[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 09/39] block: bdrv_refresh_perms: check for parents permissions co
From: |
Kevin Wolf |
Subject: |
[PULL 09/39] block: bdrv_refresh_perms: check for parents permissions conflict |
Date: |
Fri, 30 Apr 2021 12:51:17 +0200 |
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Add additional check that node parents do not interfere with each
other. This should not hurt existing callers and allows in further
patch use bdrv_refresh_perms() to update a subtree of changed
BdrvChild (check that change is correct).
New check will substitute bdrv_check_update_perm() in following
permissions refactoring, so keep error messages the same to avoid
unit test result changes.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-10-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++---------
1 file changed, 54 insertions(+), 9 deletions(-)
diff --git a/block.c b/block.c
index 34c728d7e4..fd621f0403 100644
--- a/block.c
+++ b/block.c
@@ -2026,6 +2026,57 @@ bool bdrv_is_writable(BlockDriverState *bs)
return bdrv_is_writable_after_reopen(bs, NULL);
}
+static char *bdrv_child_user_desc(BdrvChild *c)
+{
+ if (c->klass->get_parent_desc) {
+ return c->klass->get_parent_desc(c);
+ }
+
+ return g_strdup("another user");
+}
+
+static bool bdrv_a_allow_b(BdrvChild *a, BdrvChild *b, Error **errp)
+{
+ g_autofree char *user = NULL;
+ g_autofree char *perm_names = NULL;
+
+ if ((b->perm & a->shared_perm) == b->perm) {
+ return true;
+ }
+
+ perm_names = bdrv_perm_names(b->perm & ~a->shared_perm);
+ user = bdrv_child_user_desc(a);
+ error_setg(errp, "Conflicts with use by %s as '%s', which does not "
+ "allow '%s' on %s",
+ user, a->name, perm_names, bdrv_get_node_name(b->bs));
+
+ return false;
+}
+
+static bool bdrv_parent_perms_conflict(BlockDriverState *bs, Error **errp)
+{
+ BdrvChild *a, *b;
+
+ /*
+ * During the loop we'll look at each pair twice. That's correct because
+ * bdrv_a_allow_b() is asymmetric and we should check each pair in both
+ * directions.
+ */
+ QLIST_FOREACH(a, &bs->parents, next_parent) {
+ QLIST_FOREACH(b, &bs->parents, next_parent) {
+ if (a == b) {
+ continue;
+ }
+
+ if (!bdrv_a_allow_b(a, b, errp)) {
+ return true;
+ }
+ }
+ }
+
+ return false;
+}
+
static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs,
BdrvChild *c, BdrvChildRole role,
BlockReopenQueue *reopen_queue,
@@ -2203,15 +2254,6 @@ void bdrv_get_cumulative_perm(BlockDriverState *bs,
uint64_t *perm,
*shared_perm = cumulative_shared_perms;
}
-static char *bdrv_child_user_desc(BdrvChild *c)
-{
- if (c->klass->get_parent_desc) {
- return c->klass->get_parent_desc(c);
- }
-
- return g_strdup("another user");
-}
-
char *bdrv_perm_names(uint64_t perm)
{
struct perm_name {
@@ -2355,6 +2397,9 @@ static int bdrv_refresh_perms(BlockDriverState *bs, Error
**errp)
int ret;
uint64_t perm, shared_perm;
+ if (bdrv_parent_perms_conflict(bs, errp)) {
+ return -EPERM;
+ }
bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, errp);
if (ret < 0) {
--
2.30.2
- [PULL 00/39] Block layer patches, Kevin Wolf, 2021/04/30
- [PULL 01/39] tests/test-bdrv-graph-mod: add test_parallel_exclusive_write, Kevin Wolf, 2021/04/30
- [PULL 02/39] tests/test-bdrv-graph-mod: add test_parallel_perm_update, Kevin Wolf, 2021/04/30
- [PULL 04/39] block: bdrv_append(): don't consume reference, Kevin Wolf, 2021/04/30
- [PULL 03/39] tests/test-bdrv-graph-mod: add test_append_greedy_filter, Kevin Wolf, 2021/04/30
- [PULL 06/39] block: drop ctx argument from bdrv_root_attach_child, Kevin Wolf, 2021/04/30
- [PULL 05/39] block: BdrvChildClass: add .get_parent_aio_context handler, Kevin Wolf, 2021/04/30
- [PULL 07/39] block: make bdrv_reopen_{prepare,commit,abort} private, Kevin Wolf, 2021/04/30
- [PULL 08/39] util: add transactions.c, Kevin Wolf, 2021/04/30
- [PULL 09/39] block: bdrv_refresh_perms: check for parents permissions conflict,
Kevin Wolf <=
- [PULL 11/39] block: rewrite bdrv_child_try_set_perm() using bdrv_refresh_perms(), Kevin Wolf, 2021/04/30
- [PULL 10/39] block: refactor bdrv_child* permission functions, Kevin Wolf, 2021/04/30
- [PULL 12/39] block: inline bdrv_child_*() permission functions calls, Kevin Wolf, 2021/04/30
- [PULL 13/39] block: use topological sort for permission update, Kevin Wolf, 2021/04/30
- [PULL 14/39] block: add bdrv_drv_set_perm transaction action, Kevin Wolf, 2021/04/30
- [PULL 15/39] block: add bdrv_list_* permission update functions, Kevin Wolf, 2021/04/30
- [PULL 17/39] block: fix bdrv_replace_node_common, Kevin Wolf, 2021/04/30
- [PULL 19/39] block: add bdrv_attach_child_noperm() transaction action, Kevin Wolf, 2021/04/30
- [PULL 18/39] block: add bdrv_attach_child_common() transaction action, Kevin Wolf, 2021/04/30