* [PULL 00/39] Block layer patches
@ 2021-04-30 10:51 Kevin Wolf
2021-04-30 10:51 ` [PULL 01/39] tests/test-bdrv-graph-mod: add test_parallel_exclusive_write Kevin Wolf
` (39 more replies)
0 siblings, 40 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
The following changes since commit ccdf06c1db192152ac70a1dd974c624f566cb7d4:
Open 6.1 development tree (2021-04-30 11:15:40 +0100)
are available in the Git repository at:
git://repo.or.cz/qemu/kevin.git tags/for-upstream
for you to fetch changes up to 68bf7336533faa6aa90fdd4558edddbf5d8ef814:
vhost-user-blk: Fail gracefully on too large queue size (2021-04-30 12:27:48 +0200)
----------------------------------------------------------------
Block layer patches
- Fix permission update order problems with block graph changes
- qemu-img convert: Unshare write permission for source
- vhost-user-blk: Fail gracefully on too large queue size
----------------------------------------------------------------
Kevin Wolf (3):
block: Add BDRV_O_NO_SHARE for blk_new_open()
qemu-img convert: Unshare write permission for source
vhost-user-blk: Fail gracefully on too large queue size
Vladimir Sementsov-Ogievskiy (36):
tests/test-bdrv-graph-mod: add test_parallel_exclusive_write
tests/test-bdrv-graph-mod: add test_parallel_perm_update
tests/test-bdrv-graph-mod: add test_append_greedy_filter
block: bdrv_append(): don't consume reference
block: BdrvChildClass: add .get_parent_aio_context handler
block: drop ctx argument from bdrv_root_attach_child
block: make bdrv_reopen_{prepare,commit,abort} private
util: add transactions.c
block: bdrv_refresh_perms: check for parents permissions conflict
block: refactor bdrv_child* permission functions
block: rewrite bdrv_child_try_set_perm() using bdrv_refresh_perms()
block: inline bdrv_child_*() permission functions calls
block: use topological sort for permission update
block: add bdrv_drv_set_perm transaction action
block: add bdrv_list_* permission update functions
block: add bdrv_replace_child_safe() transaction action
block: fix bdrv_replace_node_common
block: add bdrv_attach_child_common() transaction action
block: add bdrv_attach_child_noperm() transaction action
block: split out bdrv_replace_node_noperm()
block: adapt bdrv_append() for inserting filters
block: add bdrv_remove_filter_or_cow transaction action
block: introduce bdrv_drop_filter()
block/backup-top: drop .active
block: drop ignore_children for permission update functions
block: make bdrv_unset_inherits_from to be a transaction action
block: make bdrv_refresh_limits() to be a transaction action
block: add bdrv_set_backing_noperm() transaction action
block: bdrv_reopen_multiple(): move bdrv_flush to separate pre-prepare
block: bdrv_reopen_multiple: refresh permissions on updated graph
block: drop unused permission update functions
block: inline bdrv_check_perm_common()
block: inline bdrv_replace_child()
block: refactor bdrv_child_set_perm_safe() transaction action
block: rename bdrv_replace_child_safe() to bdrv_replace_child()
block: refactor bdrv_node_check_perm()
include/block/block.h | 14 +-
include/block/block_int.h | 8 +-
include/qemu/transactions.h | 63 ++
block.c | 1329 ++++++++++++++++++++-------------
block/backup-top.c | 48 +-
block/block-backend.c | 30 +-
block/commit.c | 1 +
block/file-posix.c | 91 +--
block/io.c | 31 +-
block/mirror.c | 3 -
blockdev.c | 4 -
blockjob.c | 11 +-
hw/block/vhost-user-blk.c | 5 +
qemu-img.c | 2 +-
tests/unit/test-bdrv-drain.c | 2 +-
tests/unit/test-bdrv-graph-mod.c | 209 +++++-
util/transactions.c | 96 +++
MAINTAINERS | 6 +
tests/qemu-iotests/245 | 2 +-
tests/qemu-iotests/283.out | 2 +-
tests/qemu-iotests/tests/qsd-jobs.out | 2 +-
util/meson.build | 1 +
22 files changed, 1280 insertions(+), 680 deletions(-)
create mode 100644 include/qemu/transactions.h
create mode 100644 util/transactions.c
^ permalink raw reply [flat|nested] 43+ messages in thread
* [PULL 01/39] tests/test-bdrv-graph-mod: add test_parallel_exclusive_write
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 02/39] tests/test-bdrv-graph-mod: add test_parallel_perm_update Kevin Wolf
` (38 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Add the test that shows that concept of ignore_children is incomplete.
Actually, when we want to update something, ignoring permission of some
existing BdrvChild, we should ignore also the propagated effect of this
child to the other children. But that's not done. Better approach
(update permissions on already updated graph) will be implemented
later.
Now the test fails, so it's added with -d argument to not break make
check.
Test fails with
"Conflicts with use by fl1 as 'backing', which does not allow 'write' on base"
because when updating permissions we can ignore original top->fl1
BdrvChild. But we don't ignore exclusive write permission in fl1->base
BdrvChild, which is propagated. Correct thing to do is make graph
change first and then do permission update from the top node.
To run test do
./test-bdrv-graph-mod -d -p /bdrv-graph-mod/parallel-exclusive-write
from <build-directory>/tests.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-2-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
tests/unit/test-bdrv-graph-mod.c | 70 +++++++++++++++++++++++++++++++-
1 file changed, 69 insertions(+), 1 deletion(-)
diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c
index c4f7d16039..80a9a20066 100644
--- a/tests/unit/test-bdrv-graph-mod.c
+++ b/tests/unit/test-bdrv-graph-mod.c
@@ -1,7 +1,7 @@
/*
* Block node graph modifications tests
*
- * Copyright (c) 2019 Virtuozzo International GmbH. All rights reserved.
+ * Copyright (c) 2019-2021 Virtuozzo International GmbH. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -44,6 +44,21 @@ static BlockDriver bdrv_no_perm = {
.bdrv_child_perm = no_perm_default_perms,
};
+static void exclusive_write_perms(BlockDriverState *bs, BdrvChild *c,
+ BdrvChildRole role,
+ BlockReopenQueue *reopen_queue,
+ uint64_t perm, uint64_t shared,
+ uint64_t *nperm, uint64_t *nshared)
+{
+ *nperm = BLK_PERM_WRITE;
+ *nshared = BLK_PERM_ALL & ~BLK_PERM_WRITE;
+}
+
+static BlockDriver bdrv_exclusive_writer = {
+ .format_name = "exclusive-writer",
+ .bdrv_child_perm = exclusive_write_perms,
+};
+
static BlockDriverState *no_perm_node(const char *name)
{
return bdrv_new_open_driver(&bdrv_no_perm, name, BDRV_O_RDWR, &error_abort);
@@ -55,6 +70,12 @@ static BlockDriverState *pass_through_node(const char *name)
BDRV_O_RDWR, &error_abort);
}
+static BlockDriverState *exclusive_writer_node(const char *name)
+{
+ return bdrv_new_open_driver(&bdrv_exclusive_writer, name,
+ BDRV_O_RDWR, &error_abort);
+}
+
/*
* test_update_perm_tree
*
@@ -185,8 +206,50 @@ static void test_should_update_child(void)
blk_unref(root);
}
+/*
+ * test_parallel_exclusive_write
+ *
+ * Check that when we replace node, old permissions of the node being removed
+ * doesn't break the replacement.
+ */
+static void test_parallel_exclusive_write(void)
+{
+ BlockDriverState *top = exclusive_writer_node("top");
+ BlockDriverState *base = no_perm_node("base");
+ BlockDriverState *fl1 = pass_through_node("fl1");
+ BlockDriverState *fl2 = pass_through_node("fl2");
+
+ /*
+ * bdrv_attach_child() eats child bs reference, so we need two @base
+ * references for two filters:
+ */
+ bdrv_ref(base);
+
+ bdrv_attach_child(top, fl1, "backing", &child_of_bds, BDRV_CHILD_DATA,
+ &error_abort);
+ bdrv_attach_child(fl1, base, "backing", &child_of_bds, BDRV_CHILD_FILTERED,
+ &error_abort);
+ bdrv_attach_child(fl2, base, "backing", &child_of_bds, BDRV_CHILD_FILTERED,
+ &error_abort);
+
+ bdrv_replace_node(fl1, fl2, &error_abort);
+
+ bdrv_unref(fl2);
+ bdrv_unref(top);
+}
+
int main(int argc, char *argv[])
{
+ int i;
+ bool debug = false;
+
+ for (i = 1; i < argc; i++) {
+ if (!strcmp(argv[i], "-d")) {
+ debug = true;
+ break;
+ }
+ }
+
bdrv_init();
qemu_init_main_loop(&error_abort);
@@ -196,5 +259,10 @@ int main(int argc, char *argv[])
g_test_add_func("/bdrv-graph-mod/should-update-child",
test_should_update_child);
+ if (debug) {
+ g_test_add_func("/bdrv-graph-mod/parallel-exclusive-write",
+ test_parallel_exclusive_write);
+ }
+
return g_test_run();
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 02/39] tests/test-bdrv-graph-mod: add test_parallel_perm_update
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
2021-04-30 10:51 ` [PULL 01/39] tests/test-bdrv-graph-mod: add test_parallel_exclusive_write Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 03/39] tests/test-bdrv-graph-mod: add test_append_greedy_filter Kevin Wolf
` (37 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Add test to show that simple DFS recursion order is not correct for
permission update. Correct order is topological-sort order, which will
be introduced later.
Consider the block driver which has two filter children: one active
with exclusive write access and one inactive with no specific
permissions.
And, these two children has a common base child, like this:
┌─────┐ ┌──────┐
│ fl2 │ ◀── │ top │
└─────┘ └──────┘
│ │
│ │ w
│ ▼
│ ┌──────┐
│ │ fl1 │
│ └──────┘
│ │
│ │ w
│ ▼
│ ┌──────┐
└───────▶ │ base │
└──────┘
So, exclusive write is propagated.
Assume, we want to make fl2 active instead of fl1.
So, we set some option for top driver and do permission update.
If permission update (remember, it's DFS) goes first through
top->fl1->base branch it will succeed: it firstly drop exclusive write
permissions and than apply them for another BdrvChildren.
But if permission update goes first through top->fl2->base branch it
will fail, as when we try to update fl2->base child, old not yet
updated fl1->base child will be in conflict.
Now test fails, so it runs only with -d flag. To run do
./test-bdrv-graph-mod -d -p /bdrv-graph-mod/parallel-perm-update
from <build-directory>/tests.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-3-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
tests/unit/test-bdrv-graph-mod.c | 116 +++++++++++++++++++++++++++++++
1 file changed, 116 insertions(+)
diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c
index 80a9a20066..a8219b131e 100644
--- a/tests/unit/test-bdrv-graph-mod.c
+++ b/tests/unit/test-bdrv-graph-mod.c
@@ -238,6 +238,120 @@ static void test_parallel_exclusive_write(void)
bdrv_unref(top);
}
+static void write_to_file_perms(BlockDriverState *bs, BdrvChild *c,
+ BdrvChildRole role,
+ BlockReopenQueue *reopen_queue,
+ uint64_t perm, uint64_t shared,
+ uint64_t *nperm, uint64_t *nshared)
+{
+ if (bs->file && c == bs->file) {
+ *nperm = BLK_PERM_WRITE;
+ *nshared = BLK_PERM_ALL & ~BLK_PERM_WRITE;
+ } else {
+ *nperm = 0;
+ *nshared = BLK_PERM_ALL;
+ }
+}
+
+static BlockDriver bdrv_write_to_file = {
+ .format_name = "tricky-perm",
+ .bdrv_child_perm = write_to_file_perms,
+};
+
+
+/*
+ * The following test shows that topological-sort order is required for
+ * permission update, simple DFS is not enough.
+ *
+ * Consider the block driver which has two filter children: one active
+ * with exclusive write access and one inactive with no specific
+ * permissions.
+ *
+ * And, these two children has a common base child, like this:
+ *
+ * ┌─────┐ ┌──────┐
+ * │ fl2 │ ◀── │ top │
+ * └─────┘ └──────┘
+ * │ │
+ * │ │ w
+ * │ ▼
+ * │ ┌──────┐
+ * │ │ fl1 │
+ * │ └──────┘
+ * │ │
+ * │ │ w
+ * │ ▼
+ * │ ┌──────┐
+ * └───────▶ │ base │
+ * └──────┘
+ *
+ * So, exclusive write is propagated.
+ *
+ * Assume, we want to make fl2 active instead of fl1.
+ * So, we set some option for top driver and do permission update.
+ *
+ * With simple DFS, if permission update goes first through
+ * top->fl1->base branch it will succeed: it firstly drop exclusive write
+ * permissions and than apply them for another BdrvChildren.
+ * But if permission update goes first through top->fl2->base branch it
+ * will fail, as when we try to update fl2->base child, old not yet
+ * updated fl1->base child will be in conflict.
+ *
+ * With topological-sort order we always update parents before children, so fl1
+ * and fl2 are both updated when we update base and there is no conflict.
+ */
+static void test_parallel_perm_update(void)
+{
+ BlockDriverState *top = no_perm_node("top");
+ BlockDriverState *tricky =
+ bdrv_new_open_driver(&bdrv_write_to_file, "tricky", BDRV_O_RDWR,
+ &error_abort);
+ BlockDriverState *base = no_perm_node("base");
+ BlockDriverState *fl1 = pass_through_node("fl1");
+ BlockDriverState *fl2 = pass_through_node("fl2");
+ BdrvChild *c_fl1, *c_fl2;
+
+ /*
+ * bdrv_attach_child() eats child bs reference, so we need two @base
+ * references for two filters:
+ */
+ bdrv_ref(base);
+
+ bdrv_attach_child(top, tricky, "file", &child_of_bds, BDRV_CHILD_DATA,
+ &error_abort);
+ c_fl1 = bdrv_attach_child(tricky, fl1, "first", &child_of_bds,
+ BDRV_CHILD_FILTERED, &error_abort);
+ c_fl2 = bdrv_attach_child(tricky, fl2, "second", &child_of_bds,
+ BDRV_CHILD_FILTERED, &error_abort);
+ bdrv_attach_child(fl1, base, "backing", &child_of_bds, BDRV_CHILD_FILTERED,
+ &error_abort);
+ bdrv_attach_child(fl2, base, "backing", &child_of_bds, BDRV_CHILD_FILTERED,
+ &error_abort);
+
+ /* Select fl1 as first child to be active */
+ tricky->file = c_fl1;
+ bdrv_child_refresh_perms(top, top->children.lh_first, &error_abort);
+
+ assert(c_fl1->perm & BLK_PERM_WRITE);
+ assert(!(c_fl2->perm & BLK_PERM_WRITE));
+
+ /* Now, try to switch active child and update permissions */
+ tricky->file = c_fl2;
+ bdrv_child_refresh_perms(top, top->children.lh_first, &error_abort);
+
+ assert(c_fl2->perm & BLK_PERM_WRITE);
+ assert(!(c_fl1->perm & BLK_PERM_WRITE));
+
+ /* Switch once more, to not care about real child order in the list */
+ tricky->file = c_fl1;
+ bdrv_child_refresh_perms(top, top->children.lh_first, &error_abort);
+
+ assert(c_fl1->perm & BLK_PERM_WRITE);
+ assert(!(c_fl2->perm & BLK_PERM_WRITE));
+
+ bdrv_unref(top);
+}
+
int main(int argc, char *argv[])
{
int i;
@@ -262,6 +376,8 @@ int main(int argc, char *argv[])
if (debug) {
g_test_add_func("/bdrv-graph-mod/parallel-exclusive-write",
test_parallel_exclusive_write);
+ g_test_add_func("/bdrv-graph-mod/parallel-perm-update",
+ test_parallel_perm_update);
}
return g_test_run();
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 03/39] tests/test-bdrv-graph-mod: add test_append_greedy_filter
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
2021-04-30 10:51 ` [PULL 01/39] tests/test-bdrv-graph-mod: add test_parallel_exclusive_write Kevin Wolf
2021-04-30 10:51 ` [PULL 02/39] tests/test-bdrv-graph-mod: add test_parallel_perm_update Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 04/39] block: bdrv_append(): don't consume reference Kevin Wolf
` (36 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
bdrv_append() is not quite good for inserting filters: it does extra
permission update in intermediate state, where filter get it filtered
child but is not yet replace it in a backing chain.
