From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288729967562.573246647652; Tue, 28 Feb 2017 05:32:09 -0800 (PST) Received: from localhost ([::1]:32770 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihsu-0003jd-Om for importer@patchew.org; Tue, 28 Feb 2017 08:32:08 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:42979) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIg-0003kO-LW for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:44 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIf-0003vU-MN for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:42 -0500 Received: from mx1.redhat.com ([209.132.183.28]:41118) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIb-0003ty-Oi; Tue, 28 Feb 2017 07:54:37 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CE09A61BBC; Tue, 28 Feb 2017 12:54:37 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQ3029713; Tue, 28 Feb 2017 07:54:36 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:46 +0100 Message-Id: <1488286469-9381-2-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 28 Feb 2017 12:54:37 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 01/44] block: Add op blocker permission constants X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This patch defines the permission categories that will be used by the new op blocker system. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- include/block/block.h | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/include/block/block.h b/include/block/block.h index bde5ebd..f62f38e 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -187,6 +187,42 @@ typedef enum BlockOpType { BLOCK_OP_TYPE_MAX, } BlockOpType; =20 +/* Block node permission constants */ +enum { + /** + * A user that has the "permission" of consistent reads is guaranteed = that + * their view of the contents of the block device is complete and + * self-consistent, representing the contents of a disk at a specific + * point. + * + * For most block devices (including their backing files) this is true= , but + * the property cannot be maintained in a few situations like for + * intermediate nodes of a commit block job. + */ + BLK_PERM_CONSISTENT_READ =3D 0x01, + + /** This permission is required to change the visible disk contents. */ + BLK_PERM_WRITE =3D 0x02, + + /** + * This permission (which is weaker than BLK_PERM_WRITE) is both enoug= h and + * required for writes to the block node when the caller promises that + * the visible disk content doesn't change. + */ + BLK_PERM_WRITE_UNCHANGED =3D 0x04, + + /** This permission is required to change the size of a block node. */ + BLK_PERM_RESIZE =3D 0x08, + + /** + * This permission is required to change the node that this BdrvChild + * points to. + */ + BLK_PERM_GRAPH_MOD =3D 0x10, + + BLK_PERM_ALL =3D 0x1f, +}; + /* disk I/O throttling */ void bdrv_init(void); void bdrv_init_with_whitelist(void); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 14882882929581008.384694952425; Tue, 28 Feb 2017 05:24:52 -0800 (PST) Received: from localhost ([::1]:60947 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihlr-0005oW-O5 for importer@patchew.org; Tue, 28 Feb 2017 08:24:51 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:42983) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIg-0003km-UN for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:44 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIg-0003vg-15 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:43 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48564) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihId-0003uS-IR; Tue, 28 Feb 2017 07:54:39 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9B4DB80477; Tue, 28 Feb 2017 12:54:39 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQ4029713; Tue, 28 Feb 2017 07:54:37 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:47 +0100 Message-Id: <1488286469-9381-3-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:54:39 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 02/44] block: Add Error argument to bdrv_attach_child() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" It will have to return an error soon, so prepare the callers for it. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 16 +++++++++++++--- block/quorum.c | 9 ++++++++- include/block/block.h | 3 ++- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/block.c b/block.c index b663204..65240fa 100644 --- a/block.c +++ b/block.c @@ -1368,7 +1368,8 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *c= hild_bs, BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs, BlockDriverState *child_bs, const char *child_name, - const BdrvChildRole *child_role) + const BdrvChildRole *child_role, + Error **errp) { BdrvChild *child =3D bdrv_root_attach_child(child_bs, child_name, chil= d_role, parent_bs); @@ -1469,7 +1470,9 @@ void bdrv_set_backing_hd(BlockDriverState *bs, BlockD= riverState *backing_hd) bs->backing =3D NULL; goto out; } - bs->backing =3D bdrv_attach_child(bs, backing_hd, "backing", &child_ba= cking); + /* FIXME Error handling */ + bs->backing =3D bdrv_attach_child(bs, backing_hd, "backing", &child_ba= cking, + &error_abort); bs->open_flags &=3D ~BDRV_O_NO_BACKING; pstrcpy(bs->backing_file, sizeof(bs->backing_file), backing_hd->filena= me); pstrcpy(bs->backing_format, sizeof(bs->backing_format), @@ -1648,6 +1651,7 @@ BdrvChild *bdrv_open_child(const char *filename, const BdrvChildRole *child_role, bool allow_none, Error **errp) { + BdrvChild *c; BlockDriverState *bs; =20 bs =3D bdrv_open_child_bs(filename, options, bdref_key, parent, child_= role, @@ -1656,7 +1660,13 @@ BdrvChild *bdrv_open_child(const char *filename, return NULL; } =20 - return bdrv_attach_child(parent, bs, bdref_key, child_role); + c =3D bdrv_attach_child(parent, bs, bdref_key, child_role, errp); + if (!c) { + bdrv_unref(bs); + return NULL; + } + + return c; } =20 static BlockDriverState *bdrv_append_temp_snapshot(BlockDriverState *bs, diff --git a/block/quorum.c b/block/quorum.c index 86e2072..bdbcec6 100644 --- a/block/quorum.c +++ b/block/quorum.c @@ -1032,10 +1032,17 @@ static void quorum_add_child(BlockDriverState *bs, = BlockDriverState *child_bs, =20 /* We can safely add the child now */ bdrv_ref(child_bs); - child =3D bdrv_attach_child(bs, child_bs, indexstr, &child_format); + + child =3D bdrv_attach_child(bs, child_bs, indexstr, &child_format, err= p); + if (child =3D=3D NULL) { + s->next_child_index--; + bdrv_unref(child_bs); + goto out; + } s->children =3D g_renew(BdrvChild *, s->children, s->num_children + 1); s->children[s->num_children++] =3D child; =20 +out: bdrv_drained_end(bs); } =20 diff --git a/include/block/block.h b/include/block/block.h index f62f38e..ff951ea 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -520,7 +520,8 @@ void bdrv_unref_child(BlockDriverState *parent, BdrvChi= ld *child); BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs, BlockDriverState *child_bs, const char *child_name, - const BdrvChildRole *child_role); + const BdrvChildRole *child_role, + Error **errp); =20 bool bdrv_op_is_blocked(BlockDriverState *bs, BlockOpType op, Error **errp= ); void bdrv_op_block(BlockDriverState *bs, BlockOpType op, Error *reason); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488287896930856.3573910716933; Tue, 28 Feb 2017 05:18:16 -0800 (PST) Received: from localhost ([::1]:60904 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihfT-0008RN-Ky for importer@patchew.org; Tue, 28 Feb 2017 08:18:15 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43034) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIj-0003nO-HX for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIi-0003wp-FJ for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:45 -0500 Received: from mx1.redhat.com ([209.132.183.28]:36464) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIf-0003v7-Ey; Tue, 28 Feb 2017 07:54:41 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8135EC04B937; Tue, 28 Feb 2017 12:54:41 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQ5029713; Tue, 28 Feb 2017 07:54:39 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:48 +0100 Message-Id: <1488286469-9381-4-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Tue, 28 Feb 2017 12:54:41 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 03/44] block: Let callers request permissions when attaching a child node X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When attaching a node as a child to a new parent, the required and shared permissions for this parent are checked against all other parents of the node now, and an error is returned if there is a conflict. This allows error returns to a function that previously always succeeded, and the same is true for quite a few callers and their callers. Converting all of them within the same patch would be too much, so for now everyone tells that they don't need any permissions and allow everyone else to do anything. This way we can use &error_abort initially and convert caller by caller to pass actual permission requirements and implement error handling. All these places are marked with FIXME comments and it will be the job of the next patches to clean them up again. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 66 +++++++++++++++++++++++++++++++++++++++++--= ---- block/block-backend.c | 8 ++++-- include/block/block_int.h | 15 ++++++++++- 3 files changed, 78 insertions(+), 11 deletions(-) diff --git a/block.c b/block.c index 65240fa..9628c7a 100644 --- a/block.c +++ b/block.c @@ -1326,6 +1326,38 @@ static int bdrv_fill_options(QDict **options, const = char *filename, return 0; } =20 +static int bdrv_check_update_perm(BlockDriverState *bs, uint64_t new_used_= perm, + uint64_t new_shared_perm, + BdrvChild *ignore_child, Error **errp) +{ + BdrvChild *c; + + /* There is no reason why anyone couldn't tolerate write_unchanged */ + assert(new_shared_perm & BLK_PERM_WRITE_UNCHANGED); + + QLIST_FOREACH(c, &bs->parents, next_parent) { + if (c =3D=3D ignore_child) { + continue; + } + + if ((new_used_perm & c->shared_perm) !=3D new_used_perm || + (c->perm & new_shared_perm) !=3D c->perm) + { + const char *user =3D NULL; + if (c->role->get_name) { + user =3D c->role->get_name(c); + if (user && !*user) { + user =3D NULL; + } + } + error_setg(errp, "Conflicts with %s", user ?: "another operati= on"); + return -EPERM; + } + } + + return 0; +} + static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs) { BlockDriverState *old_bs =3D child->bs; @@ -1350,14 +1382,25 @@ static void bdrv_replace_child(BdrvChild *child, Bl= ockDriverState *new_bs) BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs, const char *child_name, const BdrvChildRole *child_role, - void *opaque) + uint64_t perm, uint64_t shared_perm, + void *opaque, Error **errp) { - BdrvChild *child =3D g_new(BdrvChild, 1); + BdrvChild *child; + int ret; + + ret =3D bdrv_check_update_perm(child_bs, perm, shared_perm, NULL, errp= ); + if (ret < 0) { + return NULL; + } + + child =3D g_new(BdrvChild, 1); *child =3D (BdrvChild) { - .bs =3D NULL, - .name =3D g_strdup(child_name), - .role =3D child_role, - .opaque =3D opaque, + .bs =3D NULL, + .name =3D g_strdup(child_name), + .role =3D child_role, + .perm =3D perm, + .shared_perm =3D shared_perm, + .opaque =3D opaque, }; =20 bdrv_replace_child(child, child_bs); @@ -1371,8 +1414,15 @@ BdrvChild *bdrv_attach_child(BlockDriverState *paren= t_bs, const BdrvChildRole *child_role, Error **errp) { - BdrvChild *child =3D bdrv_root_attach_child(child_bs, child_name, chil= d_role, - parent_bs); + BdrvChild *child; + + /* FIXME Use real permissions */ + child =3D bdrv_root_attach_child(child_bs, child_name, child_role, + 0, BLK_PERM_ALL, parent_bs, errp); + if (child =3D=3D NULL) { + return NULL; + } + QLIST_INSERT_HEAD(&parent_bs->children, child, next); return child; } diff --git a/block/block-backend.c b/block/block-backend.c index 492e71e..9bb4528 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -163,7 +163,9 @@ BlockBackend *blk_new_open(const char *filename, const = char *reference, return NULL; } =20 - blk->root =3D bdrv_root_attach_child(bs, "root", &child_root, blk); + /* FIXME Use real permissions */ + blk->root =3D bdrv_root_attach_child(bs, "root", &child_root, + 0, BLK_PERM_ALL, blk, &error_abort); =20 return blk; } @@ -498,7 +500,9 @@ void blk_remove_bs(BlockBackend *blk) void blk_insert_bs(BlockBackend *blk, BlockDriverState *bs) { bdrv_ref(bs); - blk->root =3D bdrv_root_attach_child(bs, "root", &child_root, blk); + /* FIXME Use real permissions */ + blk->root =3D bdrv_root_attach_child(bs, "root", &child_root, + 0, BLK_PERM_ALL, blk, &error_abort); =20 notifier_list_notify(&blk->insert_bs_notifiers, blk); if (blk->public.throttle_state) { diff --git a/include/block/block_int.h b/include/block/block_int.h index 1670941..ed63bad 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -419,6 +419,18 @@ struct BdrvChild { char *name; const BdrvChildRole *role; void *opaque; + + /** + * Granted permissions for operating on this BdrvChild (BLK_PERM_* bit= mask) + */ + uint64_t perm; + + /** + * Permissions that can still be granted to other users of @bs while t= his + * BdrvChild is still attached to it. (BLK_PERM_* bitmask) + */ + uint64_t shared_perm; + QLIST_ENTRY(BdrvChild) next; QLIST_ENTRY(BdrvChild) next_parent; }; @@ -796,7 +808,8 @@ void hmp_drive_add_node(Monitor *mon, const char *optst= r); BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs, const char *child_name, const BdrvChildRole *child_role, - void *opaque); + uint64_t perm, uint64_t shared_perm, + void *opaque, Error **errp); void bdrv_root_unref_child(BdrvChild *child); =20 const char *bdrv_get_parent_name(const BlockDriverState *bs); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288561565692.2370467515415; Tue, 28 Feb 2017 05:29:21 -0800 (PST) Received: from localhost ([::1]:60973 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihqC-0001Hb-6g for importer@patchew.org; Tue, 28 Feb 2017 08:29:20 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43072) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIn-0003rY-8k for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:51 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIl-0003xx-BN for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:49 -0500 Received: from mx1.redhat.com ([209.132.183.28]:41146) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIh-0003vy-69; Tue, 28 Feb 2017 07:54:43 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 46D5B61D28; Tue, 28 Feb 2017 12:54:43 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQ6029713; Tue, 28 Feb 2017 07:54:41 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:49 +0100 Message-Id: <1488286469-9381-5-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 28 Feb 2017 12:54:43 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 04/44] block: Involve block drivers in permission granting X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" In many cases, the required permissions of one node on its children depend on what its parents require from it. For example, the raw format or most filter drivers only need to request consistent reads if that's something that one of their parents wants. In order to achieve this, this patch introduces two new BlockDriver callbacks. The first one lets drivers first check (recursively) whether the requested permissions can be set; the second one actually sets the new permission bitmask. Also add helper functions that drivers can use in their implementation of the callbacks to update their permissions on a specific child. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block.c | 206 ++++++++++++++++++++++++++++++++++++++++++= +++- include/block/block_int.h | 61 ++++++++++++++ 2 files changed, 263 insertions(+), 4 deletions(-) diff --git a/block.c b/block.c index 9628c7a..cf3534f 100644 --- a/block.c +++ b/block.c @@ -1326,11 +1326,146 @@ static int bdrv_fill_options(QDict **options, cons= t char *filename, return 0; } =20 +/* + * Check whether permissions on this node can be changed in a way that + * @cumulative_perms and @cumulative_shared_perms are the new cumulative + * permissions of all its parents. This involves checking whether all nece= ssary + * permission changes to child nodes can be performed. + * + * A call to this function must always be followed by a call to bdrv_set_p= erm() + * or bdrv_abort_perm_update(). + */ +static int bdrv_check_perm(BlockDriverState *bs, uint64_t cumulative_perms, + uint64_t cumulative_shared_perms, Error **errp) +{ + BlockDriver *drv =3D bs->drv; + BdrvChild *c; + int ret; + + /* Write permissions never work with read-only images */ + if ((cumulative_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) && + bdrv_is_read_only(bs)) + { + error_setg(errp, "Block node is read-only"); + return -EPERM; + } + + /* Check this node */ + if (!drv) { + return 0; + } + + if (drv->bdrv_check_perm) { + return drv->bdrv_check_perm(bs, cumulative_perms, + cumulative_shared_perms, errp); + } + + /* Drivers may not have .bdrv_child_perm() */ + if (!drv->bdrv_child_perm) { + return 0; + } + + /* Check all children */ + QLIST_FOREACH(c, &bs->children, next) { + uint64_t cur_perm, cur_shared; + drv->bdrv_child_perm(bs, c, c->role, + cumulative_perms, cumulative_shared_perms, + &cur_perm, &cur_shared); + ret =3D bdrv_child_check_perm(c, cur_perm, cur_shared, errp); + if (ret < 0) { + return ret; + } + } + + return 0; +} + +/* + * Notifies drivers that after a previous bdrv_check_perm() call, the + * permission update is not performed and any preparations made for it (e.= g. + * taken file locks) need to be undone. + * + * This function recursively notifies all child nodes. + */ +static void bdrv_abort_perm_update(BlockDriverState *bs) +{ + BlockDriver *drv =3D bs->drv; + BdrvChild *c; + + if (!drv) { + return; + } + + if (drv->bdrv_abort_perm_update) { + drv->bdrv_abort_perm_update(bs); + } + + QLIST_FOREACH(c, &bs->children, next) { + bdrv_child_abort_perm_update(c); + } +} + +static void bdrv_set_perm(BlockDriverState *bs, uint64_t cumulative_perms, + uint64_t cumulative_shared_perms) +{ + BlockDriver *drv =3D bs->drv; + BdrvChild *c; + + if (!drv) { + return; + } + + /* Update this node */ + if (drv->bdrv_set_perm) { + drv->bdrv_set_perm(bs, cumulative_perms, cumulative_shared_perms); + } + + /* Drivers may not have .bdrv_child_perm() */ + if (!drv->bdrv_child_perm) { + return; + } + + /* Update all children */ + QLIST_FOREACH(c, &bs->children, next) { + uint64_t cur_perm, cur_shared; + drv->bdrv_child_perm(bs, c, c->role, + cumulative_perms, cumulative_shared_perms, + &cur_perm, &cur_shared); + bdrv_child_set_perm(c, cur_perm, cur_shared); + } +} + +static void bdrv_get_cumulative_perm(BlockDriverState *bs, uint64_t *perm, + uint64_t *shared_perm) +{ + BdrvChild *c; + uint64_t cumulative_perms =3D 0; + uint64_t cumulative_shared_perms =3D BLK_PERM_ALL; + + QLIST_FOREACH(c, &bs->parents, next_parent) { + cumulative_perms |=3D c->perm; + cumulative_shared_perms &=3D c->shared_perm; + } + + *perm =3D cumulative_perms; + *shared_perm =3D cumulative_shared_perms; +} + +/* + * Checks whether a new reference to @bs can be added if the new user requ= ires + * @new_used_perm/@new_shared_perm as its permissions. If @ignore_child is= set, + * this old reference is ignored in the calculations; this allows checking + * permission updates for an existing reference. + * + * Needs to be followed by a call to either bdrv_set_perm() or + * bdrv_abort_perm_update(). */ static int bdrv_check_update_perm(BlockDriverState *bs, uint64_t new_used_= perm, uint64_t new_shared_perm, BdrvChild *ignore_child, Error **errp) { BdrvChild *c; + uint64_t cumulative_perms =3D new_used_perm; + uint64_t cumulative_shared_perms =3D new_shared_perm; =20 /* There is no reason why anyone couldn't tolerate write_unchanged */ assert(new_shared_perm & BLK_PERM_WRITE_UNCHANGED); @@ -1353,20 +1488,73 @@ static int bdrv_check_update_perm(BlockDriverState = *bs, uint64_t new_used_perm, error_setg(errp, "Conflicts with %s", user ?: "another operati= on"); return -EPERM; } + + cumulative_perms |=3D c->perm; + cumulative_shared_perms &=3D c->shared_perm; } =20 + return bdrv_check_perm(bs, cumulative_perms, cumulative_shared_perms, = errp); +} + +/* Needs to be followed by a call to either bdrv_child_set_perm() or + * bdrv_child_abort_perm_update(). */ +int bdrv_child_check_perm(BdrvChild *c, uint64_t perm, uint64_t shared, + Error **errp) +{ + return bdrv_check_update_perm(c->bs, perm, shared, c, errp); +} + +void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared) +{ + uint64_t cumulative_perms, cumulative_shared_perms; + + c->perm =3D perm; + c->shared_perm =3D shared; + + bdrv_get_cumulative_perm(c->bs, &cumulative_perms, + &cumulative_shared_perms); + bdrv_set_perm(c->bs, cumulative_perms, cumulative_shared_perms); +} + +void bdrv_child_abort_perm_update(BdrvChild *c) +{ + bdrv_abort_perm_update(c->bs); +} + +int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared, + Error **errp) +{ + int ret; + + ret =3D bdrv_child_check_perm(c, perm, shared, errp); + if (ret < 0) { + bdrv_child_abort_perm_update(c); + return ret; + } + + bdrv_child_set_perm(c, perm, shared); + return 0; } =20 -static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs) +static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs, + bool check_new_perm) { BlockDriverState *old_bs =3D child->bs; + uint64_t perm, shared_perm; =20 if (old_bs) { if (old_bs->quiesce_counter && child->role->drained_end) { child->role->drained_end(child); } QLIST_REMOVE(child, next_parent); + + /* Update permissions for old node. This is guaranteed to succeed + * because we're just taking a parent away, so we're loosening + * restrictions. */ + bdrv_get_cumulative_perm(old_bs, &perm, &shared_perm); + bdrv_check_perm(old_bs, perm, shared_perm, &error_abort); + bdrv_set_perm(old_bs, perm, shared_perm); } =20 child->bs =3D new_bs; @@ -1376,6 +1564,12 @@ static void bdrv_replace_child(BdrvChild *child, Blo= ckDriverState *new_bs) if (new_bs->quiesce_counter && child->role->drained_begin) { child->role->drained_begin(child); } + + bdrv_get_cumulative_perm(new_bs, &perm, &shared_perm); + if (check_new_perm) { + bdrv_check_perm(new_bs, perm, shared_perm, &error_abort); + } + bdrv_set_perm(new_bs, perm, shared_perm); } } =20 @@ -1390,6 +1584,7 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *c= hild_bs, =20 ret =3D bdrv_check_update_perm(child_bs, perm, shared_perm, NULL, errp= ); if (ret < 0) { + bdrv_abort_perm_update(child_bs); return NULL; } =20 @@ -1403,7 +1598,8 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *c= hild_bs, .opaque =3D opaque, }; =20 - bdrv_replace_child(child, child_bs); + /* This performs the matching bdrv_set_perm() for the above check. */ + bdrv_replace_child(child, child_bs, false); =20 return child; } @@ -1434,7 +1630,7 @@ static void bdrv_detach_child(BdrvChild *child) child->next.le_prev =3D NULL; } =20 - bdrv_replace_child(child, NULL); + bdrv_replace_child(child, NULL, false); =20 g_free(child->name); g_free(child); @@ -2541,7 +2737,9 @@ static void change_parent_backing_link(BlockDriverSta= te *from, =20 assert(c->role !=3D &child_backing); bdrv_ref(to); - bdrv_replace_child(c, to); + /* FIXME Are we sure that bdrv_replace_child() can't run into + * &error_abort because of permissions? */ + bdrv_replace_child(c, to, true); bdrv_unref(from); } } diff --git a/include/block/block_int.h b/include/block/block_int.h index ed63bad..cef2b6e 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -320,6 +320,59 @@ struct BlockDriver { void (*bdrv_del_child)(BlockDriverState *parent, BdrvChild *child, Error **errp); =20 + /** + * Informs the block driver that a permission change is intended. The + * driver checks whether the change is permissible and may take other + * preparations for the change (e.g. get file system locks). This oper= ation + * is always followed either by a call to either .bdrv_set_perm or + * .bdrv_abort_perm_update. + * + * Checks whether the requested set of cumulative permissions in @perm + * can be granted for accessing @bs and whether no other users are usi= ng + * permissions other than those given in @shared (both arguments take + * BLK_PERM_* bitmasks). + * + * If both conditions are met, 0 is returned. Otherwise, -errno is ret= urned + * and errp is set to an error describing the conflict. + */ + int (*bdrv_check_perm)(BlockDriverState *bs, uint64_t perm, + uint64_t shared, Error **errp); + + /** + * Called to inform the driver that the set of cumulative set of used + * permissions for @bs has changed to @perm, and the set of sharable + * permission to @shared. The driver can use this to propagate changes= to + * its children (i.e. request permissions only if a parent actually ne= eds + * them). + * + * This function is only invoked after bdrv_check_perm(), so block dri= vers + * may rely on preparations made in their .bdrv_check_perm implementat= ion. + */ + void (*bdrv_set_perm)(BlockDriverState *bs, uint64_t perm, uint64_t sh= ared); + + /* + * Called to inform the driver that after a previous bdrv_check_perm() + * call, the permission update is not performed and any preparations m= ade + * for it (e.g. taken file locks) need to be undone. + * + * This function can be called even for nodes that never saw a + * bdrv_check_perm() call. It is a no-op then. + */ + void (*bdrv_abort_perm_update)(BlockDriverState *bs); + + /** + * Returns in @nperm and @nshared the permissions that the driver for = @bs + * needs on its child @c, based on the cumulative permissions requeste= d by + * the parents in @parent_perm and @parent_shared. + * + * If @c is NULL, return the permissions for attaching a new child for= the + * given @role. + */ + void (*bdrv_child_perm)(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t parent_perm, uint64_t parent_shared, + uint64_t *nperm, uint64_t *nshared); + QLIST_ENTRY(BlockDriver) list; }; =20 @@ -812,6 +865,14 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *ch= ild_bs, void *opaque, Error **errp); void bdrv_root_unref_child(BdrvChild *child); =20 +int bdrv_child_check_perm(BdrvChild *c, uint64_t perm, uint64_t shared, + Error **errp); +void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared); +void bdrv_child_abort_perm_update(BdrvChild *c); +int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared, + Error **errp); + + const char *bdrv_get_parent_name(const BlockDriverState *bs); void blk_dev_change_media_cb(BlockBackend *blk, bool load); bool blk_dev_has_removable_media(BlockBackend *blk); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488287931403779.553478182378; Tue, 28 Feb 2017 05:18:51 -0800 (PST) Received: from localhost ([::1]:60906 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihg0-0000R0-44 for importer@patchew.org; Tue, 28 Feb 2017 08:18:48 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43090) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIo-0003sy-F1 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:51 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIn-0003yk-FP for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:50 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35048) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIi-0003wk-VF; Tue, 28 Feb 2017 07:54:45 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 105E24E4CB; Tue, 28 Feb 2017 12:54:45 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQ7029713; Tue, 28 Feb 2017 07:54:43 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:50 +0100 Message-Id: <1488286469-9381-6-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 28 Feb 2017 12:54:45 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 05/44] block: Default .bdrv_child_perm() for filter drivers X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Most filters need permissions related to read and write for their children, but only if the node has a parent that wants to use the same operation on the filter. The same is true for resize. This adds a default implementation that simply forwards all necessary permissions to all children of the node and leaves the other permissions unchanged. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block.c | 23 +++++++++++++++++++++++ include/block/block_int.h | 8 ++++++++ 2 files changed, 31 insertions(+) diff --git a/block.c b/block.c index cf3534f..064e9d7 100644 --- a/block.c +++ b/block.c @@ -1537,6 +1537,29 @@ int bdrv_child_try_set_perm(BdrvChild *c, uint64_t p= erm, uint64_t shared, return 0; } =20 +#define DEFAULT_PERM_PASSTHROUGH (BLK_PERM_CONSISTENT_READ \ + | BLK_PERM_WRITE \ + | BLK_PERM_WRITE_UNCHANGED \ + | BLK_PERM_RESIZE) +#define DEFAULT_PERM_UNCHANGED (BLK_PERM_ALL & ~DEFAULT_PERM_PASSTHROUGH) + +void bdrv_filter_default_perms(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t perm, uint64_t shared, + uint64_t *nperm, uint64_t *nshared) +{ + if (c =3D=3D NULL) { + *nperm =3D perm & DEFAULT_PERM_PASSTHROUGH; + *nshared =3D (shared & DEFAULT_PERM_PASSTHROUGH) | DEFAULT_PERM_UN= CHANGED; + return; + } + + *nperm =3D (perm & DEFAULT_PERM_PASSTHROUGH) | + (c->perm & DEFAULT_PERM_UNCHANGED); + *nshared =3D (shared & DEFAULT_PERM_PASSTHROUGH) | + (c->shared_perm & DEFAULT_PERM_UNCHANGED); +} + static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs, bool check_new_perm) { diff --git a/include/block/block_int.h b/include/block/block_int.h index cef2b6e..17f4c2d 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -872,6 +872,14 @@ void bdrv_child_abort_perm_update(BdrvChild *c); int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared, Error **errp); =20 +/* Default implementation for BlockDriver.bdrv_child_perm() that can be us= ed by + * block filters: Forward CONSISTENT_READ, WRITE, WRITE_UNCHANGED and RESI= ZE to + * all children */ +void bdrv_filter_default_perms(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t perm, uint64_t shared, + uint64_t *nperm, uint64_t *nshared); + =20 const char *bdrv_get_parent_name(const BlockDriverState *bs); void blk_dev_change_media_cb(BlockBackend *blk, bool load); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288189506755.1624244151596; Tue, 28 Feb 2017 05:23:09 -0800 (PST) Received: from localhost ([::1]:60935 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihkB-0004GC-Rq for importer@patchew.org; Tue, 28 Feb 2017 08:23:07 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43114) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIp-0003uH-J8 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:52 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIo-0003z7-Hi for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:51 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48614) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIk-0003xZ-Rr; Tue, 28 Feb 2017 07:54:47 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E91C180477; Tue, 28 Feb 2017 12:54:46 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQ8029713; Tue, 28 Feb 2017 07:54:45 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:51 +0100 Message-Id: <1488286469-9381-7-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:54:46 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 06/44] block: Request child permissions in filter drivers X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" All callers will have to request permissions for all of their child nodes. Block drivers that act as simply filters can use the default implementation of .bdrv_child_perm(). Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/blkdebug.c | 2 ++ block/blkreplay.c | 1 + block/blkverify.c | 1 + block/quorum.c | 2 ++ block/raw-format.c | 1 + block/replication.c | 1 + 6 files changed, 8 insertions(+) diff --git a/block/blkdebug.c b/block/blkdebug.c index 6117ce5..67e8024 100644 --- a/block/blkdebug.c +++ b/block/blkdebug.c @@ -734,6 +734,8 @@ static BlockDriver bdrv_blkdebug =3D { .bdrv_file_open =3D blkdebug_open, .bdrv_close =3D blkdebug_close, .bdrv_reopen_prepare =3D blkdebug_reopen_prepare, + .bdrv_child_perm =3D bdrv_filter_default_perms, + .bdrv_getlength =3D blkdebug_getlength, .bdrv_truncate =3D blkdebug_truncate, .bdrv_refresh_filename =3D blkdebug_refresh_filename, diff --git a/block/blkreplay.c b/block/blkreplay.c index cfc8c5b..e110211 100755 --- a/block/blkreplay.c +++ b/block/blkreplay.c @@ -137,6 +137,7 @@ static BlockDriver bdrv_blkreplay =3D { =20 .bdrv_file_open =3D blkreplay_open, .bdrv_close =3D blkreplay_close, + .bdrv_child_perm =3D bdrv_filter_default_perms, .bdrv_getlength =3D blkreplay_getlength, =20 .bdrv_co_preadv =3D blkreplay_co_preadv, diff --git a/block/blkverify.c b/block/blkverify.c index 43a940c..9a1e21c 100644 --- a/block/blkverify.c +++ b/block/blkverify.c @@ -320,6 +320,7 @@ static BlockDriver bdrv_blkverify =3D { .bdrv_parse_filename =3D blkverify_parse_filename, .bdrv_file_open =3D blkverify_open, .bdrv_close =3D blkverify_close, + .bdrv_child_perm =3D bdrv_filter_default_perms, .bdrv_getlength =3D blkverify_getlength, .bdrv_refresh_filename =3D blkverify_refresh_filename, =20 diff --git a/block/quorum.c b/block/quorum.c index bdbcec6..40205fb 100644 --- a/block/quorum.c +++ b/block/quorum.c @@ -1133,6 +1133,8 @@ static BlockDriver bdrv_quorum =3D { .bdrv_add_child =3D quorum_add_child, .bdrv_del_child =3D quorum_del_child, =20 + .bdrv_child_perm =3D bdrv_filter_default_perms, + .is_filter =3D true, .bdrv_recurse_is_first_non_filter =3D quorum_recurse_is_first_non_fi= lter, }; diff --git a/block/raw-format.c b/block/raw-format.c index ce34d1b..86fbc65 100644 --- a/block/raw-format.c +++ b/block/raw-format.c @@ -467,6 +467,7 @@ BlockDriver bdrv_raw =3D { .bdrv_reopen_abort =3D &raw_reopen_abort, .bdrv_open =3D &raw_open, .bdrv_close =3D &raw_close, + .bdrv_child_perm =3D bdrv_filter_default_perms, .bdrv_create =3D &raw_create, .bdrv_co_preadv =3D &raw_co_preadv, .bdrv_co_pwritev =3D &raw_co_pwritev, diff --git a/block/replication.c b/block/replication.c index eff85c7..91465cb 100644 --- a/block/replication.c +++ b/block/replication.c @@ -660,6 +660,7 @@ BlockDriver bdrv_replication =3D { =20 .bdrv_open =3D replication_open, .bdrv_close =3D replication_close, + .bdrv_child_perm =3D bdrv_filter_default_perms, =20 .bdrv_getlength =3D replication_getlength, .bdrv_co_readv =3D replication_co_readv, --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288437764929.5333082144068; Tue, 28 Feb 2017 05:27:17 -0800 (PST) Received: from localhost ([::1]:60962 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihoB-0007wk-59 for importer@patchew.org; Tue, 28 Feb 2017 08:27:15 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43161) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIr-0003wd-OC for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:54 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIq-000404-Fb for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:53 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35068) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIn-0003yP-Ga; Tue, 28 Feb 2017 07:54:49 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 918E24E4CB; Tue, 28 Feb 2017 12:54:49 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQ9029713; Tue, 28 Feb 2017 07:54:47 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:52 +0100 Message-Id: <1488286469-9381-8-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 28 Feb 2017 12:54:49 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 07/44] block: Default .bdrv_child_perm() for format drivers X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Almost all format drivers have the same characteristics as far as permissions are concerned: They have one or more children for storing their own data and, more importantly, metadata (can be written to and grow even without external write requests, must be protected against other writers and present consistent data) and optionally a backing file (this is just data, so like for a filter, it only depends on what the parent nodes need). This provides a default implementation that can be shared by most of our format drivers. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ include/block/block_int.h | 8 ++++++++ 2 files changed, 52 insertions(+) diff --git a/block.c b/block.c index 064e9d7..d67819f 100644 --- a/block.c +++ b/block.c @@ -1560,6 +1560,50 @@ void bdrv_filter_default_perms(BlockDriverState *bs,= BdrvChild *c, (c->shared_perm & DEFAULT_PERM_UNCHANGED); } =20 +void bdrv_format_default_perms(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t perm, uint64_t shared, + uint64_t *nperm, uint64_t *nshared) +{ + bool backing =3D (role =3D=3D &child_backing); + assert(role =3D=3D &child_backing || role =3D=3D &child_file); + + if (!backing) { + /* Apart from the modifications below, the same permissions are + * forwarded and left alone as for filters */ + bdrv_filter_default_perms(bs, c, role, perm, shared, &perm, &share= d); + + /* Format drivers may touch metadata even if the guest doesn't wri= te */ + if (!bdrv_is_read_only(bs)) { + perm |=3D BLK_PERM_WRITE | BLK_PERM_RESIZE; + } + + /* bs->file always needs to be consistent because of the metadata.= We + * can never allow other users to resize or write to it. */ + perm |=3D BLK_PERM_CONSISTENT_READ; + shared &=3D ~(BLK_PERM_WRITE | BLK_PERM_RESIZE); + } else { + /* We want consistent read from backing files if the parent needs = it. + * No other operations are performed on backing files. */ + perm &=3D BLK_PERM_CONSISTENT_READ; + + /* If the parent can deal with changing data, we're okay with a + * writable and resizable backing file. */ + /* TODO Require !(perm & BLK_PERM_CONSISTENT_READ), too? */ + if (shared & BLK_PERM_WRITE) { + shared =3D BLK_PERM_WRITE | BLK_PERM_RESIZE; + } else { + shared =3D 0; + } + + shared |=3D BLK_PERM_CONSISTENT_READ | BLK_PERM_GRAPH_MOD | + BLK_PERM_WRITE_UNCHANGED; + } + + *nperm =3D perm; + *nshared =3D shared; +} + static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs, bool check_new_perm) { diff --git a/include/block/block_int.h b/include/block/block_int.h index 17f4c2d..eb0598e 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -880,6 +880,14 @@ void bdrv_filter_default_perms(BlockDriverState *bs, B= drvChild *c, uint64_t perm, uint64_t shared, uint64_t *nperm, uint64_t *nshared); =20 +/* Default implementation for BlockDriver.bdrv_child_perm() that can be us= ed by + * (non-raw) image formats: Like above for bs->backing, but for bs->file it + * requires WRITE | RESIZE for read-write images, always requires + * CONSISTENT_READ and doesn't share WRITE. */ +void bdrv_format_default_perms(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t perm, uint64_t shared, + uint64_t *nperm, uint64_t *nshared); =20 const char *bdrv_get_parent_name(const BlockDriverState *bs); void blk_dev_change_media_cb(BlockBackend *blk, bool load); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288688288971.2213879519287; Tue, 28 Feb 2017 05:31:28 -0800 (PST) Received: from localhost ([::1]:60997 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihsE-0003AO-VK for importer@patchew.org; Tue, 28 Feb 2017 08:31:27 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43198) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIt-0003zW-M1 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIs-00041A-GH for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:55 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54900) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIp-0003zF-8H; Tue, 28 Feb 2017 07:54:51 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 577B9C054917; Tue, 28 Feb 2017 12:54:51 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQA029713; Tue, 28 Feb 2017 07:54:49 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:53 +0100 Message-Id: <1488286469-9381-9-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 28 Feb 2017 12:54:51 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 08/44] block: Request child permissions in format drivers X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This makes use of the .bdrv_child_perm() implementation for formats that we just added. All format drivers expose the permissions they actually need nows, so that they can be set accordingly and updated when parents are attached or detached. The only format not included here is raw, which was already converted with the other filter drivers. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/bochs.c | 1 + block/cloop.c | 1 + block/crypto.c | 1 + block/dmg.c | 1 + block/parallels.c | 1 + block/qcow.c | 1 + block/qcow2.c | 1 + block/qed.c | 1 + block/vdi.c | 1 + block/vhdx.c | 1 + block/vmdk.c | 1 + block/vpc.c | 1 + 12 files changed, 12 insertions(+) diff --git a/block/bochs.c b/block/bochs.c index 7dd2ac4..516da56 100644 --- a/block/bochs.c +++ b/block/bochs.c @@ -293,6 +293,7 @@ static BlockDriver bdrv_bochs =3D { .instance_size =3D sizeof(BDRVBochsState), .bdrv_probe =3D bochs_probe, .bdrv_open =3D bochs_open, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_refresh_limits =3D bochs_refresh_limits, .bdrv_co_preadv =3D bochs_co_preadv, .bdrv_close =3D bochs_close, diff --git a/block/cloop.c b/block/cloop.c index 877c9b0..a6c7b9d 100644 --- a/block/cloop.c +++ b/block/cloop.c @@ -290,6 +290,7 @@ static BlockDriver bdrv_cloop =3D { .instance_size =3D sizeof(BDRVCloopState), .bdrv_probe =3D cloop_probe, .bdrv_open =3D cloop_open, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_refresh_limits =3D cloop_refresh_limits, .bdrv_co_preadv =3D cloop_co_preadv, .bdrv_close =3D cloop_close, diff --git a/block/crypto.c b/block/crypto.c index 7cb2ff2..4a20388 100644 --- a/block/crypto.c +++ b/block/crypto.c @@ -628,6 +628,7 @@ BlockDriver bdrv_crypto_luks =3D { .bdrv_probe =3D block_crypto_probe_luks, .bdrv_open =3D block_crypto_open_luks, .bdrv_close =3D block_crypto_close, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_create =3D block_crypto_create_luks, .bdrv_truncate =3D block_crypto_truncate, .create_opts =3D &block_crypto_create_opts_luks, diff --git a/block/dmg.c b/block/dmg.c index 8e387cd..a7d25fc 100644 --- a/block/dmg.c +++ b/block/dmg.c @@ -697,6 +697,7 @@ static BlockDriver bdrv_dmg =3D { .bdrv_probe =3D dmg_probe, .bdrv_open =3D dmg_open, .bdrv_refresh_limits =3D dmg_refresh_limits, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_co_preadv =3D dmg_co_preadv, .bdrv_close =3D dmg_close, }; diff --git a/block/parallels.c b/block/parallels.c index b2ec09f..6b0c0a9 100644 --- a/block/parallels.c +++ b/block/parallels.c @@ -762,6 +762,7 @@ static BlockDriver bdrv_parallels =3D { .bdrv_probe =3D parallels_probe, .bdrv_open =3D parallels_open, .bdrv_close =3D parallels_close, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_co_get_block_status =3D parallels_co_get_block_status, .bdrv_has_zero_init =3D bdrv_has_zero_init_1, .bdrv_co_flush_to_os =3D parallels_co_flush_to_os, diff --git a/block/qcow.c b/block/qcow.c index 038b05a..eb5d54c 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -1052,6 +1052,7 @@ static BlockDriver bdrv_qcow =3D { .bdrv_probe =3D qcow_probe, .bdrv_open =3D qcow_open, .bdrv_close =3D qcow_close, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_reopen_prepare =3D qcow_reopen_prepare, .bdrv_create =3D qcow_create, .bdrv_has_zero_init =3D bdrv_has_zero_init_1, diff --git a/block/qcow2.c b/block/qcow2.c index 21e6142..ef028f6 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -3403,6 +3403,7 @@ BlockDriver bdrv_qcow2 =3D { .bdrv_reopen_commit =3D qcow2_reopen_commit, .bdrv_reopen_abort =3D qcow2_reopen_abort, .bdrv_join_options =3D qcow2_join_options, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_create =3D qcow2_create, .bdrv_has_zero_init =3D bdrv_has_zero_init_1, .bdrv_co_get_block_status =3D qcow2_co_get_block_status, diff --git a/block/qed.c b/block/qed.c index 62a0a09..d8f947a 100644 --- a/block/qed.c +++ b/block/qed.c @@ -1704,6 +1704,7 @@ static BlockDriver bdrv_qed =3D { .bdrv_open =3D bdrv_qed_open, .bdrv_close =3D bdrv_qed_close, .bdrv_reopen_prepare =3D bdrv_qed_reopen_prepare, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_create =3D bdrv_qed_create, .bdrv_has_zero_init =3D bdrv_has_zero_init_1, .bdrv_co_get_block_status =3D bdrv_qed_co_get_block_status, diff --git a/block/vdi.c b/block/vdi.c index 18b4773..fd6e26d 100644 --- a/block/vdi.c +++ b/block/vdi.c @@ -891,6 +891,7 @@ static BlockDriver bdrv_vdi =3D { .bdrv_open =3D vdi_open, .bdrv_close =3D vdi_close, .bdrv_reopen_prepare =3D vdi_reopen_prepare, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_create =3D vdi_create, .bdrv_has_zero_init =3D bdrv_has_zero_init_1, .bdrv_co_get_block_status =3D vdi_co_get_block_status, diff --git a/block/vhdx.c b/block/vhdx.c index 9918ee9..ab747f6 100644 --- a/block/vhdx.c +++ b/block/vhdx.c @@ -1983,6 +1983,7 @@ static BlockDriver bdrv_vhdx =3D { .bdrv_open =3D vhdx_open, .bdrv_close =3D vhdx_close, .bdrv_reopen_prepare =3D vhdx_reopen_prepare, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_co_readv =3D vhdx_co_readv, .bdrv_co_writev =3D vhdx_co_writev, .bdrv_create =3D vhdx_create, diff --git a/block/vmdk.c b/block/vmdk.c index 9d68ec5..f5e2fb5 100644 --- a/block/vmdk.c +++ b/block/vmdk.c @@ -2359,6 +2359,7 @@ static BlockDriver bdrv_vmdk =3D { .bdrv_open =3D vmdk_open, .bdrv_check =3D vmdk_check, .bdrv_reopen_prepare =3D vmdk_reopen_prepare, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_co_preadv =3D vmdk_co_preadv, .bdrv_co_pwritev =3D vmdk_co_pwritev, .bdrv_co_pwritev_compressed =3D vmdk_co_pwritev_compressed, diff --git a/block/vpc.c b/block/vpc.c index d0df2a1..b9c9832 100644 --- a/block/vpc.c +++ b/block/vpc.c @@ -1067,6 +1067,7 @@ static BlockDriver bdrv_vpc =3D { .bdrv_open =3D vpc_open, .bdrv_close =3D vpc_close, .bdrv_reopen_prepare =3D vpc_reopen_prepare, + .bdrv_child_perm =3D bdrv_format_default_perms, .bdrv_create =3D vpc_create, =20 .bdrv_co_preadv =3D vpc_co_preadv, --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288972738318.11289868205915; Tue, 28 Feb 2017 05:36:12 -0800 (PST) Received: from localhost ([::1]:32826 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihwn-0007Ju-48 for importer@patchew.org; Tue, 28 Feb 2017 08:36:09 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43230) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIw-000428-3e for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:59 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIt-00041Y-G0 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:54:58 -0500 Received: from mx1.redhat.com ([209.132.183.28]:60376) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIr-00040G-7n; Tue, 28 Feb 2017 07:54:53 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4F4A485365; Tue, 28 Feb 2017 12:54:53 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQB029713; Tue, 28 Feb 2017 07:54:51 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:54 +0100 Message-Id: <1488286469-9381-10-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 28 Feb 2017 12:54:53 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 09/44] vvfat: Implement .bdrv_child_perm() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" vvfat is the last remaining driver that can have children, but doesn't implement .bdrv_child_perm() yet. The default handlers aren't suitable here, so let's implement a very simple driver-specific one that protects the internal child from being used by other users as good as our permissions permit. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 2 +- block/vvfat.c | 22 ++++++++++++++++++++++ include/block/block_int.h | 1 + 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/block.c b/block.c index d67819f..281ce7b 100644 --- a/block.c +++ b/block.c @@ -823,7 +823,7 @@ static void bdrv_backing_options(int *child_flags, QDic= t *child_options, *child_flags =3D flags; } =20 -static const BdrvChildRole child_backing =3D { +const BdrvChildRole child_backing =3D { .inherit_options =3D bdrv_backing_options, .drained_begin =3D bdrv_child_cb_drained_begin, .drained_end =3D bdrv_child_cb_drained_end, diff --git a/block/vvfat.c b/block/vvfat.c index 7f230be..72b482c 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -3052,6 +3052,27 @@ err: return ret; } =20 +static void vvfat_child_perm(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t perm, uint64_t shared, + uint64_t *nperm, uint64_t *nshared) +{ + BDRVVVFATState *s =3D bs->opaque; + + assert(c =3D=3D s->qcow || role =3D=3D &child_backing); + + if (c =3D=3D s->qcow) { + /* This is a private node, nobody should try to attach to it */ + *nperm =3D BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE; + *nshared =3D BLK_PERM_WRITE_UNCHANGED; + } else { + /* The backing file is there so 'commit' can use it. vvfat doesn't + * access it in any way. */ + *nperm =3D 0; + *nshared =3D BLK_PERM_ALL; + } +} + static void vvfat_close(BlockDriverState *bs) { BDRVVVFATState *s =3D bs->opaque; @@ -3077,6 +3098,7 @@ static BlockDriver bdrv_vvfat =3D { .bdrv_file_open =3D vvfat_open, .bdrv_refresh_limits =3D vvfat_refresh_limits, .bdrv_close =3D vvfat_close, + .bdrv_child_perm =3D vvfat_child_perm, =20 .bdrv_co_preadv =3D vvfat_co_preadv, .bdrv_co_pwritev =3D vvfat_co_pwritev, diff --git a/include/block/block_int.h b/include/block/block_int.h index eb0598e..63d5446 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -466,6 +466,7 @@ struct BdrvChildRole { =20 extern const BdrvChildRole child_file; extern const BdrvChildRole child_format; +extern const BdrvChildRole child_backing; =20 struct BdrvChild { BlockDriverState *bs; --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289229422456.48106599959726; Tue, 28 Feb 2017 05:40:29 -0800 (PST) Received: from localhost ([::1]:32855 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii0w-0004CL-Sv for importer@patchew.org; Tue, 28 Feb 2017 08:40:26 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43266) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIx-00044C-UE for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:00 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIx-00042k-92 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:00 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54938) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIs-000413-So; Tue, 28 Feb 2017 07:54:54 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 04075C057FA9; Tue, 28 Feb 2017 12:54:55 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQC029713; Tue, 28 Feb 2017 07:54:53 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:55 +0100 Message-Id: <1488286469-9381-11-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 28 Feb 2017 12:54:55 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 10/44] block: Require .bdrv_child_perm() with child nodes X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" All block drivers that can have child nodes implement .bdrv_child_perm() now. Make this officially a requirement by asserting that only drivers without children can omit .bdrv_child_perm(). Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/block.c b/block.c index 281ce7b..52c1f28 100644 --- a/block.c +++ b/block.c @@ -1360,8 +1360,9 @@ static int bdrv_check_perm(BlockDriverState *bs, uint= 64_t cumulative_perms, cumulative_shared_perms, errp); } =20 - /* Drivers may not have .bdrv_child_perm() */ + /* Drivers that never have children can omit .bdrv_child_perm() */ if (!drv->bdrv_child_perm) { + assert(QLIST_EMPTY(&bs->children)); return 0; } =20 @@ -1420,8 +1421,9 @@ static void bdrv_set_perm(BlockDriverState *bs, uint6= 4_t cumulative_perms, drv->bdrv_set_perm(bs, cumulative_perms, cumulative_shared_perms); } =20 - /* Drivers may not have .bdrv_child_perm() */ + /* Drivers that never have children can omit .bdrv_child_perm() */ if (!drv->bdrv_child_perm) { + assert(QLIST_EMPTY(&bs->children)); return; } =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289270990130.38204473709084; Tue, 28 Feb 2017 05:41:10 -0800 (PST) Received: from localhost ([::1]:32862 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii1c-0004r4-Nu for importer@patchew.org; Tue, 28 Feb 2017 08:41:08 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43274) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihIy-00045Y-B8 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:01 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihIx-00043F-Fx for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:00 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35132) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIu-00041o-OL; Tue, 28 Feb 2017 07:54:56 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D38784E4E5; Tue, 28 Feb 2017 12:54:56 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQD029713; Tue, 28 Feb 2017 07:54:55 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:56 +0100 Message-Id: <1488286469-9381-12-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 28 Feb 2017 12:54:56 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 11/44] block: Request real permissions in bdrv_attach_child() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Now that all block drivers with children tell us what permissions they need from each of their children, bdrv_attach_child() can use this information and make the right requirements while trying to attach new children. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/block.c b/block.c index 52c1f28..bed2367 100644 --- a/block.c +++ b/block.c @@ -1680,10 +1680,16 @@ BdrvChild *bdrv_attach_child(BlockDriverState *pare= nt_bs, Error **errp) { BdrvChild *child; + uint64_t perm, shared_perm; + + bdrv_get_cumulative_perm(parent_bs, &perm, &shared_perm); + + assert(parent_bs->drv); + parent_bs->drv->bdrv_child_perm(parent_bs, NULL, child_role, + perm, shared_perm, &perm, &shared_perm= ); =20 - /* FIXME Use real permissions */ child =3D bdrv_root_attach_child(child_bs, child_name, child_role, - 0, BLK_PERM_ALL, parent_bs, errp); + perm, shared_perm, parent_bs, errp); if (child =3D=3D NULL) { return NULL; } --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288233454531.382300522625; Tue, 28 Feb 2017 05:23:53 -0800 (PST) Received: from localhost ([::1]:60944 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihku-0004wk-5q for importer@patchew.org; Tue, 28 Feb 2017 08:23:52 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43327) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJ2-0004At-PV for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJ1-00045L-R7 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:04 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48658) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIw-00042H-JJ; Tue, 28 Feb 2017 07:54:58 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A4E1F155E4; Tue, 28 Feb 2017 12:54:58 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQE029713; Tue, 28 Feb 2017 07:54:57 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:57 +0100 Message-Id: <1488286469-9381-13-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 28 Feb 2017 12:54:58 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 12/44] block: Add permissions to BlockBackend X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The BlockBackend can now store the permissions that its user requires. This is necessary because nodes can be ejected from or inserted into a BlockBackend and all of these operations must make sure that the user still gets what it requested initially. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/block-backend.c | 27 +++++++++++++++++++++++++++ include/sysemu/block-backend.h | 2 ++ 2 files changed, 29 insertions(+) diff --git a/block/block-backend.c b/block/block-backend.c index 9bb4528..1ed75c6 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -59,6 +59,9 @@ struct BlockBackend { bool iostatus_enabled; BlockDeviceIoStatus iostatus; =20 + uint64_t perm; + uint64_t shared_perm; + bool allow_write_beyond_eof; =20 NotifierList remove_bs_notifiers, insert_bs_notifiers; @@ -126,6 +129,8 @@ BlockBackend *blk_new(void) =20 blk =3D g_new0(BlockBackend, 1); blk->refcnt =3D 1; + blk->perm =3D 0; + blk->shared_perm =3D BLK_PERM_ALL; blk_set_enable_write_cache(blk, true); =20 qemu_co_queue_init(&blk->public.throttled_reqs[0]); @@ -511,6 +516,27 @@ void blk_insert_bs(BlockBackend *blk, BlockDriverState= *bs) } } =20 +/* + * Sets the permission bitmasks that the user of the BlockBackend needs. + */ +int blk_set_perm(BlockBackend *blk, uint64_t perm, uint64_t shared_perm, + Error **errp) +{ + int ret; + + if (blk->root) { + ret =3D bdrv_child_try_set_perm(blk->root, perm, shared_perm, errp= ); + if (ret < 0) { + return ret; + } + } + + blk->perm =3D perm; + blk->shared_perm =3D shared_perm; + + return 0; +} + static int blk_do_attach_dev(BlockBackend *blk, void *dev) { if (blk->dev) { @@ -557,6 +583,7 @@ void blk_detach_dev(BlockBackend *blk, void *dev) blk->dev_ops =3D NULL; blk->dev_opaque =3D NULL; blk->guest_block_size =3D 512; + blk_set_perm(blk, 0, BLK_PERM_ALL, &error_abort); blk_unref(blk); } =20 diff --git a/include/sysemu/block-backend.h b/include/sysemu/block-backend.h index f365a51..4a18e86 100644 --- a/include/sysemu/block-backend.h +++ b/include/sysemu/block-backend.h @@ -105,6 +105,8 @@ void blk_remove_bs(BlockBackend *blk); void blk_insert_bs(BlockBackend *blk, BlockDriverState *bs); bool bdrv_has_blk(BlockDriverState *bs); bool bdrv_is_root_node(BlockDriverState *bs); +int blk_set_perm(BlockBackend *blk, uint64_t perm, uint64_t shared_perm, + Error **errp); =20 void blk_set_allow_write_beyond_eof(BlockBackend *blk, bool allow); void blk_iostatus_enable(BlockBackend *blk); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289498769511.8972276620193; Tue, 28 Feb 2017 05:44:58 -0800 (PST) Received: from localhost ([::1]:32885 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii5J-0008UO-BV for importer@patchew.org; Tue, 28 Feb 2017 08:44:57 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43356) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJ5-0004EI-Ct for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJ2-00045p-LS for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:07 -0500 Received: from mx1.redhat.com ([209.132.183.28]:53412) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihIy-00043t-GR; Tue, 28 Feb 2017 07:55:00 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 884EA7F081; Tue, 28 Feb 2017 12:55:00 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQF029713; Tue, 28 Feb 2017 07:54:58 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:58 +0100 Message-Id: <1488286469-9381-14-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 28 Feb 2017 12:55:00 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 13/44] block: Add permissions to blk_new() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" We want every user to be specific about the permissions it needs, so we'll pass the initial permissions as parameters to blk_new(). A user only needs to call blk_set_perm() if it wants to change the permissions after the fact. The permissions are stored in the BlockBackend and applied whenever a BlockDriverState should be attached in blk_insert_bs(). This does not include actually choosing the right set of permissions everywhere yet. Instead, the usual FIXME comment is added to each place and will be addressed in individual patches. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 2 +- block/backup.c | 3 ++- block/block-backend.c | 21 ++++++++++++++------- block/commit.c | 12 ++++++++---- block/mirror.c | 3 ++- block/qcow2.c | 2 +- blockdev.c | 4 ++-- blockjob.c | 3 ++- hmp.c | 3 ++- hw/block/fdc.c | 3 ++- hw/core/qdev-properties-system.c | 3 ++- hw/ide/qdev.c | 3 ++- hw/scsi/scsi-disk.c | 3 ++- include/sysemu/block-backend.h | 2 +- migration/block.c | 3 ++- nbd/server.c | 3 ++- tests/test-blockjob.c | 3 ++- tests/test-throttle.c | 7 ++++--- 18 files changed, 53 insertions(+), 30 deletions(-) diff --git a/block.c b/block.c index bed2367..41b8b11 100644 --- a/block.c +++ b/block.c @@ -2193,7 +2193,7 @@ static BlockDriverState *bdrv_open_inherit(const char= *filename, goto fail; } if (file_bs !=3D NULL) { - file =3D blk_new(); + file =3D blk_new(BLK_PERM_CONSISTENT_READ, BLK_PERM_ALL); blk_insert_bs(file, file_bs); bdrv_unref(file_bs); =20 diff --git a/block/backup.c b/block/backup.c index fe010e7..4b3c94c 100644 --- a/block/backup.c +++ b/block/backup.c @@ -624,7 +624,8 @@ BlockJob *backup_job_create(const char *job_id, BlockDr= iverState *bs, goto error; } =20 - job->target =3D blk_new(); + /* FIXME Use real permissions */ + job->target =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(job->target, target); =20 job->on_source_error =3D on_source_error; diff --git a/block/block-backend.c b/block/block-backend.c index 1ed75c6..0319220 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -120,17 +120,23 @@ static const BdrvChildRole child_root =3D { =20 /* * Create a new BlockBackend with a reference count of one. - * Store an error through @errp on failure, unless it's null. + * + * @perm is a bitmasks of BLK_PERM_* constants which describes the permiss= ions + * to request for a block driver node that is attached to this BlockBacken= d. + * @shared_perm is a bitmask which describes which permissions may be gran= ted + * to other users of the attached node. + * Both sets of permissions can be changed later using blk_set_perm(). + * * Return the new BlockBackend on success, null on failure. */ -BlockBackend *blk_new(void) +BlockBackend *blk_new(uint64_t perm, uint64_t shared_perm) { BlockBackend *blk; =20 blk =3D g_new0(BlockBackend, 1); blk->refcnt =3D 1; - blk->perm =3D 0; - blk->shared_perm =3D BLK_PERM_ALL; + blk->perm =3D perm; + blk->shared_perm =3D shared_perm; blk_set_enable_write_cache(blk, true); =20 qemu_co_queue_init(&blk->public.throttled_reqs[0]); @@ -161,7 +167,7 @@ BlockBackend *blk_new_open(const char *filename, const = char *reference, BlockBackend *blk; BlockDriverState *bs; =20 - blk =3D blk_new(); + blk =3D blk_new(0, BLK_PERM_ALL); bs =3D bdrv_open(filename, reference, options, flags, errp); if (!bs) { blk_unref(blk); @@ -505,9 +511,10 @@ void blk_remove_bs(BlockBackend *blk) void blk_insert_bs(BlockBackend *blk, BlockDriverState *bs) { bdrv_ref(bs); - /* FIXME Use real permissions */ + /* FIXME Error handling */ blk->root =3D bdrv_root_attach_child(bs, "root", &child_root, - 0, BLK_PERM_ALL, blk, &error_abort); + blk->perm, blk->shared_perm, blk, + &error_abort); =20 notifier_list_notify(&blk->insert_bs_notifiers, blk); if (blk->public.throttle_state) { diff --git a/block/commit.c b/block/commit.c index c284e85..1897e98 100644 --- a/block/commit.c +++ b/block/commit.c @@ -275,10 +275,12 @@ void commit_start(const char *job_id, BlockDriverStat= e *bs, block_job_add_bdrv(&s->common, overlay_bs); } =20 - s->base =3D blk_new(); + /* FIXME Use real permissions */ + s->base =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(s->base, base); =20 - s->top =3D blk_new(); + /* FIXME Use real permissions */ + s->top =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(s->top, top); =20 s->active =3D bs; @@ -328,10 +330,12 @@ int bdrv_commit(BlockDriverState *bs) } } =20 - src =3D blk_new(); + /* FIXME Use real permissions */ + src =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(src, bs); =20 - backing =3D blk_new(); + /* FIXME Use real permissions */ + backing =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(backing, bs->backing->bs); =20 length =3D blk_getlength(src); diff --git a/block/mirror.c b/block/mirror.c index 3d50857..13d42d7 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -1017,7 +1017,8 @@ static void mirror_start_job(const char *job_id, Bloc= kDriverState *bs, return; } =20 - s->target =3D blk_new(); + /* FIXME Use real permissions */ + s->target =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(s->target, target); =20 s->replaces =3D g_strdup(replaces); diff --git a/block/qcow2.c b/block/qcow2.c index ef028f6..0356e69 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -3262,7 +3262,7 @@ static int qcow2_amend_options(BlockDriverState *bs, = QemuOpts *opts, } =20 if (new_size) { - BlockBackend *blk =3D blk_new(); + BlockBackend *blk =3D blk_new(BLK_PERM_RESIZE, BLK_PERM_ALL); blk_insert_bs(blk, bs); ret =3D blk_truncate(blk, new_size); blk_unref(blk); diff --git a/blockdev.c b/blockdev.c index 2b2f6ce..dc9ed3b 100644 --- a/blockdev.c +++ b/blockdev.c @@ -557,7 +557,7 @@ static BlockBackend *blockdev_init(const char *file, QD= ict *bs_opts, if ((!file || !