From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 18/46] block: Request real permissions in blk_new_open()
Date: Tue, 28 Feb 2017 21:36:17 +0100 [thread overview]
Message-ID: <1488314205-16264-19-git-send-email-kwolf@redhat.com> (raw)
In-Reply-To: <1488314205-16264-1-git-send-email-kwolf@redhat.com>
We can figure out the necessary permissions from the flags that the
caller passed.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Acked-by: Fam Zheng <famz@redhat.com>
---
block/block-backend.c | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/block/block-backend.c b/block/block-backend.c
index 299948f..03d5495 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -166,17 +166,33 @@ BlockBackend *blk_new_open(const char *filename, const char *reference,
{
BlockBackend *blk;
BlockDriverState *bs;
+ uint64_t perm;
+
+ /* blk_new_open() is mainly used in .bdrv_create implementations and the
+ * tools where sharing isn't a concern because the BDS stays private, so we
+ * just request permission according to the flags.
+ *
+ * The exceptions are xen_disk and blockdev_init(); in these cases, the
+ * caller of blk_new_open() doesn't make use of the permissions, but they
+ * shouldn't hurt either. We can still share everything here because the
+ * guest devices will add their own blockers if they can't share. */
+ perm = BLK_PERM_CONSISTENT_READ;
+ if (flags & BDRV_O_RDWR) {
+ perm |= BLK_PERM_WRITE;
+ }
+ if (flags & BDRV_O_RESIZE) {
+ perm |= BLK_PERM_RESIZE;
+ }
- blk = blk_new(0, BLK_PERM_ALL);
+ blk = blk_new(perm, BLK_PERM_ALL);
bs = bdrv_open(filename, reference, options, flags, errp);
if (!bs) {
blk_unref(blk);
return NULL;
}
- /* FIXME Use real permissions */
blk->root = bdrv_root_attach_child(bs, "root", &child_root,
- 0, BLK_PERM_ALL, blk, &error_abort);
+ perm, BLK_PERM_ALL, blk, &error_abort);
return blk;
}
--
1.8.3.1
next prev parent reply other threads:[~2017-02-28 20:37 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-28 20:35 [Qemu-devel] [PULL 00/46] Block layer patches Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 01/46] qemu-img: make convert async Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 02/46] option: Tweak invalid size error message and unbreak iotest 049 Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 03/46] block: Add op blocker permission constants Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 04/46] block: Add Error argument to bdrv_attach_child() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 05/46] block: Let callers request permissions when attaching a child node Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 06/46] block: Involve block drivers in permission granting Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 07/46] block: Default .bdrv_child_perm() for filter drivers Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 08/46] block: Request child permissions in " Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 09/46] block: Default .bdrv_child_perm() for format drivers Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 10/46] block: Request child permissions in " Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 11/46] vvfat: Implement .bdrv_child_perm() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 12/46] block: Require .bdrv_child_perm() with child nodes Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 13/46] block: Request real permissions in bdrv_attach_child() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 14/46] block: Add permissions to BlockBackend Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 15/46] block: Add permissions to blk_new() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 16/46] block: Add error parameter to blk_insert_bs() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 17/46] block: Add BDRV_O_RESIZE for blk_new_open() Kevin Wolf
2017-02-28 20:36 ` Kevin Wolf [this message]
2017-02-28 20:36 ` [Qemu-devel] [PULL 19/46] block: Allow error return in BlockDevOps.change_media_cb() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 20/46] hw/block: Request permissions Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 21/46] hw/block: Introduce share-rw qdev property Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 22/46] blockjob: Add permissions to block_job_create() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 23/46] block: Add BdrvChildRole.get_parent_desc() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 24/46] block: Include details on permission errors in message Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 25/46] block: Add BdrvChildRole.stay_at_node Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 26/46] blockjob: Add permissions to block_job_add_bdrv() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 27/46] commit: Use real permissions in commit block job Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 28/46] commit: Use real permissions for HMP 'commit' Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 29/46] backup: Use real permissions in backup block job Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 30/46] block: Fix pending requests check in bdrv_append() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 31/46] block: BdrvChildRole.attach/detach() callbacks Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 32/46] block: Allow backing file links in change_parent_backing_link() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 33/46] blockjob: Factor out block_job_remove_all_bdrv() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 34/46] mirror: Use real permissions in mirror/active commit block job Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 35/46] stream: Use real permissions in streaming " Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 36/46] mirror: Add filter-node-name to blockdev-mirror Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 37/46] commit: Add filter-node-name to block-commit Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 38/46] hmp: Request permissions in qemu-io Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 39/46] migration/block: Use real permissions Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 40/46] nbd/server: Use real permissions for NBD exports Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 41/46] tests: Remove FIXME comments Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 42/46] block: Pass BdrvChild to bdrv_aligned_preadv/pwritev and copy-on-read Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 43/46] block: Assertions for write permissions Kevin Wolf
2017-04-06 20:59 ` Richard W.M. Jones
2017-04-06 21:03 ` Eric Blake
2017-04-06 21:15 ` Richard W.M. Jones
2017-04-06 21:23 ` Eric Blake
2017-04-06 21:29 ` Richard W.M. Jones
2017-04-07 10:25 ` Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 44/46] block: Assertions for resize permission Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 45/46] block: Add Error parameter to bdrv_set_backing_hd() Kevin Wolf
2017-02-28 20:36 ` [Qemu-devel] [PULL 46/46] block: Add Error parameter to bdrv_append() Kevin Wolf
2017-03-02 8:34 ` [Qemu-devel] [PULL 00/46] Block layer patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1488314205-16264-19-git-send-email-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).