Some filters (for example backup-top) may want permissions even when
have no parents. And described intermediate state becomes invalid.
That's (half a) reason, why we need "inactive" state for backup-top
filter.
bdrv_append() will be improved later, now let's add a unit test.
Now test fails, so it runs only with -d flag. To run do
./test-bdrv-graph-mod -d -p /bdrv-graph-mod/append-greedy-filter
from <build-directory>/tests.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-4-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
tests/unit/test-bdrv-graph-mod.c | 33 ++++++++++++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c
index a8219b131e..5b6934e68b 100644
--- a/tests/unit/test-bdrv-graph-mod.c
+++ b/tests/unit/test-bdrv-graph-mod.c
@@ -352,6 +352,37 @@ static void test_parallel_perm_update(void)
bdrv_unref(top);
}
+/*
+ * It's possible that filter required permissions allows to insert it to backing
+ * chain, like:
+ *
+ * 1. [top] -> [filter] -> [base]
+ *
+ * but doesn't allow to add it as a branch:
+ *
+ * 2. [filter] --\
+ * v
+ * [top] -> [base]
+ *
+ * So, inserting such filter should do all graph modifications and only then
+ * update permissions. If we try to go through intermediate state [2] and update
+ * permissions on it we'll fail.
+ *
+ * Let's check that bdrv_append() can append such a filter.
+ */
+static void test_append_greedy_filter(void)
+{
+ BlockDriverState *top = exclusive_writer_node("top");
+ BlockDriverState *base = no_perm_node("base");
+ BlockDriverState *fl = exclusive_writer_node("fl1");
+
+ bdrv_attach_child(top, base, "backing", &child_of_bds, BDRV_CHILD_COW,
+ &error_abort);
+
+ bdrv_append(fl, base, &error_abort);
+ bdrv_unref(top);
+}
+
int main(int argc, char *argv[])
{
int i;
@@ -378,6 +409,8 @@ int main(int argc, char *argv[])
test_parallel_exclusive_write);
g_test_add_func("/bdrv-graph-mod/parallel-perm-update",
test_parallel_perm_update);
+ g_test_add_func("/bdrv-graph-mod/append-greedy-filter",
+ test_append_greedy_filter);
}
return g_test_run();
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 04/39] block: bdrv_append(): don't consume reference
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (2 preceding siblings ...)
2021-04-30 10:51 ` [PULL 03/39] tests/test-bdrv-graph-mod: add test_append_greedy_filter Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 05/39] block: BdrvChildClass: add .get_parent_aio_context handler Kevin Wolf
` (35 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
We have too much comments for this feature. It seems better just don't
do it. Most of real users (tests don't count) have to create additional
reference.
Drop also comment in external_snapshot_prepare:
- bdrv_append doesn't "remove" old bs in common sense, it sounds
strange
- the fact that bdrv_append can fail is obvious from the context
- the fact that we must rollback all changes in transaction abort is
known (it's the direct role of abort)
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-5-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 25 +++----------------------
block/backup-top.c | 1 -
block/commit.c | 1 +
block/mirror.c | 3 ---
blockdev.c | 4 ----
tests/unit/test-bdrv-drain.c | 2 +-
tests/unit/test-bdrv-graph-mod.c | 3 +++
7 files changed, 8 insertions(+), 31 deletions(-)
diff --git a/block.c b/block.c
index c5b887cec1..1e7e8907e4 100644
--- a/block.c
+++ b/block.c
@@ -3213,11 +3213,6 @@ static BlockDriverState *bdrv_append_temp_snapshot(BlockDriverState *bs,
goto out;
}
- /* bdrv_append() consumes a strong reference to bs_snapshot
- * (i.e. it will call bdrv_unref() on it) even on error, so in
- * order to be able to return one, we have to increase
- * bs_snapshot's refcount here */
- bdrv_ref(bs_snapshot);
ret = bdrv_append(bs_snapshot, bs, errp);
if (ret < 0) {
bs_snapshot = NULL;
@@ -4679,36 +4674,22 @@ int bdrv_replace_node(BlockDriverState *from, BlockDriverState *to,
* bs_new must not be attached to a BlockBackend.
*
* This function does not create any image files.
- *
- * bdrv_append() takes ownership of a bs_new reference and unrefs it because
- * that's what the callers commonly need. bs_new will be referenced by the old
- * parents of bs_top after bdrv_append() returns. If the caller needs to keep a
- * reference of its own, it must call bdrv_ref().
*/
int bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top,
Error **errp)
{
int ret = bdrv_set_backing_hd(bs_new, bs_top, errp);
if (ret < 0) {
- goto out;
+ return ret;
}
ret = bdrv_replace_node(bs_top, bs_new, errp);
if (ret < 0) {
bdrv_set_backing_hd(bs_new, NULL, &error_abort);
- goto out;
+ return ret;
}
- ret = 0;
-
-out:
- /*
- * bs_new is now referenced by its new parents, we don't need the
- * additional reference any more.
- */
- bdrv_unref(bs_new);
-
- return ret;
+ return 0;
}
static void bdrv_delete(BlockDriverState *bs)
diff --git a/block/backup-top.c b/block/backup-top.c
index 589e8b651d..62d09f213e 100644
--- a/block/backup-top.c
+++ b/block/backup-top.c
@@ -234,7 +234,6 @@ BlockDriverState *bdrv_backup_top_append(BlockDriverState *source,
bdrv_drained_begin(source);
- bdrv_ref(top);
ret = bdrv_append(top, source, errp);
if (ret < 0) {
error_prepend(errp, "Cannot append backup-top filter: ");
diff --git a/block/commit.c b/block/commit.c
index dd9ba87349..b89bb20b75 100644
--- a/block/commit.c
+++ b/block/commit.c
@@ -312,6 +312,7 @@ void commit_start(const char *job_id, BlockDriverState *bs,
commit_top_bs->total_sectors = top->total_sectors;
ret = bdrv_append(commit_top_bs, top, errp);
+ bdrv_unref(commit_top_bs); /* referenced by new parents or failed */
if (ret < 0) {
commit_top_bs = NULL;
goto fail;
diff --git a/block/mirror.c b/block/mirror.c
index 5a71bd8bbc..840b8e8c15 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -1630,9 +1630,6 @@ static BlockJob *mirror_start_job(
bs_opaque->is_commit = target_is_backing;
- /* bdrv_append takes ownership of the mirror_top_bs reference, need to keep
- * it alive until block_job_create() succeeds even if bs has no parent. */
- bdrv_ref(mirror_top_bs);
bdrv_drained_begin(bs);
ret = bdrv_append(mirror_top_bs, bs, errp);
bdrv_drained_end(bs);
diff --git a/blockdev.c b/blockdev.c
index a57590aae4..834c2304a1 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -1576,10 +1576,6 @@ static void external_snapshot_prepare(BlkActionState *common,
goto out;
}
- /* This removes our old bs and adds the new bs. This is an operation that
- * can fail, so we need to do it in .prepare; undoing it for abort is
- * always possible. */
- bdrv_ref(state->new_bs);
ret = bdrv_append(state->new_bs, state->old_bs, errp);
if (ret < 0) {
goto out;
diff --git a/tests/unit/test-bdrv-drain.c b/tests/unit/test-bdrv-drain.c
index 8a29e33e00..892f7f47d8 100644
--- a/tests/unit/test-bdrv-drain.c
+++ b/tests/unit/test-bdrv-drain.c
@@ -1478,7 +1478,6 @@ static void test_append_to_drained(void)
g_assert_cmpint(base_s->drain_count, ==, 1);
g_assert_cmpint(base->in_flight, ==, 0);
- /* Takes ownership of overlay, so we don't have to unref it later */
bdrv_append(overlay, base, &error_abort);
g_assert_cmpint(base->in_flight, ==, 0);
g_assert_cmpint(overlay->in_flight, ==, 0);
@@ -1495,6 +1494,7 @@ static void test_append_to_drained(void)
g_assert_cmpint(overlay->quiesce_counter, ==, 0);
g_assert_cmpint(overlay_s->drain_count, ==, 0);
+ bdrv_unref(overlay);
bdrv_unref(base);
blk_unref(blk);
}
diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c
index 5b6934e68b..a6064b1863 100644
--- a/tests/unit/test-bdrv-graph-mod.c
+++ b/tests/unit/test-bdrv-graph-mod.c
@@ -138,6 +138,7 @@ static void test_update_perm_tree(void)
ret = bdrv_append(filter, bs, NULL);
g_assert_cmpint(ret, <, 0);
+ bdrv_unref(filter);
blk_unref(root);
}
@@ -202,6 +203,7 @@ static void test_should_update_child(void)
bdrv_append(filter, bs, &error_abort);
g_assert(target->backing->bs == bs);
+ bdrv_unref(filter);
bdrv_unref(bs);
blk_unref(root);
}
@@ -380,6 +382,7 @@ static void test_append_greedy_filter(void)
&error_abort);
bdrv_append(fl, base, &error_abort);
+ bdrv_unref(fl);
bdrv_unref(top);
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 05/39] block: BdrvChildClass: add .get_parent_aio_context handler
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (3 preceding siblings ...)
2021-04-30 10:51 ` [PULL 04/39] block: bdrv_append(): don't consume reference Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 06/39] block: drop ctx argument from bdrv_root_attach_child Kevin Wolf
` (34 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Add new handler to get aio context and implement it in all child
classes. Add corresponding public interface to be used soon.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-6-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block.h | 2 ++
include/block/block_int.h | 2 ++
block.c | 13 +++++++++++++
block/block-backend.c | 9 +++++++++
blockjob.c | 8 ++++++++
5 files changed, 34 insertions(+)
diff --git a/include/block/block.h b/include/block/block.h
index b3f6e509d4..54279baa95 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -702,6 +702,8 @@ bool bdrv_child_can_set_aio_context(BdrvChild *c, AioContext *ctx,
GSList **ignore, Error **errp);
bool bdrv_can_set_aio_context(BlockDriverState *bs, AioContext *ctx,
GSList **ignore, Error **errp);
+AioContext *bdrv_child_get_parent_aio_context(BdrvChild *c);
+
int bdrv_probe_blocksizes(BlockDriverState *bs, BlockSizes *bsz);
int bdrv_probe_geometry(BlockDriverState *bs, HDGeometry *geo);
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 88e4111939..737ec632c4 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -789,6 +789,8 @@ struct BdrvChildClass {
bool (*can_set_aio_ctx)(BdrvChild *child, AioContext *ctx,
GSList **ignore, Error **errp);
void (*set_aio_ctx)(BdrvChild *child, AioContext *ctx, GSList **ignore);
+
+ AioContext *(*get_parent_aio_context)(BdrvChild *child);
};
extern const BdrvChildClass child_of_bds;
diff --git a/block.c b/block.c
index 1e7e8907e4..2833912436 100644
--- a/block.c
+++ b/block.c
@@ -1394,6 +1394,13 @@ static int bdrv_child_cb_update_filename(BdrvChild *c, BlockDriverState *base,
return 0;
}
+static AioContext *bdrv_child_cb_get_parent_aio_context(BdrvChild *c)
+{
+ BlockDriverState *bs = c->opaque;
+
+ return bdrv_get_aio_context(bs);
+}
+
const BdrvChildClass child_of_bds = {
.parent_is_bds = true,
.get_parent_desc = bdrv_child_get_parent_desc,
@@ -1407,8 +1414,14 @@ const BdrvChildClass child_of_bds = {
.can_set_aio_ctx = bdrv_child_cb_can_set_aio_ctx,
.set_aio_ctx = bdrv_child_cb_set_aio_ctx,
.update_filename = bdrv_child_cb_update_filename,
+ .get_parent_aio_context = bdrv_child_cb_get_parent_aio_context,
};
+AioContext *bdrv_child_get_parent_aio_context(BdrvChild *c)
+{
+ return c->klass->get_parent_aio_context(c);
+}
+
static int bdrv_open_flags(BlockDriverState *bs, int flags)
{
int open_flags = flags;
diff --git a/block/block-backend.c b/block/block-backend.c
index 413af51f3b..3f656ef361 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -298,6 +298,13 @@ static void blk_root_detach(BdrvChild *child)
}
}
+static AioContext *blk_root_get_parent_aio_context(BdrvChild *c)
+{
+ BlockBackend *blk = c->opaque;
+
+ return blk_get_aio_context(blk);
+}
+
static const BdrvChildClass child_root = {
.inherit_options = blk_root_inherit_options,
@@ -318,6 +325,8 @@ static const BdrvChildClass child_root = {
.can_set_aio_ctx = blk_root_can_set_aio_ctx,
.set_aio_ctx = blk_root_set_aio_ctx,
+
+ .get_parent_aio_context = blk_root_get_parent_aio_context,
};
/*
diff --git a/blockjob.c b/blockjob.c
index 207e8c7fd9..160bf38b19 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -163,6 +163,13 @@ static void child_job_set_aio_ctx(BdrvChild *c, AioContext *ctx,
job->job.aio_context = ctx;
}
+static AioContext *child_job_get_parent_aio_context(BdrvChild *c)
+{
+ BlockJob *job = c->opaque;
+
+ return job->job.aio_context;
+}
+
static const BdrvChildClass child_job = {
.get_parent_desc = child_job_get_parent_desc,
.drained_begin = child_job_drained_begin,
@@ -171,6 +178,7 @@ static const BdrvChildClass child_job = {
.can_set_aio_ctx = child_job_can_set_aio_ctx,
.set_aio_ctx = child_job_set_aio_ctx,
.stay_at_node = true,
+ .get_parent_aio_context = child_job_get_parent_aio_context,
};
void block_job_remove_all_bdrv(BlockJob *job)
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 06/39] block: drop ctx argument from bdrv_root_attach_child
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (4 preceding siblings ...)