*file) && !qdict_size(bs_opts)) { BlockBackendRootState *blk_rs; =20 - blk =3D blk_new(); + blk =3D blk_new(0, BLK_PERM_ALL); blk_rs =3D blk_get_root_state(blk); blk_rs->open_flags =3D bdrv_flags; blk_rs->read_only =3D read_only; @@ -2889,7 +2889,7 @@ void qmp_block_resize(bool has_device, const char *de= vice, goto out; } =20 - blk =3D blk_new(); + blk =3D blk_new(BLK_PERM_RESIZE, BLK_PERM_ALL); blk_insert_bs(blk, bs); =20 /* complete all in-flight operations before resizing the device */ diff --git a/blockjob.c b/blockjob.c index abee11b..508e0e5 100644 --- a/blockjob.c +++ b/blockjob.c @@ -159,7 +159,8 @@ void *block_job_create(const char *job_id, const BlockJ= obDriver *driver, } } =20 - blk =3D blk_new(); + /* FIXME Use real permissions */ + blk =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(blk, bs); =20 job =3D g_malloc0(driver->instance_size); diff --git a/hmp.c b/hmp.c index 83e287e..020141b 100644 --- a/hmp.c +++ b/hmp.c @@ -2050,7 +2050,8 @@ void hmp_qemu_io(Monitor *mon, const QDict *qdict) if (!blk) { BlockDriverState *bs =3D bdrv_lookup_bs(NULL, device, &err); if (bs) { - blk =3D local_blk =3D blk_new(); + /* FIXME Use real permissions */ + blk =3D local_blk =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(blk, bs); } else { goto fail; diff --git a/hw/block/fdc.c b/hw/block/fdc.c index 17d29e7..74f3634 100644 --- a/hw/block/fdc.c +++ b/hw/block/fdc.c @@ -533,7 +533,8 @@ static int floppy_drive_init(DeviceState *qdev) =20 if (!dev->conf.blk) { /* Anonymous BlockBackend for an empty drive */ - dev->conf.blk =3D blk_new(); + /* FIXME Use real permissions */ + dev->conf.blk =3D blk_new(0, BLK_PERM_ALL); ret =3D blk_attach_dev(dev->conf.blk, qdev); assert(ret =3D=3D 0); } diff --git a/hw/core/qdev-properties-system.c b/hw/core/qdev-properties-sys= tem.c index 94f4d8b..cca4775 100644 --- a/hw/core/qdev-properties-system.c +++ b/hw/core/qdev-properties-system.c @@ -78,7 +78,8 @@ static void parse_drive(DeviceState *dev, const char *str= , void **ptr, if (!blk) { BlockDriverState *bs =3D bdrv_lookup_bs(NULL, str, NULL); if (bs) { - blk =3D blk_new(); + /* FIXME Use real permissions */ + blk =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(blk, bs); blk_created =3D true; } diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c index dbaa75c..bb3c377 100644 --- a/hw/ide/qdev.c +++ b/hw/ide/qdev.c @@ -170,7 +170,8 @@ static int ide_dev_initfn(IDEDevice *dev, IDEDriveKind = kind) return -1; } else { /* Anonymous BlockBackend for an empty drive */ - dev->conf.blk =3D blk_new(); + /* FIXME Use real permissions */ + dev->conf.blk =3D blk_new(0, BLK_PERM_ALL); } } =20 diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index bbfb5dc..546acc7 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -2380,7 +2380,8 @@ static void scsi_cd_realize(SCSIDevice *dev, Error **= errp) SCSIDiskState *s =3D DO_UPCAST(SCSIDiskState, qdev, dev); =20 if (!dev->conf.blk) { - dev->conf.blk =3D blk_new(); + /* FIXME Use real permissions */ + dev->conf.blk =3D blk_new(0, BLK_PERM_ALL); } =20 s->qdev.blocksize =3D 2048; diff --git a/include/sysemu/block-backend.h b/include/sysemu/block-backend.h index 4a18e86..6651f43 100644 --- a/include/sysemu/block-backend.h +++ b/include/sysemu/block-backend.h @@ -84,7 +84,7 @@ typedef struct BlockBackendPublic { QLIST_ENTRY(BlockBackendPublic) round_robin; } BlockBackendPublic; =20 -BlockBackend *blk_new(void); +BlockBackend *blk_new(uint64_t perm, uint64_t shared_perm); BlockBackend *blk_new_open(const char *filename, const char *reference, QDict *options, int flags, Error **errp); int blk_get_refcnt(BlockBackend *blk); diff --git a/migration/block.c b/migration/block.c index ebc10e6..6b7ffd4 100644 --- a/migration/block.c +++ b/migration/block.c @@ -415,7 +415,8 @@ static void init_blk_migration(QEMUFile *f) } =20 bmds =3D g_new0(BlkMigDevState, 1); - bmds->blk =3D blk_new(); + /* FIXME Use real permissions */ + bmds->blk =3D blk_new(0, BLK_PERM_ALL); bmds->blk_name =3D g_strdup(bdrv_get_device_name(bs)); bmds->bulk_completed =3D 0; bmds->total_sectors =3D sectors; diff --git a/nbd/server.c b/nbd/server.c index ac92fa0..936d5aa 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -892,7 +892,8 @@ NBDExport *nbd_export_new(BlockDriverState *bs, off_t d= ev_offset, off_t size, BlockBackend *blk; NBDExport *exp =3D g_malloc0(sizeof(NBDExport)); =20 - blk =3D blk_new(); + /* FIXME Use real permissions */ + blk =3D blk_new(0, BLK_PERM_ALL); blk_insert_bs(blk, bs); blk_set_enable_write_cache(blk, !writethrough); =20 diff --git a/tests/test-blockjob.c b/tests/test-blockjob.c index 068c9e4..1dd1cfa 100644 --- a/tests/test-blockjob.c +++ b/tests/test-blockjob.c @@ -53,7 +53,8 @@ static BlockJob *do_test_id(BlockBackend *blk, const char= *id, * BlockDriverState inserted. */ static BlockBackend *create_blk(const char *name) { - BlockBackend *blk =3D blk_new(); + /* FIXME Use real permissions */ + BlockBackend *blk =3D blk_new(0, BLK_PERM_ALL); BlockDriverState *bs; =20 bs =3D bdrv_open("null-co://", NULL, NULL, 0, &error_abort); diff --git a/tests/test-throttle.c b/tests/test-throttle.c index 363b59a..5846433 100644 --- a/tests/test-throttle.c +++ b/tests/test-throttle.c @@ -593,9 +593,10 @@ static void test_groups(void) BlockBackend *blk1, *blk2, *blk3; BlockBackendPublic *blkp1, *blkp2, *blkp3; =20 - blk1 =3D blk_new(); - blk2 =3D blk_new(); - blk3 =3D blk_new(); + /* FIXME Use real permissions */ + blk1 =3D blk_new(0, BLK_PERM_ALL); + blk2 =3D blk_new(0, BLK_PERM_ALL); + blk3 =3D blk_new(0, BLK_PERM_ALL); =20 blkp1 =3D blk_get_public(blk1); blkp2 =3D blk_get_public(blk2); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289547500842.2821531822942; Tue, 28 Feb 2017 05:45:47 -0800 (PST) Received: from localhost ([::1]:32894 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii65-0000kO-1c for importer@patchew.org; Tue, 28 Feb 2017 08:45:45 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43400) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJ7-0004HP-EJ for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:11 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJ5-00049h-MV for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:09 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48740) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJ0-00044l-Bn; Tue, 28 Feb 2017 07:55:02 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6D0598047B; Tue, 28 Feb 2017 12:55:02 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQG029713; Tue, 28 Feb 2017 07:55:00 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:53:59 +0100 Message-Id: <1488286469-9381-15-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:55:02 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 14/44] block: Add error parameter to blk_insert_bs() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Now that blk_insert_bs() requests the BlockBackend permissions for the node it attaches to, it can fail. Instead of aborting, pass the errors to the callers. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 5 ++++- block/backup.c | 5 ++++- block/block-backend.c | 13 ++++++++----- block/commit.c | 38 ++++++++++++++++++++++++++++++------= -- block/mirror.c | 15 ++++++++++++--- block/qcow2.c | 10 ++++++++-- blockdev.c | 11 +++++++++-- blockjob.c | 7 ++++++- hmp.c | 6 +++++- hw/core/qdev-properties-system.c | 7 ++++++- include/sysemu/block-backend.h | 2 +- migration/block.c | 2 +- nbd/server.c | 6 +++++- tests/test-blockjob.c | 2 +- 14 files changed, 100 insertions(+), 29 deletions(-) diff --git a/block.c b/block.c index 41b8b11..5f2dd6f 100644 --- a/block.c +++ b/block.c @@ -2194,8 +2194,11 @@ static BlockDriverState *bdrv_open_inherit(const cha= r *filename, } if (file_bs !=3D NULL) { file =3D blk_new(BLK_PERM_CONSISTENT_READ, BLK_PERM_ALL); - blk_insert_bs(file, file_bs); + blk_insert_bs(file, file_bs, &local_err); bdrv_unref(file_bs); + if (local_err) { + goto fail; + } =20 qdict_put(options, "file", qstring_from_str(bdrv_get_node_name(file_bs))); diff --git a/block/backup.c b/block/backup.c index 4b3c94c..f38d1d0 100644 --- a/block/backup.c +++ b/block/backup.c @@ -626,7 +626,10 @@ BlockJob *backup_job_create(const char *job_id, BlockD= riverState *bs, =20 /* FIXME Use real permissions */ job->target =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(job->target, target); + ret =3D blk_insert_bs(job->target, target, errp); + if (ret < 0) { + goto error; + } =20 job->on_source_error =3D on_source_error; job->on_target_error =3D on_target_error; diff --git a/block/block-backend.c b/block/block-backend.c index 0319220..299948f 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -508,19 +508,22 @@ void blk_remove_bs(BlockBackend *blk) /* * Associates a new BlockDriverState with @blk. */ -void blk_insert_bs(BlockBackend *blk, BlockDriverState *bs) +int blk_insert_bs(BlockBackend *blk, BlockDriverState *bs, Error **errp) { - bdrv_ref(bs); - /* FIXME Error handling */ blk->root =3D bdrv_root_attach_child(bs, "root", &child_root, - blk->perm, blk->shared_perm, blk, - &error_abort); + blk->perm, blk->shared_perm, blk, e= rrp); + if (blk->root =3D=3D NULL) { + return -EPERM; + } + bdrv_ref(bs); =20 notifier_list_notify(&blk->insert_bs_notifiers, blk); if (blk->public.throttle_state) { throttle_timers_attach_aio_context( &blk->public.throttle_timers, bdrv_get_aio_context(bs)); } + + return 0; } =20 /* diff --git a/block/commit.c b/block/commit.c index 1897e98..2ad8138 100644 --- a/block/commit.c +++ b/block/commit.c @@ -220,6 +220,7 @@ void commit_start(const char *job_id, BlockDriverState = *bs, BlockDriverState *iter; BlockDriverState *overlay_bs; Error *local_err =3D NULL; + int ret; =20 assert(top !=3D bs); if (top =3D=3D base) { @@ -256,8 +257,7 @@ void commit_start(const char *job_id, BlockDriverState = *bs, bdrv_reopen_multiple(bdrv_get_aio_context(bs), reopen_queue, &loca= l_err); if (local_err !=3D NULL) { error_propagate(errp, local_err); - block_job_unref(&s->common); - return; + goto fail; } } =20 @@ -277,11 +277,17 @@ void commit_start(const char *job_id, BlockDriverStat= e *bs, =20 /* FIXME Use real permissions */ s->base =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(s->base, base); + ret =3D blk_insert_bs(s->base, base, errp); + if (ret < 0) { + goto fail; + } =20 /* FIXME Use real permissions */ s->top =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(s->top, top); + ret =3D blk_insert_bs(s->top, top, errp); + if (ret < 0) { + goto fail; + } =20 s->active =3D bs; =20 @@ -294,6 +300,16 @@ void commit_start(const char *job_id, BlockDriverState= *bs, =20 trace_commit_start(bs, base, top, s); block_job_start(&s->common); + return; + +fail: + if (s->base) { + blk_unref(s->base); + } + if (s->top) { + blk_unref(s->top); + } + block_job_unref(&s->common); } =20 =20 @@ -332,11 +348,17 @@ int bdrv_commit(BlockDriverState *bs) =20 /* FIXME Use real permissions */ src =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(src, bs); - - /* FIXME Use real permissions */ backing =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(backing, bs->backing->bs); + + ret =3D blk_insert_bs(src, bs, NULL); + if (ret < 0) { + goto ro_cleanup; + } + + ret =3D blk_insert_bs(backing, bs->backing->bs, NULL); + if (ret < 0) { + goto ro_cleanup; + } =20 length =3D blk_getlength(src); if (length < 0) { diff --git a/block/mirror.c b/block/mirror.c index 13d42d7..7eeeb97 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -525,9 +525,12 @@ static void mirror_exit(BlockJob *job, void *opaque) bdrv_replace_in_backing_chain(to_replace, target_bs); bdrv_drained_end(target_bs); =20 - /* We just changed the BDS the job BB refers to */ + /* We just changed the BDS the job BB refers to, so switch the BB = back + * so the cleanup does the right thing. We don't need any permissi= ons + * any more now. */ blk_remove_bs(job->blk); - blk_insert_bs(job->blk, src); + blk_set_perm(job->blk, 0, BLK_PERM_ALL, &error_abort); + blk_insert_bs(job->blk, src, &error_abort); } if (s->to_replace) { bdrv_op_unblock_all(s->to_replace, s->replace_blocker); @@ -995,6 +998,7 @@ static void mirror_start_job(const char *job_id, BlockD= riverState *bs, bool auto_complete) { MirrorBlockJob *s; + int ret; =20 if (granularity =3D=3D 0) { granularity =3D bdrv_get_default_bitmap_granularity(target); @@ -1019,7 +1023,12 @@ static void mirror_start_job(const char *job_id, Blo= ckDriverState *bs, =20 /* FIXME Use real permissions */ s->target =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(s->target, target); + ret =3D blk_insert_bs(s->target, target, errp); + if (ret < 0) { + blk_unref(s->target); + block_job_unref(&s->common); + return; + } =20 s->replaces =3D g_strdup(replaces); s->on_source_error =3D on_source_error; diff --git a/block/qcow2.c b/block/qcow2.c index 0356e69..6f79df8 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -3113,6 +3113,7 @@ static int qcow2_amend_options(BlockDriverState *bs, = QemuOpts *opts, uint64_t cluster_size =3D s->cluster_size; bool encrypt; int refcount_bits =3D s->refcount_bits; + Error *local_err =3D NULL; int ret; QemuOptDesc *desc =3D opts->list->desc; Qcow2AmendHelperCBInfo helper_cb_info; @@ -3263,10 +3264,15 @@ static int qcow2_amend_options(BlockDriverState *bs= , QemuOpts *opts, =20 if (new_size) { BlockBackend *blk =3D blk_new(BLK_PERM_RESIZE, BLK_PERM_ALL); - blk_insert_bs(blk, bs); + ret =3D blk_insert_bs(blk, bs, &local_err); + if (ret < 0) { + error_report_err(local_err); + blk_unref(blk); + return ret; + } + ret =3D blk_truncate(blk, new_size); blk_unref(blk); - if (ret < 0) { return ret; } diff --git a/blockdev.c b/blockdev.c index dc9ed3b..011871b 100644 --- a/blockdev.c +++ b/blockdev.c @@ -2435,6 +2435,7 @@ static void qmp_blockdev_insert_anon_medium(BlockBack= end *blk, BlockDriverState *bs, Error **= errp) { bool has_device; + int ret; =20 /* For BBs without a device, we can exchange the BDS tree at will */ has_device =3D blk_get_attached_dev(blk); @@ -2454,7 +2455,10 @@ static void qmp_blockdev_insert_anon_medium(BlockBac= kend *blk, return; } =20 - blk_insert_bs(blk, bs); + ret =3D blk_insert_bs(blk, bs, errp); + if (ret < 0) { + return; + } =20 if (!blk_dev_has_tray(blk)) { /* For tray-less devices, blockdev-close-tray is a no-op (or may n= ot be @@ -2890,7 +2894,10 @@ void qmp_block_resize(bool has_device, const char *d= evice, } =20 blk =3D blk_new(BLK_PERM_RESIZE, BLK_PERM_ALL); - blk_insert_bs(blk, bs); + ret =3D blk_insert_bs(blk, bs, errp); + if (ret < 0) { + goto out; + } =20 /* complete all in-flight operations before resizing the device */ bdrv_drain_all(); diff --git a/blockjob.c b/blockjob.c index 508e0e5..72b7d4c 100644 --- a/blockjob.c +++ b/blockjob.c @@ -128,6 +128,7 @@ void *block_job_create(const char *job_id, const BlockJ= obDriver *driver, { BlockBackend *blk; BlockJob *job; + int ret; =20 if (bs->job) { error_setg(errp, QERR_DEVICE_IN_USE, bdrv_get_device_name(bs)); @@ -161,7 +162,11 @@ void *block_job_create(const char *job_id, const Block= JobDriver *driver, =20 /* FIXME Use real permissions */ blk =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(blk, bs); + ret =3D blk_insert_bs(blk, bs, errp); + if (ret < 0) { + blk_unref(blk); + return NULL; + } =20 job =3D g_malloc0(driver->instance_size); error_setg(&job->blocker, "block device is in use by block job: %s", diff --git a/hmp.c b/hmp.c index 020141b..e219f97 100644 --- a/hmp.c +++ b/hmp.c @@ -2045,6 +2045,7 @@ void hmp_qemu_io(Monitor *mon, const QDict *qdict) const char* device =3D qdict_get_str(qdict, "device"); const char* command =3D qdict_get_str(qdict, "command"); Error *err =3D NULL; + int ret; =20 blk =3D blk_by_name(device); if (!blk) { @@ -2052,7 +2053,10 @@ void hmp_qemu_io(Monitor *mon, const QDict *qdict) if (bs) { /* FIXME Use real permissions */ blk =3D local_blk =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(blk, bs); + ret =3D blk_insert_bs(blk, bs, &err); + if (ret < 0) { + goto fail; + } } else { goto fail; } diff --git a/hw/core/qdev-properties-system.c b/hw/core/qdev-properties-sys= tem.c index cca4775..66ba367 100644 --- a/hw/core/qdev-properties-system.c +++ b/hw/core/qdev-properties-system.c @@ -73,6 +73,7 @@ static void parse_drive(DeviceState *dev, const char *str= , void **ptr, { BlockBackend *blk; bool blk_created =3D false; + int ret; =20 blk =3D blk_by_name(str); if (!blk) { @@ -80,8 +81,12 @@ static void parse_drive(DeviceState *dev, const char *st= r, void **ptr, if (bs) { /* FIXME Use real permissions */ blk =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(blk, bs); blk_created =3D true; + + ret =3D blk_insert_bs(blk, bs, errp); + if (ret < 0) { + goto fail; + } } } if (!blk) { diff --git a/include/sysemu/block-backend.h b/include/sysemu/block-backend.h index 6651f43..0861113 100644 --- a/include/sysemu/block-backend.h +++ b/include/sysemu/block-backend.h @@ -102,7 +102,7 @@ BlockBackend *blk_by_public(BlockBackendPublic *public); =20 BlockDriverState *blk_bs(BlockBackend *blk); void blk_remove_bs(BlockBackend *blk); -void blk_insert_bs(BlockBackend *blk, BlockDriverState *bs); +int blk_insert_bs(BlockBackend *blk, BlockDriverState *bs, Error **errp); bool bdrv_has_blk(BlockDriverState *bs); bool bdrv_is_root_node(BlockDriverState *bs); int blk_set_perm(BlockBackend *blk, uint64_t perm, uint64_t shared_perm, diff --git a/migration/block.c b/migration/block.c index 6b7ffd4..d259936 100644 --- a/migration/block.c +++ b/migration/block.c @@ -446,7 +446,7 @@ static void init_blk_migration(QEMUFile *f) BlockDriverState *bs =3D bmds_bs[i].bs; =20 if (bmds) { - blk_insert_bs(bmds->blk, bs); + blk_insert_bs(bmds->blk, bs, &error_abort); =20 alloc_aio_bitmap(bmds); error_setg(&bmds->blocker, "block device is in use by migratio= n"); diff --git a/nbd/server.c b/nbd/server.c index 936d5aa..89362ba 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -891,10 +891,14 @@ NBDExport *nbd_export_new(BlockDriverState *bs, off_t= dev_offset, off_t size, { BlockBackend *blk; NBDExport *exp =3D g_malloc0(sizeof(NBDExport)); + int ret; =20 /* FIXME Use real permissions */ blk =3D blk_new(0, BLK_PERM_ALL); - blk_insert_bs(blk, bs); + ret =3D blk_insert_bs(blk, bs, errp); + if (ret < 0) { + goto fail; + } blk_set_enable_write_cache(blk, !writethrough); =20 exp->refcount =3D 1; diff --git a/tests/test-blockjob.c b/tests/test-blockjob.c index 1dd1cfa..143ce96 100644 --- a/tests/test-blockjob.c +++ b/tests/test-blockjob.c @@ -60,7 +60,7 @@ static BlockBackend *create_blk(const char *name) bs =3D bdrv_open("null-co://", NULL, NULL, 0, &error_abort); g_assert_nonnull(bs); =20 - blk_insert_bs(blk, bs); + blk_insert_bs(blk, bs, &error_abort); bdrv_unref(bs); =20 if (name) { --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288847899201.9424387116344; Tue, 28 Feb 2017 05:34:07 -0800 (PST) Received: from localhost ([::1]:32781 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihun-0005PG-Vm for importer@patchew.org; Tue, 28 Feb 2017 08:34:06 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43416) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJ8-0004IT-4I for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:11 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJ7-0004Am-0D for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:10 -0500 Received: from mx1.redhat.com ([209.132.183.28]:41296) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJ2-00045I-A8; Tue, 28 Feb 2017 07:55:04 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5D89161BBC; Tue, 28 Feb 2017 12:55:04 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQH029713; Tue, 28 Feb 2017 07:55:02 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:00 +0100 Message-Id: <1488286469-9381-16-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 28 Feb 2017 12:55:04 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 15/44] block: Add BDRV_O_RESIZE for blk_new_open() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" blk_new_open() is a convenience function that processes flags rather than QDict options as a simple way to just open an image file. In order to keep it convenient in the future, it must automatically request the necessary permissions. This can easily be inferred from the flags for read and write, but we need another flag that tells us whether to get the resize permission. We can't just always request it because that means that no block jobs can run on the resulting BlockBackend (which is something that e.g. qemu-img commit wants to do), but we also can't request it never because most of the .bdrv_create() implementations call blk_truncate(). The solution is to introduce another flag that is passed by all users that want to resize the image. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block/parallels.c | 3 ++- block/qcow.c | 3 ++- block/qcow2.c | 6 ++++-- block/qed.c | 3 ++- block/sheepdog.c | 2 +- block/vdi.c | 3 ++- block/vhdx.c | 3 ++- block/vmdk.c | 6 ++++-- block/vpc.c | 3 ++- include/block/block.h | 1 + qemu-img.c | 2 +- 11 files changed, 23 insertions(+), 12 deletions(-) diff --git a/block/parallels.c b/block/parallels.c index 6b0c0a9..19935e2 100644 --- a/block/parallels.c +++ b/block/parallels.c @@ -488,7 +488,8 @@ static int parallels_create(const char *filename, QemuO= pts *opts, Error **errp) } =20 file =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (file =3D=3D NULL) { error_propagate(errp, local_err); return -EIO; diff --git a/block/qcow.c b/block/qcow.c index eb5d54c..9d6ac83 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -823,7 +823,8 @@ static int qcow_create(const char *filename, QemuOpts *= opts, Error **errp) } =20 qcow_blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (qcow_blk =3D=3D NULL) { error_propagate(errp, local_err); ret =3D -EIO; diff --git a/block/qcow2.c b/block/qcow2.c index 6f79df8..6a92d2e 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -2202,7 +2202,8 @@ static int qcow2_create2(const char *filename, int64_= t total_size, } =20 blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (blk =3D=3D NULL) { error_propagate(errp, local_err); return -EIO; @@ -2266,7 +2267,8 @@ static int qcow2_create2(const char *filename, int64_= t total_size, options =3D qdict_new(); qdict_put(options, "driver", qstring_from_str("qcow2")); blk =3D blk_new_open(filename, NULL, options, - BDRV_O_RDWR | BDRV_O_NO_FLUSH, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_NO_FLUSH, + &local_err); if (blk =3D=3D NULL) { error_propagate(errp, local_err); ret =3D -EIO; diff --git a/block/qed.c b/block/qed.c index d8f947a..5ec7fd8 100644 --- a/block/qed.c +++ b/block/qed.c @@ -625,7 +625,8 @@ static int qed_create(const char *filename, uint32_t cl= uster_size, } =20 blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (blk =3D=3D NULL) { error_propagate(errp, local_err); return -EIO; diff --git a/block/sheepdog.c b/block/sheepdog.c index 860ba61..7434710 100644 --- a/block/sheepdog.c +++ b/block/sheepdog.c @@ -1609,7 +1609,7 @@ static int sd_prealloc(const char *filename, Error **= errp) int ret; =20 blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, errp); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, errp= ); if (blk =3D=3D NULL) { ret =3D -EIO; goto out_with_err_set; diff --git a/block/vdi.c b/block/vdi.c index fd6e26d..9b4f70e 100644 --- a/block/vdi.c +++ b/block/vdi.c @@ -763,7 +763,8 @@ static int vdi_create(const char *filename, QemuOpts *o= pts, Error **errp) } =20 blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (blk =3D=3D NULL) { error_propagate(errp, local_err); ret =3D -EIO; diff --git a/block/vhdx.c b/block/vhdx.c index ab747f6..052a753 100644 --- a/block/vhdx.c +++ b/block/vhdx.c @@ -1859,7 +1859,8 @@ static int vhdx_create(const char *filename, QemuOpts= *opts, Error **errp) } =20 blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (blk =3D=3D NULL) { error_propagate(errp, local_err); ret =3D -EIO; diff --git a/block/vmdk.c b/block/vmdk.c index f5e2fb5..a9bd22b 100644 --- a/block/vmdk.c +++ b/block/vmdk.c @@ -1703,7 +1703,8 @@ static int vmdk_create_extent(const char *filename, i= nt64_t filesize, } =20 blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (blk =3D=3D NULL) { error_propagate(errp, local_err); ret =3D -EIO; @@ -2071,7 +2072,8 @@ static int vmdk_create(const char *filename, QemuOpts= *opts, Error **errp) } =20 new_blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (new_blk =3D=3D NULL) { error_propagate(errp, local_err); ret =3D -EIO; diff --git a/block/vpc.c b/block/vpc.c index b9c9832..f591d4b 100644 --- a/block/vpc.c +++ b/block/vpc.c @@ -915,7 +915,8 @@ static int vpc_create(const char *filename, QemuOpts *o= pts, Error **errp) } =20 blk =3D blk_new_open(filename, NULL, NULL, - BDRV_O_RDWR | BDRV_O_PROTOCOL, &local_err); + BDRV_O_RDWR | BDRV_O_RESIZE | BDRV_O_PROTOCOL, + &local_err); if (blk =3D=3D NULL) { error_propagate(errp, local_err); ret =3D -EIO; diff --git a/include/block/block.h b/include/block/block.h index ff951ea..07f7561 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -82,6 +82,7 @@ typedef struct HDGeometry { } HDGeometry; =20 #define BDRV_O_RDWR 0x0002 +#define BDRV_O_RESIZE 0x0004 /* request permission for resizing the n= ode */ #define BDRV_O_SNAPSHOT 0x0008 /* open the file read only and save writ= es in a snapshot */ #define BDRV_O_TEMPORARY 0x0010 /* delete the file after use */ #define BDRV_O_NOCACHE 0x0020 /* do not use the host page cache */ diff --git a/qemu-img.c b/qemu-img.c index df3aefd..6fc6bc3 100644 --- a/qemu-img.c +++ b/qemu-img.c @@ -3289,7 +3289,7 @@ static int img_resize(int argc, char **argv) qemu_opts_del(param); =20 blk =3D img_open(image_opts, filename, fmt, - BDRV_O_RDWR, false, quiet); + BDRV_O_RDWR | BDRV_O_RESIZE, false, quiet); if (!blk) { ret =3D -1; goto out; --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289777207401.7389966066062; Tue, 28 Feb 2017 05:49:37 -0800 (PST) Received: from localhost ([::1]:32919 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii9m-0003kY-Rv for importer@patchew.org; Tue, 28 Feb 2017 08:49:34 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43419) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJ8-0004Iz-AU for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:11 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJ7-0004BG-Hn for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:10 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48756) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJ4-00046t-W2; Tue, 28 Feb 2017 07:55:07 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 332B380476; Tue, 28 Feb 2017 12:55:06 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQI029713; Tue, 28 Feb 2017 07:55:04 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:01 +0100 Message-Id: <1488286469-9381-17-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:55:06 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 16/44] block: Request real permissions in blk_new_open() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" We can figure out the necessary permissions from the flags that the caller passed. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/block-backend.c | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/block/block-backend.c b/block/block-backend.c index 299948f..03d5495 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -166,17 +166,33 @@ BlockBackend *blk_new_open(const char *filename, cons= t char *reference, { BlockBackend *blk; BlockDriverState *bs; + uint64_t perm; + + /* blk_new_open() is mainly used in .bdrv_create implementations and t= he + * tools where sharing isn't a concern because the BDS stays private, = so we + * just request permission according to the flags. + * + * The exceptions are xen_disk and blockdev_init(); in these cases, the + * caller of blk_new_open() doesn't make use of the permissions, but t= hey + * shouldn't hurt either. We can still share everything here because t= he + * guest devices will add their own blockers if they can't share. */ + perm =3D BLK_PERM_CONSISTENT_READ; + if (flags & BDRV_O_RDWR) { + perm |=3D BLK_PERM_WRITE; + } + if (flags & BDRV_O_RESIZE) { + perm |=3D BLK_PERM_RESIZE; + } =20 - blk =3D blk_new(0, BLK_PERM_ALL); + blk =3D blk_new(perm, BLK_PERM_ALL); bs =3D bdrv_open(filename, reference, options, flags, errp); if (!bs) { blk_unref(blk); return NULL; } =20 - /* FIXME Use real permissions */ blk->root =3D bdrv_root_attach_child(bs, "root", &child_root, - 0, BLK_PERM_ALL, blk, &error_abort); + perm, BLK_PERM_ALL, blk, &error_abo= rt); =20 return blk; } --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488288485817932.3696673625687; Tue, 28 Feb 2017 05:28:05 -0800 (PST) Received: from localhost ([::1]:60970 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihox-0000AN-6B for importer@patchew.org; Tue, 28 Feb 2017 08:28:03 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43462) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJA-0004ML-CO for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:13 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJ9-0004CS-Aa for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:12 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48760) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJ5-00048L-Sc; Tue, 28 Feb 2017 07:55:08 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F0CE880479; Tue, 28 Feb 2017 12:55:07 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQJ029713; Tue, 28 Feb 2017 07:55:06 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:02 +0100 Message-Id: <1488286469-9381-18-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:55:08 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 17/44] block: Allow error return in BlockDevOps.change_media_cb() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Some devices allow a media change between read-only and read-write media. They need to adapt the permissions in their .change_media_cb() implementation, which can fail. So add an Error parameter to the function. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/block-backend.c | 20 +++++++++++++++----- blockdev.c | 19 +++++++++++++++---- hw/block/fdc.c | 2 +- hw/ide/core.c | 2 +- hw/scsi/scsi-disk.c | 2 +- hw/sd/sd.c | 2 +- include/block/block_int.h | 2 +- include/sysemu/block-backend.h | 2 +- 8 files changed, 36 insertions(+), 15 deletions(-) diff --git a/block/block-backend.c b/block/block-backend.c index 03d5495..fcc42b5 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -677,19 +677,29 @@ void blk_set_dev_ops(BlockBackend *blk, const BlockDe= vOps *ops, =20 /* * Notify @blk's attached device model of media change. - * If @load is true, notify of media load. - * Else, notify of media eject. + * + * If @load is true, notify of media load. This action can fail, meaning t= hat + * the medium cannot be loaded. @errp is set then. + * + * If @load is false, notify of media eject. This can never fail. + * * Also send DEVICE_TRAY_MOVED events as appropriate. */ -void blk_dev_change_media_cb(BlockBackend *blk, bool load) +void blk_dev_change_media_cb(BlockBackend *blk, bool load, Error **errp) { if (blk->dev_ops && blk->dev_ops->change_media_cb) { bool tray_was_open, tray_is_open; + Error *local_err =3D NULL; =20 assert(!blk->legacy_dev); =20 tray_was_open =3D blk_dev_is_tray_open(blk); - blk->dev_ops->change_media_cb(blk->dev_opaque, load); + blk->dev_ops->change_media_cb(blk->dev_opaque, load, &local_err); + if (local_err) { + assert(load =3D=3D true); + error_propagate(errp, local_err); + return; + } tray_is_open =3D blk_dev_is_tray_open(blk); =20 if (tray_was_open !=3D tray_is_open) { @@ -703,7 +713,7 @@ void blk_dev_change_media_cb(BlockBackend *blk, bool lo= ad) =20 static void blk_root_change_media(BdrvChild *child, bool load) { - blk_dev_change_media_cb(child->opaque, load); + blk_dev_change_media_cb(child->opaque, load, NULL); } =20 /* diff --git a/blockdev.c b/blockdev.c index 011871b..2374973 100644 --- a/blockdev.c +++ b/blockdev.c @@ -2310,7 +2310,7 @@ static int do_open_tray(const char *blk_name, const c= har *qdev_id, } =20 if (!locked || force) { - blk_dev_change_media_cb(blk, false); + blk_dev_change_media_cb(blk, false, &error_abort); } =20 if (locked && !force) { @@ -2348,6 +2348,7 @@ void qmp_blockdev_close_tray(bool has_device, const c= har *device, Error **errp) { BlockBackend *blk; + Error *local_err =3D NULL; =20 device =3D has_device ? device : NULL; id =3D has_id ? id : NULL; @@ -2371,7 +2372,11 @@ void qmp_blockdev_close_tray(bool has_device, const = char *device, return; } =20 - blk_dev_change_media_cb(blk, true); + blk_dev_change_media_cb(blk, true, &local_err); + if (local_err) { + error_propagate(errp, local_err); + return; + } } =20 void qmp_x_blockdev_remove_medium(bool has_device, const char *device, @@ -2424,7 +2429,7 @@ void qmp_x_blockdev_remove_medium(bool has_device, co= nst char *device, * called at all); therefore, the medium needs to be ejected here. * Do it after blk_remove_bs() so blk_is_inserted(blk) returns the= @load * value passed here (i.e. false). */ - blk_dev_change_media_cb(blk, false); + blk_dev_change_media_cb(blk, false, &error_abort); } =20 out: @@ -2434,6 +2439,7 @@ out: static void qmp_blockdev_insert_anon_medium(BlockBackend *blk, BlockDriverState *bs, Error **= errp) { + Error *local_err =3D NULL; bool has_device; int ret; =20 @@ -2466,7 +2472,12 @@ static void qmp_blockdev_insert_anon_medium(BlockBac= kend *blk, * slot here. * Do it after blk_insert_bs() so blk_is_inserted(blk) returns the= @load * value passed here (i.e. true). */ - blk_dev_change_media_cb(blk, true); + blk_dev_change_media_cb(blk, true, &local_err); + if (local_err) { + error_propagate(errp, local_err); + blk_remove_bs(blk); + return; + } } } =20 diff --git a/hw/block/fdc.c b/hw/block/fdc.c index 74f3634..5f6c496 100644 --- a/hw/block/fdc.c +++ b/hw/block/fdc.c @@ -469,7 +469,7 @@ static void fd_revalidate(FDrive *drv) } } =20 -static void fd_change_cb(void *opaque, bool load) +static void fd_change_cb(void *opaque, bool load, Error **errp) { FDrive *drive =3D opaque; =20 diff --git a/hw/ide/core.c b/hw/ide/core.c index cfa5de6..db509b3 100644 --- a/hw/ide/core.c +++ b/hw/ide/core.c @@ -1120,7 +1120,7 @@ static void ide_cfata_metadata_write(IDEState *s) } =20 /* called when the inserted state of the media has changed */ -static void ide_cd_change_cb(void *opaque, bool load) +static void ide_cd_change_cb(void *opaque, bool load, Error **errp) { IDEState *s =3D opaque; uint64_t nb_sectors; diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index 546acc7..c1ccfad 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -2240,7 +2240,7 @@ static void scsi_disk_resize_cb(void *opaque) } } =20 -static void scsi_cd_change_media_cb(void *opaque, bool load) +static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp) { SCSIDiskState *s =3D opaque; =20 diff --git a/hw/sd/sd.c b/hw/sd/sd.c index 8e88e83..8e31491 100644 --- a/hw/sd/sd.c +++ b/hw/sd/sd.c @@ -458,7 +458,7 @@ static bool sd_get_readonly(SDState *sd) return sd->wp_switch; } =20 -static void sd_cardchange(void *opaque, bool load) +static void sd_cardchange(void *opaque, bool load, Error **errp) { SDState *sd =3D opaque; DeviceState *dev =3D DEVICE(sd); diff --git a/include/block/block_int.h b/include/block/block_int.h index 63d5446..e00d0f4 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -891,7 +891,7 @@ void bdrv_format_default_perms(BlockDriverState *bs, Bd= rvChild *c, uint64_t *nperm, uint64_t *nshared); =20 const char *bdrv_get_parent_name(const BlockDriverState *bs); -void blk_dev_change_media_cb(BlockBackend *blk, bool load); +void blk_dev_change_media_cb(BlockBackend *blk, bool load, Error **errp); bool blk_dev_has_removable_media(BlockBackend *blk); bool blk_dev_has_tray(BlockBackend *blk); void blk_dev_eject_request(BlockBackend *blk, bool force); diff --git a/include/sysemu/block-backend.h b/include/sysemu/block-backend.h index 0861113..b23f683 100644 --- a/include/sysemu/block-backend.h +++ b/include/sysemu/block-backend.h @@ -34,7 +34,7 @@ typedef struct BlockDevOps { * changes. Sure would be useful if it did. * Device models with removable media must implement this callback. */ - void (*change_media_cb)(void *opaque, bool load); + void (*change_media_cb)(void *opaque, bool load, Error **errp); /* * Runs when an eject request is issued from the monitor, the tray * is closed, and the medium is locked. --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290046644435.0120460757379; Tue, 28 Feb 2017 05:54:06 -0800 (PST) Received: from localhost ([::1]:32945 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiE8-0007UN-9L for importer@patchew.org; Tue, 28 Feb 2017 08:54:04 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43531) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJF-0004Px-9y for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:19 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJC-0004E7-UT for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:17 -0500 Received: from mx1.redhat.com ([209.132.183.28]:55006) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJ7-0004Ay-Pb; Tue, 28 Feb 2017 07:55:09 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D69D0C05681A; Tue, 28 Feb 2017 12:55:09 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQK029713; Tue, 28 Feb 2017 07:55:08 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:03 +0100 Message-Id: <1488286469-9381-19-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 28 Feb 2017 12:55:09 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 18/44] hw/block: Request permissions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This makes all device emulations with a qdev drive property request permissions on their BlockBackend. The only thing we block at this point is resizing images for some devices that can't support it. