[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 18/56] raw-format: drop WRITE and RESIZE child perms when possible
From: |
Hanna Reitz |
Subject: |
[PULL 18/56] raw-format: drop WRITE and RESIZE child perms when possible |
Date: |
Wed, 1 Sep 2021 17:15:41 +0200 |
From: Stefan Hajnoczi <stefanha@redhat.com>
The following command-line fails due to a permissions conflict:
$ qemu-storage-daemon \
--blockdev driver=nvme,node-name=nvme0,device=0000:08:00.0,namespace=1 \
--blockdev driver=raw,node-name=l1-1,file=nvme0,offset=0,size=1073741824 \
--blockdev
driver=raw,node-name=l1-2,file=nvme0,offset=1073741824,size=1073741824 \
--nbd-server addr.type=unix,addr.path=/tmp/nbd.sock,max-connections=2 \
--export type=nbd,id=nbd-l1-1,node-name=l1-1,name=l1-1,writable=on \
--export type=nbd,id=nbd-l1-2,node-name=l1-2,name=l1-2,writable=on
qemu-storage-daemon: --export
type=nbd,id=nbd-l1-1,node-name=l1-1,name=l1-1,writable=on: Permission conflict
on node 'nvme0': permissions 'resize' are both required by node 'l1-1' (uses
node 'nvme0' as 'file' child) and unshared by node 'l1-2' (uses node 'nvme0' as
'file' child).
The problem is that block/raw-format.c relies on bdrv_default_perms() to
set permissions on the nvme node. The default permissions add RESIZE in
anticipation of a format driver like qcow2 that needs to grow the image
file. This fails because RESIZE is unshared, so we cannot get the RESIZE
permission.
Max Reitz pointed out that block/crypto.c already handles this case by
implementing a custom ->bdrv_child_perm() function that adjusts the
result of bdrv_default_perms().
This patch takes the same approach in block/raw-format.c so that RESIZE
is only required if it's actually necessary (e.g. the parent is qcow2).
Cc: Max Reitz <mreitz@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20210726122839.822900-1-stefanha@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
---
block/raw-format.c | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/block/raw-format.c b/block/raw-format.c
index 7717578ed6..c26f493688 100644
--- a/block/raw-format.c
+++ b/block/raw-format.c
@@ -580,6 +580,25 @@ static void raw_cancel_in_flight(BlockDriverState *bs)
bdrv_cancel_in_flight(bs->file->bs);
}
+static void raw_child_perm(BlockDriverState *bs, BdrvChild *c,
+ BdrvChildRole role,
+ BlockReopenQueue *reopen_queue,
+ uint64_t parent_perm, uint64_t parent_shared,
+ uint64_t *nperm, uint64_t *nshared)
+{
+ bdrv_default_perms(bs, c, role, reopen_queue, parent_perm,
+ parent_shared, nperm, nshared);
+
+ /*
+ * bdrv_default_perms() may add WRITE and/or RESIZE (see comment in
+ * bdrv_default_perms_for_storage() for an explanation) but we only need
+ * them if they are in parent_perm. Drop WRITE and RESIZE whenever possible
+ * to avoid permission conflicts.
+ */
+ *nperm &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
+ *nperm |= parent_perm & (BLK_PERM_WRITE | BLK_PERM_RESIZE);
+}
+
BlockDriver bdrv_raw = {
.format_name = "raw",
.instance_size = sizeof(BDRVRawState),
@@ -588,7 +607,7 @@ BlockDriver bdrv_raw = {
.bdrv_reopen_commit = &raw_reopen_commit,
.bdrv_reopen_abort = &raw_reopen_abort,
.bdrv_open = &raw_open,
- .bdrv_child_perm = bdrv_default_perms,
+ .bdrv_child_perm = raw_child_perm,
.bdrv_co_create_opts = &raw_co_create_opts,
.bdrv_co_preadv = &raw_co_preadv,
.bdrv_co_pwritev = &raw_co_pwritev,
--
2.31.1
- [PULL 08/56] qemu-iotests: add gdbserver option to script tests too, (continued)
- [PULL 08/56] qemu-iotests: add gdbserver option to script tests too, Hanna Reitz, 2021/09/01
- [PULL 07/56] qemu_iotests: insert gdbserver command line as wrapper for qemu binary, Hanna Reitz, 2021/09/01
- [PULL 10/56] qemu-iotests: extend the check script to prepare supporting valgrind for python tests, Hanna Reitz, 2021/09/01
- [PULL 11/56] qemu-iotests: extend QMP socket timeout when using valgrind, Hanna Reitz, 2021/09/01
- [PULL 09/56] docs/devel/testing: add -gdb option to the debugging section of QEMU iotests, Hanna Reitz, 2021/09/01
- [PULL 12/56] qemu-iotests: allow valgrind to read/delete the generated log file, Hanna Reitz, 2021/09/01
- [PULL 13/56] qemu-iotests: insert valgrind command line as wrapper for qemu binary, Hanna Reitz, 2021/09/01
- [PULL 14/56] docs/devel/testing: add -valgrind option to the debug section of QEMU iotests, Hanna Reitz, 2021/09/01
- [PULL 16/56] docs/devel/testing: add -p option to the debug section of QEMU iotests, Hanna Reitz, 2021/09/01
- [PULL 17/56] block/monitor: Consolidate hmp_handle_error calls to reduce redundant code, Hanna Reitz, 2021/09/01
- [PULL 18/56] raw-format: drop WRITE and RESIZE child perms when possible,
Hanna Reitz <=
- [PULL 15/56] qemu-iotests: add option to show qemu binary logs on stdout, Hanna Reitz, 2021/09/01
- [PULL 19/56] iotests: use with-statement for open() calls, Hanna Reitz, 2021/09/01
- [PULL 21/56] block: introduce bdrv_replace_child_bs(), Hanna Reitz, 2021/09/01
- [PULL 20/56] iotests: use subprocess.DEVNULL instead of open("/dev/null"), Hanna Reitz, 2021/09/01
- [PULL 23/56] qdev-properties: PropertyInfo: add realized_set_allowed field, Hanna Reitz, 2021/09/01
- [PULL 22/56] block: introduce blk_replace_bs, Hanna Reitz, 2021/09/01
- [PULL 24/56] qdev: allow setting drive property for realized device, Hanna Reitz, 2021/09/01
- [PULL 25/56] block: rename backup-top to copy-before-write, Hanna Reitz, 2021/09/01
- [PULL 26/56] block-copy: move detecting fleecing scheme to block-copy, Hanna Reitz, 2021/09/01
- [PULL 28/56] block/backup: set copy_range and compress after filter insertion, Hanna Reitz, 2021/09/01