbd.socket"
     36}
     37trap "_cleanup; exit \$status" 0 1 2 3 15
     38
     39# get standard environment, filters and checks
     40. ./common.rc
     41. ./common.filter
     42. ./common.qemu
     43
     44_supported_fmt qcow2
     45_supported_proto file
     46
     47size=32M
     48
     49_make_test_img $size
     50
     51echo "Starting QEMU"
     52_launch_qemu -drive file=$TEST_IMG,if=none,id=drive0,file.locking=on \
     53    -device virtio-blk,drive=drive0
     54
     55echo
     56echo "Starting a second QEMU using the same image should fail"
     57echo 'quit' | $QEMU -nographic -monitor stdio \
     58    -drive file=$TEST_IMG,if=none,id=drive0,file.locking=on \
     59    -device virtio-blk,drive=drive0 2>&1 | _filter_testdir 2>&1 |
     60    _filter_qemu |
     61    sed -e '/falling back to POSIX file/d' \
     62        -e '/locks can be lost unexpectedly/d'
     63
     64_cleanup_qemu
     65
     66echo
     67echo '=== Testing reopen ==='
     68echo
     69
     70# This tests that reopening does not unshare any permissions it should
     71# not unshare
     72# (There was a bug where reopening shared exactly the opposite of the
     73# permissions it was supposed to share)
     74
     75_launch_qemu
     76
     77_send_qemu_cmd $QEMU_HANDLE \
     78    "{'execute': 'qmp_capabilities'}" \
     79    'return'
     80
     81# Open the image without any format layer (we are not going to access
     82# it, so that is fine)
     83# This should keep all permissions shared.
     84success_or_failure=y _send_qemu_cmd $QEMU_HANDLE \
     85    "{'execute': 'blockdev-add',
     86      'arguments': {
     87          'node-name': 'node0',
     88          'driver': 'file',
     89          'filename': '$TEST_IMG',
     90          'locking': 'on'
     91          } }" \
     92    'return' \
     93    'error'
     94
     95# This snapshot will perform a reopen to drop R/W to RO.
     96# It should still keep all permissions shared.
     97success_or_failure=y _send_qemu_cmd $QEMU_HANDLE \
     98    "{'execute': 'blockdev-snapshot-sync',
     99      'arguments': {
    100          'node-name': 'node0',
    101          'snapshot-file': '$TEST_IMG.overlay',
    102          'snapshot-node-name': 'node1'
    103      } }" \
    104    'return' \
    105    'error'
    106
    107# Now open the same file again
    108# This does not require any permissions (and does not unshare any), so
    109# this will not conflict with node0.
    110success_or_failure=y _send_qemu_cmd $QEMU_HANDLE \
    111    "{'execute': 'blockdev-add',
    112      'arguments': {
    113          'node-name': 'node1',
    114          'driver': 'file',
    115          'filename': '$TEST_IMG',
    116          'locking': 'on'
    117          } }" \
    118    'return' \
    119    'error'
    120
    121# Start an NBD server to which we can attach node1
    122success_or_failure=y _send_qemu_cmd $QEMU_HANDLE \
    123    "{'execute': 'nbd-server-start',
    124      'arguments': {
    125          'addr': {
    126              'type': 'unix',
    127              'data': {
    128                  'path': '$SOCK_DIR/nbd.socket'
    129              } } } }" \
    130    'return' \
    131    'error'
    132
    133# Now we attach the image to the NBD server.  This server does require
    134# some permissions (at least WRITE and READ_CONSISTENT), so if
    135# reopening node0 unshared any (which it should not have), this will
    136# fail (but it should not).
    137success_or_failure=y _send_qemu_cmd $QEMU_HANDLE \
    138    "{'execute': 'nbd-server-add',
    139      'arguments': {
    140          'device': 'node1'
    141      } }" \
    142    'return' \
    143    'error'
    144
    145_cleanup_qemu
    146
    147echo
    148echo '=== Testing failure to loosen restrictions ==='
    149echo
    150
    151_launch_qemu -drive file=$TEST_IMG,if=none,file.locking=on
    152
    153_send_qemu_cmd $QEMU_HANDLE \
    154    "{'execute': 'qmp_capabilities'}" \
    155    'return'
    156
    157_cleanup_test_img
    158
    159# When quitting qemu, it will try to drop its locks on the test image.
    160# Because that file no longer exists, it will be unable to do so.
    161# However, that is not fatal, so it should just move on.
    162_send_qemu_cmd $QEMU_HANDLE \
    163    "{'execute': 'quit'}" \
    164    'return'
    165
    166wait=1 _cleanup_qemu
    167
    168# success, all done
    169echo "*** done"
    170rm -f $seq.full
    171status=0