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- hw/block/block.c | 22 +++++++++++++++++++++- hw/block/fdc.c | 25 +++++++++++++++++++++++-- hw/block/m25p80.c | 8 ++++++++ hw/block/nand.c | 7 +++++++ hw/block/nvme.c | 8 +++++++- hw/block/onenand.c | 7 +++++++ hw/block/pflash_cfi01.c | 18 ++++++++++++------ hw/block/pflash_cfi02.c | 19 +++++++++++++------ hw/block/virtio-blk.c | 8 +++++++- hw/core/qdev-properties-system.c | 1 - hw/ide/qdev.c | 8 ++++++-- hw/nvram/spapr_nvram.c | 8 ++++++++ hw/scsi/scsi-disk.c | 9 +++++++-- hw/sd/sd.c | 6 ++++++ hw/usb/dev-storage.c | 6 +++++- include/hw/block/block.h | 3 ++- tests/qemu-iotests/051.pc.out | 6 +++--- 17 files changed, 142 insertions(+), 27 deletions(-) diff --git a/hw/block/block.c b/hw/block/block.c index 8dc9d84..7059ba1 100644 --- a/hw/block/block.c +++ b/hw/block/block.c @@ -51,11 +51,31 @@ void blkconf_blocksizes(BlockConf *conf) } } =20 -void blkconf_apply_backend_options(BlockConf *conf) +void blkconf_apply_backend_options(BlockConf *conf, bool readonly, + bool resizable, Error **errp) { BlockBackend *blk =3D conf->blk; BlockdevOnError rerror, werror; + uint64_t perm, shared_perm; bool wce; + int ret; + + perm =3D BLK_PERM_CONSISTENT_READ; + if (!readonly) { + perm |=3D BLK_PERM_WRITE; + } + + /* TODO Remove BLK_PERM_WRITE unless explicitly configured so */ + shared_perm =3D BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED | + BLK_PERM_GRAPH_MOD | BLK_PERM_WRITE; + if (resizable) { + shared_perm |=3D BLK_PERM_RESIZE; + } + + ret =3D blk_set_perm(blk, perm, shared_perm, errp); + if (ret < 0) { + return; + } =20 switch (conf->wce) { case ON_OFF_AUTO_ON: wce =3D true; break; diff --git a/hw/block/fdc.c b/hw/block/fdc.c index 5f6c496..a328693 100644 --- a/hw/block/fdc.c +++ b/hw/block/fdc.c @@ -186,6 +186,7 @@ typedef enum FDiskFlags { struct FDrive { FDCtrl *fdctrl; BlockBackend *blk; + BlockConf *conf; /* Drive status */ FloppyDriveType drive; /* CMOS drive type */ uint8_t perpendicular; /* 2.88 MB access mode */ @@ -472,6 +473,19 @@ static void fd_revalidate(FDrive *drv) static void fd_change_cb(void *opaque, bool load, Error **errp) { FDrive *drive =3D opaque; + Error *local_err =3D NULL; + + if (!load) { + blk_set_perm(drive->blk, 0, BLK_PERM_ALL, &error_abort); + } else { + blkconf_apply_backend_options(drive->conf, + blk_is_read_only(drive->blk), false, + &local_err); + if (local_err) { + error_propagate(errp, local_err); + return; + } + } =20 drive->media_changed =3D 1; drive->media_validated =3D false; @@ -508,6 +522,7 @@ static int floppy_drive_init(DeviceState *qdev) FloppyDrive *dev =3D FLOPPY_DRIVE(qdev); FloppyBus *bus =3D FLOPPY_BUS(qdev->parent_bus); FDrive *drive; + Error *local_err =3D NULL; int ret; =20 if (dev->unit =3D=3D -1) { @@ -533,7 +548,6 @@ static int floppy_drive_init(DeviceState *qdev) =20 if (!dev->conf.blk) { /* Anonymous BlockBackend for an empty drive */ - /* FIXME Use real permissions */ dev->conf.blk =3D blk_new(0, BLK_PERM_ALL); ret =3D blk_attach_dev(dev->conf.blk, qdev); assert(ret =3D=3D 0); @@ -552,7 +566,13 @@ static int floppy_drive_init(DeviceState *qdev) * blkconf_apply_backend_options(). */ dev->conf.rerror =3D BLOCKDEV_ON_ERROR_AUTO; dev->conf.werror =3D BLOCKDEV_ON_ERROR_AUTO; - blkconf_apply_backend_options(&dev->conf); + + blkconf_apply_backend_options(&dev->conf, blk_is_read_only(dev->conf.b= lk), + false, &local_err); + if (local_err) { + error_report_err(local_err); + return -1; + } =20 /* 'enospc' is the default for -drive, 'report' is what blk_new() give= s us * for empty drives. */ @@ -566,6 +586,7 @@ static int floppy_drive_init(DeviceState *qdev) return -1; } =20 + drive->conf =3D &dev->conf; drive->blk =3D dev->conf.blk; drive->fdctrl =3D bus->fdc; =20 diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c index 2d6eb46..190573c 100644 --- a/hw/block/m25p80.c +++ b/hw/block/m25p80.c @@ -1215,6 +1215,7 @@ static void m25p80_realize(SSISlave *ss, Error **errp) { Flash *s =3D M25P80(ss); M25P80Class *mc =3D M25P80_GET_CLASS(s); + int ret; =20 s->pi =3D mc->pi; =20 @@ -1222,6 +1223,13 @@ static void m25p80_realize(SSISlave *ss, Error **err= p) s->dirty_page =3D -1; =20 if (s->blk) { + uint64_t perm =3D BLK_PERM_CONSISTENT_READ | + (blk_is_read_only(s->blk) ? 0 : BLK_PERM_WRITE); + ret =3D blk_set_perm(s->blk, perm, BLK_PERM_ALL, errp); + if (ret < 0) { + return; + } + DB_PRINT_L(0, "Binding to IF_MTD drive\n"); s->storage =3D blk_blockalign(s->blk, s->size); =20 diff --git a/hw/block/nand.c b/hw/block/nand.c index c69e675..0d33ac2 100644 --- a/hw/block/nand.c +++ b/hw/block/nand.c @@ -373,6 +373,8 @@ static void nand_realize(DeviceState *dev, Error **errp) { int pagesize; NANDFlashState *s =3D NAND(dev); + int ret; + =20 s->buswidth =3D nand_flash_ids[s->chip_id].width >> 3; s->size =3D nand_flash_ids[s->chip_id].size << 20; @@ -407,6 +409,11 @@ static void nand_realize(DeviceState *dev, Error **err= p) error_setg(errp, "Can't use a read-only drive"); return; } + ret =3D blk_set_perm(s->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_W= RITE, + BLK_PERM_ALL, errp); + if (ret < 0) { + return; + } if (blk_getlength(s->blk) >=3D (s->pages << s->page_shift) + (s->pages << s->oob_shift)) { pagesize =3D 0; diff --git a/hw/block/nvme.c b/hw/block/nvme.c index ae91a18..ae303d4 100644 --- a/hw/block/nvme.c +++ b/hw/block/nvme.c @@ -835,6 +835,7 @@ static int nvme_init(PCIDevice *pci_dev) int i; int64_t bs_size; uint8_t *pci_conf; + Error *local_err =3D NULL; =20 if (!n->conf.blk) { return -1; @@ -850,7 +851,12 @@ static int nvme_init(PCIDevice *pci_dev) return -1; } blkconf_blocksizes(&n->conf); - blkconf_apply_backend_options(&n->conf); + blkconf_apply_backend_options(&n->conf, blk_is_read_only(n->conf.blk), + false, &local_err); + if (local_err) { + error_report_err(local_err); + return -1; + } =20 pci_conf =3D pci_dev->config; pci_conf[PCI_INTERRUPT_PIN] =3D 1; diff --git a/hw/block/onenand.c b/hw/block/onenand.c index 8d84227..ddf5492 100644 --- a/hw/block/onenand.c +++ b/hw/block/onenand.c @@ -778,6 +778,7 @@ static int onenand_initfn(SysBusDevice *sbd) OneNANDState *s =3D ONE_NAND(dev); uint32_t size =3D 1 << (24 + ((s->id.dev >> 4) & 7)); void *ram; + Error *local_err =3D NULL; =20 s->base =3D (hwaddr)-1; s->rdy =3D NULL; @@ -796,6 +797,12 @@ static int onenand_initfn(SysBusDevice *sbd) error_report("Can't use a read-only drive"); return -1; } + blk_set_perm(s->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE, + BLK_PERM_ALL, &local_err); + if (local_err) { + error_report_err(local_err); + return -1; + } s->blk_cur =3D s->blk; } s->otp =3D memset(g_malloc((64 + 2) << PAGE_SHIFT), diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c index 71b98a3..594d4cf 100644 --- a/hw/block/pflash_cfi01.c +++ b/hw/block/pflash_cfi01.c @@ -758,6 +758,18 @@ static void pflash_cfi01_realize(DeviceState *dev, Err= or **errp) sysbus_init_mmio(SYS_BUS_DEVICE(dev), &pfl->mem); =20 if (pfl->blk) { + uint64_t perm; + pfl->ro =3D blk_is_read_only(pfl->blk); + perm =3D BLK_PERM_CONSISTENT_READ | (pfl->ro ? 0 : BLK_PERM_WRITE); + ret =3D blk_set_perm(pfl->blk, perm, BLK_PERM_ALL, errp); + if (ret < 0) { + return; + } + } else { + pfl->ro =3D 0; + } + + if (pfl->blk) { /* read the initial flash content */ ret =3D blk_pread(pfl->blk, 0, pfl->storage, total_len); =20 @@ -768,12 +780,6 @@ static void pflash_cfi01_realize(DeviceState *dev, Err= or **errp) } } =20 - if (pfl->blk) { - pfl->ro =3D blk_is_read_only(pfl->blk); - } else { - pfl->ro =3D 0; - } - /* Default to devices being used at their maximum device width. This w= as * assumed before the device_width support was added. */ diff --git a/hw/block/pflash_cfi02.c b/hw/block/pflash_cfi02.c index ef71322..e6c5c6c 100644 --- a/hw/block/pflash_cfi02.c +++ b/hw/block/pflash_cfi02.c @@ -632,6 +632,19 @@ static void pflash_cfi02_realize(DeviceState *dev, Err= or **errp) vmstate_register_ram(&pfl->orig_mem, DEVICE(pfl)); pfl->storage =3D memory_region_get_ram_ptr(&pfl->orig_mem); pfl->chip_len =3D chip_len; + + if (pfl->blk) { + uint64_t perm; + pfl->ro =3D blk_is_read_only(pfl->blk); + perm =3D BLK_PERM_CONSISTENT_READ | (pfl->ro ? 0 : BLK_PERM_WRITE); + ret =3D blk_set_perm(pfl->blk, perm, BLK_PERM_ALL, errp); + if (ret < 0) { + return; + } + } else { + pfl->ro =3D 0; + } + if (pfl->blk) { /* read the initial flash content */ ret =3D blk_pread(pfl->blk, 0, pfl->storage, chip_len); @@ -646,12 +659,6 @@ static void pflash_cfi02_realize(DeviceState *dev, Err= or **errp) pfl->rom_mode =3D 1; sysbus_init_mmio(SYS_BUS_DEVICE(dev), &pfl->mem); =20 - if (pfl->blk) { - pfl->ro =3D blk_is_read_only(pfl->blk); - } else { - pfl->ro =3D 0; - } - pfl->timer =3D timer_new_ns(QEMU_CLOCK_VIRTUAL, pflash_timer, pfl); pfl->wcycle =3D 0; pfl->cmd =3D 0; diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c index 843bd2f..98c16a7 100644 --- a/hw/block/virtio-blk.c +++ b/hw/block/virtio-blk.c @@ -928,7 +928,13 @@ static void virtio_blk_device_realize(DeviceState *dev= , Error **errp) } =20 blkconf_serial(&conf->conf, &conf->serial); - blkconf_apply_backend_options(&conf->conf); + blkconf_apply_backend_options(&conf->conf, + blk_is_read_only(conf->conf.blk), true, + &err); + if (err) { + error_propagate(errp, err); + return; + } s->original_wce =3D blk_enable_write_cache(conf->conf.blk); blkconf_geometry(&conf->conf, NULL, 65535, 255, 255, &err); if (err) { diff --git a/hw/core/qdev-properties-system.c b/hw/core/qdev-properties-sys= tem.c index 66ba367..c34be1c 100644 --- a/hw/core/qdev-properties-system.c +++ b/hw/core/qdev-properties-system.c @@ -79,7 +79,6 @@ static void parse_drive(DeviceState *dev, const char *str= , void **ptr, if (!blk) { BlockDriverState *bs =3D bdrv_lookup_bs(NULL, str, NULL); if (bs) { - /* FIXME Use real permissions */ blk =3D blk_new(0, BLK_PERM_ALL); blk_created =3D true; =20 diff --git a/hw/ide/qdev.c b/hw/ide/qdev.c index bb3c377..4383cd1 100644 --- a/hw/ide/qdev.c +++ b/hw/ide/qdev.c @@ -170,7 +170,6 @@ static int ide_dev_initfn(IDEDevice *dev, IDEDriveKind = kind) return -1; } else { /* Anonymous BlockBackend for an empty drive */ - /* FIXME Use real permissions */ dev->conf.blk =3D blk_new(0, BLK_PERM_ALL); } } @@ -197,7 +196,12 @@ static int ide_dev_initfn(IDEDevice *dev, IDEDriveKind= kind) return -1; } } - blkconf_apply_backend_options(&dev->conf); + blkconf_apply_backend_options(&dev->conf, kind =3D=3D IDE_CD, kind != =3D IDE_CD, + &err); + if (err) { + error_report_err(err); + return -1; + } =20 if (ide_init_drive(s, dev->conf.blk, kind, dev->version, dev->serial, dev->model, dev->wwn, diff --git a/hw/nvram/spapr_nvram.c b/hw/nvram/spapr_nvram.c index 65ba188..aa5d2c1 100644 --- a/hw/nvram/spapr_nvram.c +++ b/hw/nvram/spapr_nvram.c @@ -141,9 +141,17 @@ static void rtas_nvram_store(PowerPCCPU *cpu, sPAPRMac= hineState *spapr, static void spapr_nvram_realize(VIOsPAPRDevice *dev, Error **errp) { sPAPRNVRAM *nvram =3D VIO_SPAPR_NVRAM(dev); + int ret; =20 if (nvram->blk) { nvram->size =3D blk_getlength(nvram->blk); + + ret =3D blk_set_perm(nvram->blk, + BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE, + BLK_PERM_ALL, errp); + if (ret < 0) { + return; + } } else { nvram->size =3D DEFAULT_NVRAM_SIZE; } diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c index c1ccfad..a53f058 100644 --- a/hw/scsi/scsi-disk.c +++ b/hw/scsi/scsi-disk.c @@ -2328,7 +2328,13 @@ static void scsi_realize(SCSIDevice *dev, Error **er= rp) return; } } - blkconf_apply_backend_options(&dev->conf); + blkconf_apply_backend_options(&dev->conf, + blk_is_read_only(s->qdev.conf.blk), + dev->type =3D=3D TYPE_DISK, &err); + if (err) { + error_propagate(errp, err); + return; + } =20 if (s->qdev.conf.discard_granularity =3D=3D -1) { s->qdev.conf.discard_granularity =3D @@ -2380,7 +2386,6 @@ static void scsi_cd_realize(SCSIDevice *dev, Error **= errp) SCSIDiskState *s =3D DO_UPCAST(SCSIDiskState, qdev, dev); =20 if (!dev->conf.blk) { - /* FIXME Use real permissions */ dev->conf.blk =3D blk_new(0, BLK_PERM_ALL); } =20 diff --git a/hw/sd/sd.c b/hw/sd/sd.c index 8e31491..ba47bff 100644 --- a/hw/sd/sd.c +++ b/hw/sd/sd.c @@ -1887,6 +1887,7 @@ static void sd_instance_finalize(Object *obj) static void sd_realize(DeviceState *dev, Error **errp) { SDState *sd =3D SD_CARD(dev); + int ret; =20 if (sd->blk && blk_is_read_only(sd->blk)) { error_setg(errp, "Cannot use read-only drive as SD card"); @@ -1894,6 +1895,11 @@ static void sd_realize(DeviceState *dev, Error **err= p) } =20 if (sd->blk) { + ret =3D blk_set_perm(sd->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_= WRITE, + BLK_PERM_ALL, errp); + if (ret < 0) { + return; + } blk_set_dev_ops(sd->blk, &sd_block_ops, sd); } } diff --git a/hw/usb/dev-storage.c b/hw/usb/dev-storage.c index c607f76..a71b354 100644 --- a/hw/usb/dev-storage.c +++ b/hw/usb/dev-storage.c @@ -603,7 +603,11 @@ static void usb_msd_realize_storage(USBDevice *dev, Er= ror **errp) =20 blkconf_serial(&s->conf, &dev->serial); blkconf_blocksizes(&s->conf); - blkconf_apply_backend_options(&s->conf); + blkconf_apply_backend_options(&s->conf, blk_is_read_only(blk), true, &= err); + if (err) { + error_propagate(errp, err); + return; + } =20 /* * Hack alert: this pretends to be a block device, but it's really diff --git a/include/hw/block/block.h b/include/hw/block/block.h index df9d207..5d462eb 100644 --- a/include/hw/block/block.h +++ b/include/hw/block/block.h @@ -73,7 +73,8 @@ void blkconf_geometry(BlockConf *conf, int *trans, unsigned cyls_max, unsigned heads_max, unsigned secs= _max, Error **errp); void blkconf_blocksizes(BlockConf *conf); -void blkconf_apply_backend_options(BlockConf *conf); +void blkconf_apply_backend_options(BlockConf *conf, bool readonly, + bool resizable, Error **errp); =20 /* Hard disk geometry */ =20 diff --git a/tests/qemu-iotests/051.pc.out b/tests/qemu-iotests/051.pc.out index e206ad6..c6f4eef 100644 --- a/tests/qemu-iotests/051.pc.out +++ b/tests/qemu-iotests/051.pc.out @@ -179,7 +179,7 @@ q=1B[K=1B[Dqu=1B[K=1B[D=1B[Dqui=1B[K=1B[D=1B[D=1B[Dquit= =1B[K =20 Testing: -drive file=3DTEST_DIR/t.qcow2,if=3Dide,readonly=3Don QEMU X.Y.Z monitor - type 'help' for more information -(qemu) QEMU_PROG: Can't use a read-only drive +(qemu) QEMU_PROG: Block node is read-only QEMU_PROG: Initialization of device ide-hd failed: Device initialization f= ailed. =20 Testing: -drive file=3DTEST_DIR/t.qcow2,if=3Dscsi,readonly=3Don @@ -201,12 +201,12 @@ QEMU X.Y.Z monitor - type 'help' for more information =20 Testing: -drive file=3DTEST_DIR/t.qcow2,if=3Dnone,id=3Ddisk,readonly=3Don = -device ide-drive,drive=3Ddisk QEMU X.Y.Z monitor - type 'help' for more information -(qemu) QEMU_PROG: -device ide-drive,drive=3Ddisk: Can't use a read-only dr= ive +(qemu) QEMU_PROG: -device ide-drive,drive=3Ddisk: Block node is read-only QEMU_PROG: -device ide-drive,drive=3Ddisk: Device initialization failed. =20 Testing: -drive file=3DTEST_DIR/t.qcow2,if=3Dnone,id=3Ddisk,readonly=3Don = -device ide-hd,drive=3Ddisk QEMU X.Y.Z monitor - type 'help' for more information -(qemu) QEMU_PROG: -device ide-hd,drive=3Ddisk: Can't use a read-only drive +(qemu) QEMU_PROG: -device ide-hd,drive=3Ddisk: Block node is read-only QEMU_PROG: -device ide-hd,drive=3Ddisk: Device initialization failed. =20 Testing: -drive file=3DTEST_DIR/t.qcow2,if=3Dnone,id=3Ddisk,readonly=3Don = -device lsi53c895a -device scsi-disk,drive=3Ddisk --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289194732589.8070753905185; Tue, 28 Feb 2017 05:39:54 -0800 (PST) Received: from localhost ([::1]:32853 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii0P-0003Ws-0u for importer@patchew.org; Tue, 28 Feb 2017 08:39:53 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43567) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJH-0004Sg-HS for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:22 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJF-0004EX-7f for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:19 -0500 Received: from mx1.redhat.com ([209.132.183.28]:60476) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJ9-0004CJ-MG; Tue, 28 Feb 2017 07:55:11 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id BA6A781247; Tue, 28 Feb 2017 12:55:11 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQL029713; Tue, 28 Feb 2017 07:55:10 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:04 +0100 Message-Id: <1488286469-9381-20-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 28 Feb 2017 12:55:11 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 19/44] hw/block: Introduce share-rw qdev property X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" By default, don't allow another writer for block devices that are attached to a guest device. For the cases where this setup is intended (e.g. using a cluster filesystem on the disk), the new option can be used to allow it. This change affects only devices using DEFINE_BLOCK_PROPERTIES(). Devices directly using DEFINE_PROP_DRIVE() still accept writers unconditionally. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- hw/block/block.c | 6 ++++-- include/hw/block/block.h | 5 ++++- tests/qemu-iotests/172.out | 53 ++++++++++++++++++++++++++++++++++++++++++= ++++ 3 files changed, 61 insertions(+), 3 deletions(-) diff --git a/hw/block/block.c b/hw/block/block.c index 7059ba1..27878d0 100644 --- a/hw/block/block.c +++ b/hw/block/block.c @@ -65,12 +65,14 @@ void blkconf_apply_backend_options(BlockConf *conf, boo= l readonly, perm |=3D BLK_PERM_WRITE; } =20 - /* TODO Remove BLK_PERM_WRITE unless explicitly configured so */ shared_perm =3D BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED | - BLK_PERM_GRAPH_MOD | BLK_PERM_WRITE; + BLK_PERM_GRAPH_MOD; if (resizable) { shared_perm |=3D BLK_PERM_RESIZE; } + if (conf->share_rw) { + shared_perm |=3D BLK_PERM_WRITE; + } =20 ret =3D blk_set_perm(blk, perm, shared_perm, errp); if (ret < 0) { diff --git a/include/hw/block/block.h b/include/hw/block/block.h index 5d462eb..f3f6e8e 100644 --- a/include/hw/block/block.h +++ b/include/hw/block/block.h @@ -26,6 +26,7 @@ typedef struct BlockConf { /* geometry, not all devices use this */ uint32_t cyls, heads, secs; OnOffAuto wce; + bool share_rw; BlockdevOnError rerror; BlockdevOnError werror; } BlockConf; @@ -53,7 +54,9 @@ static inline unsigned int get_physical_block_exp(BlockCo= nf *conf) DEFINE_PROP_UINT32("opt_io_size", _state, _conf.opt_io_size, 0), \ DEFINE_PROP_UINT32("discard_granularity", _state, \ _conf.discard_granularity, -1), \ - DEFINE_PROP_ON_OFF_AUTO("write-cache", _state, _conf.wce, ON_OFF_AUTO_= AUTO) + DEFINE_PROP_ON_OFF_AUTO("write-cache", _state, _conf.wce, \ + ON_OFF_AUTO_AUTO), \ + DEFINE_PROP_BOOL("share-rw", _state, _conf.share_rw, false) =20 #define DEFINE_BLOCK_CHS_PROPERTIES(_state, _conf) \ DEFINE_PROP_UINT32("cyls", _state, _conf.cyls, 0), \ diff --git a/tests/qemu-iotests/172.out b/tests/qemu-iotests/172.out index 6b7edaf..54b5329 100644 --- a/tests/qemu-iotests/172.out +++ b/tests/qemu-iotests/172.out @@ -28,6 +28,7 @@ Testing: opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "288" =20 =20 @@ -57,6 +58,7 @@ Testing: -fda TEST_DIR/t.qcow2 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fdb TEST_DIR/t.qcow2 @@ -83,6 +85,7 @@ Testing: -fdb TEST_DIR/t.qcow2 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -93,6 +96,7 @@ Testing: -fdb TEST_DIR/t.qcow2 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "288" =20 Testing: -fda TEST_DIR/t.qcow2 -fdb TEST_DIR/t.qcow2 @@ -119,6 +123,7 @@ Testing: -fda TEST_DIR/t.qcow2 -fdb TEST_DIR/t.qcow2 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -129,6 +134,7 @@ Testing: -fda TEST_DIR/t.qcow2 -fdb TEST_DIR/t.qcow2 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 =20 @@ -158,6 +164,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2,index=3D1 @@ -184,6 +191,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2,ind= ex=3D1 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -194,6 +202,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2,ind= ex=3D1 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "288" =20 Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -drive if=3Dfloppy,fil= e=3DTEST_DIR/t.qcow2,index=3D1 @@ -220,6 +229,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -dr= ive if=3Dfloppy,file=3DTEST_DIR/t opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -230,6 +240,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -dr= ive if=3Dfloppy,file=3DTEST_DIR/t opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 =20 @@ -259,6 +270,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -glob= al isa-fdc.driveA=3Dnone0 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -global isa-fdc.driveB= =3Dnone0 @@ -285,6 +297,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -glob= al isa-fdc.driveB=3Dnone0 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa-fdc.driveA=3Dnone0 -global isa-fdc.driveB=3Dno= ne1 @@ -311,6 +324,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -321,6 +335,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 =20 @@ -350,6 +365,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -devi= ce floppy,drive=3Dnone0 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -device floppy,drive=3Dn= one0,unit=3D1 @@ -376,6 +392,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -devi= ce floppy,drive=3Dnone0,unit=3D1 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device floppy,drive=3Dnone0 -device floppy,drive=3Dnone1,= unit=3D1 @@ -402,6 +419,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -412,6 +430,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 =20 @@ -441,6 +460,7 @@ Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa- opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -451,6 +471,7 @@ Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa- opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -g= lobal isa-fdc.driveA=3Dnone0 @@ -477,6 +498,7 @@ Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa- opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -487,6 +509,7 @@ Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa- opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -g= lobal isa-fdc.driveA=3Dnone0 @@ -513,6 +536,7 @@ Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa- opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -g= lobal isa-fdc.driveB=3Dnone0 @@ -539,6 +563,7 @@ Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa- opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 =20 @@ -568,6 +593,7 @@ Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -578,6 +604,7 @@ Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -d= evice floppy,drive=3Dnone0,unit=3D1 @@ -604,6 +631,7 @@ Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -614,6 +642,7 @@ Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -d= evice floppy,drive=3Dnone0 @@ -640,6 +669,7 @@ Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 1 (0x1) @@ -650,6 +680,7 @@ Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -d= evice floppy,drive=3Dnone0,unit=3D0 @@ -676,6 +707,7 @@ Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 1 (0x1) @@ -686,6 +718,7 @@ Testing: -fdb TEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -device flop opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -fda TEST_DIR/t.qcow2 -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -d= evice floppy,drive=3Dnone0,unit=3D0 @@ -723,6 +756,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -dr= ive if=3Dnone,file=3DTEST_DIR/t.q opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -733,6 +767,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -dr= ive if=3Dnone,file=3DTEST_DIR/t.q opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file= =3DTEST_DIR/t.qcow2 -device floppy,drive=3Dnone0,unit=3D1 @@ -759,6 +794,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -dr= ive if=3Dnone,file=3DTEST_DIR/t.q opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -769,6 +805,7 @@ Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -dr= ive if=3Dnone,file=3DTEST_DIR/t.q opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dfloppy,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file= =3DTEST_DIR/t.qcow2 -device floppy,drive=3Dnone0,unit=3D0 @@ -802,6 +839,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -812,6 +850,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa-fdc.driveA=3Dnone0 -device floppy,drive=3Dnone= 1,unit=3D1 @@ -838,6 +877,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 0 (0x0) @@ -848,6 +888,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa-fdc.driveB=3Dnone0 -device floppy,drive=3Dnone1 @@ -874,6 +915,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 1 (0x1) @@ -884,6 +926,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa-fdc.driveB=3Dnone0 -device floppy,drive=3Dnone= 1,unit=3D0 @@ -910,6 +953,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" dev: floppy, id "" unit =3D 1 (0x1) @@ -920,6 +964,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -driv= e if=3Dnone,file=3DTEST_DIR/t.qco opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -drive if=3Dnone,file=3D= TEST_DIR/t.qcow2 -global isa-fdc.driveA=3Dnone0 -device floppy,drive=3Dnone= 1,unit=3D0 @@ -964,6 +1009,7 @@ Testing: -device floppy opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "288" =20 Testing: -device floppy,drive-type=3D120 @@ -990,6 +1036,7 @@ Testing: -device floppy,drive-type=3D120 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "120" =20 Testing: -device floppy,drive-type=3D144 @@ -1016,6 +1063,7 @@ Testing: -device floppy,drive-type=3D144 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -device floppy,drive-type=3D288 @@ -1042,6 +1090,7 @@ Testing: -device floppy,drive-type=3D288 opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "288" =20 =20 @@ -1071,6 +1120,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -de= vice floppy,drive=3Dnone0,drive-t opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "120" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -device floppy,drive=3Dn= one0,drive-type=3D288 @@ -1097,6 +1147,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -de= vice floppy,drive=3Dnone0,drive-t opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "288" =20 =20 @@ -1126,6 +1177,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -de= vice floppy,drive=3Dnone0,logical opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -device floppy,drive=3Dn= one0,physical_block_size=3D512 @@ -1152,6 +1204,7 @@ Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -de= vice floppy,drive=3Dnone0,physica opt_io_size =3D 0 (0x0) discard_granularity =3D 4294967295 (0xffffffff) write-cache =3D "auto" + share-rw =3D false drive-type =3D "144" =20 Testing: -drive if=3Dnone,file=3DTEST_DIR/t.qcow2 -device floppy,drive=3Dn= one0,logical_block_size=3D4096 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290572936409.14901171928; Tue, 28 Feb 2017 06:02:52 -0800 (PST) Received: from localhost ([::1]:33010 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiMb-0007gg-I1 for importer@patchew.org; Tue, 28 Feb 2017 09:02:49 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43629) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJK-0004WT-TH for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:25 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJJ-0004Gp-HF for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:23 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48734) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJB-0004DO-J3; Tue, 28 Feb 2017 07:55:13 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A8FD980F93; Tue, 28 Feb 2017 12:55:13 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQM029713; Tue, 28 Feb 2017 07:55:11 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:05 +0100 Message-Id: <1488286469-9381-21-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 28 Feb 2017 12:55:13 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 20/44] blockjob: Add permissions to block_job_create() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This functions creates a BlockBackend internally, so the block jobs need to tell it what they want to do with the BB. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/backup.c | 5 +++-- block/commit.c | 5 +++-- block/mirror.c | 5 +++-- block/stream.c | 5 +++-- blockjob.c | 6 +++--- include/block/blockjob_int.h | 4 +++- tests/test-blockjob-txn.c | 6 +++--- tests/test-blockjob.c | 5 +++-- 8 files changed, 24 insertions(+), 17 deletions(-) diff --git a/block/backup.c b/block/backup.c index f38d1d0..c759684 100644 --- a/block/backup.c +++ b/block/backup.c @@ -618,8 +618,9 @@ BlockJob *backup_job_create(const char *job_id, BlockDr= iverState *bs, goto error; } =20 - job =3D block_job_create(job_id, &backup_job_driver, bs, speed, - creation_flags, cb, opaque, errp); + /* FIXME Use real permissions */ + job =3D block_job_create(job_id, &backup_job_driver, bs, 0, BLK_PERM_A= LL, + speed, creation_flags, cb, opaque, errp); if (!job) { goto error; } diff --git a/block/commit.c b/block/commit.c index 2ad8138..60d29a9 100644 --- a/block/commit.c +++ b/block/commit.c @@ -235,8 +235,9 @@ void commit_start(const char *job_id, BlockDriverState = *bs, return; } =20 - s =3D block_job_create(job_id, &commit_job_driver, bs, speed, - BLOCK_JOB_DEFAULT, NULL, NULL, errp); + /* FIXME Use real permissions */ + s =3D block_job_create(job_id, &commit_job_driver, bs, 0, BLK_PERM_ALL, + speed, BLOCK_JOB_DEFAULT, NULL, NULL, errp); if (!s) { return; } diff --git a/block/mirror.c b/block/mirror.c index 7eeeb97..cd4e7db 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -1015,8 +1015,9 @@ static void mirror_start_job(const char *job_id, Bloc= kDriverState *bs, buf_size =3D DEFAULT_MIRROR_BUF_SIZE; } =20 - s =3D block_job_create(job_id, driver, bs, speed, creation_flags, - cb, opaque, errp); + /* FIXME Use real permissions */ + s =3D block_job_create(job_id, driver, bs, 0, BLK_PERM_ALL, speed, + creation_flags, cb, opaque, errp); if (!s) { return; } diff --git a/block/stream.c b/block/stream.c index 1523ba7..7f49279 100644 --- a/block/stream.c +++ b/block/stream.c @@ -229,8 +229,9 @@ void stream_start(const char *job_id, BlockDriverState = *bs, BlockDriverState *iter; int orig_bs_flags; =20 - s =3D block_job_create(job_id, &stream_job_driver, bs, speed, - BLOCK_JOB_DEFAULT, NULL, NULL, errp); + /* FIXME Use real permissions */ + s =3D block_job_create(job_id, &stream_job_driver, bs, 0, BLK_PERM_ALL, + speed, BLOCK_JOB_DEFAULT, NULL, NULL, errp); if (!s) { return; } diff --git a/blockjob.c b/blockjob.c index 72b7d4c..27833c7 100644 --- a/blockjob.c +++ b/blockjob.c @@ -123,7 +123,8 @@ void block_job_add_bdrv(BlockJob *job, BlockDriverState= *bs) } =20 void *block_job_create(const char *job_id, const BlockJobDriver *driver, - BlockDriverState *bs, int64_t speed, int flags, + BlockDriverState *bs, uint64_t perm, + uint64_t shared_perm, int64_t speed, int flags, BlockCompletionFunc *cb, void *opaque, Error **errp) { BlockBackend *blk; @@ -160,8 +161,7 @@ void *block_job_create(const char *job_id, const BlockJ= obDriver *driver, } } =20 - /* FIXME Use real permissions */ - blk =3D blk_new(0, BLK_PERM_ALL); + blk =3D blk_new(perm, shared_perm); ret =3D blk_insert_bs(blk, bs, errp); if (ret < 0) { blk_unref(blk); diff --git a/include/block/blockjob_int.h b/include/block/blockjob_int.h index 8223822..3f86cc5 100644 --- a/include/block/blockjob_int.h +++ b/include/block/blockjob_int.h @@ -119,6 +119,7 @@ struct BlockJobDriver { * generated automatically. * @job_type: The class object for the newly-created job. * @bs: The block + * @perm, @shared_perm: Permissions to request for @bs * @speed: The maximum speed, in bytes per second, or 0 for unlimited. * @cb: Completion function for the job. * @opaque: Opaque pointer value passed to @cb. @@ -134,7 +135,8 @@ struct BlockJobDriver { * called from a wrapper that is specific to the job type. */ void *block_job_create(const char *job_id, const BlockJobDriver *driver, - BlockDriverState *bs, int64_t speed, int flags, + BlockDriverState *bs, uint64_t perm, + uint64_t shared_perm, int64_t speed, int flags, BlockCompletionFunc *cb, void *opaque, Error **errp= ); =20 /** diff --git a/tests/test-blockjob-txn.c b/tests/test-blockjob-txn.c index f6dfd08..4ccbda1 100644 --- a/tests/test-blockjob-txn.c +++ b/tests/test-blockjob-txn.c @@ -101,9 +101,9 @@ static BlockJob *test_block_job_start(unsigned int iter= ations, g_assert_nonnull(bs); =20 snprintf(job_id, sizeof(job_id), "job%u", counter++); - s =3D block_job_create(job_id, &test_block_job_driver, bs, 0, - BLOCK_JOB_DEFAULT, test_block_job_cb, - data, &error_abort); + s =3D block_job_create(job_id, &test_block_job_driver, bs, + 0, BLK_PERM_ALL, 0, BLOCK_JOB_DEFAULT, + test_block_job_cb, data, &error_abort); s->iterations =3D iterations; s->use_timer =3D use_timer; s->rc =3D rc; diff --git a/tests/test-blockjob.c b/tests/test-blockjob.c index 143ce96..1afe17b 100644 --- a/tests/test-blockjob.c +++ b/tests/test-blockjob.c @@ -30,8 +30,9 @@ static BlockJob *do_test_id(BlockBackend *blk, const char= *id, BlockJob *job; Error *errp =3D NULL; =20 - job =3D block_job_create(id, &test_block_job_driver, blk_bs(blk), 0, - BLOCK_JOB_DEFAULT, block_job_cb, NULL, &errp); + job =3D block_job_create(id, &test_block_job_driver, blk_bs(blk), + 0, BLK_PERM_ALL, 0, BLOCK_JOB_DEFAULT, block_jo= b_cb, + NULL, &errp); if (should_succeed) { g_assert_null(errp); g_assert_nonnull(job); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290305604242.64818484956106; Tue, 28 Feb 2017 05:58:25 -0800 (PST) Received: from localhost ([::1]:32981 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiIJ-00036Z-7f for importer@patchew.org; Tue, 28 Feb 2017 08:58:23 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43564) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJH-0004SV-CE for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:20 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJG-0004Es-EO for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:19 -0500 Received: from mx1.redhat.com ([209.132.183.28]:57086) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJD-0004Dw-9z; Tue, 28 Feb 2017 07:55:15 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 62E8D3B71B; Tue, 28 Feb 2017 12:55:15 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQN029713; Tue, 28 Feb 2017 07:55:13 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:06 +0100 Message-Id: <1488286469-9381-22-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 28 Feb 2017 12:55:15 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 21/44] block: Add BdrvChildRole.get_parent_desc() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" For meaningful error messages in the permission system, we need to get some human-readable description of the parent of a BdrvChild. