On 13.02.2017 18:22, Kevin Wolf wrote:
> We can figure out the necessary permissions from the flags that the
> caller passed.
>
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
> block/block-backend.c | 16 ++++++++++++++--
> 1 file changed, 14 insertions(+), 2 deletions(-)
>
> diff --git a/block/block-backend.c b/block/block-backend.c
> index 1f80854..e10a278 100644
> --- a/block/block-backend.c
> +++ b/block/block-backend.c
> @@ -160,6 +160,7 @@ BlockBackend *blk_new_open(const char *filename, const char *reference,
> {
> BlockBackend *blk;
> BlockDriverState *bs;
> + uint64_t perm;
>
> blk = blk_new(0, BLK_PERM_ALL);
What about this?
Max
> bs = bdrv_open(filename, reference, options, flags, errp);
> @@ -168,9 +169,20 @@ BlockBackend *blk_new_open(const char *filename, const char *reference,
> return NULL;
> }
>
> - /* FIXME Use real permissions */
> + /* blk_new_open() is mainly used in .bdrv_create implementations and the
> + * tools where sharing isn't a concern because the BDS stays private, so we
> + * just request permission according to the flags.
> + *
> + * The exceptions are xen_disk and blockdev_init(); in these cases, the
> + * caller of blk_new_open() doesn't make use of the permissions, but they
> + * shouldn't hurt either. We can still share everything here because the
> + * guest devices will add their own blockers if they can't share. */
> + perm = BLK_PERM_CONSISTENT_READ;
> + if (flags & BDRV_O_RDWR) {
> + perm |= BLK_PERM_WRITE;
> + }
> blk->root = bdrv_root_attach_child(bs, "root", &child_root,
> - 0, BLK_PERM_ALL, blk, &error_abort);
> + perm, BLK_PERM_ALL, blk, &error_abort);
>
> return blk;
> }
>