From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
To: qemu-block@nongnu.org
Cc: qemu-devel@nongnu.org, armbru@redhat.com, jsnow@redhat.com,
mreitz@redhat.com, kwolf@redhat.com, vsementsov@virtuozzo.com,
den@openvz.org
Subject: [PATCH 08/21] block: use topological sort for permission update
Date: Mon, 23 Nov 2020 23:12:20 +0300 [thread overview]
Message-ID: <20201123201233.9534-11-vsementsov@virtuozzo.com> (raw)
In-Reply-To: <20201123201233.9534-1-vsementsov@virtuozzo.com>
Rewrite bdrv_check_perm(), bdrv_abort_perm_update() and bdrv_set_perm()
to update nodes in topological sort order instead of simple DFS. With
topologically sorted nodes, we update a node only when all its parents
already updated. With DFS it's not so.
Consider the following example:
A -+
| |
| v
| B
| |
v |
C<-+
A is parent for B and C, B is parent for C.
Obviously, to update permissions, we should go in order A B C, so, when
we update C, all parent permissions already updated. But with current
approach (simple recursion) we can update in sequence A C B C (C is
updated twice). On first update of C, we consider old B permissions, so
doing wrong thing. If it succeed, all is OK, on second C update we will
finish with correct graph. But if the wrong thing failed, we break the
whole process for no reason (it's possible that updated B permission
will be less strict, but we will never check it).
Also new approach gives a way to simultaneously and correctly update
several nodes, we just need to run bdrv_topological_dfs() several times
to add all nodes and their subtrees into one topologically sorted list
(next patch will update bdrv_replace_node() in this manner).
Test test_parallel_perm_update() is now passing, so move it out of
debugging "if".
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
---
block.c | 108 ++++++++++++++++++++++++++++--------
tests/test-bdrv-graph-mod.c | 4 +-
tests/qemu-iotests/283.out | 2 +-
3 files changed, 88 insertions(+), 26 deletions(-)
diff --git a/block.c b/block.c
index 22498b5288..56263407e8 100644
--- a/block.c
+++ b/block.c
@@ -1973,13 +1973,17 @@ static bool bdrv_a_allow_b(BdrvChild *a, BdrvChild *b, Error **errp)
return false;
}
-static bool bdrv_check_parents_compliance(BlockDriverState *bs, Error **errp)
+static bool bdrv_check_parents_compliance(BlockDriverState *bs,
+ GSList *ignore_children,
+ Error **errp)
{
BdrvChild *a, *b;
QLIST_FOREACH(a, &bs->parents, next_parent) {
QLIST_FOREACH(b, &bs->parents, next_parent) {
- if (a == b) {
+ if (a == b || g_slist_find(ignore_children, a) ||
+ g_slist_find(ignore_children, b))
+ {
continue;
}
@@ -2012,6 +2016,29 @@ static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs,
}
}
+static GSList *bdrv_topological_dfs(GSList *list, GHashTable *found,
+ BlockDriverState *bs)
+{
+ BdrvChild *child;
+ g_autoptr(GHashTable) local_found = NULL;
+
+ if (!found) {
+ assert(!list);
+ found = local_found = g_hash_table_new(NULL, NULL);
+ }
+
+ if (g_hash_table_contains(found, bs)) {
+ return list;
+ }
+ g_hash_table_add(found, bs);
+
+ QLIST_FOREACH(child, &bs->children, next) {
+ list = bdrv_topological_dfs(list, found, child->bs);
+ }
+
+ return g_slist_prepend(list, bs);
+}
+
static void bdrv_child_set_perm_commit(void *opaque)
{
BdrvChild *c = opaque;
@@ -2076,14 +2103,13 @@ static void bdrv_child_set_perm_safe(BdrvChild *c, uint64_t perm,
* A call to this function must always be followed by a call to bdrv_set_perm()
* or bdrv_abort_perm_update().
