From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, famz@redhat.com, mreitz@redhat.com,
qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH 3/6] block: Drop permissions when migration completes
Date: Thu, 4 May 2017 18:52:38 +0200 [thread overview]
Message-ID: <1493916761-32319-4-git-send-email-kwolf@redhat.com> (raw)
In-Reply-To: <1493916761-32319-1-git-send-email-kwolf@redhat.com>
With image locking, permissions affect other qemu processes as well. We
want to be sure that the destination can run, so let's drop permissions
on the source when migration completes.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 12 +++++++++++-
block/block-backend.c | 25 +++++++++++++++++++++++++
include/block/block_int.h | 7 ++++---
3 files changed, 40 insertions(+), 4 deletions(-)
diff --git a/block.c b/block.c
index 3e7f124..c3e7ebd 100644
--- a/block.c
+++ b/block.c
@@ -4028,7 +4028,7 @@ void bdrv_invalidate_cache_all(Error **errp)
static int bdrv_inactivate_recurse(BlockDriverState *bs,
bool setting_flag)
{
- BdrvChild *child;
+ BdrvChild *child, *parent;
int ret;
if (!setting_flag && bs->drv->bdrv_inactivate) {
@@ -4047,6 +4047,16 @@ static int bdrv_inactivate_recurse(BlockDriverState *bs,
if (setting_flag) {
bs->open_flags |= BDRV_O_INACTIVE;
+
+ QLIST_FOREACH(parent, &bs->parents, next_parent) {
+ if (parent->role->inactivate) {
+ ret = parent->role->inactivate(parent);
+ if (ret < 0) {
+ bs->open_flags &= ~BDRV_O_INACTIVE;
+ return ret;
+ }
+ }
+ }
}
return 0;
}
diff --git a/block/block-backend.c b/block/block-backend.c
index a7ce72b..f3a6008 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -156,6 +156,30 @@ static void blk_root_activate(BdrvChild *child, Error **errp)
}
}
+static int blk_root_inactivate(BdrvChild *child)
+{
+ BlockBackend *blk = child->opaque;
+
+ if (blk->disable_perm) {
+ return 0;
+ }
+
+ /* Only inactivate BlockBackends for guest devices (which are inactive at
+ * this point because the VM is stopped) and unattached monitor-owned
+ * BlockBackends. If there is still any other user like a block job, then
+ * we simply can't inactivate the image. */
+ if (!blk->dev && !blk->name[0]) {
+ return -EPERM;
+ }
+
+ blk->disable_perm = true;
+ if (blk->root) {
+ bdrv_child_try_set_perm(blk->root, 0, BLK_PERM_ALL, &error_abort);
+ }
+
+ return 0;
+}
+
static const BdrvChildRole child_root = {
.inherit_options = blk_root_inherit_options,
@@ -168,6 +192,7 @@ static const BdrvChildRole child_root = {
.drained_end = blk_root_drained_end,
.activate = blk_root_activate,
+ .inactivate = blk_root_inactivate,
};
/*
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 5637925..5750a44 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -473,10 +473,11 @@ struct BdrvChildRole {
void (*drained_begin)(BdrvChild *child);
void (*drained_end)(BdrvChild *child);
- /* Notifies the parent that the child has been activated (e.g. when
- * migration is completing) and it can start requesting permissions and
- * doing I/O on it. */
+ /* Notifies the parent that the child has been activated/inactivated (e.g.
+ * when migration is completing) and it can start/stop requesting
+ * permissions and doing I/O on it. */
void (*activate)(BdrvChild *child, Error **errp);
+ int (*inactivate)(BdrvChild *child);
void (*attach)(BdrvChild *child);
void (*detach)(BdrvChild *child);
--
1.8.3.1
next prev parent reply other threads:[~2017-05-04 16:53 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-04 16:52 [Qemu-devel] [PATCH 0/6] block: Fix op blockers for inactive images Kevin Wolf
2017-05-04 16:52 ` [Qemu-devel] [PATCH 1/6] migration: Unify block node activation error handling Kevin Wolf
2017-05-04 17:12 ` Eric Blake
2017-05-04 16:52 ` [Qemu-devel] [PATCH 2/6] block: New BdrvChildRole.activate() for blk_resume_after_migration() Kevin Wolf
2017-05-04 17:19 ` Eric Blake
2017-05-04 16:52 ` Kevin Wolf [this message]
2017-05-04 17:21 ` [Qemu-devel] [PATCH 3/6] block: Drop permissions when migration completes Eric Blake
2017-05-04 16:52 ` [Qemu-devel] [PATCH 4/6] block: Inactivate parents before children Kevin Wolf
2017-05-04 17:23 ` Eric Blake
2017-05-04 16:52 ` [Qemu-devel] [PATCH 5/6] block: Fix write/resize permissions for inactive images Kevin Wolf
2017-05-04 17:42 ` Eric Blake
2017-08-18 10:06 ` Xie Changlong
2017-08-18 12:04 ` Fam Zheng
2017-05-04 16:52 ` [Qemu-devel] [PATCH 6/6] file-posix: Remove .bdrv_inactivate/invalidate_cache Kevin Wolf
2017-05-04 17:46 ` Eric Blake
2017-05-09 14:54 ` [Qemu-devel] [PATCH 0/6] block: Fix op blockers for inactive images Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1493916761-32319-4-git-send-email-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=famz@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).