From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, mreitz@redhat.com, jcody@redhat.com,
famz@redhat.com, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH v2 09/43] vvfat: Implement .bdrv_child_perm()
Date: Mon, 27 Feb 2017 21:09:10 +0100 [thread overview]
Message-ID: <1488226184-9044-10-git-send-email-kwolf@redhat.com> (raw)
In-Reply-To: <1488226184-9044-1-git-send-email-kwolf@redhat.com>
vvfat is the last remaining driver that can have children, but doesn't
implement .bdrv_child_perm() yet. The default handlers aren't suitable
here, so let's implement a very simple driver-specific one that protects
the internal child from being used by other users as good as our
permissions permit.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
---
block.c | 2 +-
block/vvfat.c | 22 ++++++++++++++++++++++
include/block/block_int.h | 1 +
3 files changed, 24 insertions(+), 1 deletion(-)
diff --git a/block.c b/block.c
index 20dd1c5..7ae8264 100644
--- a/block.c
+++ b/block.c
@@ -823,7 +823,7 @@ static void bdrv_backing_options(int *child_flags, QDict *child_options,
*child_flags = flags;
}
-static const BdrvChildRole child_backing = {
+const BdrvChildRole child_backing = {
.inherit_options = bdrv_backing_options,
.drained_begin = bdrv_child_cb_drained_begin,
.drained_end = bdrv_child_cb_drained_end,
diff --git a/block/vvfat.c b/block/vvfat.c
index 7f230be..72b482c 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -3052,6 +3052,27 @@ err:
return ret;
}
+static void vvfat_child_perm(BlockDriverState *bs, BdrvChild *c,
+ const BdrvChildRole *role,
+ uint64_t perm, uint64_t shared,
+ uint64_t *nperm, uint64_t *nshared)
+{
+ BDRVVVFATState *s = bs->opaque;
+
+ assert(c == s->qcow || role == &child_backing);
+
+ if (c == s->qcow) {
+ /* This is a private node, nobody should try to attach to it */
+ *nperm = BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE;
+ *nshared = BLK_PERM_WRITE_UNCHANGED;
+ } else {
+ /* The backing file is there so 'commit' can use it. vvfat doesn't
+ * access it in any way. */
+ *nperm = 0;
+ *nshared = BLK_PERM_ALL;
+ }
+}
+
static void vvfat_close(BlockDriverState *bs)
{
BDRVVVFATState *s = bs->opaque;
@@ -3077,6 +3098,7 @@ static BlockDriver bdrv_vvfat = {
.bdrv_file_open = vvfat_open,
.bdrv_refresh_limits = vvfat_refresh_limits,
.bdrv_close = vvfat_close,
+ .bdrv_child_perm = vvfat_child_perm,
.bdrv_co_preadv = vvfat_co_preadv,
.bdrv_co_pwritev = vvfat_co_pwritev,
diff --git a/include/block/block_int.h b/include/block/block_int.h
index eb0598e..63d5446 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -466,6 +466,7 @@ struct BdrvChildRole {
extern const BdrvChildRole child_file;
extern const BdrvChildRole child_format;
+extern const BdrvChildRole child_backing;
struct BdrvChild {
BlockDriverState *bs;
--
1.8.3.1
next prev parent reply other threads:[~2017-02-27 20:10 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-27 20:09 [Qemu-devel] [PATCH v2 00/43] New op blocker system, part 1 Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 01/43] block: Add op blocker permission constants Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 02/43] block: Add Error argument to bdrv_attach_child() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 03/43] block: Let callers request permissions when attaching a child node Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 04/43] block: Involve block drivers in permission granting Kevin Wolf
2017-02-28 8:18 ` Fam Zheng
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 05/43] block: Default .bdrv_child_perm() for filter drivers Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 06/43] block: Request child permissions in " Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 07/43] block: Default .bdrv_child_perm() for format drivers Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 08/43] block: Request child permissions in " Kevin Wolf
2017-02-27 20:09 ` Kevin Wolf [this message]
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 10/43] block: Require .bdrv_child_perm() with child nodes Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 11/43] block: Request real permissions in bdrv_attach_child() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 12/43] block: Add permissions to BlockBackend Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 13/43] block: Add permissions to blk_new() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 14/43] block: Add error parameter to blk_insert_bs() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 15/43] block: Add BDRV_O_RESIZE for blk_new_open() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 16/43] block: Request real permissions in blk_new_open() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 17/43] block: Allow error return in BlockDevOps.change_media_cb() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 18/43] hw/block: Request permissions Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 19/43] hw/block: Introduce share-rw qdev property Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 20/43] blockjob: Add permissions to block_job_create() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 21/43] block: Add BdrvChildRole.get_parent_desc() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 22/43] block: Include details on permission errors in message Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 23/43] block: Add BdrvChildRole.stay_at_node Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 24/43] blockjob: Add permissions to block_job_add_bdrv() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 25/43] commit: Use real permissions in commit block job Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 26/43] commit: Use real permissions for HMP 'commit' Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 27/43] backup: Use real permissions in backup block job Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 28/43] block: Fix pending requests check in bdrv_append() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 29/43] block: BdrvChildRole.attach/detach() callbacks Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 30/43] block: Allow backing file links in change_parent_backing_link() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 31/43] mirror: Use real permissions in mirror/active commit block job Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 32/43] stream: Use real permissions in streaming " Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 33/43] mirror: Add filter-node-name to blockdev-mirror Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 34/43] commit: Add filter-node-name to block-commit Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 35/43] hmp: Request permissions in qemu-io Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 36/43] migration/block: Use real permissions Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 37/43] nbd/server: Use real permissions for NBD exports Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 38/43] tests: Remove FIXME comments Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 39/43] block: Pass BdrvChild to bdrv_aligned_preadv/pwritev and copy-on-read Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 40/43] block: Assertions for write permissions Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 41/43] block: Assertions for resize permission Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 42/43] block: Add Error parameter to bdrv_set_backing_hd() Kevin Wolf
2017-02-27 20:09 ` [Qemu-devel] [PATCH v2 43/43] block: Add Error parameter to bdrv_append() Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1488226184-9044-10-git-send-email-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=famz@redhat.com \
--cc=jcody@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).