*/
-static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
- uint64_t cumulative_perms,
- uint64_t cumulative_shared_perms,
- GSList *ignore_children, Error **errp)
+static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
+ uint64_t cumulative_perms,
+ uint64_t cumulative_shared_perms,
+ GSList *ignore_children, Error **errp)
{
BlockDriver *drv = bs->drv;
BdrvChild *c;
- int ret;
/* Write permissions never work with read-only images */
if ((cumulative_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) &&
@@ -2128,8 +2154,8 @@ static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
}
if (drv->bdrv_check_perm) {
- ret = drv->bdrv_check_perm(bs, cumulative_perms,
- cumulative_shared_perms, errp);
+ int ret = drv->bdrv_check_perm(bs, cumulative_perms,
+ cumulative_shared_perms, errp);
if (ret < 0) {
return ret;
}
@@ -2144,21 +2170,43 @@ static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
/* Check all children */
QLIST_FOREACH(c, &bs->children, next) {
uint64_t cur_perm, cur_shared;
- GSList *cur_ignore_children;
bdrv_child_perm(bs, c->bs, c, c->role, q,
cumulative_perms, cumulative_shared_perms,
&cur_perm, &cur_shared);
+ bdrv_child_set_perm_safe(c, cur_perm, cur_shared, NULL);
+ }
+
+ return 0;
+}
- cur_ignore_children = g_slist_prepend(g_slist_copy(ignore_children), c);
- ret = bdrv_check_update_perm(c->bs, q, cur_perm, cur_shared,
- cur_ignore_children, errp);
- g_slist_free(cur_ignore_children);
+static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
+ uint64_t cumulative_perms,
+ uint64_t cumulative_shared_perms,
+ GSList *ignore_children, Error **errp)
+{
+ int ret;
+ BlockDriverState *root = bs;
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, root);
+
+ for ( ; list; list = list->next) {
+ bs = list->data;
+
+ if (bs != root) {
+ if (!bdrv_check_parents_compliance(bs, ignore_children, errp)) {
+ return -EINVAL;
+ }
+
+ bdrv_get_cumulative_perm(bs, &cumulative_perms,
+ &cumulative_shared_perms);
+ }
+
+ ret = bdrv_node_check_perm(bs, q, cumulative_perms,
+ cumulative_shared_perms,
+ ignore_children, errp);
if (ret < 0) {
return ret;
}
-
- bdrv_child_set_perm_safe(c, cur_perm, cur_shared, NULL);
}
return 0;
@@ -2168,10 +2216,8 @@ static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
* Notifies drivers that after a previous bdrv_check_perm() call, the
* permission update is not performed and any preparations made for it (e.g.
* taken file locks) need to be undone.
- *
- * This function recursively notifies all child nodes.
*/
-static void bdrv_abort_perm_update(BlockDriverState *bs)
+static void bdrv_node_abort_perm_update(BlockDriverState *bs)
{
BlockDriver *drv = bs->drv;
BdrvChild *c;
@@ -2186,11 +2232,19 @@ static void bdrv_abort_perm_update(BlockDriverState *bs)
QLIST_FOREACH(c, &bs->children, next) {
bdrv_child_set_perm_abort(c);
- bdrv_abort_perm_update(c->bs);
}
}
-static void bdrv_set_perm(BlockDriverState *bs)
+static void bdrv_abort_perm_update(BlockDriverState *bs)
+{
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
+
+ for ( ; list; list = list->next) {
+ bdrv_node_abort_perm_update((BlockDriverState *)list->data);
+ }
+}
+
+static void bdrv_node_set_perm(BlockDriverState *bs)
{
uint64_t cumulative_perms, cumulative_shared_perms;
BlockDriver *drv = bs->drv;
@@ -2216,7 +2270,15 @@ static void bdrv_set_perm(BlockDriverState *bs)
/* Update all children */
QLIST_FOREACH(c, &bs->children, next) {
bdrv_child_set_perm_commit(c);
- bdrv_set_perm(c->bs);
+ }
+}
+
+static void bdrv_set_perm(BlockDriverState *bs)
+{
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
+
+ for ( ; list; list = list->next) {
+ bdrv_node_set_perm((BlockDriverState *)list->data);
}
}
@@ -2329,7 +2391,7 @@ static int bdrv_refresh_perms(BlockDriverState *bs, Error **errp)
int ret;
uint64_t perm, shared_perm;
- if (!bdrv_check_parents_compliance(bs, errp)) {
+ if (!bdrv_check_parents_compliance(bs, NULL, errp)) {
return -EPERM;
}
bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
diff --git a/tests/test-bdrv-graph-mod.c b/tests/test-bdrv-graph-mod.c
index 27e3361a60..594a1df58b 100644
--- a/tests/test-bdrv-graph-mod.c
+++ b/tests/test-bdrv-graph-mod.c
@@ -314,12 +314,12 @@ int main(int argc, char *argv[])
