File kvm-qemu-preXX-virtio-blk-fail-unaligned-requests.patch of Package kvm

From 52c050236eaa4f0b5e1d160cd66dc18106445c4d Mon Sep 17 00:00:00 2001
From: Christoph Hellwig <hch@lst.de>
Date: Wed, 6 Apr 2011 20:28:34 +0200
Subject: [PATCH] virtio-blk: fail unaligned requests

Like all block drivers virtio-blk should not allow small than block size
granularity access.  But given that the protocol specifies a
byte unit length field we currently accept such requests, which cause
qemu to abort() in lower layers.  Add checks to the main read and
write handlers to catch them early.

Reported-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Tested-by: Conor Murphy <conor_murphy_virt@hotmail.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
 hw/virtio-blk.c |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

Index: qemu-kvm-0.12.5/hw/virtio-blk.c
===================================================================
--- qemu-kvm-0.12.5.orig/hw/virtio-blk.c
+++ qemu-kvm-0.12.5/hw/virtio-blk.c
@@ -301,6 +301,10 @@ static void virtio_blk_handle_flush(Bloc
 static void virtio_blk_handle_write(BlockRequest *blkreq, int *num_writes,
     VirtIOBlockReq *req, BlockDriverState **old_bs)
 {
+    if (req->qiov.size % 512) {
+        virtio_blk_rw_complete(req, -EIO);
+        return;
+    }
     if (req->dev->bs != *old_bs || *num_writes == 32) {
         if (*old_bs != NULL) {
             do_multiwrite(*old_bs, blkreq, *num_writes);
@@ -323,6 +327,10 @@ static void virtio_blk_handle_read(VirtI
 {
     BlockDriverAIOCB *acb;
 
+    if (req->qiov.size % 512) {
+        virtio_blk_rw_complete(req, -EIO);
+        return;
+    }
     acb = bdrv_aio_readv(req->dev->bs, req->out->sector, &req->qiov,
                          req->qiov.size / 512, virtio_blk_rw_complete, req);
     if (!acb) {