All of lore.kernel.org
 help / color / mirror / Atom feed
From: Eric Blake <eblake@redhat.com>
To: Kevin Wolf <kwolf@redhat.com>, qemu-block@nongnu.org
Cc: mreitz@redhat.com, pkrempa@redhat.com, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH v2 2/8] block: Add auto-read-only option
Date: Fri, 12 Oct 2018 11:47:18 -0500	[thread overview]
Message-ID: <12e95cce-ab82-08e3-b0ae-2307fe94a392@redhat.com> (raw)
In-Reply-To: <20181012115532.12645-3-kwolf@redhat.com>

On 10/12/18 6:55 AM, Kevin Wolf wrote:
> If a management application builds the block graph node by node, the
> protocol layer doesn't inherit its read-only option from the format
> layer any more, so it must be set explicitly.
> 

> The documentation for this option is consciously phrased in a way that
> allows QEMU to switch to a better model eventually: Instead of trying
> when the image is first opened, making the read-only flag dynamic and
> changing it automatically whenever the first BLK_PERM_WRITE user is
> attached or the last one is detached would be much more useful
> behaviour.
> 
> Unfortunately, this more useful behaviour is also a lot harder to
> implement, and libvirt needs a solution now before it can switch to
> -blockdev, so let's start with this easier approach for now.

I agree both with the approach of getting the simpler implementation in 
now (always writable, even when we don't need to write) as well as 
wording the documentation to permit a future stricter approach (only 
writable at the points where we need to write).

> 
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
>   qapi/block-core.json  |  6 ++++++
>   include/block/block.h |  2 ++
>   block.c               | 21 ++++++++++++++++++++-
>   block/vvfat.c         |  1 +
>   4 files changed, 29 insertions(+), 1 deletion(-)
> 
> diff --git a/qapi/block-core.json b/qapi/block-core.json
> index cfb37f8c1d..3a899298de 100644
> --- a/qapi/block-core.json
> +++ b/qapi/block-core.json
> @@ -3651,6 +3651,11 @@
>   #                 either generally or in certain configurations. In this case,
>   #                 the default value does not work and the option must be
>   #                 specified explicitly.
> +# @auto-read-only: if true, QEMU may ignore the @read-only option and
> +#                  automatically decide whether to open the image read-only or
> +#                  read-write (and switch between the modes later), e.g.
> +#                  depending on whether the image file is writable or whether a
> +#                  writing user is attached to the node (default: false).

Bike-shedding: Do we really want to ignore @read-only? Here's the table 
of 9 combinations ('t'rue, 'f'alse, 'o'mitted), with '*' on the rows 
that must be preserved for back-compat:

RO   Auto   effect
o    o      *open for write, fail if not possible
f    o      *open for write, fail if not possible
t    o      *open for read, no conversion to write
o    f      open for write, fail if not possible
f    f      open for write, fail if not possible
t    f      open for read, no conversion to write
o    t      attempt write but graceful fall back to read
f    t      attempt write but graceful fall back to read
t    t      ignore RO flag, attempt write anyway

That last row is weird, why not make it an explicit error instead of 
ignoring the implied difference in semantics between the two?

Or, another idea: is it worth trying to support a single tri-state 
member (via an alternative between bool and enum, since the existing 
code uses a JSON bool):

"read-only": false (open for write, fail if not possible)
"read-only": true (open read-only, no later switching)
"read-only": "auto" (switch as needed; or for initial implementation 
attempt for write with graceful fallback to read)
omitting read-only: same as "read-only":false for back-compat


> @@ -1328,6 +1338,11 @@ QemuOptsList bdrv_runtime_opts = {
>               .type = QEMU_OPT_BOOL,
>               .help = "Node is opened in read-only mode",
>           },
> +        {
> +            .name = BDRV_OPT_AUTO_READ_ONLY,
> +            .type = QEMU_OPT_BOOL,
> +            .help = "Node can become read-only if opening read-write fails",
> +        },

If we keep your current approach, is it worth mentioning that 
auto-read-only true overrides read-only true?

The code looks okay, but I'd like discussion on the bikeshed points 
before giving R-b.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

  reply	other threads:[~2018-10-12 16:47 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-12 11:55 [Qemu-devel] [PATCH v2 0/8] block: Add auto-read-only option Kevin Wolf
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 1/8] block: Update flags in bdrv_set_read_only() Kevin Wolf
2018-10-12 16:19   ` Eric Blake
2018-10-17  9:02   ` [Qemu-devel] [Qemu-block] " Alberto Garcia
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 2/8] block: Add auto-read-only option Kevin Wolf
2018-10-12 16:47   ` Eric Blake [this message]
2018-10-15  9:37     ` Kevin Wolf
2018-10-16 18:46       ` Eric Blake
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 3/8] block: Require auto-read-only for existing fallbacks Kevin Wolf
2018-10-12 17:02   ` Eric Blake
2018-10-16 14:12     ` Kevin Wolf
2018-10-16 18:51       ` Eric Blake
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 4/8] nbd: Support auto-read-only option Kevin Wolf
2018-10-12 14:09   ` Eric Blake
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 5/8] file-posix: " Kevin Wolf
2018-10-12 17:24   ` Eric Blake
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 6/8] curl: " Kevin Wolf
2018-10-12 17:30   ` Eric Blake
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 7/8] gluster: " Kevin Wolf
2018-10-12 17:31   ` Eric Blake
2018-10-14 11:04     ` [Qemu-devel] [Qemu-block] " Niels de Vos
2018-10-12 11:55 ` [Qemu-devel] [PATCH v2 8/8] iscsi: " Kevin Wolf
2018-10-12 17:32   ` Eric Blake

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=12e95cce-ab82-08e3-b0ae-2307fe94a392@redhat.com \
    --to=eblake@redhat.com \
    --cc=kwolf@redhat.com \
    --cc=mreitz@redhat.com \
    --cc=pkrempa@redhat.com \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.