From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, mreitz@redhat.com, eblake@redhat.com,
pkrempa@redhat.com, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH 7/8] file-posix: Prepare permission code for fd switching
Date: Fri, 8 Mar 2019 16:37:56 +0100 [thread overview]
Message-ID: <20190308153757.25794-8-kwolf@redhat.com> (raw)
In-Reply-To: <20190308153757.25794-1-kwolf@redhat.com>
In order to be able to dynamically reopen the file read-only or
read-write, depending on the users that are attached, we need to be able
to switch to a different file descriptor during the permission change.
This interacts with reopen, which also creates a new file descriptor and
performs permission changes internally. In this case, the permission
change code must reuse the reopen file descriptor instead of creating a
third one.
In turn, reopen can drop its code to copy file locks to the new file
descriptor because that is now done when applying the new permissions.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block/file-posix.c | 91 ++++++++++++++++++++++++++++++++++++++++------
1 file changed, 80 insertions(+), 11 deletions(-)
diff --git a/block/file-posix.c b/block/file-posix.c
index 932cc8e58c..bcfb38ec4b 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -144,6 +144,7 @@ typedef struct BDRVRawState {
uint64_t locked_perm;
uint64_t locked_shared_perm;
+ int perm_change_fd;
BDRVReopenState *reopen_state;
#ifdef CONFIG_XFS
@@ -845,7 +846,8 @@ static int raw_handle_perm_lock(BlockDriverState *bs,
}
static int raw_reconfigure_getfd(BlockDriverState *bs, int flags,
- int *open_flags, Error **errp)
+ int *open_flags, bool force_dup,
+ Error **errp)
{
BDRVRawState *s = bs->opaque;
int fd = -1;
@@ -871,6 +873,11 @@ static int raw_reconfigure_getfd(BlockDriverState *bs, int flags,
assert((s->open_flags & O_ASYNC) == 0);
#endif
+ if (!force_dup && *open_flags == s->open_flags) {
+ /* We're lucky, the existing fd is fine */
+ return s->fd;
+ }
+
if ((*open_flags & ~fcntl_flags) == (s->open_flags & ~fcntl_flags)) {
/* dup the original fd */
fd = qemu_dup(s->fd);
@@ -935,7 +942,7 @@ static int raw_reopen_prepare(BDRVReopenState *state,
qemu_opts_to_qdict(opts, state->options);
rs->fd = raw_reconfigure_getfd(state->bs, state->flags, &rs->open_flags,
- &local_err);
+ true, &local_err);
if (local_err) {
error_propagate(errp, local_err);
ret = -1;
@@ -951,14 +958,6 @@ static int raw_reopen_prepare(BDRVReopenState *state,
ret = -EINVAL;
goto out_fd;
}
-
- /* Copy locks to the new fd */
- ret = raw_apply_lock_bytes(NULL, rs->fd, s->locked_perm,
- s->locked_shared_perm, false, errp);
- if (ret < 0) {
- ret = -EINVAL;
- goto out_fd;
- }
}
s->reopen_state = state;
@@ -2696,12 +2695,73 @@ static QemuOptsList raw_create_opts = {
static int raw_check_perm(BlockDriverState *bs, uint64_t perm, uint64_t shared,
Error **errp)
{
- return raw_handle_perm_lock(bs, RAW_PL_PREPARE, perm, shared, errp);
+ BDRVRawState *s = bs->opaque;
+ BDRVRawReopenState *rs = NULL;
+ int open_flags;
+ int ret;
+
+ if (s->reopen_state) {
+ /* We already have a new file descriptor to set permissions for */
+ assert(s->reopen_state->perm == perm);
+ assert(s->reopen_state->shared_perm == shared);
+ if (s->perm_change_fd) {
+ /* reopen may call this function several times (directly and
