From nobody Wed Dec 17 21:46:24 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1494514206783567.2499613559504; Thu, 11 May 2017 07:50:06 -0700 (PDT) Received: from localhost ([::1]:48601 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d8pPo-0008Fe-72 for importer@patchew.org; Thu, 11 May 2017 10:50:04 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36943) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d8pAb-0002U5-Dj for qemu-devel@nongnu.org; Thu, 11 May 2017 10:34:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d8pAa-0007cH-5o for qemu-devel@nongnu.org; Thu, 11 May 2017 10:34:21 -0400 Received: from mx1.redhat.com ([209.132.183.28]:40504) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d8pAU-0007Uj-M1; Thu, 11 May 2017 10:34:14 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9554B448D69; Thu, 11 May 2017 14:34:13 +0000 (UTC) Received: from noname.str.redhat.com (dhcp-192-175.str.redhat.com [10.33.192.175]) by smtp.corp.redhat.com (Postfix) with ESMTP id A812D88B39; Thu, 11 May 2017 14:34:12 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 9554B448D69 Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=kwolf@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 9554B448D69 From: Kevin Wolf To: qemu-block@nongnu.org Date: Thu, 11 May 2017 16:32:35 +0200 Message-Id: <1494513181-7900-33-git-send-email-kwolf@redhat.com> In-Reply-To: <1494513181-7900-1-git-send-email-kwolf@redhat.com> References: <1494513181-7900-1-git-send-email-kwolf@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 11 May 2017 14:34:13 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 32/58] block: Fix write/resize permissions for inactive images X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, qemu-devel@nongnu.org, stefanha@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Format drivers for inactive nodes don't need write/resize permissions on their bs->file and can share write/resize with another VM (in fact, this is the whole point of keeping images inactive). Represent this fact in the op blocker system, so that image locking does the right thing without special-casing inactive images. Signed-off-by: Kevin Wolf Reviewed-by: Eric Blake --- block.c | 35 +++++++++++++++++++++++++++++++++-- include/block/block.h | 1 + 2 files changed, 34 insertions(+), 2 deletions(-) diff --git a/block.c b/block.c index 170002e..50ba264 100644 --- a/block.c +++ b/block.c @@ -192,11 +192,20 @@ void path_combine(char *dest, int dest_size, } } =20 +/* Returns whether the image file is opened as read-only. Note that this c= an + * return false and writing to the image file is still not possible becaus= e the + * image is inactivated. */ bool bdrv_is_read_only(BlockDriverState *bs) { return bs->read_only; } =20 +/* Returns whether the image file can be written to right now */ +bool bdrv_is_writable(BlockDriverState *bs) +{ + return !bdrv_is_read_only(bs) && !(bs->open_flags & BDRV_O_INACTIVE); +} + int bdrv_can_set_read_only(BlockDriverState *bs, bool read_only, Error **e= rrp) { /* Do not set read_only if copy_on_read is enabled */ @@ -1510,7 +1519,7 @@ static int bdrv_check_perm(BlockDriverState *bs, uint= 64_t cumulative_perms, =20 /* Write permissions never work with read-only images */ if ((cumulative_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) && - bdrv_is_read_only(bs)) + !bdrv_is_writable(bs)) { error_setg(errp, "Block node is read-only"); return -EPERM; @@ -1795,7 +1804,7 @@ void bdrv_format_default_perms(BlockDriverState *bs, = BdrvChild *c, bdrv_filter_default_perms(bs, c, role, perm, shared, &perm, &share= d); =20 /* Format drivers may touch metadata even if the guest doesn't wri= te */ - if (!bdrv_is_read_only(bs)) { + if (bdrv_is_writable(bs)) { perm |=3D BLK_PERM_WRITE | BLK_PERM_RESIZE; } =20 @@ -1821,6 +1830,10 @@ void bdrv_format_default_perms(BlockDriverState *bs,= BdrvChild *c, BLK_PERM_WRITE_UNCHANGED; } =20 + if (bs->open_flags & BDRV_O_INACTIVE) { + shared |=3D BLK_PERM_WRITE | BLK_PERM_RESIZE; + } + *nperm =3D perm; *nshared =3D shared; } @@ -3960,6 +3973,7 @@ void bdrv_init_with_whitelist(void) void bdrv_invalidate_cache(BlockDriverState *bs, Error **errp) { BdrvChild *child, *parent; + uint64_t perm, shared_perm; Error *local_err =3D NULL; int ret; =20 @@ -3996,6 +4010,16 @@ void bdrv_invalidate_cache(BlockDriverState *bs, Err= or **errp) return; } =20 + /* Update permissions, they may differ for inactive nodes */ + bdrv_get_cumulative_perm(bs, &perm, &shared_perm); + ret =3D bdrv_check_perm(bs, perm, shared_perm, NULL, &local_err); + if (ret < 0) { + bs->open_flags |=3D BDRV_O_INACTIVE; + error_propagate(errp, local_err); + return; + } + bdrv_set_perm(bs, perm, shared_perm); + QLIST_FOREACH(parent, &bs->parents, next_parent) { if (parent->role->activate) { parent->role->activate(parent, &local_err); @@ -4040,6 +4064,8 @@ static int bdrv_inactivate_recurse(BlockDriverState *= bs, } =20 if (setting_flag) { + uint64_t perm, shared_perm; + bs->open_flags |=3D BDRV_O_INACTIVE; =20 QLIST_FOREACH(parent, &bs->parents, next_parent) { @@ -4051,6 +4077,11 @@ static int bdrv_inactivate_recurse(BlockDriverState = *bs, } } } + + /* Update permissions, they may differ for inactive nodes */ + bdrv_get_cumulative_perm(bs, &perm, &shared_perm); + bdrv_check_perm(bs, perm, shared_perm, NULL, &error_abort); + bdrv_set_perm(bs, perm, shared_perm); } =20 QLIST_FOREACH(child, &bs->children, next) { diff --git a/include/block/block.h b/include/block/block.h index 80d51d8..90932b4 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -435,6 +435,7 @@ int bdrv_is_allocated_above(BlockDriverState *top, Bloc= kDriverState *base, int64_t sector_num, int nb_sectors, int *pnum); =20 bool bdrv_is_read_only(BlockDriverState *bs); +bool bdrv_is_writable(BlockDriverState *bs); int bdrv_can_set_read_only(BlockDriverState *bs, bool read_only, Error **e= rrp); int bdrv_set_read_only(BlockDriverState *bs, bool read_only, Error **errp); bool bdrv_is_sg(BlockDriverState *bs); --=20 1.8.3.1