cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

283 (5134B)

      1#!/usr/bin/env python3
      2# group: auto quick
      3#
      4# Test for copy-before-write filter permission conflict
      5#
      6# Copyright (c) 2019 Virtuozzo International GmbH.
      7#
      8# This program is free software; you can redistribute it and/or modify
      9# it under the terms of the GNU General Public License as published by
     10# the Free Software Foundation; either version 2 of the License, or
     11# (at your option) any later version.
     12#
     13# This program is distributed in the hope that it will be useful,
     14# but WITHOUT ANY WARRANTY; without even the implied warranty of
     15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     16# GNU General Public License for more details.
     17#
     18# You should have received a copy of the GNU General Public License
     19# along with this program.  If not, see <http://www.gnu.org/licenses/>.
     20#
     21
     22import iotests
     23
     24# The test is unrelated to formats, restrict it to qcow2 to avoid extra runs
     25iotests.script_initialize(
     26    supported_fmts=['qcow2'],
     27)
     28
     29size = 1024 * 1024
     30
     31""" Test description
     32
     33When performing a backup, all writes on the source subtree must go through the
     34copy-before-write filter so it can copy all data to the target before it is
     35changed.  copy-before-write filter is appended above source node, to achieve
     36this thing, so all parents of source node are handled. A configuration with
     37side parents of source sub-tree with write permission is unsupported (we'd have
     38append several copy-before-write filter like nodes to handle such parents). The
     39test create an example of such configuration and checks that a backup is then
     40not allowed (blockdev-backup command should fail).
     41
     42The configuration:
     43
     44    ┌────────┐  target  ┌─────────────┐
     45    │ target │ ◀─────── │ backup_top  │
     46    └────────┘          └─────────────┘
     47     48                            │ backing
     49     50                        ┌─────────────┐
     51                        │   source    │
     52                        └─────────────┘
     53     54                            │ file
     55     56                        ┌─────────────┐  write perm   ┌───────┐
     57                        │    base     │ ◀──────────── │ other │
     58                        └─────────────┘               └───────┘
     59
     60copy-before-write filter wants to unshare write permission on its source child.
     61Write unsharing will be propagated to the "source->base" link and will conflict
     62with other node write permission. So permission update will fail and backup job
     63will not be started.
     64
     65Note, that the only thing which prevents backup of running on such
     66configuration is default permission propagation scheme. It may be altered by
     67different block drivers, so backup will run in invalid configuration. But
     68something is better than nothing. Also, before the previous commit (commit
     69preceding this test creation), starting backup on such configuration led to
     70crash, so current "something" is a lot better, and this test actual goal is
     71to check that crash is fixed :)
     72"""
     73
     74vm = iotests.VM()
     75vm.launch()
     76
     77vm.qmp_log('blockdev-add', **{
     78    'node-name': 'target',
     79    'driver': 'null-co',
     80    'size': size,
     81})
     82
     83vm.qmp_log('blockdev-add', **{
     84    'node-name': 'source',
     85    'driver': 'blkdebug',
     86    'image': {'node-name': 'base', 'driver': 'null-co', 'size': size}
     87})
     88
     89vm.qmp_log('blockdev-add', **{
     90    'node-name': 'other',
     91    'driver': 'blkdebug',
     92    'image': 'base',
     93    'take-child-perms': ['write']
     94})
     95
     96vm.qmp_log('blockdev-backup', sync='full', device='source', target='target')
     97
     98vm.shutdown()
     99
    100
    101print('\n=== copy-before-write filter should be gone after job-finalize ===\n')
    102
    103# Check that the copy-before-write node is gone after job-finalize.
    104
    105vm = iotests.VM()
    106vm.launch()
    107
    108vm.qmp_log('blockdev-add', **{
    109    'node-name': 'source',
    110    'driver': 'null-co',
    111})
    112
    113vm.qmp_log('blockdev-add', **{
    114    'node-name': 'target',
    115    'driver': 'null-co',
    116})
    117
    118vm.qmp_log('blockdev-backup',
    119           job_id='backup',
    120           device='source',
    121           target='target',
    122           sync='full',
    123           filter_node_name='backup-filter',
    124           auto_finalize=False,
    125           auto_dismiss=False)
    126
    127vm.event_wait('BLOCK_JOB_PENDING', 5.0)
    128
    129# The copy-before-write filter should still be present prior to finalization
    130assert vm.node_info('backup-filter') is not None
    131
    132vm.qmp_log('job-finalize', id='backup')
    133vm.event_wait('BLOCK_JOB_COMPLETED', 5.0)
    134
    135# The filter should be gone now.  Check that by trying to access it
    136# with qemu-io (which will most likely crash qemu if it is still
    137# there.).
    138vm.qmp_log('human-monitor-command',
    139           command_line='qemu-io backup-filter "write 0 1M"')
    140
    141# (Also, do an explicit check.)
    142assert vm.node_info('backup-filter') is None
    143
    144vm.qmp_log('job-dismiss', id='backup')
    145vm.event_wait('JOB_STATUS_CHANGE', 5.0, {'data': {'status': 'null'}})
    146
    147vm.shutdown()