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 9 +++++++++ block/block-backend.c | 21 +++++++++++++++++++++ include/block/block_int.h | 6 ++++++ 3 files changed, 36 insertions(+) diff --git a/block.c b/block.c index 5f2dd6f..e03cc5d 100644 --- a/block.c +++ b/block.c @@ -707,6 +707,12 @@ int bdrv_parse_cache_mode(const char *mode, int *flags= , bool *writethrough) return 0; } =20 +static char *bdrv_child_get_parent_desc(BdrvChild *c) +{ + BlockDriverState *parent =3D c->opaque; + return g_strdup(bdrv_get_device_or_node_name(parent)); +} + static void bdrv_child_cb_drained_begin(BdrvChild *child) { BlockDriverState *bs =3D child->opaque; @@ -774,6 +780,7 @@ static void bdrv_inherited_options(int *child_flags, QD= ict *child_options, } =20 const BdrvChildRole child_file =3D { + .get_parent_desc =3D bdrv_child_get_parent_desc, .inherit_options =3D bdrv_inherited_options, .drained_begin =3D bdrv_child_cb_drained_begin, .drained_end =3D bdrv_child_cb_drained_end, @@ -794,6 +801,7 @@ static void bdrv_inherited_fmt_options(int *child_flags= , QDict *child_options, } =20 const BdrvChildRole child_format =3D { + .get_parent_desc =3D bdrv_child_get_parent_desc, .inherit_options =3D bdrv_inherited_fmt_options, .drained_begin =3D bdrv_child_cb_drained_begin, .drained_end =3D bdrv_child_cb_drained_end, @@ -824,6 +832,7 @@ static void bdrv_backing_options(int *child_flags, QDic= t *child_options, } =20 const BdrvChildRole child_backing =3D { + .get_parent_desc =3D bdrv_child_get_parent_desc, .inherit_options =3D bdrv_backing_options, .drained_begin =3D bdrv_child_cb_drained_begin, .drained_end =3D bdrv_child_cb_drained_end, diff --git a/block/block-backend.c b/block/block-backend.c index fcc42b5..38a3858 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -80,6 +80,7 @@ static const AIOCBInfo block_backend_aiocb_info =3D { =20 static void drive_info_del(DriveInfo *dinfo); static BlockBackend *bdrv_first_blk(BlockDriverState *bs); +static char *blk_get_attached_dev_id(BlockBackend *blk); =20 /* All BlockBackends */ static QTAILQ_HEAD(, BlockBackend) block_backends =3D @@ -102,6 +103,25 @@ static void blk_root_drained_end(BdrvChild *child); static void blk_root_change_media(BdrvChild *child, bool load); static void blk_root_resize(BdrvChild *child); =20 +static char *blk_root_get_parent_desc(BdrvChild *child) +{ + BlockBackend *blk =3D child->opaque; + char *dev_id; + + if (blk->name) { + return g_strdup(blk->name); + } + + dev_id =3D blk_get_attached_dev_id(blk); + if (*dev_id) { + return dev_id; + } else { + /* TODO Callback into the BB owner for something more detailed */ + g_free(dev_id); + return g_strdup("a block device"); + } +} + static const char *blk_root_get_name(BdrvChild *child) { return blk_name(child->opaque); @@ -113,6 +133,7 @@ static const BdrvChildRole child_root =3D { .change_media =3D blk_root_change_media, .resize =3D blk_root_resize, .get_name =3D blk_root_get_name, + .get_parent_desc =3D blk_root_get_parent_desc, =20 .drained_begin =3D blk_root_drained_begin, .drained_end =3D blk_root_drained_end, diff --git a/include/block/block_int.h b/include/block/block_int.h index e00d0f4..3177b9f 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -452,6 +452,12 @@ struct BdrvChildRole { * name), or NULL if the parent can't provide a better name. */ const char* (*get_name)(BdrvChild *child); =20 + /* Returns a malloced string that describes the parent of the child fo= r a + * human reader. This could be a node-name, BlockBackend name, qdev ID= or + * QOM path of the device owning the BlockBackend, job type and ID etc= . The + * caller is responsible for freeing the memory. */ + char* (*get_parent_desc)(BdrvChild *child); + /* * If this pair of functions is implemented, the parent doesn't issue = new * requests after returning from .drained_begin() until .drained_end()= is --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289845981671.396607688748; Tue, 28 Feb 2017 05:50:45 -0800 (PST) Received: from localhost ([::1]:32922 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiAu-0004gp-I1 for importer@patchew.org; Tue, 28 Feb 2017 08:50:44 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43591) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJI-0004UE-QK for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:21 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJH-0004FF-Gq for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:20 -0500 Received: from mx1.redhat.com ([209.132.183.28]:41402) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJF-0004EO-2u; Tue, 28 Feb 2017 07:55:17 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3053661D28; Tue, 28 Feb 2017 12:55:17 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQO029713; Tue, 28 Feb 2017 07:55:15 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:07 +0100 Message-Id: <1488286469-9381-23-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 28 Feb 2017 12:55:17 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 22/44] block: Include details on permission errors in message X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Instead of just telling that there was some conflict, we can be specific and tell which permissions were in conflict and which way the conflict is. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-------= ---- 1 file changed, 56 insertions(+), 11 deletions(-) diff --git a/block.c b/block.c index e03cc5d..f72a67f 100644 --- a/block.c +++ b/block.c @@ -1462,6 +1462,43 @@ static void bdrv_get_cumulative_perm(BlockDriverStat= e *bs, uint64_t *perm, *shared_perm =3D cumulative_shared_perms; } =20 +static char *bdrv_child_user_desc(BdrvChild *c) +{ + if (c->role->get_parent_desc) { + return c->role->get_parent_desc(c); + } + + return g_strdup("another user"); +} + +static char *bdrv_perm_names(uint64_t perm) +{ + struct perm_name { + uint64_t perm; + const char *name; + } permissions[] =3D { + { BLK_PERM_CONSISTENT_READ, "consistent read" }, + { BLK_PERM_WRITE, "write" }, + { BLK_PERM_WRITE_UNCHANGED, "write unchanged" }, + { BLK_PERM_RESIZE, "resize" }, + { BLK_PERM_GRAPH_MOD, "change children" }, + { 0, NULL } + }; + + char *result =3D g_strdup(""); + struct perm_name *p; + + for (p =3D permissions; p->name; p++) { + if (perm & p->perm) { + char *old =3D result; + result =3D g_strdup_printf("%s%s%s", old, *old ? ", " : "", p-= >name); + g_free(old); + } + } + + return result; +} + /* * Checks whether a new reference to @bs can be added if the new user requ= ires * @new_used_perm/@new_shared_perm as its permissions. If @ignore_child is= set, @@ -1486,17 +1523,25 @@ static int bdrv_check_update_perm(BlockDriverState = *bs, uint64_t new_used_perm, continue; } =20 - if ((new_used_perm & c->shared_perm) !=3D new_used_perm || - (c->perm & new_shared_perm) !=3D c->perm) - { - const char *user =3D NULL; - if (c->role->get_name) { - user =3D c->role->get_name(c); - if (user && !*user) { - user =3D NULL; - } - } - error_setg(errp, "Conflicts with %s", user ?: "another operati= on"); + if ((new_used_perm & c->shared_perm) !=3D new_used_perm) { + char *user =3D bdrv_child_user_desc(c); + char *perm_names =3D bdrv_perm_names(new_used_perm & ~c->share= d_perm); + error_setg(errp, "Conflicts with use by %s as '%s', which does= not " + "allow '%s' on %s", + user, c->name, perm_names, bdrv_get_node_name(c->bs= )); + g_free(user); + g_free(perm_names); + return -EPERM; + } + + if ((c->perm & new_shared_perm) !=3D c->perm) { + char *user =3D bdrv_child_user_desc(c); + char *perm_names =3D bdrv_perm_names(c->perm & ~new_shared_per= m); + error_setg(errp, "Conflicts with use by %s as '%s', which uses= " + "'%s' on %s", + user, c->name, perm_names, bdrv_get_node_name(c->bs= )); + g_free(user); + g_free(perm_names); return -EPERM; } =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290868881910.9300609807714; Tue, 28 Feb 2017 06:07:48 -0800 (PST) Received: from localhost ([::1]:33040 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiRN-0003FW-3Z for importer@patchew.org; Tue, 28 Feb 2017 09:07:45 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43614) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJK-0004Vb-3V for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:25 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJJ-0004Gg-CN for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:22 -0500 Received: from mx1.redhat.com ([209.132.183.28]:55088) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJH-0004Ez-2q; Tue, 28 Feb 2017 07:55:19 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 31E7BC05AA40; Tue, 28 Feb 2017 12:55:19 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQP029713; Tue, 28 Feb 2017 07:55:17 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:08 +0100 Message-Id: <1488286469-9381-24-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 28 Feb 2017 12:55:19 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 23/44] block: Add BdrvChildRole.stay_at_node X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When the parents' child links are updated in bdrv_append() or bdrv_replace_in_backing_chain(), this should affect all child links of BlockBackends or other nodes, but not on child links held for other purposes (like for setting permissions). This patch allows to control the behaviour per BdrvChildRole. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 3 +++ include/block/block_int.h | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/block.c b/block.c index f72a67f..9e538a5 100644 --- a/block.c +++ b/block.c @@ -2853,6 +2853,9 @@ static void change_parent_backing_link(BlockDriverSta= te *from, BdrvChild *c, *next, *to_c; =20 QLIST_FOREACH_SAFE(c, &from->parents, next_parent, next) { + if (c->role->stay_at_node) { + continue; + } if (c->role =3D=3D &child_backing) { /* @from is generally not allowed to be a backing file, except= for * when @to is the overlay. In that case, @from may not be rep= laced diff --git a/include/block/block_int.h b/include/block/block_int.h index 3177b9f..a0d9328 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -441,6 +441,10 @@ typedef struct BdrvAioNotifier { } BdrvAioNotifier; =20 struct BdrvChildRole { + /* If true, bdrv_replace_in_backing_chain() doesn't change the node th= is + * BdrvChild points to. */ + bool stay_at_node; + void (*inherit_options)(int *child_flags, QDict *child_options, int parent_flags, QDict *parent_options); =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291131879783.858011161403; Tue, 28 Feb 2017 06:12:11 -0800 (PST) Received: from localhost ([::1]:33080 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiVd-0006vu-Ih for importer@patchew.org; Tue, 28 Feb 2017 09:12:09 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43686) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJO-0004aY-Or for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:28 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJN-0004JL-JG for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:26 -0500 Received: from mx1.redhat.com ([209.132.183.28]:53612) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJI-0004Fd-Vg; Tue, 28 Feb 2017 07:55:21 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 09BFC7F081; Tue, 28 Feb 2017 12:55:21 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQQ029713; Tue, 28 Feb 2017 07:55:19 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:09 +0100 Message-Id: <1488286469-9381-25-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 28 Feb 2017 12:55:21 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 24/44] blockjob: Add permissions to block_job_add_bdrv() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Block jobs don't actually do I/O through the the reference they create with block_job_add_bdrv(), but they might want to use the permisssion system to express what the block job does to intermediate nodes. This adds permissions to block_job_add_bdrv() to provide the means to request permissions. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/backup.c | 4 +++- block/commit.c | 8 ++++++-- block/mirror.c | 9 +++++++-- block/stream.c | 4 +++- blockjob.c | 36 ++++++++++++++++++++++++++++++------ include/block/blockjob.h | 5 ++++- 6 files changed, 53 insertions(+), 13 deletions(-) diff --git a/block/backup.c b/block/backup.c index c759684..405f271 100644 --- a/block/backup.c +++ b/block/backup.c @@ -657,7 +657,9 @@ BlockJob *backup_job_create(const char *job_id, BlockDr= iverState *bs, job->cluster_size =3D MAX(BACKUP_CLUSTER_SIZE_DEFAULT, bdi.cluster= _size); } =20 - block_job_add_bdrv(&job->common, target); + /* FIXME Use real permissions */ + block_job_add_bdrv(&job->common, "target", target, 0, BLK_PERM_ALL, + &error_abort); job->common.len =3D len; block_job_txn_add_job(txn, &job->common); =20 diff --git a/block/commit.c b/block/commit.c index 60d29a9..b69586f 100644 --- a/block/commit.c +++ b/block/commit.c @@ -267,13 +267,17 @@ void commit_start(const char *job_id, BlockDriverStat= e *bs, * disappear from the chain after this operation. */ assert(bdrv_chain_contains(top, base)); for (iter =3D top; iter !=3D backing_bs(base); iter =3D backing_bs(ite= r)) { - block_job_add_bdrv(&s->common, iter); + /* FIXME Use real permissions */ + block_job_add_bdrv(&s->common, "intermediate node", iter, 0, + BLK_PERM_ALL, &error_abort); } /* overlay_bs must be blocked because it needs to be modified to * update the backing image string, but if it's the root node then * don't block it again */ if (bs !=3D overlay_bs) { - block_job_add_bdrv(&s->common, overlay_bs); + /* FIXME Use real permissions */ + block_job_add_bdrv(&s->common, "overlay of top", overlay_bs, 0, + BLK_PERM_ALL, &error_abort); } =20 /* FIXME Use real permissions */ diff --git a/block/mirror.c b/block/mirror.c index cd4e7db..beaac6f 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -1052,13 +1052,18 @@ static void mirror_start_job(const char *job_id, Bl= ockDriverState *bs, return; } =20 - block_job_add_bdrv(&s->common, target); + /* FIXME Use real permissions */ + block_job_add_bdrv(&s->common, "target", target, 0, BLK_PERM_ALL, + &error_abort); + /* In commit_active_start() all intermediate nodes disappear, so * any jobs in them must be blocked */ if (bdrv_chain_contains(bs, target)) { BlockDriverState *iter; for (iter =3D backing_bs(bs); iter !=3D target; iter =3D backing_b= s(iter)) { - block_job_add_bdrv(&s->common, iter); + /* FIXME Use real permissions */ + block_job_add_bdrv(&s->common, "intermediate node", iter, 0, + BLK_PERM_ALL, &error_abort); } } =20 diff --git a/block/stream.c b/block/stream.c index 7f49279..ba8650f 100644 --- a/block/stream.c +++ b/block/stream.c @@ -248,7 +248,9 @@ void stream_start(const char *job_id, BlockDriverState = *bs, /* Block all intermediate nodes between bs and base, because they * will disappear from the chain after this operation */ for (iter =3D backing_bs(bs); iter && iter !=3D base; iter =3D backing= _bs(iter)) { - block_job_add_bdrv(&s->common, iter); + /* FIXME Use real permissions */ + block_job_add_bdrv(&s->common, "intermediate node", iter, 0, + BLK_PERM_ALL, &error_abort); } =20 s->base =3D base; diff --git a/blockjob.c b/blockjob.c index 27833c7..4216cde 100644 --- a/blockjob.c +++ b/blockjob.c @@ -55,6 +55,19 @@ struct BlockJobTxn { =20 static QLIST_HEAD(, BlockJob) block_jobs =3D QLIST_HEAD_INITIALIZER(block_= jobs); =20 +static char *child_job_get_parent_desc(BdrvChild *c) +{ + BlockJob *job =3D c->opaque; + return g_strdup_printf("%s job '%s'", + BlockJobType_lookup[job->driver->job_type], + job->id); +} + +static const BdrvChildRole child_job =3D { + .get_parent_desc =3D child_job_get_parent_desc, + .stay_at_node =3D true, +}; + BlockJob *block_job_next(BlockJob *job) { if (!job) { @@ -115,11 +128,22 @@ static void block_job_detach_aio_context(void *opaque) block_job_unref(job); } =20 -void block_job_add_bdrv(BlockJob *job, BlockDriverState *bs) +int block_job_add_bdrv(BlockJob *job, const char *name, BlockDriverState *= bs, + uint64_t perm, uint64_t shared_perm, Error **errp) { - job->nodes =3D g_slist_prepend(job->nodes, bs); + BdrvChild *c; + + c =3D bdrv_root_attach_child(bs, name, &child_job, perm, shared_perm, + job, errp); + if (c =3D=3D NULL) { + return -EPERM; + } + + job->nodes =3D g_slist_prepend(job->nodes, c); bdrv_ref(bs); bdrv_op_block_all(bs, job->blocker); + + return 0; } =20 void *block_job_create(const char *job_id, const BlockJobDriver *driver, @@ -171,7 +195,7 @@ void *block_job_create(const char *job_id, const BlockJ= obDriver *driver, job =3D g_malloc0(driver->instance_size); error_setg(&job->blocker, "block device is in use by block job: %s", BlockJobType_lookup[driver->job_type]); - block_job_add_bdrv(job, bs); + block_job_add_bdrv(job, "main node", bs, 0, BLK_PERM_ALL, &error_abort= ); bdrv_op_unblock(bs, BLOCK_OP_TYPE_DATAPLANE, job->blocker); =20 job->driver =3D driver; @@ -238,9 +262,9 @@ void block_job_unref(BlockJob *job) BlockDriverState *bs =3D blk_bs(job->blk); bs->job =3D NULL; for (l =3D job->nodes; l; l =3D l->next) { - bs =3D l->data; - bdrv_op_unblock_all(bs, job->blocker); - bdrv_unref(bs); + BdrvChild *c =3D l->data; + bdrv_op_unblock_all(c->bs, job->blocker); + bdrv_root_unref_child(c); } g_slist_free(job->nodes); blk_remove_aio_context_notifier(job->blk, diff --git a/include/block/blockjob.h b/include/block/blockjob.h index 1acb256..9d65ef8 100644 --- a/include/block/blockjob.h +++ b/include/block/blockjob.h @@ -169,13 +169,16 @@ BlockJob *block_job_get(const char *id); /** * block_job_add_bdrv: * @job: A block job + * @name: The name to assign to the new BdrvChild * @bs: A BlockDriverState that is involved in @job + * @perm, @shared_perm: Permissions to request on the node * * Add @bs to the list of BlockDriverState that are involved in * @job. This means that all operations will be blocked on @bs while * @job exists. */ -void block_job_add_bdrv(BlockJob *job, BlockDriverState *bs); +int block_job_add_bdrv(BlockJob *job, const char *name, BlockDriverState *= bs, + uint64_t perm, uint64_t shared_perm, Error **errp); =20 /** * block_job_set_speed: --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290108910380.4636706498195; Tue, 28 Feb 2017 05:55:08 -0800 (PST) Received: from localhost ([::1]:32958 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiF9-0008R5-6W for importer@patchew.org; Tue, 28 Feb 2017 08:55:07 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43725) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJQ-0004cT-8y for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:29 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJO-0004MA-VI for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:28 -0500 Received: from mx1.redhat.com ([209.132.183.28]:53620) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJK-0004Gy-Po; Tue, 28 Feb 2017 07:55:22 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CF32A7E9D1; Tue, 28 Feb 2017 12:55:22 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQR029713; Tue, 28 Feb 2017 07:55:21 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:10 +0100 Message-Id: <1488286469-9381-26-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 28 Feb 2017 12:55:22 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 25/44] commit: Use real permissions in commit block job X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This is probably one of the most interesting conversions to the new op blocker system because a commit block job intentionally leaves some intermediate block nodes in the backing chain that aren't valid on their own any more; only the whole chain together results in a valid view. In order to provide the 'consistent read' permission to the parents of the 'top' node of the commit job, a new filter block driver is inserted above 'top' which doesn't require 'consistent read' on its backing chain. Subsequently, the commit job can block 'consistent read' on all intermediate nodes without causing a conflict. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block/commit.c | 113 ++++++++++++++++++++++++++++++++++++++++++++++++-----= ---- 1 file changed, 95 insertions(+), 18 deletions(-) diff --git a/block/commit.c b/block/commit.c index b69586f..8de4473 100644 --- a/block/commit.c +++ b/block/commit.c @@ -36,6 +36,7 @@ typedef struct CommitBlockJob { BlockJob common; RateLimit limit; BlockDriverState *active; + BlockDriverState *commit_top_bs; BlockBackend *top; BlockBackend *base; BlockdevOnError on_error; @@ -83,12 +84,23 @@ static void commit_complete(BlockJob *job, void *opaque) BlockDriverState *active =3D s->active; BlockDriverState *top =3D blk_bs(s->top); BlockDriverState *base =3D blk_bs(s->base); - BlockDriverState *overlay_bs =3D bdrv_find_overlay(active, top); + BlockDriverState *overlay_bs =3D bdrv_find_overlay(active, s->commit_t= op_bs); int ret =3D data->ret; + bool remove_commit_top_bs =3D false; + + /* Remove base node parent that still uses BLK_PERM_WRITE/RESIZE before + * the normal backing chain can be restored. */ + blk_unref(s->base); =20 if (!block_job_is_cancelled(&s->common) && ret =3D=3D 0) { /* success */ - ret =3D bdrv_drop_intermediate(active, top, base, s->backing_file_= str); + ret =3D bdrv_drop_intermediate(active, s->commit_top_bs, base, + s->backing_file_str); + } else if (overlay_bs) { + /* XXX Can (or should) we somehow keep 'consistent read' blocked e= ven + * after the failed/cancelled commit job is gone? If we already wr= ote + * something to base, the intermediate images aren't valid any mor= e. */ + remove_commit_top_bs =3D true; } =20 /* restore base open flags here if appropriate (e.g., change the base = back @@ -102,9 +114,15 @@ static void commit_complete(BlockJob *job, void *opaqu= e) } g_free(s->backing_file_str); blk_unref(s->top); - blk_unref(s->base); block_job_completed(&s->common, ret); g_free(data); + + /* If bdrv_drop_intermediate() didn't already do that, remove the comm= it + * filter driver from the backing chain. Do this as the final step so = that + * the 'consistent read' permission can be granted. */ + if (remove_commit_top_bs) { + bdrv_set_backing_hd(overlay_bs, top); + } } =20 static void coroutine_fn commit_run(void *opaque) @@ -208,6 +226,34 @@ static const BlockJobDriver commit_job_driver =3D { .start =3D commit_run, }; =20 +static int coroutine_fn bdrv_commit_top_preadv(BlockDriverState *bs, + uint64_t offset, uint64_t bytes, QEMUIOVector *qiov, int flags) +{ + return bdrv_co_preadv(bs->backing, offset, bytes, qiov, flags); +} + +static void bdrv_commit_top_close(BlockDriverState *bs) +{ +} + +static void bdrv_commit_top_child_perm(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t perm, uint64_t shared, + uint64_t *nperm, uint64_t *nshared) +{ + *nperm =3D 0; + *nshared =3D BLK_PERM_ALL; +} + +/* Dummy node that provides consistent read to its users without requiring= it + * from its backing file and that allows writes on the backing file chain.= */ +static BlockDriver bdrv_commit_top =3D { + .format_name =3D "commit_top", + .bdrv_co_preadv =3D bdrv_commit_top_preadv, + .bdrv_close =3D bdrv_commit_top_close, + .bdrv_child_perm =3D bdrv_commit_top_child_perm, +}; + void commit_start(const char *job_id, BlockDriverState *bs, BlockDriverState *base, BlockDriverState *top, int64_t s= peed, BlockdevOnError on_error, const char *backing_file_str, @@ -219,6 +265,7 @@ void commit_start(const char *job_id, BlockDriverState = *bs, int orig_base_flags; BlockDriverState *iter; BlockDriverState *overlay_bs; + BlockDriverState *commit_top_bs =3D NULL; Error *local_err =3D NULL; int ret; =20 @@ -235,7 +282,6 @@ void commit_start(const char *job_id, BlockDriverState = *bs, return; } =20 - /* FIXME Use real permissions */ s =3D block_job_create(job_id, &commit_job_driver, bs, 0, BLK_PERM_ALL, speed, BLOCK_JOB_DEFAULT, NULL, NULL, errp); if (!s) { @@ -262,34 +308,62 @@ void commit_start(const char *job_id, BlockDriverStat= e *bs, } } =20 + /* Insert commit_top block node above top, so we can block consistent = read + * on the backing chain below it */ + commit_top_bs =3D bdrv_new_open_driver(&bdrv_commit_top, NULL, 0, errp= ); + if (commit_top_bs =3D=3D NULL) { + goto fail; + } + + bdrv_set_backing_hd(commit_top_bs, top); + bdrv_set_backing_hd(overlay_bs, commit_top_bs); + + s->commit_top_bs =3D commit_top_bs; + bdrv_unref(commit_top_bs); =20 /* Block all nodes between top and base, because they will * disappear from the chain after this operation. */ assert(bdrv_chain_contains(top, base)); - for (iter =3D top; iter !=3D backing_bs(base); iter =3D backing_bs(ite= r)) { - /* FIXME Use real permissions */ - block_job_add_bdrv(&s->common, "intermediate node", iter, 0, - BLK_PERM_ALL, &error_abort); + for (iter =3D top; iter !=3D base; iter =3D backing_bs(iter)) { + /* XXX BLK_PERM_WRITE needs to be allowed so we don't block oursel= ves + * at s->base (if writes are blocked for a node, they are also blo= cked + * for its backing file). The other options would be a second filt= er + * driver above s->base. */ + ret =3D block_job_add_bdrv(&s->common, "intermediate node", iter, = 0, + BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE, + errp); + if (ret < 0) { + goto fail; + } } + + ret =3D block_job_add_bdrv(&s->common, "base", base, 0, BLK_PERM_ALL, = errp); + if (ret < 0) { + goto fail; + } + /* overlay_bs must be blocked because it needs to be modified to - * update the backing image string, but if it's the root node then - * don't block it again */ - if (bs !=3D overlay_bs) { - /* FIXME Use real permissions */ - block_job_add_bdrv(&s->common, "overlay of top", overlay_bs, 0, - BLK_PERM_ALL, &error_abort); + * update the backing image string. */ + ret =3D block_job_add_bdrv(&s->common, "overlay of top", overlay_bs, + BLK_PERM_GRAPH_MOD, BLK_PERM_ALL, errp); + if (ret < 0) { + goto fail; } =20 - /* FIXME Use real permissions */ - s->base =3D blk_new(0, BLK_PERM_ALL); + s->base =3D blk_new(BLK_PERM_CONSISTENT_READ + | BLK_PERM_WRITE + | BLK_PERM_RESIZE, + BLK_PERM_CONSISTENT_READ + | BLK_PERM_GRAPH_MOD + | BLK_PERM_WRITE_UNCHANGED); ret =3D blk_insert_bs(s->base, base, errp); if (ret < 0) { goto fail; } =20 - /* FIXME Use real permissions */ + /* Required permissions are already taken with block_job_add_bdrv() */ s->top =3D blk_new(0, BLK_PERM_ALL); - ret =3D blk_insert_bs(s->top, top, errp); + blk_insert_bs(s->top, top, errp); if (ret < 0) { goto fail; } @@ -314,6 +388,9 @@ fail: if (s->top) { blk_unref(s->top); } + if (commit_top_bs) { + bdrv_set_backing_hd(overlay_bs, top); + } block_job_unref(&s->common); } =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 148828945629412.750246497873718; Tue, 28 Feb 2017 05:44:16 -0800 (PST) Received: from localhost ([::1]:32882 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii4c-0007sg-2B for importer@patchew.org; Tue, 28 Feb 2017 08:44:14 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43699) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJP-0004bU-HD for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:28 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJO-0004M1-P6 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:27 -0500 Received: from mx1.redhat.com ([209.132.183.28]:57146) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJM-0004HZ-Kp; Tue, 28 Feb 2017 07:55:24 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id AE4803B71F; Tue, 28 Feb 2017 12:55:24 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQS029713; Tue, 28 Feb 2017 07:55:23 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:11 +0100 Message-Id: <1488286469-9381-27-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 28 Feb 2017 12:55:24 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 26/44] commit: Use real permissions for HMP 'commit' X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This is a little simpler than the commit block job because it's synchronous and only commits into the immediate backing file, but otherwise doing more or less the same. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/commit.c | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/block/commit.c b/block/commit.c index 8de4473..f18026b 100644 --- a/block/commit.c +++ b/block/commit.c @@ -401,11 +401,14 @@ fail: int bdrv_commit(BlockDriverState *bs) { BlockBackend *src, *backing; + BlockDriverState *backing_file_bs =3D NULL; + BlockDriverState *commit_top_bs =3D NULL; BlockDriver *drv =3D bs->drv; int64_t sector, total_sectors, length, backing_length; int n, ro, open_flags; int ret =3D 0; uint8_t *buf =3D NULL; + Error *local_err =3D NULL; =20 if (!drv) return -ENOMEDIUM; @@ -428,17 +431,31 @@ int bdrv_commit(BlockDriverState *bs) } } =20 - /* FIXME Use real permissions */ - src =3D blk_new(0, BLK_PERM_ALL); - backing =3D blk_new(0, BLK_PERM_ALL); + src =3D blk_new(BLK_PERM_CONSISTENT_READ, BLK_PERM_ALL); + backing =3D blk_new(BLK_PERM_WRITE | BLK_PERM_RESIZE, BLK_PERM_ALL); =20 - ret =3D blk_insert_bs(src, bs, NULL); + ret =3D blk_insert_bs(src, bs, &local_err); if (ret < 0) { + error_report_err(local_err); + goto ro_cleanup; + } + + /* Insert commit_top block node above backing, so we can write to it */ + backing_file_bs =3D backing_bs(bs); + + commit_top_bs =3D bdrv_new_open_driver(&bdrv_commit_top, NULL, BDRV_O_= RDWR, + &local_err); + if (commit_top_bs =3D=3D NULL) { + error_report_err(local_err); goto ro_cleanup; } =20 - ret =3D blk_insert_bs(backing, bs->backing->bs, NULL); + bdrv_set_backing_hd(commit_top_bs, backing_file_bs); + bdrv_set_backing_hd(bs, commit_top_bs); + + ret =3D blk_insert_bs(backing, backing_file_bs, &local_err); if (ret < 0) { + error_report_err(local_err); goto ro_cleanup; } =20 @@ -512,8 +529,12 @@ int bdrv_commit(BlockDriverState *bs) ro_cleanup: qemu_vfree(buf); =20 - blk_unref(src); blk_unref(backing); + if (backing_file_bs) { + bdrv_set_backing_hd(bs, backing_file_bs); + } + bdrv_unref(commit_top_bs); + blk_unref(src); =20 if (ro) { /* ignoring error return here */ --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 148829036450953.622009827006764; Tue, 28 Feb 2017 05:59:24 -0800 (PST) Received: from localhost ([::1]:32986 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiJH-0004Cv-6x for importer@patchew.org; Tue, 28 Feb 2017 08:59:23 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43751) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJS-0004eg-96 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:31 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJR-0004OZ-1n for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:30 -0500 Received: from mx1.redhat.com ([209.132.183.28]:55142) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJO-0004Jv-De; Tue, 28 Feb 2017 07:55:26 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 82846C054C45; Tue, 28 Feb 2017 12:55:26 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQT029713; Tue, 28 Feb 2017 07:55:24 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:12 +0100 Message-Id: <1488286469-9381-28-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 28 Feb 2017 12:55:26 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 27/44] backup: Use real permissions in backup block job X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The backup block job doesn't have very complicated requirements: It needs to read from the source and write to the target, but it's fine with either side being changed. The only restriction is that we can't resize the image because the job uses a cached value. qemu-iotests 055 needs to be changed because it used a target which was already attached to a virtio-blk device. The permission system correctly forbids this (virtio-blk can't accept another writer with its default share-rw=3Doff). Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/backup.c | 15 ++++++++++----- tests/qemu-iotests/055 | 11 +++++++---- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/block/backup.c b/block/backup.c index 405f271..d1ab617 100644 --- a/block/backup.c +++ b/block/backup.c @@ -618,15 +618,20 @@ BlockJob *backup_job_create(const char *job_id, Block= DriverState *bs, goto error; } =20 - /* FIXME Use real permissions */ - job =3D block_job_create(job_id, &backup_job_driver, bs, 0, BLK_PERM_A= LL, + /* job->common.len is fixed, so we can't allow resize */ + job =3D block_job_create(job_id, &backup_job_driver, bs, + BLK_PERM_CONSISTENT_READ, + BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE | + BLK_PERM_WRITE_UNCHANGED | BLK_PERM_GRAPH_MOD, speed, creation_flags, cb, opaque, errp); if (!job) { goto error; } =20 - /* FIXME Use real permissions */ - job->target =3D blk_new(0, BLK_PERM_ALL); + /* The target must match the source in size, so no resize here either = */ + job->target =3D blk_new(BLK_PERM_WRITE, + BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE | + BLK_PERM_WRITE_UNCHANGED | BLK_PERM_GRAPH_MOD); ret =3D blk_insert_bs(job->target, target, errp); if (ret < 0) { goto error; @@ -657,7 +662,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDr= iverState *bs, job->cluster_size =3D MAX(BACKUP_CLUSTER_SIZE_DEFAULT, bdi.cluster= _size); } =20 - /* FIXME Use real permissions */ + /* Required permissions are already taken with target's blk_new() */ block_job_add_bdrv(&job->common, "target", target, 0, BLK_PERM_ALL, &error_abort); job->common.len =3D len; diff --git a/tests/qemu-iotests/055 b/tests/qemu-iotests/055 index 1d3fd04..aafcd24 100755 --- a/tests/qemu-iotests/055 +++ b/tests/qemu-iotests/055 @@ -48,7 +48,8 @@ class TestSingleDrive(iotests.QMPTestCase): def setUp(self): qemu_img('create', '-f', iotests.imgfmt, blockdev_target_img, str(= image_len)) =20 - self.vm =3D iotests.VM().add_drive(test_img).add_drive(blockdev_ta= rget_img) + self.vm =3D iotests.VM().add_drive(test_img) + self.vm.add_drive(blockdev_target_img, interface=3D"none") if iotests.qemu_default_machine =3D=3D 'pc': self.vm.add_drive(None, 'media=3Dcdrom', 'ide') self.vm.launch() @@ -164,7 +165,8 @@ class TestSetSpeed(iotests.QMPTestCase): def setUp(self): qemu_img('create', '-f', iotests.imgfmt, blockdev_target_img, str(= image_len)) =20 - self.vm =3D iotests.VM().add_drive(test_img).add_drive(blockdev_ta= rget_img) + self.vm =3D iotests.VM().add_drive(test_img) + self.vm.add_drive(blockdev_target_img, interface=3D"none") self.vm.launch() =20 def tearDown(self): @@ -247,7 +249,8 @@ class TestSingleTransaction(iotests.QMPTestCase): def setUp(self): qemu_img('create', '-f', iotests.imgfmt, blockdev_target_img, str(= image_len)) =20 - self.vm =3D iotests.VM().add_drive(test_img).add_drive(blockdev_ta= rget_img) + self.vm =3D iotests.VM().add_drive(test_img) + self.vm.add_drive(blockdev_target_img, interface=3D"none") if iotests.qemu_default_machine =3D=3D 'pc': self.vm.add_drive(None, 'media=3Dcdrom', 'ide') self.vm.launch() @@ -460,7 +463,7 @@ class TestDriveCompression(iotests.QMPTestCase): =20 qemu_img('create', '-f', fmt, blockdev_target_img, str(TestDriveCompression.image_len), *args) - self.vm.add_drive(blockdev_target_img, format=3Dfmt) + self.vm.add_drive(blockdev_target_img, format=3Dfmt, interface=3D"= none") =20 self.vm.launch() =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488289731550290.82771379865767; Tue, 28 Feb 2017 05:48:51 -0800 (PST) Received: from localhost ([::1]:32912 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cii93-0003BU-AI for importer@patchew.org; Tue, 28 Feb 2017 08:48:49 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43765) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJT-0004fq-AM for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:34 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJS-0004Ot-K2 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:31 -0500 Received: from mx1.redhat.com ([209.132.183.28]:51857) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJQ-0004OA-N5; Tue, 28 Feb 2017 07:55:28 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B8A9F85365; Tue, 28 Feb 2017 12:55:28 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQU029713; Tue, 28 Feb 2017 07:55:26 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:13 +0100 Message-Id: <1488286469-9381-29-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 28 Feb 2017 12:55:28 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 28/44] block: Fix pending requests check in bdrv_append() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" bdrv_append() cares about isolation of the node that it modifies, but not about activity in some subtree below it. Instead of using the recursive bdrv_requests_pending(), directly check bs->in_flight, which considers only the node in question. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/block.c b/block.c index 9e538a5..5189c7c 100644 --- a/block.c +++ b/block.c @@ -2897,8 +2897,8 @@ static void change_parent_backing_link(BlockDriverSta= te *from, */ void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top) { - assert(!bdrv_requests_pending(bs_top)); - assert(!bdrv_requests_pending(bs_new)); + assert(!atomic_read(&bs_top->in_flight)); + assert(!atomic_read(&bs_new->in_flight)); =20 bdrv_ref(bs_top); =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290013791466.6152647948072; Tue, 28 Feb 2017 05:53:33 -0800 (PST) Received: from localhost ([::1]:32939 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiDc-00071t-Eb for importer@patchew.org; Tue, 28 Feb 2017 08:53:32 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43822) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJY-0004l9-4G for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:37 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJX-0004SK-01 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:36 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48870) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJS-0004Ok-Lf; Tue, 28 Feb 2017 07:55:30 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B76B881127; Tue, 28 Feb 2017 12:55:30 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQV029713; Tue, 28 Feb 2017 07:55:28 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:14 +0100 Message-Id: <1488286469-9381-30-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 28 Feb 2017 12:55:30 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 29/44] block: BdrvChildRole.attach/detach() callbacks X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Backing files are somewhat special compared to other kinds of children because they are attached and detached using bdrv_set_backing_hd() rather than the normal set of functions, which does a few more things like setting backing blockers, toggling the BDRV_O_NO_BACKING flag, setting parent_bs->backing_file, etc. These special features are a reason why change_parent_backing_link() can't handle backing files yet. With abstracting the additional features into .attach/.detach callbacks, we get a step closer to a function that can actually deal with this. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 95 ++++++++++++++++++++++++++++++-------------= ---- include/block/block_int.h | 3 ++ 2 files changed, 63 insertions(+), 35 deletions(-) diff --git a/block.c b/block.c index 5189c7c..698a5c7 100644 --- a/block.c +++ b/block.c @@ -807,6 +807,57 @@ const BdrvChildRole child_format =3D { .drained_end =3D bdrv_child_cb_drained_end, }; =20 +static void bdrv_backing_attach(BdrvChild *c) +{ + BlockDriverState *parent =3D c->opaque; + BlockDriverState *backing_hd =3D c->bs; + + assert(!parent->backing_blocker); + error_setg(&parent->backing_blocker, + "node is used as backing hd of '%s'", + bdrv_get_device_or_node_name(parent)); + + parent->open_flags &=3D ~BDRV_O_NO_BACKING; + pstrcpy(parent->backing_file, sizeof(parent->backing_file), + backing_hd->filename); + pstrcpy(parent->backing_format, sizeof(parent->backing_format), + backing_hd->drv ? backing_hd->drv->format_name : ""); + + bdrv_op_block_all(backing_hd, parent->backing_blocker); + /* Otherwise we won't be able to commit or stream */ + bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_COMMIT_TARGET, + parent->backing_blocker); + bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_STREAM, + parent->backing_blocker); + /* + * We do backup in 3 ways: + * 1. drive backup + * The target bs is new opened, and the source is top BDS + * 2. blockdev backup + * Both the source and the target are top BDSes. + * 3. internal backup(used for block replication) + * Both the source and the target are backing file + * + * In case 1 and 2, neither the source nor the target is the backing f= ile. + * In case 3, we will block the top BDS, so there is only one block job + * for the top BDS and its backing chain. + */ + bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_SOURCE, + parent->backing_blocker); + bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_TARGET, + parent->backing_blocker); +} + +static void bdrv_backing_detach(BdrvChild *c) +{ + BlockDriverState *parent =3D c->opaque; + + assert(parent->backing_blocker); + bdrv_op_unblock_all(c->bs, parent->backing_blocker); + error_free(parent->backing_blocker); + parent->backing_blocker =3D NULL; +} + /* * Returns the options and flags that bs->backing should get, based on the * given options and flags for the parent BDS @@ -833,6 +884,8 @@ static void bdrv_backing_options(int *child_flags, QDic= t *child_options, =20 const BdrvChildRole child_backing =3D { .get_parent_desc =3D bdrv_child_get_parent_desc, + .attach =3D bdrv_backing_attach, + .detach =3D bdrv_backing_detach, .inherit_options =3D bdrv_backing_options, .drained_begin =3D bdrv_child_cb_drained_begin, .drained_end =3D bdrv_child_cb_drained_end, @@ -1670,6 +1723,9 @@ static void bdrv_replace_child(BdrvChild *child, Bloc= kDriverState *new_bs, if (old_bs->quiesce_counter && child->role->drained_end) { child->role->drained_end(child); } + if (child->role->detach) { + child->role->detach(child); + } QLIST_REMOVE(child, next_parent); =20 /* Update permissions for old node. This is guaranteed to succeed @@ -1693,6 +1749,10 @@ static void bdrv_replace_child(BdrvChild *child, Blo= ckDriverState *new_bs, bdrv_check_perm(new_bs, perm, shared_perm, &error_abort); } bdrv_set_perm(new_bs, perm, shared_perm); + + if (child->role->attach) { + child->role->attach(child); + } } } =20 @@ -1830,52 +1890,17 @@ void bdrv_set_backing_hd(BlockDriverState *bs, Bloc= kDriverState *backing_hd) } =20 if (bs->backing) { - assert(bs->backing_blocker); - bdrv_op_unblock_all(bs->backing->bs, bs->backing_blocker); bdrv_unref_child(bs, bs->backing); - } else if (backing_hd) { - error_setg(&bs->backing_blocker, - "node is used as backing hd of '%s'", - bdrv_get_device_or_node_name(bs)); } =20 if (!backing_hd) { - error_free(bs->backing_blocker); - bs->backing_blocker =3D NULL; bs->backing =3D NULL; goto out; } /* FIXME Error handling */ bs->backing =3D bdrv_attach_child(bs, backing_hd, "backing", &child_ba= cking, &error_abort); - bs->open_flags &=3D ~BDRV_O_NO_BACKING; - pstrcpy(bs->backing_file, sizeof(bs->backing_file), backing_hd->filena= me); - pstrcpy(bs->backing_format, sizeof(bs->backing_format), - backing_hd->drv ? backing_hd->drv->format_name : ""); =20 - bdrv_op_block_all(backing_hd, bs->backing_blocker); - /* Otherwise we won't be able to commit or stream */ - bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_COMMIT_TARGET, - bs->backing_blocker); - bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_STREAM, - bs->backing_blocker); - /* - * We do backup in 3 ways: - * 1. drive backup - * The target bs is new opened, and the source is top BDS - * 2. blockdev backup - * Both the source and the target are top BDSes. - * 3. internal backup(used for block replication) - * Both the source and the target are backing file - * - * In case 1 and 2, neither the source nor the target is the backing f= ile. - * In case 3, we will block the top BDS, so there is only one block job - * for the top BDS and its backing chain. - */ - bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_SOURCE, - bs->backing_blocker); - bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_TARGET, - bs->backing_blocker); out: bdrv_refresh_limits(bs, NULL); } diff --git a/include/block/block_int.h b/include/block/block_int.h index a0d9328..a5c704b 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -472,6 +472,9 @@ struct BdrvChildRole { */ void (*drained_begin)(BdrvChild *child); void (*drained_end)(BdrvChild *child); + + void (*attach)(BdrvChild *child); + void (*detach)(BdrvChild *child); }; =20 extern const BdrvChildRole child_file; --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290643079147.3168515876356; Tue, 28 Feb 2017 06:04:03 -0800 (PST) Received: from localhost ([::1]:33015 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiNl-00004v-LM for importer@patchew.org; Tue, 28 Feb 2017 09:04:01 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43827) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJY-0004lS-Cv for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:37 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJX-0004Sq-Kv for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:36 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48874) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJU-0004PA-BG; Tue, 28 Feb 2017 07:55:32 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 65E9881127; Tue, 28 Feb 2017 12:55:32 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQW029713; Tue, 28 Feb 2017 07:55:30 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:15 +0100 Message-Id: <1488286469-9381-31-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 28 Feb 2017 12:55:32 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 30/44] block: Allow backing file links in change_parent_backing_link() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Now that the backing file child role implements .attach/.detach callbacks, nothing prevents us from modifying the graph even if that involves changing backing file links. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/block.c b/block.c index 698a5c7..79d9ad0 100644 --- a/block.c +++ b/block.c @@ -2882,9 +2882,9 @@ static void change_parent_backing_link(BlockDriverSta= te *from, continue; } if (c->role =3D=3D &child_backing) { - /* @from is generally not allowed to be a backing file, except= for - * when @to is the overlay. In that case, @from may not be rep= laced - * by @to as @to's backing node. */ + /* If @from is a backing file of @to, ignore the child to avoid + * creating a loop. We only want to change the pointer of other + * parents. */ QLIST_FOREACH(to_c, &to->children, next) { if (to_c =3D=3D c) { break; @@ -2895,7 +2895,6 @@ static void change_parent_backing_link(BlockDriverSta= te *from, } } =20 - assert(c->role !=3D &child_backing); bdrv_ref(to); /* FIXME Are we sure that bdrv_replace_child() can't run into * &error_abort because of permissions? */ --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 148829139910587.00331096035734; Tue, 28 Feb 2017 06:16:39 -0800 (PST) Received: from localhost ([::1]:33111 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiZw-0002WV-OE for importer@patchew.org; Tue, 28 Feb 2017 09:16:36 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43850) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJZ-0004mx-Nu for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:38 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJZ-0004Tb-1a for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:37 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48946) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJW-0004QZ-Go; Tue, 28 Feb 2017 07:55:34 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 58C1880479; Tue, 28 Feb 2017 12:55:34 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQX029713; Tue, 28 Feb 2017 07:55:32 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:16 +0100 Message-Id: <1488286469-9381-32-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:55:34 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 31/44] blockjob: Factor out block_job_remove_all_bdrv() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" In some cases, we want to remove op blockers on intermediate nodes before the whole block job transaction has completed (because they block restoring the final graph state during completion). Provide a function for this. The whole block job lifecycle is a bit messed up and it's hard to actually do all things in the right order, but I'll leave simplifying this for another day. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- blockjob.c | 20 +++++++++++++------- include/block/blockjob.h | 9 +++++++++ 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/blockjob.c b/blockjob.c index 4216cde..69126af 100644 --- a/blockjob.c +++ b/blockjob.c @@ -128,6 +128,18 @@ static void block_job_detach_aio_context(void *opaque) block_job_unref(job); } =20 +void block_job_remove_all_bdrv(BlockJob *job) +{ + GSList *l; + for (l =3D job->nodes; l; l =3D l->next) { + BdrvChild *c =3D l->data; + bdrv_op_unblock_all(c->bs, job->blocker); + bdrv_root_unref_child(c); + } + g_slist_free(job->nodes); + job->nodes =3D NULL; +} + int block_job_add_bdrv(BlockJob *job, const char *name, BlockDriverState *= bs, uint64_t perm, uint64_t shared_perm, Error **errp) { @@ -258,15 +270,9 @@ void block_job_ref(BlockJob *job) void block_job_unref(BlockJob *job) { if (--job->refcnt =3D=3D 0) { - GSList *l; BlockDriverState *bs =3D blk_bs(job->blk); bs->job =3D NULL; - for (l =3D job->nodes; l; l =3D l->next) { - BdrvChild *c =3D l->data; - bdrv_op_unblock_all(c->bs, job->blocker); - bdrv_root_unref_child(c); - } - g_slist_free(job->nodes); + block_job_remove_all_bdrv(job); blk_remove_aio_context_notifier(job->blk, block_job_attached_aio_context, block_job_detach_aio_context, job); diff --git a/include/block/blockjob.h b/include/block/blockjob.h index 9d65ef8..9e906f7 100644 --- a/include/block/blockjob.h +++ b/include/block/blockjob.h @@ -181,6 +181,15 @@ int block_job_add_bdrv(BlockJob *job, const char *name= , BlockDriverState *bs, uint64_t perm, uint64_t shared_perm, Error **errp); =20 /** + * block_job_remove_all_bdrv: + * @job: The block job + * + * Remove all BlockDriverStates from the list of nodes that are involved i= n the + * job. This removes the blockers added with block_job_add_bdrv(). + */ +void block_job_remove_all_bdrv(BlockJob *job); + +/** * block_job_set_speed: * @job: The job to set the speed for. * @speed: The new value --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291682726802.0706402408091; Tue, 28 Feb 2017 06:21:22 -0800 (PST) Received: from localhost ([::1]:33180 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciieW-0006dT-C3 for importer@patchew.org; Tue, 28 Feb 2017 09:21:20 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43935) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJf-0004t2-A8 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:45 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJd-0004V0-01 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:43 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35428) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJX-0004Sg-WF; Tue, 28 Feb 2017 07:55:36 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 117114E328; Tue, 28 Feb 2017 12:55:36 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQY029713; Tue, 28 Feb 2017 07:55:34 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:17 +0100 Message-Id: <1488286469-9381-33-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 28 Feb 2017 12:55:36 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 32/44] mirror: Use real permissions in mirror/active commit block job X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The mirror block job is mainly used for two different scenarios: Mirroring to an otherwise unused, independent target node, or for active commit where the target node is part of the backing chain of the source. Similarly to the commit block job patch, we need to insert a new filter node to keep the permissions correct during active commit. Note that one change this implies is that job->blk points to mirror_top_bs as its root now, and mirror_top_bs (rather than the actual source node) contains the bs->job pointer. This requires qemu-img commit to get the job by name now rather than just taking bs->job. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Acked-by: Max Reitz --- block/mirror.c | 216 ++++++++++++++++++++++++++++++++++++++---= ---- qemu-img.c | 6 +- tests/qemu-iotests/141 | 2 +- tests/qemu-iotests/141.out | 4 +- 4 files changed, 190 insertions(+), 38 deletions(-) diff --git a/block/mirror.c b/block/mirror.c index beaac6f..a2f22e1 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -38,7 +38,10 @@ typedef struct MirrorBlockJob { BlockJob common; RateLimit limit; BlockBackend *target; + BlockDriverState *mirror_top_bs; + BlockDriverState *source; BlockDriverState *base; + /* The name of the graph node to replace */ char *replaces; /* The BDS to replace */ @@ -327,7 +330,7 @@ static void mirror_do_zero_or_discard(MirrorBlockJob *s, =20 static uint64_t coroutine_fn mirror_iteration(MirrorBlockJob *s) { - BlockDriverState *source =3D blk_bs(s->common.blk); + BlockDriverState *source =3D s->source; int64_t sector_num, first_chunk; uint64_t delay_ns =3D 0; /* At least the first dirty chunk is mirrored in one iteration. */ @@ -497,12 +500,25 @@ static void mirror_exit(BlockJob *job, void *opaque) MirrorBlockJob *s =3D container_of(job, MirrorBlockJob, common); MirrorExitData *data =3D opaque; AioContext *replace_aio_context =3D NULL; - BlockDriverState *src =3D blk_bs(s->common.blk); + BlockDriverState *src =3D s->source; BlockDriverState *target_bs =3D blk_bs(s->target); + BlockDriverState *mirror_top_bs =3D s->mirror_top_bs; =20 /* Make sure that the source BDS doesn't go away before we called * block_job_completed(). */ bdrv_ref(src); + bdrv_ref(mirror_top_bs); + + /* We don't access the source any more. Dropping any WRITE/RESIZE is + * required before it could become a backing file of target_bs. */ + bdrv_child_try_set_perm(mirror_top_bs->backing, 0, BLK_PERM_ALL, + &error_abort); + if (s->backing_mode =3D=3D MIRROR_SOURCE_BACKING_CHAIN) { + BlockDriverState *backing =3D s->is_none_mode ? src : s->base; + if (backing_bs(target_bs) !=3D backing) { + bdrv_set_backing_hd(target_bs, backing); + } + } =20 if (s->to_replace) { replace_aio_context =3D bdrv_get_aio_context(s->to_replace); @@ -524,13 +540,6 @@ static void mirror_exit(BlockJob *job, void *opaque) bdrv_drained_begin(target_bs); bdrv_replace_in_backing_chain(to_replace, target_bs); bdrv_drained_end(target_bs); - - /* We just changed the BDS the job BB refers to, so switch the BB = back - * so the cleanup does the right thing. We don't need any permissi= ons - * any more now. */ - blk_remove_bs(job->blk); - blk_set_perm(job->blk, 0, BLK_PERM_ALL, &error_abort); - blk_insert_bs(job->blk, src, &error_abort); } if (s->to_replace) { bdrv_op_unblock_all(s->to_replace, s->replace_blocker); @@ -543,9 +552,26 @@ static void mirror_exit(BlockJob *job, void *opaque) g_free(s->replaces); blk_unref(s->target); s->target =3D NULL; + + /* Remove the mirror filter driver from the graph. Before this, get ri= d of + * the blockers on the intermediate nodes so that the resulting state = is + * valid. */ + block_job_remove_all_bdrv(job); + bdrv_replace_in_backing_chain(mirror_top_bs, backing_bs(mirror_top_bs)= ); + + /* We just changed the BDS the job BB refers to (with either or both o= f the + * bdrv_replace_in_backing_chain() calls), so switch the BB back so the + * cleanup does the right thing. We don't need any permissions any more + * now. */ + blk_remove_bs(job->blk); + blk_set_perm(job->blk, 0, BLK_PERM_ALL, &error_abort); + blk_insert_bs(job->blk, mirror_top_bs, &error_abort); + block_job_completed(&s->common, data->ret); + g_free(data); bdrv_drained_end(src); + bdrv_unref(mirror_top_bs); bdrv_unref(src); } =20 @@ -565,7 +591,7 @@ static int coroutine_fn mirror_dirty_init(MirrorBlockJo= b *s) { int64_t sector_num, end; BlockDriverState *base =3D s->base; - BlockDriverState *bs =3D blk_bs(s->common.blk); + BlockDriverState *bs =3D s->source; BlockDriverState *target_bs =3D blk_bs(s->target); int ret, n; =20 @@ -647,7 +673,7 @@ static void coroutine_fn mirror_run(void *opaque) { MirrorBlockJob *s =3D opaque; MirrorExitData *data; - BlockDriverState *bs =3D blk_bs(s->common.blk); + BlockDriverState *bs =3D s->source; BlockDriverState *target_bs =3D blk_bs(s->target); bool need_drain =3D true; int64_t length; @@ -879,9 +905,8 @@ static void mirror_set_speed(BlockJob *job, int64_t spe= ed, Error **errp) static void mirror_complete(BlockJob *job, Error **errp) { MirrorBlockJob *s =3D container_of(job, MirrorBlockJob, common); - BlockDriverState *src, *target; + BlockDriverState *target; =20 - src =3D blk_bs(job->blk); target =3D blk_bs(s->target); =20 if (!s->synced) { @@ -913,6 +938,10 @@ static void mirror_complete(BlockJob *job, Error **err= p) replace_aio_context =3D bdrv_get_aio_context(s->to_replace); aio_context_acquire(replace_aio_context); =20 + /* TODO Translate this into permission system. Current definition = of + * GRAPH_MOD would require to request it for the parents; they mig= ht + * not even be BlockDriverStates, however, so a BdrvChild can't ad= dress + * them. May need redefinition of GRAPH_MOD. */ error_setg(&s->replace_blocker, "block device is in use by block-job-complete"); bdrv_op_block_all(s->to_replace, s->replace_blocker); @@ -921,13 +950,6 @@ static void mirror_complete(BlockJob *job, Error **err= p) aio_context_release(replace_aio_context); } =20 - if (s->backing_mode =3D=3D MIRROR_SOURCE_BACKING_CHAIN) { - BlockDriverState *backing =3D s->is_none_mode ? src : s->base; - if (backing_bs(target) !=3D backing) { - bdrv_set_backing_hd(target, backing); - } - } - s->should_complete =3D true; block_job_enter(&s->common); } @@ -983,6 +1005,77 @@ static const BlockJobDriver commit_active_job_driver = =3D { .drain =3D mirror_drain, }; =20 +static int coroutine_fn bdrv_mirror_top_preadv(BlockDriverState *bs, + uint64_t offset, uint64_t bytes, QEMUIOVector *qiov, int flags) +{ + return bdrv_co_preadv(bs->backing, offset, bytes, qiov, flags); +} + +static int coroutine_fn bdrv_mirror_top_pwritev(BlockDriverState *bs, + uint64_t offset, uint64_t bytes, QEMUIOVector *qiov, int flags) +{ + return bdrv_co_pwritev(bs->backing, offset, bytes, qiov, flags); +} + +static int coroutine_fn bdrv_mirror_top_flush(BlockDriverState *bs) +{ + return bdrv_co_flush(bs->backing->bs); +} + +static int64_t coroutine_fn bdrv_mirror_top_get_block_status( + BlockDriverState *bs, int64_t sector_num, int nb_sectors, int *pnum, + BlockDriverState **file) +{ + *pnum =3D nb_sectors; + *file =3D bs->backing->bs; + return BDRV_BLOCK_RAW | BDRV_BLOCK_OFFSET_VALID | BDRV_BLOCK_DATA | + (sector_num << BDRV_SECTOR_BITS); +} + +static int coroutine_fn bdrv_mirror_top_pwrite_zeroes(BlockDriverState *bs, + int64_t offset, int count, BdrvRequestFlags flags) +{ + return bdrv_co_pwrite_zeroes(bs->backing, offset, count, flags); +} + +static int coroutine_fn bdrv_mirror_top_pdiscard(BlockDriverState *bs, + int64_t offset, int count) +{ + return bdrv_co_pdiscard(bs->backing->bs, offset, count); +} + +static void bdrv_mirror_top_close(BlockDriverState *bs) +{ +} + +static void bdrv_mirror_top_child_perm(BlockDriverState *bs, BdrvChild *c, + const BdrvChildRole *role, + uint64_t perm, uint64_t shared, + uint64_t *nperm, uint64_t *nshared) +{ + /* Must be able to forward guest writes to the real image */ + *nperm =3D 0; + if (perm & BLK_PERM_WRITE) { + *nperm |=3D BLK_PERM_WRITE; + } + + *nshared =3D BLK_PERM_ALL; +} + +/* Dummy node that provides consistent read to its users without requiring= it + * from its backing file and that allows writes on the backing file chain.= */ +static BlockDriver bdrv_mirror_top =3D { + .format_name =3D "mirror_top", + .bdrv_co_preadv =3D bdrv_mirror_top_preadv, + .bdrv_co_pwritev =3D bdrv_mirror_top_pwritev, + .bdrv_co_pwrite_zeroes =3D bdrv_mirror_top_pwrite_zeroes, + .bdrv_co_pdiscard =3D bdrv_mirror_top_pdiscard, + .bdrv_co_flush =3D bdrv_mirror_top_flush, + .bdrv_co_get_block_status =3D bdrv_mirror_top_get_block_status, + .bdrv_close =3D bdrv_mirror_top_close, + .bdrv_child_perm =3D bdrv_mirror_top_child_perm, +}; + static void mirror_start_job(const char *job_id, BlockDriverState *bs, int creation_flags, BlockDriverState *target, const char *replaces, int64_t speed, @@ -998,6 +1091,9 @@ static void mirror_start_job(const char *job_id, Block= DriverState *bs, bool auto_complete) { MirrorBlockJob *s; + BlockDriverState *mirror_top_bs; + bool target_graph_mod; + bool target_is_backing; int ret; =20 if (granularity =3D=3D 0) { @@ -1015,20 +1111,55 @@ static void mirror_start_job(const char *job_id, Bl= ockDriverState *bs, buf_size =3D DEFAULT_MIRROR_BUF_SIZE; } =20 - /* FIXME Use real permissions */ - s =3D block_job_create(job_id, driver, bs, 0, BLK_PERM_ALL, speed, + /* In the case of active commit, add dummy driver to provide consistent + * reads on the top, while disabling it in the intermediate nodes, and= make + * the backing chain writable. */ + mirror_top_bs =3D bdrv_new_open_driver(&bdrv_mirror_top, NULL, BDRV_O_= RDWR, + errp); + if (mirror_top_bs =3D=3D NULL) { + return; + } + mirror_top_bs->total_sectors =3D bs->total_sectors; + + /* bdrv_append takes ownership of the mirror_top_bs reference, need to= keep + * it alive until block_job_create() even if bs has no parent. */ + bdrv_ref(mirror_top_bs); + bdrv_drained_begin(bs); + bdrv_append(mirror_top_bs, bs); + bdrv_drained_end(bs); + + /* Make sure that the source is not resized while the job is running */ + s =3D block_job_create(job_id, driver, mirror_top_bs, + BLK_PERM_CONSISTENT_READ, + BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANG= ED | + BLK_PERM_WRITE | BLK_PERM_GRAPH_MOD, speed, creation_flags, cb, opaque, errp); + bdrv_unref(mirror_top_bs); if (!s) { - return; + goto fail; } - - /* FIXME Use real permissions */ - s->target =3D blk_new(0, BLK_PERM_ALL); + s->source =3D bs; + s->mirror_top_bs =3D mirror_top_bs; + + /* No resize for the target either; while the mirror is still running,= a + * consistent read isn't necessarily possible. We could possibly allow + * writes and graph modifications, though it would likely defeat the + * purpose of a mirror, so leave them blocked for now. + * + * In the case of active commit, things look a bit different, though, + * because the target is an already populated backing file in active u= se. + * We can allow anything except resize there.*/ + target_is_backing =3D bdrv_chain_contains(bs, target); + target_graph_mod =3D (backing_mode !=3D MIRROR_LEAVE_BACKING_CHAIN); + s->target =3D blk_new(BLK_PERM_WRITE | BLK_PERM_RESIZE | + (target_graph_mod ? BLK_PERM_GRAPH_MOD : 0), + BLK_PERM_WRITE_UNCHANGED | + (target_is_backing ? BLK_PERM_CONSISTENT_READ | + BLK_PERM_WRITE | + BLK_PERM_GRAPH_MOD : 0)); ret =3D blk_insert_bs(s->target, target, errp); if (ret < 0) { - blk_unref(s->target); - block_job_unref(&s->common); - return; + goto fail; } =20 s->replaces =3D g_strdup(replaces); @@ -1052,23 +1183,40 @@ static void mirror_start_job(const char *job_id, Bl= ockDriverState *bs, return; } =20 - /* FIXME Use real permissions */ + /* Required permissions are already taken with blk_new() */ block_job_add_bdrv(&s->common, "target", target, 0, BLK_PERM_ALL, &error_abort); =20 /* In commit_active_start() all intermediate nodes disappear, so * any jobs in them must be blocked */ - if (bdrv_chain_contains(bs, target)) { + if (target_is_backing) { BlockDriverState *iter; for (iter =3D backing_bs(bs); iter !