+ * recursively while change permissions of the parent). Ignore all
+ * but the first call. */
+ return 0;
+ }
+ rs = s->reopen_state->opaque;
+ s->perm_change_fd = rs->fd;
+ } else {
+ /* We may need a new fd if auto-read-only switches the mode */
+ assert(!s->perm_change_fd);
+ ret = raw_reconfigure_getfd(bs, bs->open_flags, &open_flags,
+ false, errp);
+ if (ret < 0) {
+ return ret;
+ } else if (ret != s->fd) {
+ s->perm_change_fd = ret;
+ }
+ }
+
+ /* Prepare permissions on old fd to avoid conflicts between old and new,
+ * but keep everything locked that new will need. */
+ ret = raw_handle_perm_lock(bs, RAW_PL_PREPARE, perm, shared, errp);
+ if (ret < 0) {
+ goto fail;
+ }
+
+ /* Copy locks to the new fd */
+ if (s->perm_change_fd) {
+ ret = raw_apply_lock_bytes(NULL, s->perm_change_fd, perm, ~shared,
+ false, errp);
+ if (ret < 0) {
+ raw_handle_perm_lock(bs, RAW_PL_ABORT, 0, 0, NULL);
+ goto fail;
+ }
+ }
+ return 0;
+
+fail:
+ if (s->perm_change_fd && !s->reopen_state) {
+ qemu_close(s->perm_change_fd);
+ }
+ s->perm_change_fd = 0;
+ return ret;
}
static void raw_set_perm(BlockDriverState *bs, uint64_t perm, uint64_t shared)
{
BDRVRawState *s = bs->opaque;
+
+ /* For reopen, we have already switched to the new fd (.bdrv_set_perm is
+ * called after .bdrv_reopen_commit) */
+ if (s->perm_change_fd && s->fd != s->perm_change_fd) {
+ qemu_close(s->fd);
+ s->fd = s->perm_change_fd;
+ }
+ s->perm_change_fd = 0;
+
raw_handle_perm_lock(bs, RAW_PL_COMMIT, perm, shared, NULL);
s->perm = perm;
s->shared_perm = shared;
@@ -2709,6 +2769,15 @@ static void raw_set_perm(BlockDriverState *bs, uint64_t perm, uint64_t shared)
static void raw_abort_perm_update(BlockDriverState *bs)
{
+ BDRVRawState *s = bs->opaque;
+
+ /* For reopen, .bdrv_reopen_abort is called afterwards and will close
+ * the file descriptor. */
+ if (s->perm_change_fd && !s->reopen_state) {
+ qemu_close(s->perm_change_fd);
+ }
+ s->perm_change_fd = 0;
+
raw_handle_perm_lock(bs, RAW_PL_ABORT, 0, 0, NULL);
}
--
2.20.1
next prev parent reply other threads:[~2019-03-08 15:38 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-08 15:37 [Qemu-devel] [PATCH 0/8] file-posix: Make auto-read-only dynamic Kevin Wolf
2019-03-08 15:37 ` [Qemu-devel] [PATCH 1/8] tests/virtio-blk-test: Disable auto-read-only Kevin Wolf
2019-03-12 2:46 ` Eric Blake
2019-03-08 15:37 ` [Qemu-devel] [PATCH 2/8] block: Avoid useless local_err Kevin Wolf
2019-03-11 10:16 ` [Qemu-devel] [Qemu-block] " Alberto Garcia
2019-03-08 15:37 ` [Qemu-devel] [PATCH 3/8] block: Make permission changes in reopen less wrong Kevin Wolf
2019-03-08 15:37 ` [Qemu-devel] [PATCH 4/8] file-posix: Factor out raw_reconfigure_getfd() Kevin Wolf
2019-03-08 15:37 ` [Qemu-devel] [PATCH 5/8] file-posix: Store BDRVRawState.reopen_state during reopen Kevin Wolf
2019-03-08 15:37 ` [Qemu-devel] [PATCH 6/8] file-posix: Lock new fd in raw_reopen_prepare() Kevin Wolf
2019-03-08 15:37 ` Kevin Wolf [this message]
2019-03-08 15:37 ` [Qemu-devel] [PATCH 8/8] file-posix: Make auto-read-only dynamic Kevin Wolf
2019-03-11 13:09 ` [Qemu-devel] [PATCH 0/8] " Peter Krempa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190308153757.25794-8-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=eblake@redhat.com \
--cc=mreitz@redhat.com \
--cc=pkrempa@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.