2021-04-30 10:51 ` [PULL 05/39] block: BdrvChildClass: add .get_parent_aio_context handler Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 07/39] block: make bdrv_reopen_{prepare,commit,abort} private Kevin Wolf
` (33 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Passing parent aio context is redundant, as child_class and parent
opaque pointer are enough to retrieve it. Drop the argument and use new
bdrv_child_get_parent_aio_context() interface.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-7-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block_int.h | 1 -
block.c | 8 +++++---
block/block-backend.c | 4 ++--
blockjob.c | 3 +--
4 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/include/block/block_int.h b/include/block/block_int.h
index 737ec632c4..dd2de6bd1d 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -1308,7 +1308,6 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
const char *child_name,
const BdrvChildClass *child_class,
BdrvChildRole child_role,
- AioContext *ctx,
uint64_t perm, uint64_t shared_perm,
void *opaque, Error **errp);
void bdrv_root_unref_child(BdrvChild *child);
diff --git a/block.c b/block.c
index 2833912436..54436c951e 100644
--- a/block.c
+++ b/block.c
@@ -2700,13 +2700,13 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
const char *child_name,
const BdrvChildClass *child_class,
BdrvChildRole child_role,
- AioContext *ctx,
uint64_t perm, uint64_t shared_perm,
void *opaque, Error **errp)
{
BdrvChild *child;
Error *local_err = NULL;
int ret;
+ AioContext *ctx;
ret = bdrv_check_update_perm(child_bs, NULL, perm, shared_perm, NULL, errp);
if (ret < 0) {
@@ -2726,6 +2726,8 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
.opaque = opaque,
};
+ ctx = bdrv_child_get_parent_aio_context(child);
+
/* If the AioContexts don't match, first try to move the subtree of
* child_bs into the AioContext of the new parent. If this doesn't work,
* try moving the parent into the AioContext of child_bs instead. */
@@ -2786,8 +2788,8 @@ BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs,
perm, shared_perm, &perm, &shared_perm);
child = bdrv_root_attach_child(child_bs, child_name, child_class,
- child_role, bdrv_get_aio_context(parent_bs),
- perm, shared_perm, parent_bs, errp);
+ child_role, perm, shared_perm, parent_bs,
+ errp);
if (child == NULL) {
return NULL;
}
diff --git a/block/block-backend.c b/block/block-backend.c
index 3f656ef361..e4892fd6a5 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -435,7 +435,7 @@ BlockBackend *blk_new_open(const char *filename, const char *reference,
blk->root = bdrv_root_attach_child(bs, "root", &child_root,
BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY,
- blk->ctx, perm, BLK_PERM_ALL, blk, errp);
+ perm, BLK_PERM_ALL, blk, errp);
if (!blk->root) {
blk_unref(blk);
return NULL;
@@ -849,7 +849,7 @@ int blk_insert_bs(BlockBackend *blk, BlockDriverState *bs, Error **errp)
bdrv_ref(bs);
blk->root = bdrv_root_attach_child(bs, "root", &child_root,
BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY,
- blk->ctx, blk->perm, blk->shared_perm,
+ blk->perm, blk->shared_perm,
blk, errp);
if (blk->root == NULL) {
return -EPERM;
diff --git a/blockjob.c b/blockjob.c
index 160bf38b19..2fe1d788ba 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -229,8 +229,7 @@ int block_job_add_bdrv(BlockJob *job, const char *name, BlockDriverState *bs,
if (need_context_ops && job->job.aio_context != qemu_get_aio_context()) {
aio_context_release(job->job.aio_context);
}
- c = bdrv_root_attach_child(bs, name, &child_job, 0,
- job->job.aio_context, perm, shared_perm, job,
+ c = bdrv_root_attach_child(bs, name, &child_job, 0, perm, shared_perm, job,
errp);
if (need_context_ops && job->job.aio_context != qemu_get_aio_context()) {
aio_context_acquire(job->job.aio_context);
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 07/39] block: make bdrv_reopen_{prepare,commit,abort} private
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (5 preceding siblings ...)
2021-04-30 10:51 ` [PULL 06/39] block: drop ctx argument from bdrv_root_attach_child Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 08/39] util: add transactions.c Kevin Wolf
` (32 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
These functions are called only from bdrv_reopen_multiple() in block.c.
No reason to publish them.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-8-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block.h | 4 ----
block.c | 13 +++++++++----
2 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/include/block/block.h b/include/block/block.h
index 54279baa95..16e496a5c4 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -387,10 +387,6 @@ BlockReopenQueue *bdrv_reopen_queue(BlockReopenQueue *bs_queue,
int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp);
int bdrv_reopen_set_read_only(BlockDriverState *bs, bool read_only,
Error **errp);
-int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
- BlockReopenQueue *queue, Error **errp);
-void bdrv_reopen_commit(BDRVReopenState *reopen_state);
-void bdrv_reopen_abort(BDRVReopenState *reopen_state);
int bdrv_pwrite_zeroes(BdrvChild *child, int64_t offset,
int64_t bytes, BdrvRequestFlags flags);
int bdrv_make_zero(BdrvChild *child, BdrvRequestFlags flags);
diff --git a/block.c b/block.c
index 54436c951e..34c728d7e4 100644
--- a/block.c
+++ b/block.c
@@ -82,6 +82,11 @@ static BlockDriverState *bdrv_open_inherit(const char *filename,
BdrvChildRole child_role,
Error **errp);
+static int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue
+ *queue, Error **errp);
+static void bdrv_reopen_commit(BDRVReopenState *reopen_state);
+static void bdrv_reopen_abort(BDRVReopenState *reopen_state);
+
/* If non-zero, use only whitelisted block drivers */
static int use_bdrv_whitelist;
@@ -4153,8 +4158,8 @@ static int bdrv_reopen_parse_backing(BDRVReopenState *reopen_state,
* commit() for any other BDS that have been left in a prepare() state
*
*/
-int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue,
- Error **errp)
+static int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
+ BlockReopenQueue *queue, Error **errp)
{
int ret = -1;
int old_flags;
@@ -4369,7 +4374,7 @@ error:
* makes them final by swapping the staging BlockDriverState contents into
* the active BlockDriverState contents.
*/
-void bdrv_reopen_commit(BDRVReopenState *reopen_state)
+static void bdrv_reopen_commit(BDRVReopenState *reopen_state)
{
BlockDriver *drv;
BlockDriverState *bs;
@@ -4429,7 +4434,7 @@ void bdrv_reopen_commit(BDRVReopenState *reopen_state)
* Abort the reopen, and delete and free the staged changes in
* reopen_state
*/
-void bdrv_reopen_abort(BDRVReopenState *reopen_state)
+static void bdrv_reopen_abort(BDRVReopenState *reopen_state)
{
BlockDriver *drv;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 08/39] util: add transactions.c
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (6 preceding siblings ...)
2021-04-30 10:51 ` [PULL 07/39] block: make bdrv_reopen_{prepare,commit,abort} private Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 09/39] block: bdrv_refresh_perms: check for parents permissions conflict Kevin Wolf
` (31 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Add simple transaction API to use in further update of block graph
operations.
Supposed usage is:
- "prepare" is main function of the action and it should make the main
effect of the action to be visible for the following actions, keeping
possibility of roll-back, saving necessary things in action state,
which is prepended to the action list (to do that, prepare func
should call tran_add()). So, driver struct doesn't include "prepare"
field, as it is supposed to be called directly.
- commit/rollback is supposed to be called for the list of action
states, to commit/rollback all the actions in reverse order
- When possible "commit" should not make visible effect for other
actions, which make possible transparent logical interaction between
actions.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-9-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/qemu/transactions.h | 63 ++++++++++++++++++++++++
util/transactions.c | 96 +++++++++++++++++++++++++++++++++++++
MAINTAINERS | 6 +++
util/meson.build | 1 +
4 files changed, 166 insertions(+)
create mode 100644 include/qemu/transactions.h
create mode 100644 util/transactions.c
diff --git a/include/qemu/transactions.h b/include/qemu/transactions.h
new file mode 100644
index 0000000000..92c5965235
--- /dev/null
+++ b/include/qemu/transactions.h
@@ -0,0 +1,63 @@
+/*
+ * Simple transactions API
+ *
+ * Copyright (c) 2021 Virtuozzo International GmbH.
+ *
+ * Author:
+ * Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ *
+ * = Generic transaction API =
+ *
+ * The intended usage is the following: you create "prepare" functions, which
+ * represents the actions. They will usually have Transaction* argument, and
+ * call tran_add() to register finalization callbacks. For finalization
+ * callbacks, prepare corresponding TransactionActionDrv structures.
+ *
+ * Then, when you need to make a transaction, create an empty Transaction by
+ * tran_create(), call your "prepare" functions on it, and finally call
+ * tran_abort() or tran_commit() to finalize the transaction by corresponding
+ * finalization actions in reverse order.
+ */
+
+#ifndef QEMU_TRANSACTIONS_H
+#define QEMU_TRANSACTIONS_H
+
+#include <gmodule.h>
+
+typedef struct TransactionActionDrv {
+ void (*abort)(void *opaque);
+ void (*commit)(void *opaque);
+ void (*clean)(void *opaque);
+} TransactionActionDrv;
+
+typedef struct Transaction Transaction;
+
+Transaction *tran_new(void);
+void tran_add(Transaction *tran, TransactionActionDrv *drv, void *opaque);
+void tran_abort(Transaction *tran);
+void tran_commit(Transaction *tran);
+
+static inline void tran_finalize(Transaction *tran, int ret)
+{
+ if (ret < 0) {
+ tran_abort(tran);
+ } else {
+ tran_commit(tran);
+ }
+}
+
+#endif /* QEMU_TRANSACTIONS_H */
diff --git a/util/transactions.c b/util/transactions.c
new file mode 100644
index 0000000000..d0bc9a3e73
--- /dev/null
+++ b/util/transactions.c
@@ -0,0 +1,96 @@
+/*
+ * Simple transactions API
+ *
+ * Copyright (c) 2021 Virtuozzo International GmbH.
+ *
+ * Author:
+ * Sementsov-Ogievskiy Vladimir <vsementsov@virtuozzo.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+
+#include "qemu/transactions.h"
+#include "qemu/queue.h"
+
+typedef struct TransactionAction {
+ TransactionActionDrv *drv;
+ void *opaque;
+ QSLIST_ENTRY(TransactionAction) entry;
+} TransactionAction;
+
+struct Transaction {
+ QSLIST_HEAD(, TransactionAction) actions;
+};
+
+Transaction *tran_new(void)
+{
+ Transaction *tran = g_new(Transaction, 1);
+
+ QSLIST_INIT(&tran->actions);
+
+ return tran;
+}
+
+void tran_add(Transaction *tran, TransactionActionDrv *drv, void *opaque)
+{
+ TransactionAction *act;
+
+ act = g_new(TransactionAction, 1);
+ *act = (TransactionAction) {
+ .drv = drv,
+ .opaque = opaque
+ };
+
+ QSLIST_INSERT_HEAD(&tran->actions, act, entry);
+}
+
+void tran_abort(Transaction *tran)
+{
+ TransactionAction *act, *next;
+
+ QSLIST_FOREACH_SAFE(act, &tran->actions, entry, next) {
+ if (act->drv->abort) {
+ act->drv->abort(act->opaque);
+ }
+
+ if (act->drv->clean) {
+ act->drv->clean(act->opaque);
+ }
+
+ g_free(act);
+ }
+
+ g_free(tran);
+}
+
+void tran_commit(Transaction *tran)
+{
+ TransactionAction *act, *next;
+
+ QSLIST_FOREACH_SAFE(act, &tran->actions, entry, next) {
+ if (act->drv->commit) {
+ act->drv->commit(act->opaque);
+ }
+
+ if (act->drv->clean) {
+ act->drv->clean(act->opaque);
+ }
+
+ g_free(act);
+ }
+
+ g_free(tran);
+}
diff --git a/MAINTAINERS b/MAINTAINERS
index 36055f14c5..4c05ff8bba 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -2532,6 +2532,12 @@ M: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
S: Maintained
F: scripts/simplebench/
+Transactions helper
+M: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
+S: Maintained
+F: include/qemu/transactions.h
+F: util/transactions.c
+
QAPI
M: Markus Armbruster <armbru@redhat.com>
M: Michael Roth <michael.roth@amd.com>
diff --git a/util/meson.build b/util/meson.build
index 510765cde4..97fad44105 100644
--- a/util/meson.build
+++ b/util/meson.build
@@ -41,6 +41,7 @@ util_ss.add(files('qsp.c'))
util_ss.add(files('range.c'))
util_ss.add(files('stats64.c'))
util_ss.add(files('systemd.c'))
+util_ss.add(files('transactions.c'))
util_ss.add(when: 'CONFIG_POSIX', if_true: files('drm.c'))
util_ss.add(files('guest-random.c'))
util_ss.add(files('yank.c'))
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 09/39] block: bdrv_refresh_perms: check for parents permissions conflict
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (7 preceding siblings ...)
2021-04-30 10:51 ` [PULL 08/39] util: add transactions.c Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 10/39] block: refactor bdrv_child* permission functions Kevin Wolf
` (30 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Add additional check that node parents do not interfere with each
other. This should not hurt existing callers and allows in further
patch use bdrv_refresh_perms() to update a subtree of changed
BdrvChild (check that change is correct).
New check will substitute bdrv_check_update_perm() in following
permissions refactoring, so keep error messages the same to avoid
unit test result changes.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-10-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++---------
1 file changed, 54 insertions(+), 9 deletions(-)
diff --git a/block.c b/block.c
index 34c728d7e4..fd621f0403 100644
--- a/block.c
+++ b/block.c
@@ -2026,6 +2026,57 @@ bool bdrv_is_writable(BlockDriverState *bs)
return bdrv_is_writable_after_reopen(bs, NULL);
}
+static char *bdrv_child_user_desc(BdrvChild *c)
+{
+ if (c->klass->get_parent_desc) {
+ return c->klass->get_parent_desc(c);
+ }
+
+ return g_strdup("another user");
+}
+
+static bool bdrv_a_allow_b(BdrvChild *a, BdrvChild *b, Error **errp)
+{
+ g_autofree char *user = NULL;
+ g_autofree char *perm_names = NULL;
+
+ if ((b->perm & a->shared_perm) == b->perm) {
+ return true;
+ }
+
+ perm_names = bdrv_perm_names(b->perm & ~a->shared_perm);
+ user = bdrv_child_user_desc(a);
+ error_setg(errp, "Conflicts with use by %s as '%s', which does not "
+ "allow '%s' on %s",
+ user, a->name, perm_names, bdrv_get_node_name(b->bs));
+
+ return false;
+}
+
+static bool bdrv_parent_perms_conflict(BlockDriverState *bs, Error **errp)
+{
+ BdrvChild *a, *b;
+
+ /*
+ * During the loop we'll look at each pair twice. That's correct because
+ * bdrv_a_allow_b() is asymmetric and we should check each pair in both
+ * directions.
+ */
+ QLIST_FOREACH(a, &bs->parents, next_parent) {
+ QLIST_FOREACH(b, &bs->parents, next_parent) {
+ if (a == b) {
+ continue;
+ }
+
+ if (!bdrv_a_allow_b(a, b, errp)) {
+ return true;
+ }
+ }
+ }
+
+ return false;
+}
+
static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs,
BdrvChild *c, BdrvChildRole role,
BlockReopenQueue *reopen_queue,
@@ -2203,15 +2254,6 @@ void bdrv_get_cumulative_perm(BlockDriverState *bs, uint64_t *perm,
*shared_perm = cumulative_shared_perms;
}
-static char *bdrv_child_user_desc(BdrvChild *c)
-{
- if (c->klass->get_parent_desc) {
- return c->klass->get_parent_desc(c);
- }
-
- return g_strdup("another user");
-}
-
char *bdrv_perm_names(uint64_t perm)
{
struct perm_name {
@@ -2355,6 +2397,9 @@ static int bdrv_refresh_perms(BlockDriverState *bs, Error **errp)
int ret;
uint64_t perm, shared_perm;
+ if (bdrv_parent_perms_conflict(bs, errp)) {
+ return -EPERM;
+ }
bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, errp);
if (ret < 0) {
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 10/39] block: refactor bdrv_child* permission functions
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (8 preceding siblings ...)
2021-04-30 10:51 ` [PULL 09/39] block: bdrv_refresh_perms: check for parents permissions conflict Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 11/39] block: rewrite bdrv_child_try_set_perm() using bdrv_refresh_perms() Kevin Wolf
` (29 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Split out non-recursive parts, and refactor as block graph transaction
action.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-11-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 79 ++++++++++++++++++++++++++++++++++++++++++---------------
1 file changed, 59 insertions(+), 20 deletions(-)
diff --git a/block.c b/block.c
index fd621f0403..0ee0c2f29a 100644
--- a/block.c
+++ b/block.c
@@ -49,6 +49,7 @@
#include "qemu/timer.h"
#include "qemu/cutils.h"
#include "qemu/id.h"
+#include "qemu/transactions.h"
#include "block/coroutines.h"
#ifdef CONFIG_BSD
@@ -2093,6 +2094,61 @@ static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs,
}
}
+static void bdrv_child_set_perm_commit(void *opaque)
+{
+ BdrvChild *c = opaque;
+
+ c->has_backup_perm = false;
+}
+
+static void bdrv_child_set_perm_abort(void *opaque)
+{
+ BdrvChild *c = opaque;
+ /*
+ * We may have child->has_backup_perm unset at this point, as in case of
+ * _check_ stage of permission update failure we may _check_ not the whole
+ * subtree. Still, _abort_ is called on the whole subtree anyway.
