From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, peter.maydell@linaro.org, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 17/24] block: Fix permissions after bdrv_reopen()
Date: Tue, 26 Sep 2017 16:21:26 +0200 [thread overview]
Message-ID: <20170926142133.2498-18-kwolf@redhat.com> (raw)
In-Reply-To: <20170926142133.2498-1-kwolf@redhat.com>
If we switch between read-only and read-write, the permissions that
image format drivers need on bs->file change, too. Make sure to update
the permissions during bdrv_reopen().
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
---
include/block/block.h | 1 +
block.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 65 insertions(+)
diff --git a/include/block/block.h b/include/block/block.h
index 082eb2cd9c..3c3af462e4 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -166,6 +166,7 @@ typedef QSIMPLEQ_HEAD(BlockReopenQueue, BlockReopenQueueEntry) BlockReopenQueue;
typedef struct BDRVReopenState {
BlockDriverState *bs;
int flags;
+ uint64_t perm, shared_perm;
QDict *options;
QDict *explicit_options;
void *opaque;
diff --git a/block.c b/block.c
index 204cbb46c7..5c65fac672 100644
--- a/block.c
+++ b/block.c
@@ -2781,6 +2781,10 @@ static BlockReopenQueue *bdrv_reopen_queue_child(BlockReopenQueue *bs_queue,
bs_entry->state.explicit_options = explicit_options;
bs_entry->state.flags = flags;
+ /* This needs to be overwritten in bdrv_reopen_prepare() */
+ bs_entry->state.perm = UINT64_MAX;
+ bs_entry->state.shared_perm = 0;
+
QLIST_FOREACH(child, &bs->children, next) {
QDict *new_child_options;
char *child_key_dot;
@@ -2887,6 +2891,52 @@ int bdrv_reopen(BlockDriverState *bs, int bdrv_flags, Error **errp)
return ret;
}
+static BlockReopenQueueEntry *find_parent_in_reopen_queue(BlockReopenQueue *q,
+ BdrvChild *c)
+{
+ BlockReopenQueueEntry *entry;
+
+ QSIMPLEQ_FOREACH(entry, q, entry) {
+ BlockDriverState *bs = entry->state.bs;
+ BdrvChild *child;
+
+ QLIST_FOREACH(child, &bs->children, next) {
+ if (child == c) {
+ return entry;
+ }
+ }
+ }
+
+ return NULL;
+}
+
+static void bdrv_reopen_perm(BlockReopenQueue *q, BlockDriverState *bs,
+ uint64_t *perm, uint64_t *shared)
+{
+ BdrvChild *c;
+ BlockReopenQueueEntry *parent;
+ uint64_t cumulative_perms = 0;
+ uint64_t cumulative_shared_perms = BLK_PERM_ALL;
+
+ QLIST_FOREACH(c, &bs->parents, next_parent) {
+ parent = find_parent_in_reopen_queue(q, c);
+ if (!parent) {
+ cumulative_perms |= c->perm;
+ cumulative_shared_perms &= c->shared_perm;
+ } else {
+ uint64_t nperm, nshared;
+
+ bdrv_child_perm(parent->state.bs, bs, c, c->role, q,
+ parent->state.perm, parent->state.shared_perm,
+ &nperm, &nshared);
+
+ cumulative_perms |= nperm;
+ cumulative_shared_perms &= nshared;
+ }
+ }
+ *perm = cumulative_perms;
+ *shared = cumulative_shared_perms;
+}
/*
* Prepares a BlockDriverState for reopen. All changes are staged in the
@@ -2952,6 +3002,9 @@ int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue,
goto error;
}
+ /* Calculate required permissions after reopening */
+ bdrv_reopen_perm(queue, reopen_state->bs,
+ &reopen_state->perm, &reopen_state->shared_perm);
ret = bdrv_flush(reopen_state->bs);
if (ret) {
@@ -3007,6 +3060,12 @@ int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue,
} while ((entry = qdict_next(reopen_state->options, entry)));
}
+ ret = bdrv_check_perm(reopen_state->bs, queue, reopen_state->perm,
+ reopen_state->shared_perm, NULL, errp);
+ if (ret < 0) {
+ goto error;
+ }
+
ret = 0;
error:
@@ -3047,6 +3106,9 @@ void bdrv_reopen_commit(BDRVReopenState *reopen_state)
bdrv_refresh_limits(bs, NULL);
+ bdrv_set_perm(reopen_state->bs, reopen_state->perm,
+ reopen_state->shared_perm);
+
new_can_write =
!bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE);
if (!old_can_write && new_can_write && drv->bdrv_reopen_bitmaps_rw) {
@@ -3080,6 +3142,8 @@ void bdrv_reopen_abort(BDRVReopenState *reopen_state)
}
QDECREF(reopen_state->explicit_options);
+
+ bdrv_abort_perm_update(reopen_state->bs);
}
--
2.13.5
next prev parent reply other threads:[~2017-09-26 14:22 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-26 14:21 [Qemu-devel] [PULL 00/24] Block layer patches Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 01/24] qemu-iotests: Add missing -machine accel=qtest Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 02/24] qemu-img: Clarify about relative backing file options Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 03/24] file-posix: Clear out first sector in hdev_create Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 04/24] docs: add qemu-block-drivers(7) man page Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 05/24] iotests: use -ccw on s390x for 040, 139, and 182 Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 06/24] iotests: use -ccw on s390x for 051 Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 07/24] iotests: use virtio aliases for 067 Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 08/24] iotests: Print full path of bad output if mismatch Kevin Wolf
2017-09-26 14:56 ` Eric Blake
2017-09-26 15:25 ` Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 09/24] throttle: Assert that bkt->max is valid in throttle_compute_wait() Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 10/24] block/throttle-groups.c: allocate RestartData on the heap Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 11/24] block: Clean up some bad code in the vvfat driver Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 12/24] qemu-io: Drop write permissions before read-only reopen Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 13/24] block: Add reopen_queue to bdrv_child_perm() Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 14/24] block: Add reopen queue to bdrv_check_perm() Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 15/24] block: Base permissions on rw state after reopen Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 16/24] block: reopen: Queue children after their parents Kevin Wolf
2017-09-26 14:21 ` Kevin Wolf [this message]
2017-09-26 14:21 ` [Qemu-devel] [PULL 18/24] qemu-iotests: Test change-backing-file command Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 19/24] iotests: fix 181: enable postcopy-ram capability on target Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 20/24] qemu-img: add --shrink flag for resize Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 21/24] qcow2: add qcow2_cache_discard Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 22/24] qcow2: add shrink image support Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 23/24] qemu-iotests: add shrinking image test Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 24/24] block/qcow2-bitmap: fix use of uninitialized pointer Kevin Wolf
2017-09-27 17:20 ` [Qemu-devel] [PULL 00/24] Block layer patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170926142133.2498-18-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.