From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, peter.maydell@linaro.org, qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 17/24] block: Fix permissions after bdrv_reopen()
Date: Tue, 26 Sep 2017 16:21:26 +0200 [thread overview]
Message-ID: <20170926142133.2498-18-kwolf@redhat.com> (raw)
In-Reply-To: <20170926142133.2498-1-kwolf@redhat.com>
If we switch between read-only and read-write, the permissions that
image format drivers need on bs->file change, too. Make sure to update
the permissions during bdrv_reopen().
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
---
include/block/block.h | 1 +
block.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 65 insertions(+)
diff --git a/include/block/block.h b/include/block/block.h
index 082eb2cd9c..3c3af462e4 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -166,6 +166,7 @@ typedef QSIMPLEQ_HEAD(BlockReopenQueue, BlockReopenQueueEntry) BlockReopenQueue;
typedef struct BDRVReopenState {
BlockDriverState *bs;
int flags;
+ uint64_t perm, shared_perm;
QDict *options;
QDict *explicit_options;
void *opaque;
diff --git a/block.c b/block.c
index 204cbb46c7..5c65fac672 100644
--- a/block.c
+++ b/block.c
@@ -2781,6 +2781,10 @@ static BlockReopenQueue *bdrv_reopen_queue_child(BlockReopenQueue *bs_queue,
bs_entry->state.explicit_options = explicit_options;
bs_entry->state.flags = flags;
+ /* This needs to be overwritten in bdrv_reopen_prepare() */
+ bs_entry->state.perm = UINT64_MAX;
+ bs_entry->state.shared_perm = 0;
+
QLIST_FOREACH(child, &bs->children, next) {
QDict *new_child_options;
char *child_key_dot;
@@ -2887,6 +2891,52 @@ int bdrv_reopen(BlockDriverState *bs, int bdrv_flags, Error **errp)
return ret;
}
+static BlockReopenQueueEntry *find_parent_in_reopen_queue(BlockReopenQueue *q,
+ BdrvChild *c)
+{
+ BlockReopenQueueEntry *entry;
+
+ QSIMPLEQ_FOREACH(entry, q, entry) {
+ BlockDriverState *bs = entry->state.bs;
+ BdrvChild *child;
+
+ QLIST_FOREACH(child, &bs->children, next) {
+ if (child == c) {
+ return entry;
+ }
+ }
+ }
+
+ return NULL;
+}
+
+static void bdrv_reopen_perm(BlockReopenQueue *q, BlockDriverState *bs,
+ uint64_t *perm, uint64_t *shared)
+{
+ BdrvChild *c;
+ BlockReopenQueueEntry *parent;
+ uint64_t cumulative_perms = 0;
+ uint64_t cumulative_shared_perms = BLK_PERM_ALL;
+
+ QLIST_FOREACH(c, &bs->parents, next_parent) {
+ parent = find_parent_in_reopen_queue(q, c);
+ if (!parent) {
+ cumulative_perms |= c->perm;
+ cumulative_shared_perms &= c->shared_perm;
+ } else {
+ uint64_t nperm, nshared;
+
+ bdrv_child_perm(parent->state.bs, bs, c, c->role, q,
+ parent->state.perm, parent->state.shared_perm,
+ &nperm, &nshared);
+
+ cumulative_perms |= nperm;
+ cumulative_shared_perms &= nshared;
+ }
+ }
+ *perm = cumulative_perms;
+ *shared = cumulative_shared_perms;
+}
/*
* Prepares a BlockDriverState for reopen. All changes are staged in the
@@ -2952,6 +3002,9 @@ int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue,
goto error;
}
+ /* Calculate required permissions after reopening */
+ bdrv_reopen_perm(queue, reopen_state->bs,
+ &reopen_state->perm, &reopen_state->shared_perm);
ret = bdrv_flush(reopen_state->bs);
if (ret) {
@@ -3007,6 +3060,12 @@ int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue,
} while ((entry = qdict_next(reopen_state->options, entry)));
}
+ ret = bdrv_check_perm(reopen_state->bs, queue, reopen_state->perm,
+ reopen_state->shared_perm, NULL, errp);
+ if (ret < 0) {
+ goto error;
+ }
+
ret = 0;
error:
@@ -3047,6 +3106,9 @@ void bdrv_reopen_commit(BDRVReopenState *reopen_state)
bdrv_refresh_limits(bs, NULL);
+ bdrv_set_perm(reopen_state->bs, reopen_state->perm,
+ reopen_state->shared_perm);
+
new_can_write =
!bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE);
if (!old_can_write && new_can_write && drv->bdrv_reopen_bitmaps_rw) {
@@ -3080,6 +3142,8 @@ void bdrv_reopen_abort(BDRVReopenState *reopen_state)
}
QDECREF(reopen_state->explicit_options);
+
+ bdrv_abort_perm_update(reopen_state->bs);
}
--
2.13.5
next prev parent reply other threads:[~2017-09-26 14:22 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-26 14:21 [Qemu-devel] [PULL 00/24] Block layer patches Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 01/24] qemu-iotests: Add missing -machine accel=qtest Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 02/24] qemu-img: Clarify about relative backing file options Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 03/24] file-posix: Clear out first sector in hdev_create Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 04/24] docs: add qemu-block-drivers(7) man page Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 05/24] iotests: use -ccw on s390x for 040, 139, and 182 Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 06/24] iotests: use -ccw on s390x for 051 Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 07/24] iotests: use virtio aliases for 067 Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 08/24] iotests: Print full path of bad output if mismatch Kevin Wolf
2017-09-26 14:56 ` Eric Blake
2017-09-26 15:25 ` Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 09/24] throttle: Assert that bkt->max is valid in throttle_compute_wait() Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 10/24] block/throttle-groups.c: allocate RestartData on the heap Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 11/24] block: Clean up some bad code in the vvfat driver Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 12/24] qemu-io: Drop write permissions before read-only reopen Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 13/24] block: Add reopen_queue to bdrv_child_perm() Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 14/24] block: Add reopen queue to bdrv_check_perm() Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 15/24] block: Base permissions on rw state after reopen Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 16/24] block: reopen: Queue children after their parents Kevin Wolf
2017-09-26 14:21 ` Kevin Wolf [this message]
2017-09-26 14:21 ` [Qemu-devel] [PULL 18/24] qemu-iotests: Test change-backing-file command Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 19/24] iotests: fix 181: enable postcopy-ram capability on target Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 20/24] qemu-img: add --shrink flag for resize Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 21/24] qcow2: add qcow2_cache_discard Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 22/24] qcow2: add shrink image support Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 23/24] qemu-iotests: add shrinking image test Kevin Wolf
2017-09-26 14:21 ` [Qemu-devel] [PULL 24/24] block/qcow2-bitmap: fix use of uninitialized pointer Kevin Wolf
2017-09-27 17:20 ` [Qemu-devel] [PULL 00/24] Block layer patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170926142133.2498-18-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).