+ */
+ if (c->has_backup_perm) {
+ c->perm = c->backup_perm;
+ c->shared_perm = c->backup_shared_perm;
+ c->has_backup_perm = false;
+ }
+}
+
+static TransactionActionDrv bdrv_child_set_pem_drv = {
+ .abort = bdrv_child_set_perm_abort,
+ .commit = bdrv_child_set_perm_commit,
+};
+
+/*
+ * With tran=NULL needs to be followed by direct call to either
+ * bdrv_child_set_perm_commit() or bdrv_child_set_perm_abort().
+ *
+ * With non-NULL tran needs to be followed by tran_abort() or tran_commit()
+ * instead.
+ */
+static void bdrv_child_set_perm_safe(BdrvChild *c, uint64_t perm,
+ uint64_t shared, Transaction *tran)
+{
+ if (!c->has_backup_perm) {
+ c->has_backup_perm = true;
+ c->backup_perm = c->perm;
+ c->backup_shared_perm = c->shared_perm;
+ }
+ /*
+ * Note: it's OK if c->has_backup_perm was already set, as we can find the
+ * same c twice during check_perm procedure
+ */
+
+ c->perm = perm;
+ c->shared_perm = shared;
+
+ if (tran) {
+ tran_add(tran, &bdrv_child_set_pem_drv, c);
+ }
+}
+
/*
* Check whether permissions on this node can be changed in a way that
* @cumulative_perms and @cumulative_shared_perms are the new cumulative
@@ -2358,37 +2414,20 @@ static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q,
return ret;
}
- if (!c->has_backup_perm) {
- c->has_backup_perm = true;
- c->backup_perm = c->perm;
- c->backup_shared_perm = c->shared_perm;
- }
- /*
- * Note: it's OK if c->has_backup_perm was already set, as we can find the
- * same child twice during check_perm procedure
- */
-
- c->perm = perm;
- c->shared_perm = shared;
+ bdrv_child_set_perm_safe(c, perm, shared, NULL);
return 0;
}
static void bdrv_child_set_perm(BdrvChild *c)
{
- c->has_backup_perm = false;
-
+ bdrv_child_set_perm_commit(c);
bdrv_set_perm(c->bs);
}
static void bdrv_child_abort_perm_update(BdrvChild *c)
{
- if (c->has_backup_perm) {
- c->perm = c->backup_perm;
- c->shared_perm = c->backup_shared_perm;
- c->has_backup_perm = false;
- }
-
+ bdrv_child_set_perm_abort(c);
bdrv_abort_perm_update(c->bs);
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 11/39] block: rewrite bdrv_child_try_set_perm() using bdrv_refresh_perms()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (9 preceding siblings ...)
2021-04-30 10:51 ` [PULL 10/39] block: refactor bdrv_child* permission functions Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 12/39] block: inline bdrv_child_*() permission functions calls Kevin Wolf
` (28 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
We are going to drop recursive bdrv_child_* functions, so stop use them
in bdrv_child_try_set_perm() as a first step.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-12-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/block.c b/block.c
index 0ee0c2f29a..4511766825 100644
--- a/block.c
+++ b/block.c
@@ -2454,11 +2454,16 @@ int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared,
Error **errp)
{
Error *local_err = NULL;
+ Transaction *tran = tran_new();
int ret;
- ret = bdrv_child_check_perm(c, NULL, perm, shared, NULL, &local_err);
+ bdrv_child_set_perm_safe(c, perm, shared, tran);
+
+ ret = bdrv_refresh_perms(c->bs, &local_err);
+
+ tran_finalize(tran, ret);
+
if (ret < 0) {
- bdrv_child_abort_perm_update(c);
if ((perm & ~c->perm) || (c->shared_perm & ~shared)) {
/* tighten permissions */
error_propagate(errp, local_err);
@@ -2472,12 +2477,9 @@ int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared,
error_free(local_err);
ret = 0;
}
- return ret;
}
- bdrv_child_set_perm(c);
-
- return 0;
+ return ret;
}
int bdrv_child_refresh_perms(BlockDriverState *bs, BdrvChild *c, Error **errp)
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 12/39] block: inline bdrv_child_*() permission functions calls
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (10 preceding siblings ...)
2021-04-30 10:51 ` [PULL 11/39] block: rewrite bdrv_child_try_set_perm() using bdrv_refresh_perms() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 13/39] block: use topological sort for permission update Kevin Wolf
` (27 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Each of them has only one caller. Open-coding simplifies further
pemission-update system changes.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-13-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 59 +++++++++++++++++----------------------------------------
1 file changed, 17 insertions(+), 42 deletions(-)
diff --git a/block.c b/block.c
index 4511766825..e5af4cdae9 100644
--- a/block.c
+++ b/block.c
@@ -1974,11 +1974,11 @@ static int bdrv_fill_options(QDict **options, const char *filename,
return 0;
}
-static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q,
- uint64_t perm, uint64_t shared,
- GSList *ignore_children, Error **errp);
-static void bdrv_child_abort_perm_update(BdrvChild *c);
-static void bdrv_child_set_perm(BdrvChild *c);
+static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
+ uint64_t new_used_perm,
+ uint64_t new_shared_perm,
+ GSList *ignore_children,
+ Error **errp);
typedef struct BlockReopenQueueEntry {
bool prepared;
@@ -2226,15 +2226,21 @@ static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
/* Check all children */
QLIST_FOREACH(c, &bs->children, next) {
uint64_t cur_perm, cur_shared;
+ GSList *cur_ignore_children;
bdrv_child_perm(bs, c->bs, c, c->role, q,
cumulative_perms, cumulative_shared_perms,
&cur_perm, &cur_shared);
- ret = bdrv_child_check_perm(c, q, cur_perm, cur_shared, ignore_children,
- errp);
+
+ cur_ignore_children = g_slist_prepend(g_slist_copy(ignore_children), c);
+ ret = bdrv_check_update_perm(c->bs, q, cur_perm, cur_shared,
+ cur_ignore_children, errp);
+ g_slist_free(cur_ignore_children);
if (ret < 0) {
return ret;
}
+
+ bdrv_child_set_perm_safe(c, cur_perm, cur_shared, NULL);
}
return 0;
@@ -2261,7 +2267,8 @@ static void bdrv_abort_perm_update(BlockDriverState *bs)
}
QLIST_FOREACH(c, &bs->children, next) {
- bdrv_child_abort_perm_update(c);
+ bdrv_child_set_perm_abort(c);
+ bdrv_abort_perm_update(c->bs);
}
}
@@ -2290,7 +2297,8 @@ static void bdrv_set_perm(BlockDriverState *bs)
/* Update all children */
QLIST_FOREACH(c, &bs->children, next) {
- bdrv_child_set_perm(c);
+ bdrv_child_set_perm_commit(c);
+ bdrv_set_perm(c->bs);
}
}
@@ -2398,39 +2406,6 @@ static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
ignore_children, errp);
}
-/* Needs to be followed by a call to either bdrv_child_set_perm() or
- * bdrv_child_abort_perm_update(). */
-static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q,
- uint64_t perm, uint64_t shared,
- GSList *ignore_children, Error **errp)
-{
- int ret;
-
- ignore_children = g_slist_prepend(g_slist_copy(ignore_children), c);
- ret = bdrv_check_update_perm(c->bs, q, perm, shared, ignore_children, errp);
- g_slist_free(ignore_children);
-
- if (ret < 0) {
- return ret;
- }
-
- bdrv_child_set_perm_safe(c, perm, shared, NULL);
-
- return 0;
-}
-
-static void bdrv_child_set_perm(BdrvChild *c)
-{
- bdrv_child_set_perm_commit(c);
- bdrv_set_perm(c->bs);
-}
-
-static void bdrv_child_abort_perm_update(BdrvChild *c)
-{
- bdrv_child_set_perm_abort(c);
- bdrv_abort_perm_update(c->bs);
-}
-
static int bdrv_refresh_perms(BlockDriverState *bs, Error **errp)
{
int ret;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 13/39] block: use topological sort for permission update
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (11 preceding siblings ...)
2021-04-30 10:51 ` [PULL 12/39] block: inline bdrv_child_*() permission functions calls Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 14/39] block: add bdrv_drv_set_perm transaction action Kevin Wolf
` (26 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Rewrite bdrv_check_perm(), bdrv_abort_perm_update() and bdrv_set_perm()
to update nodes in topological sort order instead of simple DFS. With
topologically sorted nodes, we update a node only when all its parents
already updated. With DFS it's not so.
Consider the following example:
A -+
| |
| v
| B
| |
v |
C<-+
A is parent for B and C, B is parent for C.
Obviously, to update permissions, we should go in order A B C, so, when
we update C, all parent permissions already updated. But with current
approach (simple recursion) we can update in sequence A C B C (C is
updated twice). On first update of C, we consider old B permissions, so
doing wrong thing. If it succeed, all is OK, on second C update we will
finish with correct graph. But if the wrong thing failed, we break the
whole process for no reason (it's possible that updated B permission
will be less strict, but we will never check it).
Also new approach gives a way to simultaneously and correctly update
several nodes, we just need to run bdrv_topological_dfs() several times
to add all nodes and their subtrees into one topologically sorted list
(next patch will update bdrv_replace_node() in this manner).
Test test_parallel_perm_update() is now passing, so move it out of
debugging "if".
We also need to support ignore_children in
bdrv_parent_perms_conflict()
For test 283 order of conflicting parents check is changed.
Note also that in bdrv_check_perm() we don't check for parents conflict
at root bs, as we may be in the middle of permission update in
bdrv_reopen_multiple(). bdrv_reopen_multiple() will be updated soon.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-14-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 116 +++++++++++++++++++++++++------
tests/unit/test-bdrv-graph-mod.c | 4 +-
tests/qemu-iotests/283.out | 2 +-
3 files changed, 99 insertions(+), 23 deletions(-)
diff --git a/block.c b/block.c
index e5af4cdae9..cbcc4c15a0 100644
--- a/block.c
+++ b/block.c
@@ -2054,7 +2054,9 @@ static bool bdrv_a_allow_b(BdrvChild *a, BdrvChild *b, Error **errp)
return false;
}
-static bool bdrv_parent_perms_conflict(BlockDriverState *bs, Error **errp)
+static bool bdrv_parent_perms_conflict(BlockDriverState *bs,
+ GSList *ignore_children,
+ Error **errp)
{
BdrvChild *a, *b;
@@ -2064,8 +2066,12 @@ static bool bdrv_parent_perms_conflict(BlockDriverState *bs, Error **errp)
* directions.
*/
QLIST_FOREACH(a, &bs->parents, next_parent) {
+ if (g_slist_find(ignore_children, a)) {
+ continue;
+ }
+
QLIST_FOREACH(b, &bs->parents, next_parent) {
- if (a == b) {
+ if (a == b || g_slist_find(ignore_children, b)) {
continue;
}
@@ -2094,6 +2100,40 @@ static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs,
}
}
+/*
+ * Adds the whole subtree of @bs (including @bs itself) to the @list (except for
+ * nodes that are already in the @list, of course) so that final list is
+ * topologically sorted. Return the result (GSList @list object is updated, so
+ * don't use old reference after function call).
+ *
+ * On function start @list must be already topologically sorted and for any node
+ * in the @list the whole subtree of the node must be in the @list as well. The
+ * simplest way to satisfy this criteria: use only result of
+ * bdrv_topological_dfs() or NULL as @list parameter.
+ */
+static GSList *bdrv_topological_dfs(GSList *list, GHashTable *found,
+ BlockDriverState *bs)
+{
+ BdrvChild *child;
+ g_autoptr(GHashTable) local_found = NULL;
+
+ if (!found) {
+ assert(!list);
+ found = local_found = g_hash_table_new(NULL, NULL);
+ }
+
+ if (g_hash_table_contains(found, bs)) {
+ return list;
+ }
+ g_hash_table_add(found, bs);
+
+ QLIST_FOREACH(child, &bs->children, next) {
+ list = bdrv_topological_dfs(list, found, child->bs);
+ }
+
+ return g_slist_prepend(list, bs);
+}
+
static void bdrv_child_set_perm_commit(void *opaque)
{
BdrvChild *c = opaque;
@@ -2158,10 +2198,10 @@ static void bdrv_child_set_perm_safe(BdrvChild *c, uint64_t perm,
* A call to this function must always be followed by a call to bdrv_set_perm()
* or bdrv_abort_perm_update().
*/
-static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
- uint64_t cumulative_perms,
- uint64_t cumulative_shared_perms,
- GSList *ignore_children, Error **errp)
+static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
+ uint64_t cumulative_perms,
+ uint64_t cumulative_shared_perms,
+ GSList *ignore_children, Error **errp)
{
BlockDriver *drv = bs->drv;
BdrvChild *c;
@@ -2226,21 +2266,43 @@ static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
/* Check all children */
QLIST_FOREACH(c, &bs->children, next) {
uint64_t cur_perm, cur_shared;
- GSList *cur_ignore_children;
bdrv_child_perm(bs, c->bs, c, c->role, q,
cumulative_perms, cumulative_shared_perms,
&cur_perm, &cur_shared);
+ bdrv_child_set_perm_safe(c, cur_perm, cur_shared, NULL);
+ }
+
+ return 0;
+}
+
+static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
+ uint64_t cumulative_perms,
+ uint64_t cumulative_shared_perms,
+ GSList *ignore_children, Error **errp)
+{
+ int ret;
+ BlockDriverState *root = bs;
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, root);
- cur_ignore_children = g_slist_prepend(g_slist_copy(ignore_children), c);
- ret = bdrv_check_update_perm(c->bs, q, cur_perm, cur_shared,
- cur_ignore_children, errp);
- g_slist_free(cur_ignore_children);
+ for ( ; list; list = list->next) {
+ bs = list->data;
+
+ if (bs != root) {
+ if (bdrv_parent_perms_conflict(bs, ignore_children, errp)) {
+ return -EINVAL;
+ }
+
+ bdrv_get_cumulative_perm(bs, &cumulative_perms,
+ &cumulative_shared_perms);
+ }
+
+ ret = bdrv_node_check_perm(bs, q, cumulative_perms,
+ cumulative_shared_perms,
+ ignore_children, errp);
if (ret < 0) {
return ret;
}
-
- bdrv_child_set_perm_safe(c, cur_perm, cur_shared, NULL);
}
return 0;
@@ -2250,10 +2312,8 @@ static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
* Notifies drivers that after a previous bdrv_check_perm() call, the
* permission update is not performed and any preparations made for it (e.g.
* taken file locks) need to be undone.
- *
- * This function recursively notifies all child nodes.