g_test_add_func("/bdrv-graph-mod/update-perm-tree", test_update_perm_tree);
g_test_add_func("/bdrv-graph-mod/should-update-child",
test_should_update_child);
+ g_test_add_func("/bdrv-graph-mod/parallel-perm-update",
+ test_parallel_perm_update);
if (debug) {
g_test_add_func("/bdrv-graph-mod/parallel-exclusive-write",
test_parallel_exclusive_write);
- g_test_add_func("/bdrv-graph-mod/parallel-perm-update",
- test_parallel_perm_update);
}
return g_test_run();
diff --git a/tests/qemu-iotests/283.out b/tests/qemu-iotests/283.out
index d8cff22cc1..fbb7d0f619 100644
--- a/tests/qemu-iotests/283.out
+++ b/tests/qemu-iotests/283.out
@@ -5,4 +5,4 @@
{"execute": "blockdev-add", "arguments": {"driver": "blkdebug", "image": "base", "node-name": "other", "take-child-perms": ["write"]}}
{"return": {}}
{"execute": "blockdev-backup", "arguments": {"device": "source", "sync": "full", "target": "target"}}
-{"error": {"class": "GenericError", "desc": "Cannot set permissions for backup-top filter: Conflicts with use by other as 'image', which uses 'write' on base"}}
+{"error": {"class": "GenericError", "desc": "Cannot set permissions for backup-top filter: Conflicts with use by source as 'image', which does not allow 'write' on base"}}
--
2.21.3
next prev parent reply other threads:[~2020-11-23 20:30 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-23 20:12 [PATCH RFC 00/21] block: update graph permissions update Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 1/2] block: make bdrv_drop_intermediate() less wrong Vladimir Sementsov-Ogievskiy
2020-11-24 9:39 ` Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 01/21] tests/test-bdrv-graph-mod: add test_parallel_exclusive_write Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 2/2] block: assert that permission commit sets same permissions Vladimir Sementsov-Ogievskiy
2020-11-24 9:40 ` Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 02/21] tests/test-bdrv-graph-mod: add test_parallel_perm_update Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 03/21] util: add transactions.c Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 04/21] block: bdrv_refresh_perms: check parents compliance Vladimir Sementsov-Ogievskiy
2020-11-24 9:42 ` Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 05/21] block: refactor bdrv_child* permission functions Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 06/21] block: rewrite bdrv_child_try_set_perm() using bdrv_refresh_perms() Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 07/21] block: inline bdrv_child_*() permission functions calls Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` Vladimir Sementsov-Ogievskiy [this message]
2020-11-23 20:12 ` [PATCH 09/21] block: add bdrv_drv_set_perm transaction action Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 10/21] block: add bdrv_list_* permission update functions Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 11/21] block: add bdrv_replace_child_safe() transaction action Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 12/21] block: return value from bdrv_replace_node() Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 13/21] block: fix bdrv_replace_node_common Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 14/21] block: add bdrv_attach_child_noperm() transaction action Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 15/21] block: split out bdrv_replace_node_noperm() Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 16/21] block: bdrv_append(): don't consume reference Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 17/21] block: bdrv_append(): return status Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 18/21] block: adapt bdrv_append() for inserting filters Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 19/21] block: add bdrv_remove_backing transaction action Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 20/21] block: introduce bdrv_drop_filter() Vladimir Sementsov-Ogievskiy
2020-11-23 20:12 ` [PATCH 21/21] block/backup-top: drop .active Vladimir Sementsov-Ogievskiy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201123201233.9534-11-vsementsov@virtuozzo.com \
--to=vsementsov@virtuozzo.com \
--cc=armbru@redhat.com \
--cc=den@openvz.org \
--cc=jsnow@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.