=3D target; iter =3D backing_b= s(iter)) { - /* FIXME Use real permissions */ - block_job_add_bdrv(&s->common, "intermediate node", iter, 0, - BLK_PERM_ALL, &error_abort); + /* XXX BLK_PERM_WRITE needs to be allowed so we don't block + * ourselves at s->base (if writes are blocked for a node, the= y are + * also blocked for its backing file). The other options would= be a + * second filter driver above s->base (=3D=3D target). */ + ret =3D block_job_add_bdrv(&s->common, "intermediate node", it= er, 0, + BLK_PERM_WRITE_UNCHANGED | BLK_PERM_W= RITE, + errp); + if (ret < 0) { + goto fail; + } } } =20 trace_mirror_start(bs, s, opaque); block_job_start(&s->common); + return; + +fail: + if (s) { + g_free(s->replaces); + blk_unref(s->target); + block_job_unref(&s->common); + } + + bdrv_replace_in_backing_chain(mirror_top_bs, backing_bs(mirror_top_bs)= ); } =20 void mirror_start(const char *job_id, BlockDriverState *bs, diff --git a/qemu-img.c b/qemu-img.c index 6fc6bc3..d629e71 100644 --- a/qemu-img.c +++ b/qemu-img.c @@ -809,6 +809,8 @@ static void run_block_job(BlockJob *job, Error **errp) { AioContext *aio_context =3D blk_get_aio_context(job->blk); =20 + /* FIXME In error cases, the job simply goes away and we access a dang= ling + * pointer below. */ aio_context_acquire(aio_context); do { aio_poll(aio_context, true); @@ -830,6 +832,7 @@ static int img_commit(int argc, char **argv) const char *filename, *fmt, *cache, *base; BlockBackend *blk; BlockDriverState *bs, *base_bs; + BlockJob *job; bool progress =3D false, quiet =3D false, drop =3D false; bool writethrough; Error *local_err =3D NULL; @@ -965,7 +968,8 @@ static int img_commit(int argc, char **argv) bdrv_ref(bs); } =20 - run_block_job(bs->job, &local_err); + job =3D block_job_get("commit"); + run_block_job(job, &local_err); if (local_err) { goto unref_backing; } diff --git a/tests/qemu-iotests/141 b/tests/qemu-iotests/141 index 3ba79f0..6d8f0a1 100755 --- a/tests/qemu-iotests/141 +++ b/tests/qemu-iotests/141 @@ -67,7 +67,7 @@ test_blockjob() _send_qemu_cmd $QEMU_HANDLE \ "{'execute': 'x-blockdev-del', 'arguments': {'node-name': 'drv0'}}" \ - 'error' + 'error' | _filter_generated_node_ids =20 _send_qemu_cmd $QEMU_HANDLE \ "{'execute': 'block-job-cancel', diff --git a/tests/qemu-iotests/141.out b/tests/qemu-iotests/141.out index 195ca1a..82e763b 100644 --- a/tests/qemu-iotests/141.out +++ b/tests/qemu-iotests/141.out @@ -20,7 +20,7 @@ Formatting 'TEST_DIR/o.IMGFMT', fmt=3DIMGFMT size=3D10485= 76 backing_file=3DTEST_DIR/t. Formatting 'TEST_DIR/o.IMGFMT', fmt=3DIMGFMT size=3D1048576 backing_file= =3DTEST_DIR/t.IMGFMT backing_fmt=3DIMGFMT {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "BLOCK_JOB_READY", "data": {"device": "job0", "len": 0, "offset": 0, "spe= ed": 0, "type": "mirror"}} {"return": {}} -{"error": {"class": "GenericError", "desc": "Node drv0 is in use"}} +{"error": {"class": "GenericError", "desc": "Node 'drv0' is busy: node is = used as backing hd of 'NODE_NAME'"}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "BLOCK_JOB_COMPLETED", "data": {"device": "job0", "len": 0, "offset": 0, = "speed": 0, "type": "mirror"}} {"return": {}} @@ -30,7 +30,7 @@ Formatting 'TEST_DIR/o.IMGFMT', fmt=3DIMGFMT size=3D10485= 76 backing_file=3DTEST_DIR/t. {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "BLOCK_JOB_READY", "data": {"device": "job0", "len": 0, "offset": 0, "spe= ed": 0, "type": "commit"}} {"return": {}} -{"error": {"class": "GenericError", "desc": "Node drv0 is in use"}} +{"error": {"class": "GenericError", "desc": "Node 'drv0' is busy: node is = used as backing hd of 'NODE_NAME'"}} {"return": {}} {"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event"= : "BLOCK_JOB_COMPLETED", "data": {"device": "job0", "len": 0, "offset": 0, = "speed": 0, "type": "commit"}} {"return": {}} --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290280128507.0529847079555; Tue, 28 Feb 2017 05:58:00 -0800 (PST) Received: from localhost ([::1]:32979 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiHu-0002gY-W7 for importer@patchew.org; Tue, 28 Feb 2017 08:57:59 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43932) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJf-0004ss-3I for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:44 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJc-0004Ui-G8 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:43 -0500 Received: from mx1.redhat.com ([209.132.183.28]:36860) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJa-0004Ti-0s; Tue, 28 Feb 2017 07:55:38 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 19189C04B95A; Tue, 28 Feb 2017 12:55:38 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQZ029713; Tue, 28 Feb 2017 07:55:36 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:18 +0100 Message-Id: <1488286469-9381-34-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Tue, 28 Feb 2017 12:55:38 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 33/44] stream: Use real permissions in streaming block job X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The correct permissions are relatively obvious here (and explained in code comments). For intermediate streaming, we need to reopen the top node read-write before creating the job now because the permissions system catches attempts to get the BLK_PERM_WRITE_UNCHANGED permission on a read-only node. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/stream.c | 39 +++++++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/block/stream.c b/block/stream.c index ba8650f..b9c2f43 100644 --- a/block/stream.c +++ b/block/stream.c @@ -84,6 +84,8 @@ static void stream_complete(BlockJob *job, void *opaque) =20 /* Reopen the image back in read-only mode if necessary */ if (s->bs_flags !=3D bdrv_get_flags(bs)) { + /* Give up write permissions before making it read-only */ + blk_set_perm(job->blk, 0, BLK_PERM_ALL, &error_abort); bdrv_reopen(bs, s->bs_flags, NULL); } =20 @@ -229,28 +231,35 @@ void stream_start(const char *job_id, BlockDriverStat= e *bs, BlockDriverState *iter; int orig_bs_flags; =20 - /* FIXME Use real permissions */ - s =3D block_job_create(job_id, &stream_job_driver, bs, 0, BLK_PERM_ALL, - speed, BLOCK_JOB_DEFAULT, NULL, NULL, errp); - if (!s) { - return; - } - /* Make sure that the image is opened in read-write mode */ orig_bs_flags =3D bdrv_get_flags(bs); if (!(orig_bs_flags & BDRV_O_RDWR)) { if (bdrv_reopen(bs, orig_bs_flags | BDRV_O_RDWR, errp) !=3D 0) { - block_job_unref(&s->common); return; } } =20 - /* Block all intermediate nodes between bs and base, because they - * will disappear from the chain after this operation */ + /* Prevent concurrent jobs trying to modify the graph structure here, = we + * already have our own plans. Also don't allow resize as the image si= ze is + * queried only at the job start and then cached. */ + s =3D block_job_create(job_id, &stream_job_driver, bs, + BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANG= ED | + BLK_PERM_GRAPH_MOD, + BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANG= ED | + BLK_PERM_WRITE, + speed, BLOCK_JOB_DEFAULT, NULL, NULL, errp); + if (!s) { + goto fail; + } + + /* Block all intermediate nodes between bs and base, because they will + * disappear from the chain after this operation. The streaming job re= ads + * every block only once, assuming that it doesn't change, so block wr= ites + * and resizes. */ for (iter =3D backing_bs(bs); iter && iter !=3D base; iter =3D backing= _bs(iter)) { - /* FIXME Use real permissions */ block_job_add_bdrv(&s->common, "intermediate node", iter, 0, - BLK_PERM_ALL, &error_abort); + BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHA= NGED, + &error_abort); } =20 s->base =3D base; @@ -260,4 +269,10 @@ void stream_start(const char *job_id, BlockDriverState= *bs, s->on_error =3D on_error; trace_stream_start(bs, base, s); block_job_start(&s->common); + return; + +fail: + if (orig_bs_flags !=3D bdrv_get_flags(bs)) { + bdrv_reopen(bs, s->bs_flags, NULL); + } } --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291924776989.4216064478004; Tue, 28 Feb 2017 06:25:24 -0800 (PST) Received: from localhost ([::1]:33260 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiiQ-0001Q6-VP for importer@patchew.org; Tue, 28 Feb 2017 09:25:23 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43985) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJi-0004vi-6H for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJg-0004Vx-Rw for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:46 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35456) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJb-0004UN-NQ; Tue, 28 Feb 2017 07:55:39 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C189F4E326; Tue, 28 Feb 2017 12:55:39 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQa029713; Tue, 28 Feb 2017 07:55:38 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:19 +0100 Message-Id: <1488286469-9381-35-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 28 Feb 2017 12:55:39 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 34/44] mirror: Add filter-node-name to blockdev-mirror X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Management tools need to be able to know about every node in the graph and need a way to address them. Changing the graph structure was okay because libvirt doesn't really manage the node level yet, but future libvirt versions need to deal with both new and old version of qemu. This new option to blockdev-mirror allows the client to set a node-name for the automatically inserted filter driver, and at the same time serves as a witness for a future libvirt that this version of qemu does automatically insert a filter driver. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/mirror.c | 14 ++++++++------ blockdev.c | 12 +++++++++++- include/block/block_int.h | 5 ++++- qapi/block-core.json | 8 +++++++- 4 files changed, 30 insertions(+), 9 deletions(-) diff --git a/block/mirror.c b/block/mirror.c index a2f22e1..5d6d9c5 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -1088,7 +1088,7 @@ static void mirror_start_job(const char *job_id, Bloc= kDriverState *bs, void *opaque, Error **errp, const BlockJobDriver *driver, bool is_none_mode, BlockDriverState *base, - bool auto_complete) + bool auto_complete, const char *filter_node_n= ame) { MirrorBlockJob *s; BlockDriverState *mirror_top_bs; @@ -1114,8 +1114,8 @@ static void mirror_start_job(const char *job_id, Bloc= kDriverState *bs, /* In the case of active commit, add dummy driver to provide consistent * reads on the top, while disabling it in the intermediate nodes, and= make * the backing chain writable. */ - mirror_top_bs =3D bdrv_new_open_driver(&bdrv_mirror_top, NULL, BDRV_O_= RDWR, - errp); + mirror_top_bs =3D bdrv_new_open_driver(&bdrv_mirror_top, filter_node_n= ame, + BDRV_O_RDWR, errp); if (mirror_top_bs =3D=3D NULL) { return; } @@ -1225,7 +1225,7 @@ void mirror_start(const char *job_id, BlockDriverStat= e *bs, MirrorSyncMode mode, BlockMirrorBackingMode backing_mode, BlockdevOnError on_source_error, BlockdevOnError on_target_error, - bool unmap, Error **errp) + bool unmap, const char *filter_node_name, Error **errp) { bool is_none_mode; BlockDriverState *base; @@ -1239,7 +1239,8 @@ void mirror_start(const char *job_id, BlockDriverStat= e *bs, mirror_start_job(job_id, bs, BLOCK_JOB_DEFAULT, target, replaces, speed, granularity, buf_size, backing_mode, on_source_error, on_target_error, unmap, NULL, NULL, = errp, - &mirror_job_driver, is_none_mode, base, false); + &mirror_job_driver, is_none_mode, base, false, + filter_node_name); } =20 void commit_active_start(const char *job_id, BlockDriverState *bs, @@ -1260,7 +1261,8 @@ void commit_active_start(const char *job_id, BlockDri= verState *bs, mirror_start_job(job_id, bs, creation_flags, base, NULL, speed, 0, 0, MIRROR_LEAVE_BACKING_CHAIN, on_error, on_error, true, cb, opaque, &local_err, - &commit_active_job_driver, false, base, auto_complete= ); + &commit_active_job_driver, false, base, auto_complete, + NULL); if (local_err) { error_propagate(errp, local_err); goto error_restore_flags; diff --git a/blockdev.c b/blockdev.c index 2374973..5bd09f8 100644 --- a/blockdev.c +++ b/blockdev.c @@ -3365,6 +3365,8 @@ static void blockdev_mirror_common(const char *job_id= , BlockDriverState *bs, bool has_on_target_error, BlockdevOnError on_target_error, bool has_unmap, bool unmap, + bool has_filter_node_name, + const char *filter_node_name, Error **errp) { =20 @@ -3386,6 +3388,9 @@ static void blockdev_mirror_common(const char *job_id= , BlockDriverState *bs, if (!has_unmap) { unmap =3D true; } + if (!has_filter_node_name) { + filter_node_name =3D NULL; + } =20 if (granularity !=3D 0 && (granularity < 512 || granularity > 1048576 = * 64)) { error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "granularity", @@ -3415,7 +3420,8 @@ static void blockdev_mirror_common(const char *job_id= , BlockDriverState *bs, mirror_start(job_id, bs, target, has_replaces ? replaces : NULL, speed, granularity, buf_size, sync, backing_mode, - on_source_error, on_target_error, unmap, errp); + on_source_error, on_target_error, unmap, filter_node_name, + errp); } =20 void qmp_drive_mirror(DriveMirror *arg, Error **errp) @@ -3553,6 +3559,7 @@ void qmp_drive_mirror(DriveMirror *arg, Error **errp) arg->has_on_source_error, arg->on_source_error, arg->has_on_target_error, arg->on_target_error, arg->has_unmap, arg->unmap, + false, NULL, &local_err); bdrv_unref(target_bs); error_propagate(errp, local_err); @@ -3571,6 +3578,8 @@ void qmp_blockdev_mirror(bool has_job_id, const char = *job_id, BlockdevOnError on_source_error, bool has_on_target_error, BlockdevOnError on_target_error, + bool has_filter_node_name, + const char *filter_node_name, Error **errp) { BlockDriverState *bs; @@ -3602,6 +3611,7 @@ void qmp_blockdev_mirror(bool has_job_id, const char = *job_id, has_on_source_error, on_source_error, has_on_target_error, on_target_error, true, true, + has_filter_node_name, filter_node_name, &local_err); error_propagate(errp, local_err); =20 diff --git a/include/block/block_int.h b/include/block/block_int.h index a5c704b..563b30c 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -824,6 +824,9 @@ void commit_active_start(const char *job_id, BlockDrive= rState *bs, * @on_source_error: The action to take upon error reading from the source. * @on_target_error: The action to take upon error writing to the target. * @unmap: Whether to unmap target where source sectors only contain zeroe= s. + * @filter_node_name: The node name that should be assigned to the filter + * driver that the mirror job inserts into the graph above @bs. NULL means= that + * a node name should be autogenerated. * @errp: Error object. * * Start a mirroring operation on @bs. Clusters that are allocated @@ -837,7 +840,7 @@ void mirror_start(const char *job_id, BlockDriverState = *bs, MirrorSyncMode mode, BlockMirrorBackingMode backing_mode, BlockdevOnError on_source_error, BlockdevOnError on_target_error, - bool unmap, Error **errp); + bool unmap, const char *filter_node_name, Error **errp); =20 /* * backup_job_create: diff --git a/qapi/block-core.json b/qapi/block-core.json index 5f82d35..63cb86c 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -1671,6 +1671,11 @@ # default 'report' (no limitations, since this applies to # a different block device than @device). # +# @filter-node-name: #optional the node name that should be assigned to the +# filter driver that the mirror job inserts into the gr= aph +# above @device. If this option is not given, a node na= me is +# autogenerated. (Since: 2.9) +# # Returns: nothing on success. # # Since: 2.6 @@ -1690,7 +1695,8 @@ 'sync': 'MirrorSyncMode', '*speed': 'int', '*granularity': 'uint32', '*buf-size': 'int', '*on-source-error': 'BlockdevOnError', - '*on-target-error': 'BlockdevOnError' } } + '*on-target-error': 'BlockdevOnError', + '*filter-node-name': 'str' } } =20 ## # @block_set_io_throttle: --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290950574254.21217402322463; Tue, 28 Feb 2017 06:09:10 -0800 (PST) Received: from localhost ([::1]:33043 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiSe-0004HU-9O for importer@patchew.org; Tue, 28 Feb 2017 09:09:04 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43996) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJi-0004wA-O1 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJh-0004WA-Av for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:46 -0500 Received: from mx1.redhat.com ([209.132.183.28]:49042) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJd-0004Ux-F5; Tue, 28 Feb 2017 07:55:41 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 88BA013A9A; Tue, 28 Feb 2017 12:55:41 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQb029713; Tue, 28 Feb 2017 07:55:39 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:20 +0100 Message-Id: <1488286469-9381-36-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 28 Feb 2017 12:55:41 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 35/44] commit: Add filter-node-name to block-commit X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Management tools need to be able to know about every node in the graph and need a way to address them. Changing the graph structure was okay because libvirt doesn't really manage the node level yet, but future libvirt versions need to deal with both new and old version of qemu. This new option to blockdev-commit allows the client to set a node-name for the automatically inserted filter driver, and at the same time serves as a witness for a future libvirt that this version of qemu does automatically insert a filter driver. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block/commit.c | 5 +++-- block/mirror.c | 3 ++- block/replication.c | 2 +- blockdev.c | 10 +++++++--- include/block/block_int.h | 13 ++++++++++--- qapi/block-core.json | 8 +++++++- qemu-img.c | 4 ++-- 7 files changed, 32 insertions(+), 13 deletions(-) diff --git a/block/commit.c b/block/commit.c index f18026b..1e0f531 100644 --- a/block/commit.c +++ b/block/commit.c @@ -257,7 +257,7 @@ static BlockDriver bdrv_commit_top =3D { void commit_start(const char *job_id, BlockDriverState *bs, BlockDriverState *base, BlockDriverState *top, int64_t s= peed, BlockdevOnError on_error, const char *backing_file_str, - Error **errp) + const char *filter_node_name, Error **errp) { CommitBlockJob *s; BlockReopenQueue *reopen_queue =3D NULL; @@ -310,7 +310,8 @@ void commit_start(const char *job_id, BlockDriverState = *bs, =20 /* Insert commit_top block node above top, so we can block consistent = read * on the backing chain below it */ - commit_top_bs =3D bdrv_new_open_driver(&bdrv_commit_top, NULL, 0, errp= ); + commit_top_bs =3D bdrv_new_open_driver(&bdrv_commit_top, filter_node_n= ame, 0, + errp); if (commit_top_bs =3D=3D NULL) { goto fail; } diff --git a/block/mirror.c b/block/mirror.c index 5d6d9c5..9247ad9 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -1246,6 +1246,7 @@ void mirror_start(const char *job_id, BlockDriverStat= e *bs, void commit_active_start(const char *job_id, BlockDriverState *bs, BlockDriverState *base, int creation_flags, int64_t speed, BlockdevOnError on_error, + const char *filter_node_name, BlockCompletionFunc *cb, void *opaque, Error **er= rp, bool auto_complete) { @@ -1262,7 +1263,7 @@ void commit_active_start(const char *job_id, BlockDri= verState *bs, MIRROR_LEAVE_BACKING_CHAIN, on_error, on_error, true, cb, opaque, &local_err, &commit_active_job_driver, false, base, auto_complete, - NULL); + filter_node_name); if (local_err) { error_propagate(errp, local_err); goto error_restore_flags; diff --git a/block/replication.c b/block/replication.c index 91465cb..22f170f 100644 --- a/block/replication.c +++ b/block/replication.c @@ -644,7 +644,7 @@ static void replication_stop(ReplicationState *rs, bool= failover, Error **errp) s->replication_state =3D BLOCK_REPLICATION_FAILOVER; commit_active_start(NULL, s->active_disk->bs, s->secondary_disk->b= s, BLOCK_JOB_INTERNAL, 0, BLOCKDEV_ON_ERROR_REPOR= T, - replication_done, bs, errp, true); + NULL, replication_done, bs, errp, true); break; default: aio_context_release(aio_context); diff --git a/blockdev.c b/blockdev.c index 5bd09f8..34b522b 100644 --- a/blockdev.c +++ b/blockdev.c @@ -3031,6 +3031,7 @@ void qmp_block_commit(bool has_job_id, const char *jo= b_id, const char *device, bool has_top, const char *top, bool has_backing_file, const char *backing_file, bool has_speed, int64_t speed, + bool has_filter_node_name, const char *filter_node_n= ame, Error **errp) { BlockDriverState *bs; @@ -3046,6 +3047,9 @@ void qmp_block_commit(bool has_job_id, const char *jo= b_id, const char *device, if (!has_speed) { speed =3D 0; } + if (!has_filter_node_name) { + filter_node_name =3D NULL; + } =20 /* Important Note: * libvirt relies on the DeviceNotFound error class in order to probe= for @@ -3120,8 +3124,8 @@ void qmp_block_commit(bool has_job_id, const char *jo= b_id, const char *device, goto out; } commit_active_start(has_job_id ? job_id : NULL, bs, base_bs, - BLOCK_JOB_DEFAULT, speed, on_error, NULL, NULL, - &local_err, false); + BLOCK_JOB_DEFAULT, speed, on_error, + filter_node_name, NULL, NULL, &local_err, fals= e); } else { BlockDriverState *overlay_bs =3D bdrv_find_overlay(bs, top_bs); if (bdrv_op_is_blocked(overlay_bs, BLOCK_OP_TYPE_COMMIT_TARGET, er= rp)) { @@ -3129,7 +3133,7 @@ void qmp_block_commit(bool has_job_id, const char *jo= b_id, const char *device, } commit_start(has_job_id ? job_id : NULL, bs, base_bs, top_bs, spee= d, on_error, has_backing_file ? backing_file : NULL, - &local_err); + filter_node_name, &local_err); } if (local_err !=3D NULL) { error_propagate(errp, local_err); diff --git a/include/block/block_int.h b/include/block/block_int.h index 563b30c..a57c0bf 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -780,13 +780,16 @@ void stream_start(const char *job_id, BlockDriverStat= e *bs, * @speed: The maximum speed, in bytes per second, or 0 for unlimited. * @on_error: The action to take upon error. * @backing_file_str: String to use as the backing file in @top's overlay + * @filter_node_name: The node name that should be assigned to the filter + * driver that the commit job inserts into the graph above @top. NULL means + * that a node name should be autogenerated. * @errp: Error object. * */ void commit_start(const char *job_id, BlockDriverState *bs, BlockDriverState *base, BlockDriverState *top, int64_t s= peed, BlockdevOnError on_error, const char *backing_file_str, - Error **errp); + const char *filter_node_name, Error **errp); /** * commit_active_start: * @job_id: The id of the newly-created job, or %NULL to use the @@ -797,6 +800,9 @@ void commit_start(const char *job_id, BlockDriverState = *bs, * See @BlockJobCreateFlags * @speed: The maximum speed, in bytes per second, or 0 for unlimited. * @on_error: The action to take upon error. + * @filter_node_name: The node name that should be assigned to the filter + * driver that the commit job inserts into the graph above @bs. NULL means= that + * a node name should be autogenerated. * @cb: Completion function for the job. * @opaque: Opaque pointer value passed to @cb. * @errp: Error object. @@ -806,8 +812,9 @@ void commit_start(const char *job_id, BlockDriverState = *bs, void commit_active_start(const char *job_id, BlockDriverState *bs, BlockDriverState *base, int creation_flags, int64_t speed, BlockdevOnError on_error, - BlockCompletionFunc *cb, - void *opaque, Error **errp, bool auto_complete); + const char *filter_node_name, + BlockCompletionFunc *cb, void *opaque, Error **er= rp, + bool auto_complete); /* * mirror_start: * @job_id: The id of the newly-created job, or %NULL to use the diff --git a/qapi/block-core.json b/qapi/block-core.json index 63cb86c..fcf80eb 100644 --- a/qapi/block-core.json +++ b/qapi/block-core.json @@ -1304,6 +1304,11 @@ # # @speed: #optional the maximum speed, in bytes per second # +# @filter-node-name: #optional the node name that should be assigned to the +# filter driver that the commit job inserts into the gr= aph +# above @top. If this option is not given, a node name = is +# autogenerated. (Since: 2.9) +# # Returns: Nothing on success # If commit or stream is already active on this device, DeviceInU= se # If @device does not exist, DeviceNotFound @@ -1323,7 +1328,8 @@ ## { 'command': 'block-commit', 'data': { '*job-id': 'str', 'device': 'str', '*base': 'str', '*top': 'st= r', - '*backing-file': 'str', '*speed': 'int' } } + '*backing-file': 'str', '*speed': 'int', + '*filter-node-name': 'str' } } =20 ## # @drive-backup: diff --git a/qemu-img.c b/qemu-img.c index d629e71..7972dd4 100644 --- a/qemu-img.c +++ b/qemu-img.c @@ -953,8 +953,8 @@ static int img_commit(int argc, char **argv) aio_context =3D bdrv_get_aio_context(bs); aio_context_acquire(aio_context); commit_active_start("commit", bs, base_bs, BLOCK_JOB_DEFAULT, 0, - BLOCKDEV_ON_ERROR_REPORT, common_block_job_cb, &cb= i, - &local_err, false); + BLOCKDEV_ON_ERROR_REPORT, NULL, common_block_job_c= b, + &cbi, &local_err, false); aio_context_release(aio_context); if (local_err) { goto done; --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488292141168309.7061027828397; Tue, 28 Feb 2017 06:29:01 -0800 (PST) Received: from localhost ([::1]:33287 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciilv-0004jR-R5 for importer@patchew.org; Tue, 28 Feb 2017 09:28:59 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44019) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJj-0004x0-UE for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:49 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJi-0004Wh-MG for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:48 -0500 Received: from mx1.redhat.com ([209.132.183.28]:41628) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJf-0004VL-Al; Tue, 28 Feb 2017 07:55:43 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5F3E064467; Tue, 28 Feb 2017 12:55:43 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQc029713; Tue, 28 Feb 2017 07:55:41 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:21 +0100 Message-Id: <1488286469-9381-37-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 28 Feb 2017 12:55:43 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 36/44] hmp: Request permissions in qemu-io X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The HMP command 'qemu-io' is a bit tricky because it wants to work on the original BlockBackend, but additional permissions could be required. The details are explained in a comment in the code, but in summary, just request whatever permissions the current qemu-io command needs. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block/block-backend.c | 6 ++++++ hmp.c | 26 +++++++++++++++++++++++++- include/qemu-io.h | 1 + include/sysemu/block-backend.h | 1 + qemu-io-cmds.c | 28 ++++++++++++++++++++++++++++ 5 files changed, 61 insertions(+), 1 deletion(-) diff --git a/block/block-backend.c b/block/block-backend.c index 38a3858..daa7908 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -584,6 +584,12 @@ int blk_set_perm(BlockBackend *blk, uint64_t perm, uin= t64_t shared_perm, return 0; } =20 +void blk_get_perm(BlockBackend *blk, uint64_t *perm, uint64_t *shared_perm) +{ + *perm =3D blk->perm; + *shared_perm =3D blk->shared_perm; +} + static int blk_do_attach_dev(BlockBackend *blk, void *dev) { if (blk->dev) { diff --git a/hmp.c b/hmp.c index e219f97..7b44e64 100644 --- a/hmp.c +++ b/hmp.c @@ -2051,7 +2051,6 @@ void hmp_qemu_io(Monitor *mon, const QDict *qdict) if (!blk) { BlockDriverState *bs =3D bdrv_lookup_bs(NULL, device, &err); if (bs) { - /* FIXME Use real permissions */ blk =3D local_blk =3D blk_new(0, BLK_PERM_ALL); ret =3D blk_insert_bs(blk, bs, &err); if (ret < 0) { @@ -2065,6 +2064,31 @@ void hmp_qemu_io(Monitor *mon, const QDict *qdict) aio_context =3D blk_get_aio_context(blk); aio_context_acquire(aio_context); =20 + /* + * Notably absent: Proper permission management. This is sad, but it s= eems + * almost impossible to achieve without changing the semantics and the= reby + * limiting the use cases of the qemu-io HMP command. + * + * In an ideal world we would unconditionally create a new BlockBacken= d for + * qemuio_command(), but we have commands like 'reopen' and want them = to + * take effect on the exact BlockBackend whose name the user passed in= stead + * of just on a temporary copy of it. + * + * Another problem is that deleting the temporary BlockBackend involves + * draining all requests on it first, but some qemu-iotests cases want= to + * issue multiple aio_read/write requests and expect them to complete = in + * the background while the monitor has already returned. + * + * This is also what prevents us from saving the original permissions = and + * restoring them later: We can't revoke permissions until all requests + * have completed, and we don't know when that is nor can we really let + * anything else run before we have revoken them to avoid race conditi= ons. + * + * What happens now is that command() in qemu-io-cmds.c can extend the + * permissions if necessary for the qemu-io command. And they simply s= tay + * extended, possibly resulting in a read-only guest device keeping wr= ite + * permissions. Ugly, but it appears to be the lesser evil. + */ qemuio_command(blk, command); =20 aio_context_release(aio_context); diff --git a/include/qemu-io.h b/include/qemu-io.h index 4d402b9..196fde0 100644 --- a/include/qemu-io.h +++ b/include/qemu-io.h @@ -36,6 +36,7 @@ typedef struct cmdinfo { const char *args; const char *oneline; helpfunc_t help; + uint64_t perm; } cmdinfo_t; =20 extern bool qemuio_misalign; diff --git a/include/sysemu/block-backend.h b/include/sysemu/block-backend.h index b23f683..096c17f 100644 --- a/include/sysemu/block-backend.h +++ b/include/sysemu/block-backend.h @@ -107,6 +107,7 @@ bool bdrv_has_blk(BlockDriverState *bs); bool bdrv_is_root_node(BlockDriverState *bs); int blk_set_perm(BlockBackend *blk, uint64_t perm, uint64_t shared_perm, Error **errp); +void blk_get_perm(BlockBackend *blk, uint64_t *perm, uint64_t *shared_perm= ); =20 void blk_set_allow_write_beyond_eof(BlockBackend *blk, bool allow); void blk_iostatus_enable(BlockBackend *blk); diff --git a/qemu-io-cmds.c b/qemu-io-cmds.c index 7ac1576..2c48f9c 100644 --- a/qemu-io-cmds.c +++ b/qemu-io-cmds.c @@ -83,6 +83,29 @@ static int command(BlockBackend *blk, const cmdinfo_t *c= t, int argc, } return 0; } + + /* Request additional permissions if necessary for this command. The c= aller + * is responsible for restoring the original permissions afterwards if= this + * is what it wants. */ + if (ct->perm && blk_is_available(blk)) { + uint64_t orig_perm, orig_shared_perm; + blk_get_perm(blk, &orig_perm, &orig_shared_perm); + + if (ct->perm & ~orig_perm) { + uint64_t new_perm; + Error *local_err =3D NULL; + int ret; + + new_perm =3D orig_perm | ct->perm; + + ret =3D blk_set_perm(blk, new_perm, orig_shared_perm, &local_e= rr); + if (ret < 0) { + error_report_err(local_err); + return 0; + } + } + } + optind =3D 0; return ct->cfunc(blk, argc, argv); } @@ -918,6 +941,7 @@ static const cmdinfo_t write_cmd =3D { .name =3D "write", .altname =3D "w", .cfunc =3D write_f, + .perm =3D BLK_PERM_WRITE, .argmin =3D 2, .argmax =3D -1, .args =3D "[-bcCfquz] [-P pattern] off len", @@ -1093,6 +1117,7 @@ static int writev_f(BlockBackend *blk, int argc, char= **argv); static const cmdinfo_t writev_cmd =3D { .name =3D "writev", .cfunc =3D writev_f, + .perm =3D BLK_PERM_WRITE, .argmin =3D 2, .argmax =3D -1, .args =3D "[-Cfq] [-P pattern] off len [len..]", @@ -1392,6 +1417,7 @@ static int aio_write_f(BlockBackend *blk, int argc, c= har **argv); static const cmdinfo_t aio_write_cmd =3D { .name =3D "aio_write", .cfunc =3D aio_write_f, + .perm =3D BLK_PERM_WRITE, .argmin =3D 2, .argmax =3D -1, .args =3D "[-Cfiquz] [-P pattern] off len [len..]", @@ -1556,6 +1582,7 @@ static const cmdinfo_t truncate_cmd =3D { .name =3D "truncate", .altname =3D "t", .cfunc =3D truncate_f, + .perm =3D BLK_PERM_WRITE | BLK_PERM_RESIZE, .argmin =3D 1, .argmax =3D 1, .args =3D "off", @@ -1653,6 +1680,7 @@ static const cmdinfo_t discard_cmd =3D { .name =3D "discard", .altname =3D "d", .cfunc =3D discard_f, + .perm =3D BLK_PERM_WRITE, .argmin =3D 2, .argmax =3D -1, .args =3D "[-Cq] off len", --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290551512192.37164688474968; Tue, 28 Feb 2017 06:02:31 -0800 (PST) Received: from localhost ([::1]:33008 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiMD-0007BW-Ma for importer@patchew.org; Tue, 28 Feb 2017 09:02:25 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44032) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJk-0004xJ-Ne for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:49 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJj-0004Wy-Dm for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:48 -0500 Received: from mx1.redhat.com ([209.132.183.28]:53816) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJh-0004Vt-4U; Tue, 28 Feb 2017 07:55:45 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3F7D87E9FA; Tue, 28 Feb 2017 12:55:45 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQd029713; Tue, 28 Feb 2017 07:55:43 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:22 +0100 Message-Id: <1488286469-9381-38-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 28 Feb 2017 12:55:45 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 37/44] migration/block: Use real permissions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Request BLK_PERM_CONSISTENT_READ for the source of block migration, and handle potential permission errors as good as we can in this place (which is not very good, but it matches the other failure cases). Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- migration/block.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/migration/block.c b/migration/block.c index d259936..1941bc2 100644 --- a/migration/block.c +++ b/migration/block.c @@ -379,7 +379,7 @@ static void unset_dirty_tracking(void) } } =20 -static void init_blk_migration(QEMUFile *f) +static int init_blk_migration(QEMUFile *f) { BlockDriverState *bs; BlkMigDevState *bmds; @@ -390,6 +390,8 @@ static void init_blk_migration(QEMUFile *f) BlkMigDevState *bmds; BlockDriverState *bs; } *bmds_bs; + Error *local_err =3D NULL; + int ret; =20 block_mig_state.submitted =3D 0; block_mig_state.read_done =3D 0; @@ -411,12 +413,12 @@ static void init_blk_migration(QEMUFile *f) =20 sectors =3D bdrv_nb_sectors(bs); if (sectors <=3D 0) { + ret =3D sectors; goto out; } =20 bmds =3D g_new0(BlkMigDevState, 1); - /* FIXME Use real permissions */ - bmds->blk =3D blk_new(0, BLK_PERM_ALL); + bmds->blk =3D blk_new(BLK_PERM_CONSISTENT_READ, BLK_PERM_ALL); bmds->blk_name =3D g_strdup(bdrv_get_device_name(bs)); bmds->bulk_completed =3D 0; bmds->total_sectors =3D sectors; @@ -446,7 +448,11 @@ static void init_blk_migration(QEMUFile *f) BlockDriverState *bs =3D bmds_bs[i].bs; =20 if (bmds) { - blk_insert_bs(bmds->blk, bs, &error_abort); + ret =3D blk_insert_bs(bmds->blk, bs, &local_err); + if (ret < 0) { + error_report_err(local_err); + goto out; + } =20 alloc_aio_bitmap(bmds); error_setg(&bmds->blocker, "block device is in use by migratio= n"); @@ -454,8 +460,10 @@ static void init_blk_migration(QEMUFile *f) } } =20 + ret =3D 0; out: g_free(bmds_bs); + return ret; } =20 /* Called with no lock taken. */ @@ -706,7 +714,11 @@ static int block_save_setup(QEMUFile *f, void *opaque) block_mig_state.submitted, block_mig_state.transferred); =20 qemu_mutex_lock_iothread(); - init_blk_migration(f); + ret =3D init_blk_migration(f); + if (ret < 0) { + qemu_mutex_unlock_iothread(); + return ret; + } =20 /* start track dirty blocks */ ret =3D set_dirty_tracking(); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291204098208.11543450876093; Tue, 28 Feb 2017 06:13:24 -0800 (PST) Received: from localhost ([::1]:33083 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiWn-0007xo-Ba for importer@patchew.org; Tue, 28 Feb 2017 09:13:21 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44065) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJo-000519-2O for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:52 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJl-0004XT-2c for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:52 -0500 Received: from mx1.redhat.com ([209.132.183.28]:29259) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJj-0004Wc-0R; Tue, 28 Feb 2017 07:55:47 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1572C80461; Tue, 28 Feb 2017 12:55:47 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQe029713; Tue, 28 Feb 2017 07:55:45 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:23 +0100 Message-Id: <1488286469-9381-39-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:55:47 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 38/44] nbd/server: Use real permissions for NBD exports X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" NBD can't cope with device size changes, so resize must be forbidden, but otherwise we can tolerate anything. Depending on whether the export is writable or not, we only require consistent reads and writes. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- nbd/server.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/nbd/server.c b/nbd/server.c index 89362ba..924a1fe 100644 --- a/nbd/server.c +++ b/nbd/server.c @@ -891,10 +891,17 @@ NBDExport *nbd_export_new(BlockDriverState *bs, off_t= dev_offset, off_t size, { BlockBackend *blk; NBDExport *exp =3D g_malloc0(sizeof(NBDExport)); + uint64_t perm; int ret; =20 - /* FIXME Use real permissions */ - blk =3D blk_new(0, BLK_PERM_ALL); + /* Don't allow resize while the NBD server is running, otherwise we do= n't + * care what happens with the node. */ + perm =3D BLK_PERM_CONSISTENT_READ; + if ((nbdflags & NBD_FLAG_READ_ONLY) =3D=3D 0) { + perm |=3D BLK_PERM_WRITE; + } + blk =3D blk_new(perm, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHAN= GED | + BLK_PERM_WRITE | BLK_PERM_GRAPH_MOD); ret =3D blk_insert_bs(blk, bs, errp); if (ret < 0) { goto fail; --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291460850719.9634838494595; Tue, 28 Feb 2017 06:17:40 -0800 (PST) Received: from localhost ([::1]:33114 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiau-0003Qm-DU for importer@patchew.org; Tue, 28 Feb 2017 09:17:36 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44090) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJp-00052S-8Y for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:54 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJo-0004ZX-GU for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:53 -0500 Received: from mx1.redhat.com ([209.132.183.28]:35496) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJk-0004XD-Q2; Tue, 28 Feb 2017 07:55:48 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D94364E328; Tue, 28 Feb 2017 12:55:48 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQf029713; Tue, 28 Feb 2017 07:55:47 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:24 +0100 Message-Id: <1488286469-9381-40-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 28 Feb 2017 12:55:48 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 39/44] tests: Remove FIXME comments X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Not requesting any permissions is actually correct for these test cases because no actual I/O or other operation covered by the permission system is performed. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- tests/test-blockjob.c | 2 +- tests/test-throttle.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test-blockjob.c b/tests/test-blockjob.c index 1afe17b..740e740 100644 --- a/tests/test-blockjob.c +++ b/tests/test-blockjob.c @@ -54,7 +54,7 @@ static BlockJob *do_test_id(BlockBackend *blk, const char= *id, * BlockDriverState inserted. */ static BlockBackend *create_blk(const char *name) { - /* FIXME Use real permissions */ + /* No I/O is performed on this device */ BlockBackend *blk =3D blk_new(0, BLK_PERM_ALL); BlockDriverState *bs; =20 diff --git a/tests/test-throttle.c b/tests/test-throttle.c index 5846433..bd7c501 100644 --- a/tests/test-throttle.c +++ b/tests/test-throttle.c @@ -593,7 +593,7 @@ static void test_groups(void) BlockBackend *blk1, *blk2, *blk3; BlockBackendPublic *blkp1, *blkp2, *blkp3; =20 - /* FIXME Use real permissions */ + /* No actual I/O is performed on these devices */ blk1 =3D blk_new(0, BLK_PERM_ALL); blk2 =3D blk_new(0, BLK_PERM_ALL); blk3 =3D blk_new(0, BLK_PERM_ALL); --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 148829240799535.67242947391128; Tue, 28 Feb 2017 06:33:27 -0800 (PST) Received: from localhost ([::1]:33328 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiqD-0008FE-GC for importer@patchew.org; Tue, 28 Feb 2017 09:33:25 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44128) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJr-00055E-If for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:56 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJq-0004ap-2B for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:55 -0500 Received: from mx1.redhat.com ([209.132.183.28]:49106) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJm-0004Xi-Mg; Tue, 28 Feb 2017 07:55:50 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id BAF533A7693; Tue, 28 Feb 2017 12:55:50 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQg029713; Tue, 28 Feb 2017 07:55:49 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:25 +0100 Message-Id: <1488286469-9381-41-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 28 Feb 2017 12:55:50 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 40/44] block: Pass BdrvChild to bdrv_aligned_preadv/pwritev and copy-on-read X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This is where we want to check the permissions, so we need to have the BdrvChild around where they are stored. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block/io.c | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/block/io.c b/block/io.c index d5c4544..2592ca1 100644 --- a/block/io.c +++ b/block/io.c @@ -925,9 +925,11 @@ bdrv_driver_pwritev_compressed(BlockDriverState *bs, u= int64_t offset, return drv->bdrv_co_pwritev_compressed(bs, offset, bytes, qiov); } =20 -static int coroutine_fn bdrv_co_do_copy_on_readv(BlockDriverState *bs, +static int coroutine_fn bdrv_co_do_copy_on_readv(BdrvChild *child, int64_t offset, unsigned int bytes, QEMUIOVector *qiov) { + BlockDriverState *bs =3D child->bs; + /* Perform I/O through a temporary buffer so that users who scribble o= ver * their read buffer while the operation is in progress do not end up * modifying the image file. This is critical for zero-copy guest I/O @@ -1001,10 +1003,11 @@ err: * handles copy on read, zeroing after EOF, and fragmentation of large * reads; any other features must be implemented by the caller. */ -static int coroutine_fn bdrv_aligned_preadv(BlockDriverState *bs, +static int coroutine_fn bdrv_aligned_preadv(BdrvChild *child, BdrvTrackedRequest *req, int64_t offset, unsigned int bytes, int64_t align, QEMUIOVector *qiov, int flags) { + BlockDriverState *bs =3D child->bs; int64_t total_bytes, max_bytes; int ret =3D 0; uint64_t bytes_remaining =3D bytes; @@ -1050,7 +1053,7 @@ static int coroutine_fn bdrv_aligned_preadv(BlockDriv= erState *bs, } =20 if (!ret || pnum !=3D nb_sectors) { - ret =3D bdrv_co_do_copy_on_readv(bs, offset, bytes, qiov); + ret =3D bdrv_co_do_copy_on_readv(child, offset, bytes, qiov); goto out; } } @@ -1158,7 +1161,7 @@ int coroutine_fn bdrv_co_preadv(BdrvChild *child, } =20 tracked_request_begin(&req, bs, offset, bytes, BDRV_TRACKED_READ); - ret =3D bdrv_aligned_preadv(bs, &req, offset, bytes, align, + ret =3D bdrv_aligned_preadv(child, &req, offset, bytes, align, use_local_qiov ? &local_qiov : qiov, flags); tracked_request_end(&req); @@ -1306,10 +1309,11 @@ fail: * Forwards an already correctly aligned write request to the BlockDriver, * after possibly fragmenting it. */ -static int coroutine_fn bdrv_aligned_pwritev(BlockDriverState *bs, +static int coroutine_fn bdrv_aligned_pwritev(BdrvChild *child, BdrvTrackedRequest *req, int64_t offset, unsigned int bytes, int64_t align, QEMUIOVector *qiov, int flags) { + BlockDriverState *bs =3D child->bs; BlockDriver *drv =3D bs->drv; bool waited; int ret; @@ -1397,12 +1401,13 @@ static int coroutine_fn bdrv_aligned_pwritev(BlockD= riverState *bs, return ret; } =20 -static int coroutine_fn bdrv_co_do_zero_pwritev(BlockDriverState *bs, +static int coroutine_fn bdrv_co_do_zero_pwritev(BdrvChild *child, int64_t offset, unsigned int bytes, BdrvRequestFlags flags, BdrvTrackedRequest *req) { + BlockDriverState *bs =3D child->bs; uint8_t *buf =3D NULL; QEMUIOVector local_qiov; struct iovec iov; @@ -1430,7 +1435,7 @@ static int coroutine_fn bdrv_co_do_zero_pwritev(Block= DriverState *bs, mark_request_serialising(req, align); wait_serialising_requests(req); bdrv_debug_event(bs, BLKDBG_PWRITEV_RMW_HEAD); - ret =3D bdrv_aligned_preadv(bs, req, offset & ~(align - 1), align, + ret =3D bdrv_aligned_preadv(child, req, offset & ~(align - 1), ali= gn, align, &local_qiov, 0); if (ret < 0) { goto fail; @@ -1438,7 +1443,7 @@ static int coroutine_fn bdrv_co_do_zero_pwritev(Block= DriverState *bs, bdrv_debug_event(bs, BLKDBG_PWRITEV_RMW_AFTER_HEAD); =20 memset(buf + head_padding_bytes, 0, zero_bytes); - ret =3D bdrv_aligned_pwritev(bs, req, offset & ~(align - 1), align, + ret =3D bdrv_aligned_pwritev(child, req, offset & ~(align - 1), al= ign, align, &local_qiov, flags & ~BDRV_REQ_ZERO_WRITE); if (ret < 0) { @@ -1452,7 +1457,7 @@ static int coroutine_fn bdrv_co_do_zero_pwritev(Block= DriverState *bs, if (bytes >=3D align) { /* Write the aligned part in the middle. */ uint64_t aligned_bytes =3D bytes & ~(align - 1); - ret =3D bdrv_aligned_pwritev(bs, req, offset, aligned_bytes, align, + ret =3D bdrv_aligned_pwritev(child, req, offset, aligned_bytes, al= ign, NULL, flags); if (ret < 0) { goto fail; @@ -1468,7 +1473,7 @@ static int coroutine_fn bdrv_co_do_zero_pwritev(Block= DriverState *bs, mark_request_serialising(req, align); wait_serialising_requests(req); bdrv_debug_event(bs, BLKDBG_PWRITEV_RMW_TAIL); - ret =3D bdrv_aligned_preadv(bs, req, offset, align, + ret =3D bdrv_aligned_preadv(child, req, offset, align, align, &local_qiov, 0); if (ret < 0) { goto fail; @@ -1476,7 +1481,7 @@ static int coroutine_fn bdrv_co_do_zero_pwritev(Block= DriverState *bs, bdrv_debug_event(bs, BLKDBG_PWRITEV_RMW_AFTER_TAIL); =20 memset(buf, 0, bytes); - ret =3D bdrv_aligned_pwritev(bs, req, offset, align, align, + ret =3D bdrv_aligned_pwritev(child, req, offset, align, align, &local_qiov, flags & ~BDRV_REQ_ZERO_WRI= TE); } fail: @@ -1523,7 +1528,7 @@ int coroutine_fn bdrv_co_pwritev(BdrvChild *child, tracked_request_begin(&req, bs, offset, bytes, BDRV_TRACKED_WRITE); =20 if (!qiov) { - ret =3D bdrv_co_do_zero_pwritev(bs, offset, bytes, flags, &req); + ret =3D bdrv_co_do_zero_pwritev(child, offset, bytes, flags, &req); goto out; } =20 @@ -1542,7 +1547,7 @@ int coroutine_fn bdrv_co_pwritev(BdrvChild *child, qemu_iovec_init_external(&head_qiov, &head_iov, 1); =20 bdrv_debug_event(bs, BLKDBG_PWRITEV_RMW_HEAD); - ret =3D bdrv_aligned_preadv(bs, &req, offset & ~(align - 1), align, + ret =3D bdrv_aligned_preadv(child, &req, offset & ~(align - 1), al= ign, align, &head_qiov, 0); if (ret < 0) { goto fail; @@ -1584,8 +1589,8 @@ int coroutine_fn bdrv_co_pwritev(BdrvChild *child, qemu_iovec_init_external(&tail_qiov, &tail_iov, 1); =20 bdrv_debug_event(bs, BLKDBG_PWRITEV_RMW_TAIL); - ret =3D bdrv_aligned_preadv(bs, &req, (offset + bytes) & ~(align -= 1), align, - align, &tail_qiov, 0); + ret =3D bdrv_aligned_preadv(child, &req, (offset + bytes) & ~(alig= n - 1), + align, align, &tail_qiov, 0); if (ret < 0) { goto fail; } @@ -1603,7 +1608,7 @@ int coroutine_fn bdrv_co_pwritev(BdrvChild *child, bytes =3D ROUND_UP(bytes, align); } =20 - ret =3D bdrv_aligned_pwritev(bs, &req, offset, bytes, align, + ret =3D bdrv_aligned_pwritev(child, &req, offset, bytes, align, use_local_qiov ? &local_qiov : qiov, flags); =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488290837294639.8315539491286; Tue, 28 Feb 2017 06:07:17 -0800 (PST) Received: from localhost ([::1]:33034 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiQt-0002bT-SL for importer@patchew.org; Tue, 28 Feb 2017 09:07:15 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44131) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJr-00055G-J2 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:56 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJq-0004b3-Jf for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:55 -0500 Received: from mx1.redhat.com ([209.132.183.28]:49072) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJo-0004YH-E9; Tue, 28 Feb 2017 07:55:52 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 881A480461; Tue, 28 Feb 2017 12:55:52 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQh029713; Tue, 28 Feb 2017 07:55:50 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:26 +0100 Message-Id: <1488286469-9381-42-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 28 Feb 2017 12:55:52 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 41/44] block: Assertions for write permissions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This adds assertions that ensure that the necessary write permissions have been granted before someone attempts to write to a node. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block/io.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/block/io.c b/block/io.c index 2592ca1..4c79745 100644 --- a/block/io.c +++ b/block/io.c @@ -945,6 +945,8 @@ static int coroutine_fn bdrv_co_do_copy_on_readv(BdrvCh= ild *child, size_t skip_bytes; int ret; =20 + assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE)); + /* Cover entire cluster so no additional backing file I/O is required = when * allocating cluster in the image file. */ @@ -1336,6 +1338,7 @@ static int coroutine_fn bdrv_aligned_pwritev(BdrvChil= d *child, assert(!waited || !req->serialising); assert(req->overlap_offset <=3D offset); assert(offset + bytes <=3D req->overlap_offset + req->overlap_bytes); + assert(child->perm & BLK_PERM_WRITE); =20 ret =3D notifier_with_return_list_notify(&bs->before_write_notifiers, = req); =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291734798306.45337887406777; Tue, 28 Feb 2017 06:22:14 -0800 (PST) Received: from localhost ([::1]:33196 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciifL-0007Io-Lx for importer@patchew.org; Tue, 28 Feb 2017 09:22:11 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44156) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihJt-00057M-Lt for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJs-0004bd-Qz for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:55:57 -0500 Received: from mx1.redhat.com ([209.132.183.28]:60758) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJq-0004ag-8L; Tue, 28 Feb 2017 07:55:54 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 52E6185363; Tue, 28 Feb 2017 12:55:54 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQi029713; Tue, 28 Feb 2017 07:55:52 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:27 +0100 Message-Id: <1488286469-9381-43-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 28 Feb 2017 12:55:54 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 42/44] block: Assertions for resize permission X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This adds an assertion that ensures that the necessary resize permission has been granted before bdrv_truncate() is called. Signed-off-by: Kevin Wolf Reviewed-by: Max Reitz Acked-by: Fam Zheng --- block.c | 3 +++ block/io.c | 1 + 2 files changed, 4 insertions(+) diff --git a/block.c b/block.c index 79d9ad0..74ac7dc 100644 --- a/block.c +++ b/block.c @@ -3122,6 +3122,9 @@ int bdrv_truncate(BdrvChild *child, int64_t offset) BlockDriverState *bs =3D child->bs; BlockDriver *drv =3D bs->drv; int ret; + + assert(child->perm & BLK_PERM_RESIZE); + if (!drv) return -ENOMEDIUM; if (!drv->bdrv_truncate) diff --git a/block/io.c b/block/io.c index 4c79745..8f38d46 100644 --- a/block/io.c +++ b/block/io.c @@ -1339,6 +1339,7 @@ static int coroutine_fn bdrv_aligned_pwritev(BdrvChil= d *child, assert(req->overlap_offset <=3D offset); assert(offset + bytes <=3D req->overlap_offset + req->overlap_bytes); assert(child->perm & BLK_PERM_WRITE); + assert(end_sector <=3D bs->total_sectors || child->perm & BLK_PERM_RES= IZE); =20 ret =3D notifier_with_return_list_notify(&bs->before_write_notifiers, = req); =20 --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291111282327.43367287741626; Tue, 28 Feb 2017 06:11:51 -0800 (PST) Received: from localhost ([::1]:33077 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiVG-0006cO-PV for importer@patchew.org; Tue, 28 Feb 2017 09:11:46 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44201) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihK0-0005F4-C1 for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:56:05 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihJy-0004e5-Qm for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:56:04 -0500 Received: from mx1.redhat.com ([209.132.183.28]:55302) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJt-0004ba-Ar; Tue, 28 Feb 2017 07:55:57 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5EFA5C057FA9; Tue, 28 Feb 2017 12:55:57 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQj029713; Tue, 28 Feb 2017 07:55:54 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:28 +0100 Message-Id: <1488286469-9381-44-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 28 Feb 2017 12:55:57 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 43/44] block: Add Error parameter to bdrv_set_backing_hd() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Not all callers of bdrv_set_backing_hd() know for sure that attaching the backing file will be allowed by the permission system. Return the error from the function rather than aborting. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block.c | 30 +++++++++++++++++++++++------- block/commit.c | 14 +++++++------- block/mirror.c | 7 ++++++- block/stream.c | 9 ++++++++- block/vvfat.c | 2 +- include/block/block.h | 3 ++- 6 files changed, 47 insertions(+), 18 deletions(-) diff --git a/block.c b/block.c index 74ac7dc..6440b61 100644 --- a/block.c +++ b/block.c @@ -1883,7 +1883,8 @@ static void bdrv_parent_cb_resize(BlockDriverState *b= s) * Sets the backing file link of a BDS. A new reference is created; callers * which don't need their own reference any more must call bdrv_unref(). */ -void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_h= d) +void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_h= d, + Error **errp) { if (backing_hd) { bdrv_ref(backing_hd); @@ -1897,9 +1898,12 @@ void bdrv_set_backing_hd(BlockDriverState *bs, Block= DriverState *backing_hd) bs->backing =3D NULL; goto out; } - /* FIXME Error handling */ + bs->backing =3D bdrv_attach_child(bs, backing_hd, "backing", &child_ba= cking, - &error_abort); + errp); + if (!bs->backing) { + bdrv_unref(backing_hd); + } =20 out: bdrv_refresh_limits(bs, NULL); @@ -1983,8 +1987,12 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDi= ct *parent_options, =20 /* Hook up the backing file link; drop our reference, bs owns the * backing_hd reference now */ - bdrv_set_backing_hd(bs, backing_hd); + bdrv_set_backing_hd(bs, backing_hd, &local_err); bdrv_unref(backing_hd); + if (local_err) { + ret =3D -EINVAL; + goto free_exit; + } =20 qdict_del(parent_options, bdref_key); =20 @@ -2818,7 +2826,7 @@ static void bdrv_close(BlockDriverState *bs) bs->drv->bdrv_close(bs); bs->drv =3D NULL; =20 - bdrv_set_backing_hd(bs, NULL); + bdrv_set_backing_hd(bs, NULL, &error_abort); =20 if (bs->file !=3D NULL) { bdrv_unref_child(bs, bs->file); @@ -2927,7 +2935,8 @@ void bdrv_append(BlockDriverState *bs_new, BlockDrive= rState *bs_top) bdrv_ref(bs_top); =20 change_parent_backing_link(bs_top, bs_new); - bdrv_set_backing_hd(bs_new, bs_top); + /* FIXME Error handling */ + bdrv_set_backing_hd(bs_new, bs_top, &error_abort); bdrv_unref(bs_top); =20 /* bs_new is now referenced by its new parents, we don't need the @@ -3075,6 +3084,7 @@ int bdrv_drop_intermediate(BlockDriverState *active, = BlockDriverState *top, BlockDriverState *base, const char *backing_fil= e_str) { BlockDriverState *new_top_bs =3D NULL; + Error *local_err =3D NULL; int ret =3D -EIO; =20 if (!top->drv || !base->drv) { @@ -3107,7 +3117,13 @@ int bdrv_drop_intermediate(BlockDriverState *active,= BlockDriverState *top, if (ret) { goto exit; } - bdrv_set_backing_hd(new_top_bs, base); + + bdrv_set_backing_hd(new_top_bs, base, &local_err); + if (local_err) { + ret =3D -EPERM; + error_report_err(local_err); + goto exit; + } =20 ret =3D 0; exit: diff --git a/block/commit.c b/block/commit.c index 1e0f531..22a0a4d 100644 --- a/block/commit.c +++ b/block/commit.c @@ -121,7 +121,7 @@ static void commit_complete(BlockJob *job, void *opaque) * filter driver from the backing chain. Do this as the final step so = that * the 'consistent read' permission can be granted. */ if (remove_commit_top_bs) { - bdrv_set_backing_hd(overlay_bs, top); + bdrv_set_backing_hd(overlay_bs, top, &error_abort); } } =20 @@ -316,8 +316,8 @@ void commit_start(const char *job_id, BlockDriverState = *bs, goto fail; } =20 - bdrv_set_backing_hd(commit_top_bs, top); - bdrv_set_backing_hd(overlay_bs, commit_top_bs); + bdrv_set_backing_hd(commit_top_bs, top, &error_abort); + bdrv_set_backing_hd(overlay_bs, commit_top_bs, &error_abort); =20 s->commit_top_bs =3D commit_top_bs; bdrv_unref(commit_top_bs); @@ -390,7 +390,7 @@ fail: blk_unref(s->top); } if (commit_top_bs) { - bdrv_set_backing_hd(overlay_bs, top); + bdrv_set_backing_hd(overlay_bs, top, &error_abort); } block_job_unref(&s->common); } @@ -451,8 +451,8 @@ int bdrv_commit(BlockDriverState *bs) goto ro_cleanup; } =20 - bdrv_set_backing_hd(commit_top_bs, backing_file_bs); - bdrv_set_backing_hd(bs, commit_top_bs); + bdrv_set_backing_hd(commit_top_bs, backing_file_bs, &error_abort); + bdrv_set_backing_hd(bs, commit_top_bs, &error_abort); =20 ret =3D blk_insert_bs(backing, backing_file_bs, &local_err); if (ret < 0) { @@ -532,7 +532,7 @@ ro_cleanup: =20 blk_unref(backing); if (backing_file_bs) { - bdrv_set_backing_hd(bs, backing_file_bs); + bdrv_set_backing_hd(bs, backing_file_bs, &error_abort); } bdrv_unref(commit_top_bs); blk_unref(src); diff --git a/block/mirror.c b/block/mirror.c index 9247ad9..e0475b4 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -503,6 +503,7 @@ static void mirror_exit(BlockJob *job, void *opaque) BlockDriverState *src =3D s->source; BlockDriverState *target_bs =3D blk_bs(s->target); BlockDriverState *mirror_top_bs =3D s->mirror_top_bs; + Error *local_err =3D NULL; =20 /* Make sure that the source BDS doesn't go away before we called * block_job_completed(). */ @@ -516,7 +517,11 @@ static void mirror_exit(BlockJob *job, void *opaque) if (s->backing_mode =3D=3D MIRROR_SOURCE_BACKING_CHAIN) { BlockDriverState *backing =3D s->is_none_mode ? src : s->base; if (backing_bs(target_bs) !=3D backing) { - bdrv_set_backing_hd(target_bs, backing); + bdrv_set_backing_hd(target_bs, backing, &local_err); + if (local_err) { + error_report_err(local_err); + data->ret =3D -EPERM; + } } } =20 diff --git a/block/stream.c b/block/stream.c index b9c2f43..0113710 100644 --- a/block/stream.c +++ b/block/stream.c @@ -68,6 +68,7 @@ static void stream_complete(BlockJob *job, void *opaque) StreamCompleteData *data =3D opaque; BlockDriverState *bs =3D blk_bs(job->blk); BlockDriverState *base =3D s->base; + Error *local_err =3D NULL; =20 if (!block_job_is_cancelled(&s->common) && data->reached_end && data->ret =3D=3D 0) { @@ -79,9 +80,15 @@ static void stream_complete(BlockJob *job, void *opaque) } } data->ret =3D bdrv_change_backing_file(bs, base_id, base_fmt); - bdrv_set_backing_hd(bs, base); + bdrv_set_backing_hd(bs, base, &local_err); + if (local_err) { + error_report_err(local_err); + data->ret =3D -EPERM; + goto out; + } } =20 +out: /* Reopen the image back in read-only mode if necessary */ if (s->bs_flags !=3D bdrv_get_flags(bs)) { /* Give up write permissions before making it read-only */ diff --git a/block/vvfat.c b/block/vvfat.c index 72b482c..aa61c32 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -3041,7 +3041,7 @@ static int enable_write_target(BlockDriverState *bs, = Error **errp) &error_abort); *(void**) backing->opaque =3D s; =20 - bdrv_set_backing_hd(s->bs, backing); + bdrv_set_backing_hd(s->bs, backing, &error_abort); bdrv_unref(backing); =20 return 0; diff --git a/include/block/block.h b/include/block/block.h index 07f7561..eac2861 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -247,7 +247,8 @@ BdrvChild *bdrv_open_child(const char *filename, BlockDriverState* parent, const BdrvChildRole *child_role, bool allow_none, Error **errp); -void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_h= d); +void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_h= d, + Error **errp); int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options, const char *bdref_key, Error **errp); BlockDriverState *bdrv_open(const char *filename, const char *reference, --=20 1.8.3.1 From nobody Fri May 3 00:34:40 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1488291363963519.3606697489462; Tue, 28 Feb 2017 06:16:03 -0800 (PST) Received: from localhost ([::1]:33107 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ciiZL-0001xC-In for importer@patchew.org; Tue, 28 Feb 2017 09:15:59 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44214) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cihK1-0005GG-JK for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:56:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cihK0-0004eO-Dm for qemu-devel@nongnu.org; Tue, 28 Feb 2017 07:56:05 -0500 Received: from mx1.redhat.com ([209.132.183.28]:53900) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cihJv-0004cO-3P; Tue, 28 Feb 2017 07:55:59 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2F6957F368; Tue, 28 Feb 2017 12:55:59 +0000 (UTC) Received: from noname.redhat.com (ovpn-116-177.ams2.redhat.com [10.36.116.177]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1SCsXQk029713; Tue, 28 Feb 2017 07:55:57 -0500 From: Kevin Wolf To: qemu-block@nongnu.org Date: Tue, 28 Feb 2017 13:54:29 +0100 Message-Id: <1488286469-9381-45-git-send-email-kwolf@redhat.com> In-Reply-To: <1488286469-9381-1-git-send-email-kwolf@redhat.com> References: <1488286469-9381-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 28 Feb 2017 12:55:59 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 44/44] block: Add Error parameter to bdrv_append() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, jcody@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Aborting on error in bdrv_append() isn't correct. This patch fixes it and lets the callers handle failures. Test case 085 needs a reference output update. This is caused by the reversed order of bdrv_set_backing_hd() and change_parent_backing_link() in bdrv_append(): When the backing file of the new node is set, the parent nodes are still pointing to the old top, so the backing blocker is now initialised with the node name rather than the BlockBackend name. Signed-off-by: Kevin Wolf Acked-by: Fam Zheng Reviewed-by: Max Reitz --- block.c | 23 +++++++++++++++++------ block/mirror.c | 9 ++++++++- blockdev.c | 18 +++++++++++++++--- include/block/block.h | 3 ++- tests/qemu-iotests/085.out | 2 +- 5 files changed, 43 insertions(+), 12 deletions(-) diff --git a/block.c b/block.c index 6440b61..f293ccb 100644 --- a/block.c +++ b/block.c @@ -2087,6 +2087,7 @@ static BlockDriverState *bdrv_append_temp_snapshot(Bl= ockDriverState *bs, int64_t total_size; QemuOpts *opts =3D NULL; BlockDriverState *bs_snapshot; + Error *local_err =3D NULL; int ret; =20 /* if snapshot, we create a temporary backing file and open it @@ -2136,7 +2137,12 @@ static BlockDriverState *bdrv_append_temp_snapshot(B= lockDriverState *bs, * call bdrv_unref() on it), so in order to be able to return one, we = have * to increase bs_snapshot's refcount here */ bdrv_ref(bs_snapshot); - bdrv_append(bs_snapshot, bs); + bdrv_append(bs_snapshot, bs, &local_err); + if (local_err) { + error_propagate(errp, local_err); + ret =3D -EINVAL; + goto out; + } =20 g_free(tmp_filename); return bs_snapshot; @@ -2927,20 +2933,25 @@ static void change_parent_backing_link(BlockDriverS= tate *from, * parents of bs_top after bdrv_append() returns. If the caller needs to k= eep a * reference of its own, it must call bdrv_ref(). */ -void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top) +void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top, + Error **errp) { + Error *local_err =3D NULL; + assert(!atomic_read(&bs_top->in_flight)); assert(!atomic_read(&bs_new->in_flight)); =20 - bdrv_ref(bs_top); + bdrv_set_backing_hd(bs_new, bs_top, &local_err); + if (local_err) { + error_propagate(errp, local_err); + goto out; + } =20 change_parent_backing_link(bs_top, bs_new); - /* FIXME Error handling */ - bdrv_set_backing_hd(bs_new, bs_top, &error_abort); - bdrv_unref(bs_top); =20 /* bs_new is now referenced by its new parents, we don't need the * additional reference any more. */ +out: bdrv_unref(bs_new); } =20 diff --git a/block/mirror.c b/block/mirror.c index e0475b4..41a64ac 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -1099,6 +1099,7 @@ static void mirror_start_job(const char *job_id, Bloc= kDriverState *bs, BlockDriverState *mirror_top_bs; bool target_graph_mod; bool target_is_backing; + Error *local_err =3D NULL; int ret; =20 if (granularity =3D=3D 0) { @@ -1130,9 +1131,15 @@ static void mirror_start_job(const char *job_id, Blo= ckDriverState *bs, * it alive until block_job_create() even if bs has no parent. */ bdrv_ref(mirror_top_bs); bdrv_drained_begin(bs); - bdrv_append(mirror_top_bs, bs); + bdrv_append(mirror_top_bs, bs, &local_err); bdrv_drained_end(bs); =20 + if (local_err) { + bdrv_unref(mirror_top_bs); + error_propagate(errp, local_err); + return; + } + /* Make sure that the source is not resized while the job is running */ s =3D block_job_create(job_id, driver, mirror_top_bs, BLK_PERM_CONSISTENT_READ, diff --git a/blockdev.c b/blockdev.c index 34b522b..97fbc7e 100644 --- a/blockdev.c +++ b/blockdev.c @@ -1767,6 +1767,17 @@ static void external_snapshot_prepare(BlkActionState= *common, =20 if (!state->new_bs->drv->supports_backing) { error_setg(errp, "The snapshot does not support backing images"); + return; + } + + /* This removes our old bs and adds the new bs. This is an operation t= hat + * can fail, so we need to do it in .prepare; undoing it for abort is + * always possible. */ + bdrv_ref(state->new_bs); + bdrv_append(state->new_bs, state->old_bs, &local_err); + if (local_err) { + error_propagate(errp, local_err); + return; } } =20 @@ -1777,8 +1788,6 @@ static void external_snapshot_commit(BlkActionState *= common) =20 bdrv_set_aio_context(state->new_bs, state->aio_context); =20 - /* This removes our old bs and adds the new bs */ - bdrv_append(state->new_bs, state->old_bs); /* We don't need (or want) to use the transactional * bdrv_reopen_multiple() across all the entries at once, because we * don't want to abort all of them if one of them fails the reopen */ @@ -1793,7 +1802,9 @@ static void external_snapshot_abort(BlkActionState *c= ommon) ExternalSnapshotState *state =3D DO_UPCAST(ExternalSnapshotState, common, comm= on); if (state->new_bs) { - bdrv_unref(state->new_bs); + if (state->new_bs->backing) { + bdrv_replace_in_backing_chain(state->new_bs, state->old_bs); + } } } =20 @@ -1804,6 +1815,7 @@ static void external_snapshot_clean(BlkActionState *c= ommon) if (state->aio_context) { bdrv_drained_end(state->old_bs); aio_context_release(state->aio_context); + bdrv_unref(state->new_bs); } } =20 diff --git a/include/block/block.h b/include/block/block.h index eac2861..c7c4a3a 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -236,7 +236,8 @@ int bdrv_create(BlockDriver *drv, const char* filename, QemuOpts *opts, Error **errp); int bdrv_create_file(const char *filename, QemuOpts *opts, Error **errp); BlockDriverState *bdrv_new(void); -void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top); +void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top, + Error **errp); void bdrv_replace_in_backing_chain(BlockDriverState *old, BlockDriverState *new); =20 diff --git a/tests/qemu-iotests/085.out b/tests/qemu-iotests/085.out index 08e4bb7..182acb4 100644 --- a/tests/qemu-iotests/085.out +++ b/tests/qemu-iotests/085.out @@ -74,7 +74,7 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=3DIMGFMT size=3D13421= 7728 backing_file=3DTEST_DIR/ =20 =3D=3D=3D Invalid command - snapshot node used as backing hd =3D=3D=3D =20 -{"error": {"class": "GenericError", "desc": "Node 'snap_11' is busy: node = is used as backing hd of 'virtio0'"}} +{"error": {"class": "GenericError", "desc": "Node 'snap_11' is busy: node = is used as backing hd of 'snap_12'"}} =20 =3D=3D=3D Invalid command - snapshot node has a backing image =3D=3D=3D =20 --=20 1.8.3.1