*/
-static void bdrv_abort_perm_update(BlockDriverState *bs)
+static void bdrv_node_abort_perm_update(BlockDriverState *bs)
{
BlockDriver *drv = bs->drv;
BdrvChild *c;
@@ -2268,11 +2328,19 @@ static void bdrv_abort_perm_update(BlockDriverState *bs)
QLIST_FOREACH(c, &bs->children, next) {
bdrv_child_set_perm_abort(c);
- bdrv_abort_perm_update(c->bs);
}
}
-static void bdrv_set_perm(BlockDriverState *bs)
+static void bdrv_abort_perm_update(BlockDriverState *bs)
+{
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
+
+ for ( ; list; list = list->next) {
+ bdrv_node_abort_perm_update((BlockDriverState *)list->data);
+ }
+}
+
+static void bdrv_node_set_perm(BlockDriverState *bs)
{
uint64_t cumulative_perms, cumulative_shared_perms;
BlockDriver *drv = bs->drv;
@@ -2298,7 +2366,15 @@ static void bdrv_set_perm(BlockDriverState *bs)
/* Update all children */
QLIST_FOREACH(c, &bs->children, next) {
bdrv_child_set_perm_commit(c);
- bdrv_set_perm(c->bs);
+ }
+}
+
+static void bdrv_set_perm(BlockDriverState *bs)
+{
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
+
+ for ( ; list; list = list->next) {
+ bdrv_node_set_perm((BlockDriverState *)list->data);
}
}
@@ -2411,7 +2487,7 @@ static int bdrv_refresh_perms(BlockDriverState *bs, Error **errp)
int ret;
uint64_t perm, shared_perm;
- if (bdrv_parent_perms_conflict(bs, errp)) {
+ if (bdrv_parent_perms_conflict(bs, NULL, errp)) {
return -EPERM;
}
bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c
index a6064b1863..e64e81a07c 100644
--- a/tests/unit/test-bdrv-graph-mod.c
+++ b/tests/unit/test-bdrv-graph-mod.c
@@ -406,12 +406,12 @@ int main(int argc, char *argv[])
g_test_add_func("/bdrv-graph-mod/update-perm-tree", test_update_perm_tree);
g_test_add_func("/bdrv-graph-mod/should-update-child",
test_should_update_child);
+ g_test_add_func("/bdrv-graph-mod/parallel-perm-update",
+ test_parallel_perm_update);
if (debug) {
g_test_add_func("/bdrv-graph-mod/parallel-exclusive-write",
test_parallel_exclusive_write);
- g_test_add_func("/bdrv-graph-mod/parallel-perm-update",
- test_parallel_perm_update);
g_test_add_func("/bdrv-graph-mod/append-greedy-filter",
test_append_greedy_filter);
}
diff --git a/tests/qemu-iotests/283.out b/tests/qemu-iotests/283.out
index 37c35058ae..73eb75102f 100644
--- a/tests/qemu-iotests/283.out
+++ b/tests/qemu-iotests/283.out
@@ -5,7 +5,7 @@
{"execute": "blockdev-add", "arguments": {"driver": "blkdebug", "image": "base", "node-name": "other", "take-child-perms": ["write"]}}
{"return": {}}
{"execute": "blockdev-backup", "arguments": {"device": "source", "sync": "full", "target": "target"}}
-{"error": {"class": "GenericError", "desc": "Cannot set permissions for backup-top filter: Conflicts with use by other as 'image', which uses 'write' on base"}}
+{"error": {"class": "GenericError", "desc": "Cannot set permissions for backup-top filter: Conflicts with use by source as 'image', which does not allow 'write' on base"}}
=== backup-top should be gone after job-finalize ===
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 14/39] block: add bdrv_drv_set_perm transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (12 preceding siblings ...)
2021-04-30 10:51 ` [PULL 13/39] block: use topological sort for permission update Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 15/39] block: add bdrv_list_* permission update functions Kevin Wolf
` (25 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Refactor calling driver callbacks to a separate transaction action to
be used later.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-15-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 70 ++++++++++++++++++++++++++++++++++++++++++++-------------
1 file changed, 54 insertions(+), 16 deletions(-)
diff --git a/block.c b/block.c
index cbcc4c15a0..ab7a4d13d8 100644
--- a/block.c
+++ b/block.c
@@ -2189,6 +2189,54 @@ static void bdrv_child_set_perm_safe(BdrvChild *c, uint64_t perm,
}
}
+static void bdrv_drv_set_perm_commit(void *opaque)
+{
+ BlockDriverState *bs = opaque;
+ uint64_t cumulative_perms, cumulative_shared_perms;
+
+ if (bs->drv->bdrv_set_perm) {
+ bdrv_get_cumulative_perm(bs, &cumulative_perms,
+ &cumulative_shared_perms);
+ bs->drv->bdrv_set_perm(bs, cumulative_perms, cumulative_shared_perms);
+ }
+}
+
+static void bdrv_drv_set_perm_abort(void *opaque)
+{
+ BlockDriverState *bs = opaque;
+
+ if (bs->drv->bdrv_abort_perm_update) {
+ bs->drv->bdrv_abort_perm_update(bs);
+ }
+}
+
+TransactionActionDrv bdrv_drv_set_perm_drv = {
+ .abort = bdrv_drv_set_perm_abort,
+ .commit = bdrv_drv_set_perm_commit,
+};
+
+static int bdrv_drv_set_perm(BlockDriverState *bs, uint64_t perm,
+ uint64_t shared_perm, Transaction *tran,
+ Error **errp)
+{
+ if (!bs->drv) {
+ return 0;
+ }
+
+ if (bs->drv->bdrv_check_perm) {
+ int ret = bs->drv->bdrv_check_perm(bs, perm, shared_perm, errp);
+ if (ret < 0) {
+ return ret;
+ }
+ }
+
+ if (tran) {
+ tran_add(tran, &bdrv_drv_set_perm_drv, bs);
+ }
+
+ return 0;
+}
+
/*
* Check whether permissions on this node can be changed in a way that
* @cumulative_perms and @cumulative_shared_perms are the new cumulative
@@ -2249,12 +2297,10 @@ static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
return 0;
}
- if (drv->bdrv_check_perm) {
- ret = drv->bdrv_check_perm(bs, cumulative_perms,
- cumulative_shared_perms, errp);
- if (ret < 0) {
- return ret;
- }
+ ret = bdrv_drv_set_perm(bs, cumulative_perms, cumulative_shared_perms, NULL,
+ errp);
+ if (ret < 0) {
+ return ret;
}
/* Drivers that never have children can omit .bdrv_child_perm() */
@@ -2322,9 +2368,7 @@ static void bdrv_node_abort_perm_update(BlockDriverState *bs)
return;
}
- if (drv->bdrv_abort_perm_update) {
- drv->bdrv_abort_perm_update(bs);
- }
+ bdrv_drv_set_perm_abort(bs);
QLIST_FOREACH(c, &bs->children, next) {
bdrv_child_set_perm_abort(c);
@@ -2342,7 +2386,6 @@ static void bdrv_abort_perm_update(BlockDriverState *bs)
static void bdrv_node_set_perm(BlockDriverState *bs)
{
- uint64_t cumulative_perms, cumulative_shared_perms;
BlockDriver *drv = bs->drv;
BdrvChild *c;
@@ -2350,12 +2393,7 @@ static void bdrv_node_set_perm(BlockDriverState *bs)
return;
}
- bdrv_get_cumulative_perm(bs, &cumulative_perms, &cumulative_shared_perms);
-
- /* Update this node */
- if (drv->bdrv_set_perm) {
- drv->bdrv_set_perm(bs, cumulative_perms, cumulative_shared_perms);
- }
+ bdrv_drv_set_perm_commit(bs);
/* Drivers that never have children can omit .bdrv_child_perm() */
if (!drv->bdrv_child_perm) {
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 15/39] block: add bdrv_list_* permission update functions
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (13 preceding siblings ...)
2021-04-30 10:51 ` [PULL 14/39] block: add bdrv_drv_set_perm transaction action Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 16/39] block: add bdrv_replace_child_safe() transaction action Kevin Wolf
` (24 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Add new interface, allowing use of existing node list. It will be used
to fix bdrv_replace_node() in the further commit.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-16-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 106 +++++++++++++++++++++++++++++++++++++-------------------
1 file changed, 71 insertions(+), 35 deletions(-)
diff --git a/block.c b/block.c
index ab7a4d13d8..98b7bc179c 100644
--- a/block.c
+++ b/block.c
@@ -2249,7 +2249,8 @@ static int bdrv_drv_set_perm(BlockDriverState *bs, uint64_t perm,
static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
uint64_t cumulative_perms,
uint64_t cumulative_shared_perms,
- GSList *ignore_children, Error **errp)
+ GSList *ignore_children,
+ Transaction *tran, Error **errp)
{
BlockDriver *drv = bs->drv;
BdrvChild *c;
@@ -2297,7 +2298,7 @@ static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
return 0;
}
- ret = bdrv_drv_set_perm(bs, cumulative_perms, cumulative_shared_perms, NULL,
+ ret = bdrv_drv_set_perm(bs, cumulative_perms, cumulative_shared_perms, tran,
errp);
if (ret < 0) {
return ret;
@@ -2316,36 +2317,53 @@ static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
bdrv_child_perm(bs, c->bs, c, c->role, q,
cumulative_perms, cumulative_shared_perms,
&cur_perm, &cur_shared);
- bdrv_child_set_perm_safe(c, cur_perm, cur_shared, NULL);
+ bdrv_child_set_perm_safe(c, cur_perm, cur_shared, tran);
}
return 0;
}
-static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
- uint64_t cumulative_perms,
- uint64_t cumulative_shared_perms,
- GSList *ignore_children, Error **errp)
+/*
+ * If use_cumulative_perms is true, use cumulative_perms and
+ * cumulative_shared_perms for first element of the list. Otherwise just refresh
+ * all permissions.
+ */
+static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
+ bool use_cumulative_perms,
+ uint64_t cumulative_perms,
+ uint64_t cumulative_shared_perms,
+ GSList *ignore_children,
+ Transaction *tran, Error **errp)
{
int ret;
- BlockDriverState *root = bs;
- g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, root);
+ BlockDriverState *bs;
- for ( ; list; list = list->next) {
+ if (use_cumulative_perms) {
bs = list->data;
- if (bs != root) {
- if (bdrv_parent_perms_conflict(bs, ignore_children, errp)) {
- return -EINVAL;
- }
+ ret = bdrv_node_check_perm(bs, q, cumulative_perms,
+ cumulative_shared_perms,
+ ignore_children, tran, errp);
+ if (ret < 0) {
+ return ret;
+ }
- bdrv_get_cumulative_perm(bs, &cumulative_perms,
- &cumulative_shared_perms);
+ list = list->next;
+ }
+
+ for ( ; list; list = list->next) {
+ bs = list->data;
+
+ if (bdrv_parent_perms_conflict(bs, ignore_children, errp)) {
+ return -EINVAL;
}
+ bdrv_get_cumulative_perm(bs, &cumulative_perms,
+ &cumulative_shared_perms);
+
ret = bdrv_node_check_perm(bs, q, cumulative_perms,
cumulative_shared_perms,
- ignore_children, errp);
+ ignore_children, tran, errp);
if (ret < 0) {
return ret;
}
@@ -2354,6 +2372,23 @@ static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
return 0;
}
+static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
+ uint64_t cumulative_perms,
+ uint64_t cumulative_shared_perms,
+ GSList *ignore_children, Error **errp)
+{
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
+ return bdrv_check_perm_common(list, q, true, cumulative_perms,
+ cumulative_shared_perms, ignore_children,
+ NULL, errp);
+}
+
+static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
+ Transaction *tran, Error **errp)
+{
+ return bdrv_check_perm_common(list, q, false, 0, 0, NULL, tran, errp);
+}
+
/*
* Notifies drivers that after a previous bdrv_check_perm() call, the
* permission update is not performed and any preparations made for it (e.g.
@@ -2375,15 +2410,19 @@ static void bdrv_node_abort_perm_update(BlockDriverState *bs)
}
}
-static void bdrv_abort_perm_update(BlockDriverState *bs)
+static void bdrv_list_abort_perm_update(GSList *list)
{
- g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
-
for ( ; list; list = list->next) {
bdrv_node_abort_perm_update((BlockDriverState *)list->data);
}
}
+static void bdrv_abort_perm_update(BlockDriverState *bs)
+{
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
+ return bdrv_list_abort_perm_update(list);
+}
+
static void bdrv_node_set_perm(BlockDriverState *bs)
{
BlockDriver *drv = bs->drv;
@@ -2407,15 +2446,19 @@ static void bdrv_node_set_perm(BlockDriverState *bs)
}
}
-static void bdrv_set_perm(BlockDriverState *bs)
+static void bdrv_list_set_perm(GSList *list)
{
- g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
-
for ( ; list; list = list->next) {
bdrv_node_set_perm((BlockDriverState *)list->data);
}
}
+static void bdrv_set_perm(BlockDriverState *bs)
+{
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
+ return bdrv_list_set_perm(list);
+}
+
void bdrv_get_cumulative_perm(BlockDriverState *bs, uint64_t *perm,
uint64_t *shared_perm)
{
@@ -2523,20 +2566,13 @@ static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
static int bdrv_refresh_perms(BlockDriverState *bs, Error **errp)
{
int ret;
- uint64_t perm, shared_perm;
+ Transaction *tran = tran_new();
+ g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
- if (bdrv_parent_perms_conflict(bs, NULL, errp)) {
- return -EPERM;
- }
- bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
- ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, errp);
- if (ret < 0) {
- bdrv_abort_perm_update(bs);
- return ret;
- }
- bdrv_set_perm(bs);
+ ret = bdrv_list_refresh_perms(list, NULL, tran, errp);
+ tran_finalize(tran, ret);
- return 0;
+ return ret;
}
int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared,
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 16/39] block: add bdrv_replace_child_safe() transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (14 preceding siblings ...)
2021-04-30 10:51 ` [PULL 15/39] block: add bdrv_list_* permission update functions Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 17/39] block: fix bdrv_replace_node_common Kevin Wolf
` (23 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
To be used in the following commit.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-17-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
diff --git a/block.c b/block.c
index 98b7bc179c..a5305662dc 100644
--- a/block.c
+++ b/block.c
@@ -83,6 +83,9 @@ static BlockDriverState *bdrv_open_inherit(const char *filename,
BdrvChildRole child_role,
Error **errp);
+static void bdrv_replace_child_noperm(BdrvChild *child,
+ BlockDriverState *new_bs);
+
static int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue
*queue, Error **errp);
static void bdrv_reopen_commit(BDRVReopenState *reopen_state);
@@ -2237,6 +2240,57 @@ static int bdrv_drv_set_perm(BlockDriverState *bs, uint64_t perm,
return 0;
}
+typedef struct BdrvReplaceChildState {
+ BdrvChild *child;
+ BlockDriverState *old_bs;
+} BdrvReplaceChildState;
+
+static void bdrv_replace_child_commit(void *opaque)
+{
+ BdrvReplaceChildState *s = opaque;
+
+ bdrv_unref(s->old_bs);
+}
+
+static void bdrv_replace_child_abort(void *opaque)
+{
+ BdrvReplaceChildState *s = opaque;
+ BlockDriverState *new_bs = s->child->bs;
+
+ /* old_bs reference is transparently moved from @s to @s->child */
+ bdrv_replace_child_noperm(s->child, s->old_bs);
+ bdrv_unref(new_bs);
+}
+
+static TransactionActionDrv bdrv_replace_child_drv = {
+ .commit = bdrv_replace_child_commit,
+ .abort = bdrv_replace_child_abort,
+ .clean = g_free,
+};
+
+/*
+ * bdrv_replace_child_safe
+ *
+ * Note: real unref of old_bs is done only on commit.
+ */
+__attribute__((unused))
+static void bdrv_replace_child_safe(BdrvChild *child, BlockDriverState *new_bs,
+ Transaction *tran)
+{
+ BdrvReplaceChildState *s = g_new(BdrvReplaceChildState, 1);
+ *s = (BdrvReplaceChildState) {
+ .child = child,
+ .old_bs = child->bs,
+ };
+ tran_add(tran, &bdrv_replace_child_drv, s);
+
+ if (new_bs) {
+ bdrv_ref(new_bs);
+ }
+ bdrv_replace_child_noperm(child, new_bs);
+ /* old_bs reference is transparently moved from @child to @s */
+}
+
/*
* Check whether permissions on this node can be changed in a way that
* @cumulative_perms and @cumulative_shared_perms are the new cumulative
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 17/39] block: fix bdrv_replace_node_common
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (15 preceding siblings ...)
