[Qemu-devel] [PATCH for-2.9] block: Don't check permissions for copy on read

Kevin Wolf posted 1 patch 6 years, 11 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/1491561165-12415-1-git-send-email-kwolf@redhat.com
Test checkpatch failed
Test docker passed
Test s390x passed
block/io.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
[Qemu-devel] [PATCH for-2.9] block: Don't check permissions for copy on read
Posted by Kevin Wolf 6 years, 11 months ago
The assertion is currently failing. We can't require callers to have
write permissions when all they are doing is a read, so comment it out.
Add a FIXME comment in the code so that the check is re-enabled when
copy on read is refactored into its own filter driver.

Reported-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
 block/io.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/block/io.c b/block/io.c
index 2709a70..7321dda 100644
--- a/block/io.c
+++ b/block/io.c
@@ -945,7 +945,14 @@ static int coroutine_fn bdrv_co_do_copy_on_readv(BdrvChild *child,
     size_t skip_bytes;
     int ret;
 
-    assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));
+    /* FIXME We cannot require callers to have write permissions when all they
+     * are doing is a read request. If we did things right, write permissions
+     * would be obtained anyway, but internally by the copy-on-read code. As
+     * long as it is implemented here rather than in a separat filter driver,
+     * the copy-on-read code doesn't have its own BdrvChild, however, for which
+     * it could request permissions. Therefore we have to bypass the permission
+     * system for the moment. */
+    // assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));
 
     /* Cover entire cluster so no additional backing file I/O is required when
      * allocating cluster in the image file.
-- 
1.8.3.1


Re: [Qemu-devel] [PATCH for-2.9] block: Don't check permissions for copy on read
Posted by Richard W.M. Jones 6 years, 11 months ago
On Fri, Apr 07, 2017 at 12:32:45PM +0200, Kevin Wolf wrote:
> The assertion is currently failing. We can't require callers to have
> write permissions when all they are doing is a read, so comment it out.
> Add a FIXME comment in the code so that the check is re-enabled when
> copy on read is refactored into its own filter driver.
> 
> Reported-by: Richard W.M. Jones <rjones@redhat.com>
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Thanks Kevin.  As this is essentially the same as the patch I tested
last night,

  Reviewed-by: Richard W.M. Jones <rjones@redhat.com>

Rich.

>  block/io.c | 9 ++++++++-
>  1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/block/io.c b/block/io.c
> index 2709a70..7321dda 100644
> --- a/block/io.c
> +++ b/block/io.c
> @@ -945,7 +945,14 @@ static int coroutine_fn bdrv_co_do_copy_on_readv(BdrvChild *child,
>      size_t skip_bytes;
>      int ret;
>  
> -    assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));
> +    /* FIXME We cannot require callers to have write permissions when all they
> +     * are doing is a read request. If we did things right, write permissions
> +     * would be obtained anyway, but internally by the copy-on-read code. As
> +     * long as it is implemented here rather than in a separat filter driver,
> +     * the copy-on-read code doesn't have its own BdrvChild, however, for which
> +     * it could request permissions. Therefore we have to bypass the permission
> +     * system for the moment. */
> +    // assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));
>  
>      /* Cover entire cluster so no additional backing file I/O is required when
>       * allocating cluster in the image file.
> -- 
> 1.8.3.1

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html

Re: [Qemu-devel] [PATCH for-2.9] block: Don't check permissions for copy on read
Posted by Eric Blake 6 years, 11 months ago
On 04/07/2017 05:32 AM, Kevin Wolf wrote:
> The assertion is currently failing. We can't require callers to have
> write permissions when all they are doing is a read, so comment it out.
> Add a FIXME comment in the code so that the check is re-enabled when
> copy on read is refactored into its own filter driver.
> 
> Reported-by: Richard W.M. Jones <rjones@redhat.com>
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
>  block/io.c | 9 ++++++++-
>  1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/block/io.c b/block/io.c
> index 2709a70..7321dda 100644
> --- a/block/io.c
> +++ b/block/io.c
> @@ -945,7 +945,14 @@ static int coroutine_fn bdrv_co_do_copy_on_readv(BdrvChild *child,
>      size_t skip_bytes;
>      int ret;
>  
> -    assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));
> +    /* FIXME We cannot require callers to have write permissions when all they
> +     * are doing is a read request. If we did things right, write permissions
> +     * would be obtained anyway, but internally by the copy-on-read code. As
> +     * long as it is implemented here rather than in a separat filter driver,

s/separat/separate/

> +     * the copy-on-read code doesn't have its own BdrvChild, however, for which
> +     * it could request permissions. Therefore we have to bypass the permission
> +     * system for the moment. */
> +    // assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));

Makes checkpatch.pl unhappy - but that's intentional.

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH for-2.9] block: Don't check permissions for copy on read
Posted by Max Reitz 6 years, 11 months ago
On 07.04.2017 15:53, Eric Blake wrote:
> On 04/07/2017 05:32 AM, Kevin Wolf wrote:
>> The assertion is currently failing. We can't require callers to have
>> write permissions when all they are doing is a read, so comment it out.
>> Add a FIXME comment in the code so that the check is re-enabled when
>> copy on read is refactored into its own filter driver.
>>
>> Reported-by: Richard W.M. Jones <rjones@redhat.com>
>> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
>> ---
>>  block/io.c | 9 ++++++++-
>>  1 file changed, 8 insertions(+), 1 deletion(-)
>>
>> diff --git a/block/io.c b/block/io.c
>> index 2709a70..7321dda 100644
>> --- a/block/io.c
>> +++ b/block/io.c
>> @@ -945,7 +945,14 @@ static int coroutine_fn bdrv_co_do_copy_on_readv(BdrvChild *child,
>>      size_t skip_bytes;
>>      int ret;
>>  
>> -    assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));
>> +    /* FIXME We cannot require callers to have write permissions when all they
>> +     * are doing is a read request. If we did things right, write permissions
>> +     * would be obtained anyway, but internally by the copy-on-read code. As
>> +     * long as it is implemented here rather than in a separat filter driver,
> 
> s/separat/separate/
> 
>> +     * the copy-on-read code doesn't have its own BdrvChild, however, for which
>> +     * it could request permissions. Therefore we have to bypass the permission
>> +     * system for the moment. */
>> +    // assert(child->perm & (BLK_PERM_WRITE_UNCHANGED | BLK_PERM_WRITE));
> 
> Makes checkpatch.pl unhappy - but that's intentional.

Is it? I don't know. But not that I mind, so for good measure:

Reviewed-by: Max Reitz <mreitz@redhat.com>

> Reviewed-by: Eric Blake <eblake@redhat.com>