stream: Use real permissions in streaming block job

The correct permissions are relatively obvious here (and explained in
code comments). For intermediate streaming, we need to reopen the top
node read-write before creating the job now because the permissions
system catches attempts to get the BLK_PERM_WRITE_UNCHANGED permission
on a read-only node.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Acked-by: Fam Zheng <famz@redhat.com>
This commit is contained in:
Kevin Wolf 2017-02-09 13:34:18 +01:00
parent 4ef85a9c23
commit a170a91fd3

View File

@ -84,6 +84,8 @@ static void stream_complete(BlockJob *job, void *opaque)
/* Reopen the image back in read-only mode if necessary */ /* Reopen the image back in read-only mode if necessary */
if (s->bs_flags != bdrv_get_flags(bs)) { if (s->bs_flags != bdrv_get_flags(bs)) {
/* Give up write permissions before making it read-only */
blk_set_perm(job->blk, 0, BLK_PERM_ALL, &error_abort);
bdrv_reopen(bs, s->bs_flags, NULL); bdrv_reopen(bs, s->bs_flags, NULL);
} }
@ -229,28 +231,35 @@ void stream_start(const char *job_id, BlockDriverState *bs,
BlockDriverState *iter; BlockDriverState *iter;
int orig_bs_flags; int orig_bs_flags;
/* FIXME Use real permissions */
s = block_job_create(job_id, &stream_job_driver, bs, 0, BLK_PERM_ALL,
speed, BLOCK_JOB_DEFAULT, NULL, NULL, errp);
if (!s) {
return;
}
/* Make sure that the image is opened in read-write mode */ /* Make sure that the image is opened in read-write mode */
orig_bs_flags = bdrv_get_flags(bs); orig_bs_flags = bdrv_get_flags(bs);
if (!(orig_bs_flags & BDRV_O_RDWR)) { if (!(orig_bs_flags & BDRV_O_RDWR)) {
if (bdrv_reopen(bs, orig_bs_flags | BDRV_O_RDWR, errp) != 0) { if (bdrv_reopen(bs, orig_bs_flags | BDRV_O_RDWR, errp) != 0) {
block_job_unref(&s->common);
return; return;
} }
} }
/* Block all intermediate nodes between bs and base, because they /* Prevent concurrent jobs trying to modify the graph structure here, we
* will disappear from the chain after this operation */ * already have our own plans. Also don't allow resize as the image size is
* queried only at the job start and then cached. */
s = block_job_create(job_id, &stream_job_driver, bs,
BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED |
BLK_PERM_GRAPH_MOD,
BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED |
BLK_PERM_WRITE,
speed, BLOCK_JOB_DEFAULT, NULL, NULL, errp);
if (!s) {
goto fail;
}
/* Block all intermediate nodes between bs and base, because they will
* disappear from the chain after this operation. The streaming job reads
* every block only once, assuming that it doesn't change, so block writes
* and resizes. */
for (iter = backing_bs(bs); iter && iter != base; iter = backing_bs(iter)) { for (iter = backing_bs(bs); iter && iter != base; iter = backing_bs(iter)) {
/* FIXME Use real permissions */
block_job_add_bdrv(&s->common, "intermediate node", iter, 0, block_job_add_bdrv(&s->common, "intermediate node", iter, 0,
BLK_PERM_ALL, &error_abort); BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED,
&error_abort);
} }
s->base = base; s->base = base;
@ -260,4 +269,10 @@ void stream_start(const char *job_id, BlockDriverState *bs,
s->on_error = on_error; s->on_error = on_error;
trace_stream_start(bs, base, s); trace_stream_start(bs, base, s);
block_job_start(&s->common); block_job_start(&s->common);
return;
fail:
if (orig_bs_flags != bdrv_get_flags(bs)) {
bdrv_reopen(bs, s->bs_flags, NULL);
}
} }