2021-04-30 10:51 ` [PULL 16/39] block: add bdrv_replace_child_safe() transaction action Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 18/39] block: add bdrv_attach_child_common() transaction action Kevin Wolf
` (22 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
inore_children thing doesn't help to track all propagated permissions
of children we want to ignore. The simplest way to correctly update
permissions is update graph first and then do permission update. In
this case we just referesh permissions for the whole subgraph (in
topological-sort defined order) and everything is correctly calculated
automatically without any ignore_children.
So, refactor bdrv_replace_node_common to first do graph update and then
refresh the permissions.
Test test_parallel_exclusive_write() now pass, so move it out of
debugging "if".
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-18-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 43 +++++++++++++-------------------
tests/unit/test-bdrv-graph-mod.c | 4 +--
2 files changed, 20 insertions(+), 27 deletions(-)
diff --git a/block.c b/block.c
index a5305662dc..6040b9dea0 100644
--- a/block.c
+++ b/block.c
@@ -2273,7 +2273,6 @@ static TransactionActionDrv bdrv_replace_child_drv = {
*
* Note: real unref of old_bs is done only on commit.
*/
-__attribute__((unused))
static void bdrv_replace_child_safe(BdrvChild *child, BlockDriverState *new_bs,
Transaction *tran)
{
@@ -4877,8 +4876,9 @@ static int bdrv_replace_node_common(BlockDriverState *from,
bool auto_skip, Error **errp)
{
BdrvChild *c, *next;
- GSList *list = NULL, *p;
- uint64_t perm = 0, shared = BLK_PERM_ALL;
+ Transaction *tran = tran_new();
+ g_autoptr(GHashTable) found = NULL;
+ g_autoptr(GSList) refresh_list = NULL;
int ret;
/* Make sure that @from doesn't go away until we have successfully attached
@@ -4889,7 +4889,12 @@ static int bdrv_replace_node_common(BlockDriverState *from,
assert(bdrv_get_aio_context(from) == bdrv_get_aio_context(to));
bdrv_drained_begin(from);
- /* Put all parents into @list and calculate their cumulative permissions */
+ /*
+ * Do the replacement without permission update.
+ * Replacement may influence the permissions, we should calculate new
+ * permissions based on new graph. If we fail, we'll roll-back the
+ * replacement.
+ */
QLIST_FOREACH_SAFE(c, &from->parents, next_parent, next) {
assert(c->bs == from);
if (!should_update_child(c, to)) {
@@ -4907,36 +4912,24 @@ static int bdrv_replace_node_common(BlockDriverState *from,
c->name, from->node_name);
goto out;
}
- list = g_slist_prepend(list, c);
- perm |= c->perm;
- shared &= c->shared_perm;
+ bdrv_replace_child_safe(c, to, tran);
}
- /* Check whether the required permissions can be granted on @to, ignoring
- * all BdrvChild in @list so that they can't block themselves. */
- ret = bdrv_check_update_perm(to, NULL, perm, shared, list, errp);
- if (ret < 0) {
- bdrv_abort_perm_update(to);
- goto out;
- }
+ found = g_hash_table_new(NULL, NULL);
- /* Now actually perform the change. We performed the permission check for
- * all elements of @list at once, so set the permissions all at once at the
- * very end. */
- for (p = list; p != NULL; p = p->next) {
- c = p->data;
+ refresh_list = bdrv_topological_dfs(refresh_list, found, to);
+ refresh_list = bdrv_topological_dfs(refresh_list, found, from);
- bdrv_ref(to);
- bdrv_replace_child_noperm(c, to);
- bdrv_unref(from);
+ ret = bdrv_list_refresh_perms(refresh_list, NULL, tran, errp);
+ if (ret < 0) {
+ goto out;
}
- bdrv_set_perm(to);
-
ret = 0;
out:
- g_slist_free(list);
+ tran_finalize(tran, ret);
+
bdrv_drained_end(from);
bdrv_unref(from);
diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c
index e64e81a07c..7b3c8b437a 100644
--- a/tests/unit/test-bdrv-graph-mod.c
+++ b/tests/unit/test-bdrv-graph-mod.c
@@ -408,10 +408,10 @@ int main(int argc, char *argv[])
test_should_update_child);
g_test_add_func("/bdrv-graph-mod/parallel-perm-update",
test_parallel_perm_update);
+ g_test_add_func("/bdrv-graph-mod/parallel-exclusive-write",
+ test_parallel_exclusive_write);
if (debug) {
- g_test_add_func("/bdrv-graph-mod/parallel-exclusive-write",
- test_parallel_exclusive_write);
g_test_add_func("/bdrv-graph-mod/append-greedy-filter",
test_append_greedy_filter);
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 18/39] block: add bdrv_attach_child_common() transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (16 preceding siblings ...)
2021-04-30 10:51 ` [PULL 17/39] block: fix bdrv_replace_node_common Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 22:33 ` Peter Maydell
2021-04-30 10:51 ` [PULL 19/39] block: add bdrv_attach_child_noperm() " Kevin Wolf
` (21 subsequent siblings)
39 siblings, 1 reply; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Split out no-perm part of bdrv_root_attach_child() into separate
transaction action. bdrv_root_attach_child() now moves to new
permission update paradigm: first update graph relations then update
permissions.
qsd-jobs test output updated. Seems now permission update goes in
another order. Still, the test comment say that we only want to check
that command doesn't crash, and it's still so.
Error message is a bit misleading as it looks like job was added first.
But actually in new paradigm of graph update we can't distinguish such
things. We should update the error message, but let's not do it now.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20210428151804.439460-19-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 190 ++++++++++++++++++--------
tests/qemu-iotests/tests/qsd-jobs.out | 2 +-
2 files changed, 137 insertions(+), 55 deletions(-)
diff --git a/block.c b/block.c
index 6040b9dea0..4d5c60f2ae 100644
--- a/block.c
+++ b/block.c
@@ -2955,37 +2955,74 @@ static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs)
}
}
-/*
- * This function steals the reference to child_bs from the caller.
- * That reference is later dropped by bdrv_root_unref_child().
- *
- * On failure NULL is returned, errp is set and the reference to
- * child_bs is also dropped.
- *
- * The caller must hold the AioContext lock @child_bs, but not that of @ctx
- * (unless @child_bs is already in @ctx).
- */
-BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
- const char *child_name,
- const BdrvChildClass *child_class,
- BdrvChildRole child_role,
- uint64_t perm, uint64_t shared_perm,
- void *opaque, Error **errp)
+static void bdrv_remove_empty_child(BdrvChild *child)
{
- BdrvChild *child;
- Error *local_err = NULL;
- int ret;
- AioContext *ctx;
+ assert(!child->bs);
+ QLIST_SAFE_REMOVE(child, next);
+ g_free(child->name);
+ g_free(child);
+}
- ret = bdrv_check_update_perm(child_bs, NULL, perm, shared_perm, NULL, errp);
- if (ret < 0) {
- bdrv_abort_perm_update(child_bs);
- bdrv_unref(child_bs);
- return NULL;
+typedef struct BdrvAttachChildCommonState {
+ BdrvChild **child;
+ AioContext *old_parent_ctx;
+ AioContext *old_child_ctx;
+} BdrvAttachChildCommonState;
+
+static void bdrv_attach_child_common_abort(void *opaque)
+{
+ BdrvAttachChildCommonState *s = opaque;
+ BdrvChild *child = *s->child;
+ BlockDriverState *bs = child->bs;
+
+ bdrv_replace_child_noperm(child, NULL);
+
+ if (bdrv_get_aio_context(bs) != s->old_child_ctx) {
+ bdrv_try_set_aio_context(bs, s->old_child_ctx, &error_abort);
}
- child = g_new(BdrvChild, 1);
- *child = (BdrvChild) {
+ if (bdrv_child_get_parent_aio_context(child) != s->old_parent_ctx) {
+ GSList *ignore = g_slist_prepend(NULL, child);
+
+ child->klass->can_set_aio_ctx(child, s->old_parent_ctx, &ignore,
+ &error_abort);
+ g_slist_free(ignore);
+ ignore = g_slist_prepend(NULL, child);
+ child->klass->set_aio_ctx(child, s->old_parent_ctx, &ignore);
+
+ g_slist_free(ignore);
+ }
+
+ bdrv_unref(bs);
+ bdrv_remove_empty_child(child);
+ *s->child = NULL;
+}
+
+static TransactionActionDrv bdrv_attach_child_common_drv = {
+ .abort = bdrv_attach_child_common_abort,
+ .clean = g_free,
+};
+
+/*
+ * Common part of attaching bdrv child to bs or to blk or to job
+ */
+static int bdrv_attach_child_common(BlockDriverState *child_bs,
+ const char *child_name,
+ const BdrvChildClass *child_class,
+ BdrvChildRole child_role,
+ uint64_t perm, uint64_t shared_perm,
+ void *opaque, BdrvChild **child,
+ Transaction *tran, Error **errp)
+{
+ BdrvChild *new_child;
+ AioContext *parent_ctx;
+ AioContext *child_ctx = bdrv_get_aio_context(child_bs);
+
+ assert(child);
+ assert(*child == NULL);
+
+ new_child = g_new(BdrvChild, 1);
+ *new_child = (BdrvChild) {
.bs = NULL,
.name = g_strdup(child_name),
.klass = child_class,
@@ -2995,37 +3032,92 @@ BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
.opaque = opaque,
};
- ctx = bdrv_child_get_parent_aio_context(child);
-
- /* If the AioContexts don't match, first try to move the subtree of
+ /*
+ * If the AioContexts don't match, first try to move the subtree of
* child_bs into the AioContext of the new parent. If this doesn't work,
- * try moving the parent into the AioContext of child_bs instead. */
- if (bdrv_get_aio_context(child_bs) != ctx) {
- ret = bdrv_try_set_aio_context(child_bs, ctx, &local_err);
+ * try moving the parent into the AioContext of child_bs instead.
+ */
+ parent_ctx = bdrv_child_get_parent_aio_context(new_child);
+ if (child_ctx != parent_ctx) {
+ Error *local_err = NULL;
+ int ret = bdrv_try_set_aio_context(child_bs, parent_ctx, &local_err);
+
if (ret < 0 && child_class->can_set_aio_ctx) {
- GSList *ignore = g_slist_prepend(NULL, child);
- ctx = bdrv_get_aio_context(child_bs);
- if (child_class->can_set_aio_ctx(child, ctx, &ignore, NULL)) {
+ GSList *ignore = g_slist_prepend(NULL, new_child);
+ if (child_class->can_set_aio_ctx(new_child, child_ctx, &ignore,
+ NULL))
+ {
error_free(local_err);
ret = 0;
g_slist_free(ignore);
- ignore = g_slist_prepend(NULL, child);
- child_class->set_aio_ctx(child, ctx, &ignore);
+ ignore = g_slist_prepend(NULL, new_child);
+ child_class->set_aio_ctx(new_child, child_ctx, &ignore);
}
g_slist_free(ignore);
}
+
if (ret < 0) {
error_propagate(errp, local_err);
- g_free(child);
- bdrv_abort_perm_update(child_bs);
- bdrv_unref(child_bs);
- return NULL;
+ bdrv_remove_empty_child(new_child);
+ return ret;
}
}
- /* This performs the matching bdrv_set_perm() for the above check. */
- bdrv_replace_child(child, child_bs);
+ bdrv_ref(child_bs);
+ bdrv_replace_child_noperm(new_child, child_bs);
+ *child = new_child;
+
+ BdrvAttachChildCommonState *s = g_new(BdrvAttachChildCommonState, 1);
+ *s = (BdrvAttachChildCommonState) {
+ .child = child,
+ .old_parent_ctx = parent_ctx,
+ .old_child_ctx = child_ctx,
+ };
+ tran_add(tran, &bdrv_attach_child_common_drv, s);
+
+ return 0;
+}
+
+static void bdrv_detach_child(BdrvChild *child)
+{
+ bdrv_replace_child(child, NULL);
+ bdrv_remove_empty_child(child);
+}
+
+/*
+ * This function steals the reference to child_bs from the caller.
+ * That reference is later dropped by bdrv_root_unref_child().
+ *
+ * On failure NULL is returned, errp is set and the reference to
+ * child_bs is also dropped.
+ *
+ * The caller must hold the AioContext lock @child_bs, but not that of @ctx
+ * (unless @child_bs is already in @ctx).
+ */
+BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
+ const char *child_name,
+ const BdrvChildClass *child_class,
+ BdrvChildRole child_role,
+ uint64_t perm, uint64_t shared_perm,
+ void *opaque, Error **errp)
+{
+ int ret;
+ BdrvChild *child = NULL;
+ Transaction *tran = tran_new();
+
+ ret = bdrv_attach_child_common(child_bs, child_name, child_class,
+ child_role, perm, shared_perm, opaque,
+ &child, tran, errp);
+ if (ret < 0) {
+ bdrv_unref(child_bs);
+ return NULL;
+ }
+
+ ret = bdrv_refresh_perms(child_bs, errp);
+ tran_finalize(tran, ret);
+
+ bdrv_unref(child_bs);
return child;
}
@@ -3067,16 +3159,6 @@ BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs,
return child;
}
-static void bdrv_detach_child(BdrvChild *child)
-{
- QLIST_SAFE_REMOVE(child, next);
-
- bdrv_replace_child(child, NULL);
-
- g_free(child->name);
- g_free(child);
-}
-
/* Callers must ensure that child->frozen is false. */
void bdrv_root_unref_child(BdrvChild *child)
{
diff --git a/tests/qemu-iotests/tests/qsd-jobs.out b/tests/qemu-iotests/tests/qsd-jobs.out
index 5f41491e05..9f52255da8 100644
--- a/tests/qemu-iotests/tests/qsd-jobs.out
+++ b/tests/qemu-iotests/tests/qsd-jobs.out
@@ -16,7 +16,7 @@ QMP_VERSION
{"return": {}}
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "JOB_STATUS_CHANGE", "data": {"status": "created", "id": "job0"}}
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "JOB_STATUS_CHANGE", "data": {"status": "null", "id": "job0"}}
-{"error": {"class": "GenericError", "desc": "Conflicts with use by a block device as 'root', which uses 'write' on fmt_base"}}
+{"error": {"class": "GenericError", "desc": "Conflicts with use by stream job 'job0' as 'intermediate node', which does not allow 'write' on fmt_base"}}
{"return": {}}
{"timestamp": {"seconds": TIMESTAMP, "microseconds": TIMESTAMP}, "event": "BLOCK_EXPORT_DELETED", "data": {"id": "export1"}}
*** done
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 19/39] block: add bdrv_attach_child_noperm() transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (17 preceding siblings ...)
2021-04-30 10:51 ` [PULL 18/39] block: add bdrv_attach_child_common() transaction action Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 20/39] block: split out bdrv_replace_node_noperm() Kevin Wolf
` (20 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Split no-perm part of bdrv_attach_child as separate transaction action.
It will be used in later commits.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-20-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++-----------
1 file changed, 58 insertions(+), 13 deletions(-)
diff --git a/block.c b/block.c
index 4d5c60f2ae..c74e6e7cc1 100644
--- a/block.c
+++ b/block.c
@@ -85,6 +85,14 @@ static BlockDriverState *bdrv_open_inherit(const char *filename,
static void bdrv_replace_child_noperm(BdrvChild *child,
BlockDriverState *new_bs);
+static int bdrv_attach_child_noperm(BlockDriverState *parent_bs,
+ BlockDriverState *child_bs,
+ const char *child_name,
+ const BdrvChildClass *child_class,
+ BdrvChildRole child_role,
+ BdrvChild **child,
+ Transaction *tran,
+ Error **errp);
static int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue
*queue, Error **errp);
@@ -3079,6 +3087,40 @@ static int bdrv_attach_child_common(BlockDriverState *child_bs,
return 0;
}
+static int bdrv_attach_child_noperm(BlockDriverState *parent_bs,
+ BlockDriverState *child_bs,
+ const char *child_name,
+ const BdrvChildClass *child_class,
+ BdrvChildRole child_role,
+ BdrvChild **child,
+ Transaction *tran,
+ Error **errp)
+{
+ int ret;
+ uint64_t perm, shared_perm;
+
+ assert(parent_bs->drv);
+
+ bdrv_get_cumulative_perm(parent_bs, &perm, &shared_perm);
+ bdrv_child_perm(parent_bs, child_bs, NULL, child_role, NULL,
+ perm, shared_perm, &perm, &shared_perm);
+
+ ret = bdrv_attach_child_common(child_bs, child_name, child_class,
+ child_role, perm, shared_perm, parent_bs,
+ child, tran, errp);
+ if (ret < 0) {
+ return ret;
+ }
+
+ QLIST_INSERT_HEAD(&parent_bs->children, *child, next);
+ /*
+ * child is removed in bdrv_attach_child_common_abort(), so don't care to
+ * abort this change separately.
+ */
+
+ return 0;
+}
+
static void bdrv_detach_child(BdrvChild *child)
{
bdrv_replace_child(child, NULL);
@@ -3139,23 +3181,26 @@ BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs,
BdrvChildRole child_role,
Error **errp)
{
- BdrvChild *child;
- uint64_t perm, shared_perm;
-
- bdrv_get_cumulative_perm(parent_bs, &perm, &shared_perm);
+ int ret;
+ BdrvChild *child = NULL;
+ Transaction *tran = tran_new();
- assert(parent_bs->drv);
- bdrv_child_perm(parent_bs, child_bs, NULL, child_role, NULL,
- perm, shared_perm, &perm, &shared_perm);
+ ret = bdrv_attach_child_noperm(parent_bs, child_bs, child_name, child_class,
+ child_role, &child, tran, errp);
+ if (ret < 0) {
+ goto out;
+ }
- child = bdrv_root_attach_child(child_bs, child_name, child_class,
- child_role, perm, shared_perm, parent_bs,
- errp);
- if (child == NULL) {
- return NULL;
+ ret = bdrv_refresh_perms(parent_bs, errp);
+ if (ret < 0) {
+ goto out;
}
- QLIST_INSERT_HEAD(&parent_bs->children, child, next);
+out:
+ tran_finalize(tran, ret);
+
+ bdrv_unref(child_bs);
+
return child;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 20/39] block: split out bdrv_replace_node_noperm()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (18 preceding siblings ...)
2021-04-30 10:51 ` [PULL 19/39] block: add bdrv_attach_child_noperm() " Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 21/39] block: adapt bdrv_append() for inserting filters Kevin Wolf
` (19 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Split part of bdrv_replace_node_common() to be used separately.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-21-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 50 +++++++++++++++++++++++++++++++-------------------
1 file changed, 31 insertions(+), 19 deletions(-)
diff --git a/block.c b/block.c
index c74e6e7cc1..9283c8d97b 100644
--- a/block.c
+++ b/block.c
@@ -4991,6 +4991,34 @@ static bool should_update_child(BdrvChild *c, BlockDriverState *to)
return ret;
}
+static int bdrv_replace_node_noperm(BlockDriverState *from,
+ BlockDriverState *to,
+ bool auto_skip, Transaction *tran,
+ Error **errp)
+{
+ BdrvChild *c, *next;
+
+ QLIST_FOREACH_SAFE(c, &from->parents, next_parent, next) {
+ assert(c->bs == from);
+ if (!should_update_child(c, to)) {
+ if (auto_skip) {
+ continue;
+ }
+ error_setg(errp, "Should not change '%s' link to '%s'",
+ c->name, from->node_name);
+ return -EINVAL;
+ }
+ if (c->frozen) {
+ error_setg(errp, "Cannot change '%s' link to '%s'",
+ c->name, from->node_name);
+ return -EPERM;
+ }
+ bdrv_replace_child_safe(c, to, tran);
+ }
+
+ return 0;
+}
+
/*
* With auto_skip=true bdrv_replace_node_common skips updating from parents
* if it creates a parent-child relation loop or if parent is block-job.
@@ -5002,7 +5030,6 @@ static int bdrv_replace_node_common(BlockDriverState *from,
BlockDriverState *to,
bool auto_skip, Error **errp)
{
- BdrvChild *c, *next;
Transaction *tran = tran_new();
g_autoptr(GHashTable) found = NULL;
g_autoptr(GSList) refresh_list = NULL;
@@ -5022,24 +5049,9 @@ static int bdrv_replace_node_common(BlockDriverState *from,
* permissions based on new graph. If we fail, we'll roll-back the
* replacement.
*/
- QLIST_FOREACH_SAFE(c, &from->parents, next_parent, next) {
- assert(c->bs == from);
- if (!should_update_child(c, to)) {
- if (auto_skip) {
- continue;
- }
- ret = -EINVAL;
- error_setg(errp, "Should not change '%s' link to '%s'",
- c->name, from->node_name);
- goto out;
- }
- if (c->frozen) {
- ret = -EPERM;
- error_setg(errp, "Cannot change '%s' link to '%s'",
- c->name, from->node_name);
- goto out;
- }
- bdrv_replace_child_safe(c, to, tran);
+ ret = bdrv_replace_node_noperm(from, to, auto_skip, tran, errp);
+ if (ret < 0) {
+ goto out;
}
found = g_hash_table_new(NULL, NULL);
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 21/39] block: adapt bdrv_append() for inserting filters
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (19 preceding siblings ...)
2021-04-30 10:51 ` [PULL 20/39] block: split out bdrv_replace_node_noperm() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 22/39] block: add bdrv_remove_filter_or_cow transaction action Kevin Wolf
` (18 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
bdrv_append is not very good for inserting filters: it does extra
permission update as part of bdrv_set_backing_hd(). During this update
filter may conflict with other parents of top_bs.
Instead, let's first do all graph modifications and after it update
permissions.
append-greedy-filter test-case in test-bdrv-graph-mod is now works, so
move it out of debug option.
Note: bdrv_append() is still only works for backing-child based
filters. It's something to improve later.
Note2: we use the fact that bdrv_append() is used to append new nodes,
without backing child, so we don't need frozen check and inherits_from
logic from bdrv_set_backing_hd().
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-22-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 27 ++++++++++++++++++++-------
tests/unit/test-bdrv-graph-mod.c | 17 ++---------------
2 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/block.c b/block.c
index 9283c8d97b..5bb6a2bef9 100644
--- a/block.c
+++ b/block.c
@@ -5088,25 +5088,38 @@ int bdrv_replace_node(BlockDriverState *from, BlockDriverState *to,
* This will modify the BlockDriverState fields, and swap contents
* between bs_new and bs_top. Both bs_new and bs_top are modified.
*
- * bs_new must not be attached to a BlockBackend.
+ * bs_new must not be attached to a BlockBackend and must not have backing
+ * child.
*
* This function does not create any image files.
*/
int bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top,
Error **errp)
{
- int ret = bdrv_set_backing_hd(bs_new, bs_top, errp);
+ int ret;
+ Transaction *tran = tran_new();
+
+ assert(!bs_new->backing);
+
+ ret = bdrv_attach_child_noperm(bs_new, bs_top, "backing",
+ &child_of_bds, bdrv_backing_role(bs_new),
+ &bs_new->backing, tran, errp);
if (ret < 0) {
- return ret;
+ goto out;
}
- ret = bdrv_replace_node(bs_top, bs_new, errp);
+ ret = bdrv_replace_node_noperm(bs_top, bs_new, true, tran, errp);
if (ret < 0) {
- bdrv_set_backing_hd(bs_new, NULL, &error_abort);
- return ret;
+ goto out;
}
- return 0;
+ ret = bdrv_refresh_perms(bs_new, errp);
+out:
+ tran_finalize(tran, ret);
+
+ bdrv_refresh_limits(bs_top, NULL);
+
+ return ret;
}
static void bdrv_delete(BlockDriverState *bs)
diff --git a/tests/unit/test-bdrv-graph-mod.c b/tests/unit/test-bdrv-graph-mod.c
index 7b3c8b437a..88f25c0cdb 100644
--- a/tests/unit/test-bdrv-graph-mod.c
+++ b/tests/unit/test-bdrv-graph-mod.c
@@ -388,16 +388,6 @@ static void test_append_greedy_filter(void)
int main(int argc, char *argv[])
{
- int i;
- bool debug = false;
-
- for (i = 1; i < argc; i++) {
- if (!strcmp(argv[i], "-d")) {
- debug = true;
- break;
- }
- }
-
bdrv_init();
qemu_init_main_loop(&error_abort);
@@ -410,11 +400,8 @@ int main(int argc, char *argv[])
test_parallel_perm_update);
g_test_add_func("/bdrv-graph-mod/parallel-exclusive-write",
test_parallel_exclusive_write);
-
- if (debug) {
- g_test_add_func("/bdrv-graph-mod/append-greedy-filter",
- test_append_greedy_filter);
- }
+ g_test_add_func("/bdrv-graph-mod/append-greedy-filter",
+ test_append_greedy_filter);
return g_test_run();
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 22/39] block: add bdrv_remove_filter_or_cow transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (20 preceding siblings ...)
2021-04-30 10:51 ` [PULL 21/39] block: adapt bdrv_append() for inserting filters Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 23/39] block: introduce bdrv_drop_filter() Kevin Wolf
` (17 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-23-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 84 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 82 insertions(+), 2 deletions(-)
diff --git a/block.c b/block.c
index 5bb6a2bef9..2ea9cc110d 100644
--- a/block.c
+++ b/block.c
@@ -2963,12 +2963,19 @@ static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs)
}
}
+static void bdrv_child_free(void *opaque)
+{
+ BdrvChild *c = opaque;
+
+ g_free(c->name);
+ g_free(c);
+}
+
static void bdrv_remove_empty_child(BdrvChild *child)
{
assert(!child->bs);
QLIST_SAFE_REMOVE(child, next);
- g_free(child->name);
- g_free(child);
+ bdrv_child_free(child);
}
typedef struct BdrvAttachChildCommonState {
@@ -4991,6 +4998,79 @@ static bool should_update_child(BdrvChild *c, BlockDriverState *to)
return ret;
}
+typedef struct BdrvRemoveFilterOrCowChild {
+ BdrvChild *child;
+ bool is_backing;
+} BdrvRemoveFilterOrCowChild;
+
+static void bdrv_remove_filter_or_cow_child_abort(void *opaque)
+{
+ BdrvRemoveFilterOrCowChild *s = opaque;
+ BlockDriverState *parent_bs = s->child->opaque;
+
+ QLIST_INSERT_HEAD(&parent_bs->children, s->child, next);
+ if (s->is_backing) {
+ parent_bs->backing = s->child;
+ } else {
+ parent_bs->file = s->child;
+ }
+
+ /*
+ * We don't have to restore child->bs here to undo bdrv_replace_child()
+ * because that function is transactionable and it registered own completion
+ * entries in @tran, so .abort() for bdrv_replace_child_safe() will be
+ * called automatically.
+ */
+}
+
+static void bdrv_remove_filter_or_cow_child_commit(void *opaque)
+{
+ BdrvRemoveFilterOrCowChild *s = opaque;
+
+ bdrv_child_free(s->child);
+}
+
+static TransactionActionDrv bdrv_remove_filter_or_cow_child_drv = {
+ .abort = bdrv_remove_filter_or_cow_child_abort,
+ .commit = bdrv_remove_filter_or_cow_child_commit,
+ .clean = g_free,
+};
+
+/*
+ * A function to remove backing-chain child of @bs if exists: cow child for
+ * format nodes (always .backing) and filter child for filters (may be .file or
+ * .backing)
+ */
+__attribute__((unused))
+static void bdrv_remove_filter_or_cow_child(BlockDriverState *bs,
+ Transaction *tran)
+{
+ BdrvRemoveFilterOrCowChild *s;
+ BdrvChild *child = bdrv_filter_or_cow_child(bs);
+
+ if (!child) {
+ return;
+ }
+
+ if (child->bs) {
+ bdrv_replace_child_safe(child, NULL, tran);
+ }
+
+ s = g_new(BdrvRemoveFilterOrCowChild, 1);
+ *s = (BdrvRemoveFilterOrCowChild) {
+ .child = child,
+ .is_backing = (child == bs->backing),
+ };
+ tran_add(tran, &bdrv_remove_filter_or_cow_child_drv, s);
+
+ QLIST_SAFE_REMOVE(child, next);
+ if (s->is_backing) {
+ bs->backing = NULL;
+ } else {
+ bs->file = NULL;
+ }
+}
+
static int bdrv_replace_node_noperm(BlockDriverState *from,
BlockDriverState *to,
bool auto_skip, Transaction *tran,
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 23/39] block: introduce bdrv_drop_filter()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (21 preceding siblings ...)
2021-04-30 10:51 ` [PULL 22/39] block: add bdrv_remove_filter_or_cow transaction action Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 24/39] block/backup-top: drop .active Kevin Wolf
` (16 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Using bdrv_replace_node() for removing filter is not good enough: it
keeps child reference of the filter, which may conflict with original
top node during permission update.
Instead let's create new interface, which will do all graph
modifications first and then update permissions.
Let's modify bdrv_replace_node_common(), allowing it additionally drop
backing chain child link pointing to new node. This is quite
appropriate for bdrv_drop_intermediate() and makes possible to add
new bdrv_drop_filter() as a simple wrapper.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-24-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block.h | 1 +
block.c | 43 +++++++++++++++++++++++++++++++++++++++----
2 files changed, 40 insertions(+), 4 deletions(-)
diff --git a/include/block/block.h b/include/block/block.h
index 16e496a5c4..85481a05c6 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -362,6 +362,7 @@ int bdrv_replace_node(BlockDriverState *from, BlockDriverState *to,
Error **errp);
BlockDriverState *bdrv_insert_node(BlockDriverState *bs, QDict *node_options,
int flags, Error **errp);
+int bdrv_drop_filter(BlockDriverState *bs, Error **errp);
int bdrv_parse_aio(const char *mode, int *flags);
int bdrv_parse_cache_mode(const char *mode, int *flags, bool *writethrough);
diff --git a/block.c b/block.c
index 2ea9cc110d..68dfd822dd 100644
--- a/block.c
+++ b/block.c
@@ -5041,7 +5041,6 @@ static TransactionActionDrv bdrv_remove_filter_or_cow_child_drv = {
* format nodes (always .backing) and filter child for filters (may be .file or
* .backing)
*/
-__attribute__((unused))
static void bdrv_remove_filter_or_cow_child(BlockDriverState *bs,
Transaction *tran)
{
@@ -5105,16 +5104,32 @@ static int bdrv_replace_node_noperm(BlockDriverState *from,
*
* With auto_skip=false the error is returned if from has a parent which should
* not be updated.
+ *
+ * With @detach_subchain=true @to must be in a backing chain of @from. In this
+ * case backing link of the cow-parent of @to is removed.
*/
static int bdrv_replace_node_common(BlockDriverState *from,
BlockDriverState *to,
- bool auto_skip, Error **errp)
+ bool auto_skip, bool detach_subchain,
+ Error **errp)
{
Transaction *tran = tran_new();
g_autoptr(GHashTable) found = NULL;
g_autoptr(GSList) refresh_list = NULL;
+ BlockDriverState *to_cow_parent;
int ret;
+ if (detach_subchain) {
+ assert(bdrv_chain_contains(from, to));
+ assert(from != to);
+ for (to_cow_parent = from;
+ bdrv_filter_or_cow_bs(to_cow_parent) != to;
+ to_cow_parent = bdrv_filter_or_cow_bs(to_cow_parent))
+ {
+ ;
+ }
+ }
+
/* Make sure that @from doesn't go away until we have successfully attached
* all of its parents to @to. */
bdrv_ref(from);
@@ -5134,6 +5149,10 @@ static int bdrv_replace_node_common(BlockDriverState *from,
goto out;
}
+ if (detach_subchain) {
+ bdrv_remove_filter_or_cow_child(to_cow_parent, tran);
+ }
+
found = g_hash_table_new(NULL, NULL);
refresh_list = bdrv_topological_dfs(refresh_list, found, to);
@@ -5158,7 +5177,13 @@ out:
int bdrv_replace_node(BlockDriverState *from, BlockDriverState *to,
Error **errp)
{
- return bdrv_replace_node_common(from, to, true, errp);
+ return bdrv_replace_node_common(from, to, true, false, errp);
+}
+
+int bdrv_drop_filter(BlockDriverState *bs, Error **errp)
+{
+ return bdrv_replace_node_common(bs, bdrv_filter_or_cow_bs(bs), true, true,
+ errp);
}
/*
@@ -5493,7 +5518,17 @@ int bdrv_drop_intermediate(BlockDriverState *top, BlockDriverState *base,
updated_children = g_slist_prepend(updated_children, c);
}
- bdrv_replace_node_common(top, base, false, &local_err);
+ /*
+ * It seems correct to pass detach_subchain=true here, but it triggers
+ * one more yet not fixed bug, when due to nested aio_poll loop we switch to
+ * another drained section, which modify the graph (for example, removing
+ * the child, which we keep in updated_children list). So, it's a TODO.
+ *
+ * Note, bug triggered if pass detach_subchain=true here and run
+ * test-bdrv-drain. test_drop_intermediate_poll() test-case will crash.
+ * That's a FIXME.
+ */
+ bdrv_replace_node_common(top, base, false, false, &local_err);
if (local_err) {
error_report_err(local_err);
goto exit;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 24/39] block/backup-top: drop .active
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (22 preceding siblings ...)
2021-04-30 10:51 ` [PULL 23/39] block: introduce bdrv_drop_filter() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 25/39] block: drop ignore_children for permission update functions Kevin Wolf
` (15 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
We don't need this workaround anymore: bdrv_append is already smart
enough and we can use new bdrv_drop_filter().
This commit efficiently reverts also recent 705dde27c6c53b73, which
checked .active on io path. Still it said that the problem should be
theoretical. And the logic of filter removement is changed anyway.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-25-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block/backup-top.c | 47 +-------------------------------------
tests/qemu-iotests/283.out | 2 +-
2 files changed, 2 insertions(+), 47 deletions(-)
diff --git a/block/backup-top.c b/block/backup-top.c
index 62d09f213e..425e3778be 100644
--- a/block/backup-top.c
+++ b/block/backup-top.c
@@ -37,7 +37,6 @@
typedef struct BDRVBackupTopState {
BlockCopyState *bcs;
BdrvChild *target;
- bool active;
int64_t cluster_size;
} BDRVBackupTopState;
@@ -45,12 +44,6 @@ static coroutine_fn int backup_top_co_preadv(
BlockDriverState *bs, uint64_t offset, uint64_t bytes,
QEMUIOVector *qiov, int flags)
{
- BDRVBackupTopState *s = bs->opaque;
-
- if (!s->active) {
- return -EIO;
- }
-
return bdrv_co_preadv(bs->backing, offset, bytes, qiov, flags);
}
@@ -60,10 +53,6 @@ static coroutine_fn int backup_top_cbw(BlockDriverState *bs, uint64_t offset,
BDRVBackupTopState *s = bs->opaque;
uint64_t off, end;
- if (!s->active) {
- return -EIO;
- }
-
if (flags & BDRV_REQ_WRITE_UNCHANGED) {
return 0;
}
@@ -137,21 +126,6 @@ static void backup_top_child_perm(BlockDriverState *bs, BdrvChild *c,
uint64_t perm, uint64_t shared,
uint64_t *nperm, uint64_t *nshared)
{
- BDRVBackupTopState *s = bs->opaque;
-
- if (!s->active) {
- /*
- * The filter node may be in process of bdrv_append(), which firstly do
- * bdrv_set_backing_hd() and then bdrv_replace_node(). This means that
- * we can't unshare BLK_PERM_WRITE during bdrv_append() operation. So,
- * let's require nothing during bdrv_append() and refresh permissions
- * after it (see bdrv_backup_top_append()).
- */
- *nperm = 0;
- *nshared = BLK_PERM_ALL;
- return;
- }
-
if (!(role & BDRV_CHILD_FILTERED)) {
/*
* Target child
@@ -241,17 +215,6 @@ BlockDriverState *bdrv_backup_top_append(BlockDriverState *source,
}
appended = true;
- /*
- * bdrv_append() finished successfully, now we can require permissions
- * we want.
- */
- state->active = true;
- ret = bdrv_child_refresh_perms(top, top->backing, errp);
- if (ret < 0) {
- error_prepend(errp, "Cannot set permissions for backup-top filter: ");
- goto fail;
- }
-
state->cluster_size = cluster_size;
state->bcs = block_copy_state_new(top->backing, state->target,
cluster_size, perf->use_copy_range,
@@ -268,7 +231,6 @@ BlockDriverState *bdrv_backup_top_append(BlockDriverState *source,
fail:
if (appended) {
- state->active = false;
bdrv_backup_top_drop(top);
} else {
bdrv_unref(top);
@@ -283,16 +245,9 @@ void bdrv_backup_top_drop(BlockDriverState *bs)
{
BDRVBackupTopState *s = bs->opaque;
- bdrv_drained_begin(bs);
+ bdrv_drop_filter(bs, &error_abort);
block_copy_state_free(s->bcs);
- s->active = false;
- bdrv_child_refresh_perms(bs, bs->backing, &error_abort);
- bdrv_replace_node(bs, bs->backing->bs, &error_abort);
- bdrv_set_backing_hd(bs, NULL, &error_abort);
-
- bdrv_drained_end(bs);
-
bdrv_unref(bs);
}
diff --git a/tests/qemu-iotests/283.out b/tests/qemu-iotests/283.out
index 73eb75102f..97e62a4c94 100644
--- a/tests/qemu-iotests/283.out
+++ b/tests/qemu-iotests/283.out
@@ -5,7 +5,7 @@
{"execute": "blockdev-add", "arguments": {"driver": "blkdebug", "image": "base", "node-name": "other", "take-child-perms": ["write"]}}
{"return": {}}
{"execute": "blockdev-backup", "arguments": {"device": "source", "sync": "full", "target": "target"}}
-{"error": {"class": "GenericError", "desc": "Cannot set permissions for backup-top filter: Conflicts with use by source as 'image', which does not allow 'write' on base"}}
+{"error": {"class": "GenericError", "desc": "Cannot append backup-top filter: Conflicts with use by source as 'image', which does not allow 'write' on base"}}
=== backup-top should be gone after job-finalize ===
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 25/39] block: drop ignore_children for permission update functions
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (23 preceding siblings ...)
2021-04-30 10:51 ` [PULL 24/39] block/backup-top: drop .active Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 26/39] block: make bdrv_unset_inherits_from to be a transaction action Kevin Wolf
` (14 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
This argument is always NULL. Drop it.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-26-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 38 +++++++++++---------------------------
1 file changed, 11 insertions(+), 27 deletions(-)
diff --git a/block.c b/block.c
index 68dfd822dd..46af5852ab 100644
--- a/block.c
+++ b/block.c
@@ -1988,7 +1988,6 @@ static int bdrv_fill_options(QDict **options, const char *filename,
static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
uint64_t new_used_perm,
uint64_t new_shared_perm,
- GSList *ignore_children,
Error **errp);
typedef struct BlockReopenQueueEntry {
@@ -2065,9 +2064,7 @@ static bool bdrv_a_allow_b(BdrvChild *a, BdrvChild *b, Error **errp)
return false;
}
-static bool bdrv_parent_perms_conflict(BlockDriverState *bs,
- GSList *ignore_children,
- Error **errp)
+static bool bdrv_parent_perms_conflict(BlockDriverState *bs, Error **errp)
{
BdrvChild *a, *b;
@@ -2077,12 +2074,8 @@ static bool bdrv_parent_perms_conflict(BlockDriverState *bs,
* directions.
*/
QLIST_FOREACH(a, &bs->parents, next_parent) {
- if (g_slist_find(ignore_children, a)) {
- continue;
- }
-
QLIST_FOREACH(b, &bs->parents, next_parent) {
- if (a == b || g_slist_find(ignore_children, b)) {
+ if (a == b) {
continue;
}
@@ -2310,7 +2303,6 @@ static void bdrv_replace_child_safe(BdrvChild *child, BlockDriverState *new_bs,
static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
uint64_t cumulative_perms,
uint64_t cumulative_shared_perms,
- GSList *ignore_children,
Transaction *tran, Error **errp)
{
BlockDriver *drv = bs->drv;
@@ -2393,7 +2385,6 @@ static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
bool use_cumulative_perms,
uint64_t cumulative_perms,
uint64_t cumulative_shared_perms,
- GSList *ignore_children,
Transaction *tran, Error **errp)
{
int ret;
@@ -2404,7 +2395,7 @@ static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
ret = bdrv_node_check_perm(bs, q, cumulative_perms,
cumulative_shared_perms,
- ignore_children, tran, errp);
+ tran, errp);
if (ret < 0) {
return ret;
}
@@ -2415,7 +2406,7 @@ static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
for ( ; list; list = list->next) {
bs = list->data;
- if (bdrv_parent_perms_conflict(bs, ignore_children, errp)) {
+ if (bdrv_parent_perms_conflict(bs, errp)) {
return -EINVAL;
}
@@ -2424,7 +2415,7 @@ static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
ret = bdrv_node_check_perm(bs, q, cumulative_perms,
cumulative_shared_perms,
- ignore_children, tran, errp);
+ tran, errp);
if (ret < 0) {
return ret;
}
@@ -2435,19 +2426,17 @@ static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
uint64_t cumulative_perms,
- uint64_t cumulative_shared_perms,
- GSList *ignore_children, Error **errp)
+ uint64_t cumulative_shared_perms, Error **errp)
{
g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
return bdrv_check_perm_common(list, q, true, cumulative_perms,
- cumulative_shared_perms, ignore_children,
- NULL, errp);
+ cumulative_shared_perms, NULL, errp);
}
static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
Transaction *tran, Error **errp)
{
- return bdrv_check_perm_common(list, q, false, 0, 0, NULL, tran, errp);
+ return bdrv_check_perm_common(list, q, false, 0, 0, tran, errp);
}
/*
@@ -2576,7 +2565,6 @@ char *bdrv_perm_names(uint64_t perm)
static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
uint64_t new_used_perm,
uint64_t new_shared_perm,
- GSList *ignore_children,
Error **errp)
{
BdrvChild *c;
@@ -2588,10 +2576,6 @@ static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
assert(new_shared_perm & BLK_PERM_WRITE_UNCHANGED);
QLIST_FOREACH(c, &bs->parents, next_parent) {
- if (g_slist_find(ignore_children, c)) {
- continue;
- }
-
if ((new_used_perm & c->shared_perm) != new_used_perm) {
char *user = bdrv_child_user_desc(c);
char *perm_names = bdrv_perm_names(new_used_perm & ~c->shared_perm);
@@ -2621,7 +2605,7 @@ static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
}
return bdrv_check_perm(bs, q, cumulative_perms, cumulative_shared_perms,
- ignore_children, errp);
+ errp);
}
static int bdrv_refresh_perms(BlockDriverState *bs, Error **errp)
@@ -4244,7 +4228,7 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
QTAILQ_FOREACH(bs_entry, bs_queue, entry) {
BDRVReopenState *state = &bs_entry->state;
ret = bdrv_check_perm(state->bs, bs_queue, state->perm,
- state->shared_perm, NULL, errp);
+ state->shared_perm, errp);
if (ret < 0) {
goto cleanup_perm;
}
@@ -4256,7 +4240,7 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
bs_queue, state->perm, state->shared_perm,
&nperm, &nshared);
ret = bdrv_check_update_perm(state->new_backing_bs, NULL,
- nperm, nshared, NULL, errp);
+ nperm, nshared, errp);
if (ret < 0) {
goto cleanup_perm;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 26/39] block: make bdrv_unset_inherits_from to be a transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (24 preceding siblings ...)
2021-04-30 10:51 ` [PULL 25/39] block: drop ignore_children for permission update functions Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 27/39] block: make bdrv_refresh_limits() " Kevin Wolf
` (13 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
To be used in the further commit.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-27-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 46 ++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 42 insertions(+), 4 deletions(-)
diff --git a/block.c b/block.c
index 46af5852ab..1dc14908ac 100644
--- a/block.c
+++ b/block.c
@@ -3205,11 +3205,49 @@ void bdrv_root_unref_child(BdrvChild *child)
bdrv_unref(child_bs);
}
+typedef struct BdrvSetInheritsFrom {
+ BlockDriverState *bs;
+ BlockDriverState *old_inherits_from;
+} BdrvSetInheritsFrom;
+
+static void bdrv_set_inherits_from_abort(void *opaque)
+{
+ BdrvSetInheritsFrom *s = opaque;
+
+ s->bs->inherits_from = s->old_inherits_from;
+}
+
+static TransactionActionDrv bdrv_set_inherits_from_drv = {
+ .abort = bdrv_set_inherits_from_abort,
+ .clean = g_free,
+};
+
+/* @tran is allowed to be NULL. In this case no rollback is possible */
+static void bdrv_set_inherits_from(BlockDriverState *bs,
+ BlockDriverState *new_inherits_from,
+ Transaction *tran)
+{
+ if (tran) {
+ BdrvSetInheritsFrom *s = g_new(BdrvSetInheritsFrom, 1);
+
+ *s = (BdrvSetInheritsFrom) {
+ .bs = bs,
+ .old_inherits_from = bs->inherits_from,
+ };
+
+ tran_add(tran, &bdrv_set_inherits_from_drv, s);
+ }
+
+ bs->inherits_from = new_inherits_from;
+}
+
/**
* Clear all inherits_from pointers from children and grandchildren of
* @root that point to @root, where necessary.
+ * @tran is allowed to be NULL. In this case no rollback is possible
*/
-static void bdrv_unset_inherits_from(BlockDriverState *root, BdrvChild *child)
+static void bdrv_unset_inherits_from(BlockDriverState *root, BdrvChild *child,
+ Transaction *tran)
{
BdrvChild *c;
@@ -3224,12 +3262,12 @@ static void bdrv_unset_inherits_from(BlockDriverState *root, BdrvChild *child)
}
}
if (c == NULL) {
- child->bs->inherits_from = NULL;
+ bdrv_set_inherits_from(child->bs, NULL, tran);
}
}
QLIST_FOREACH(c, &child->bs->children, next) {
- bdrv_unset_inherits_from(root, c);
+ bdrv_unset_inherits_from(root, c, tran);
}
}
@@ -3240,7 +3278,7 @@ void bdrv_unref_child(BlockDriverState *parent, BdrvChild *child)
return;
}
- bdrv_unset_inherits_from(parent, child);
+ bdrv_unset_inherits_from(parent, child, NULL);
bdrv_root_unref_child(child);
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 27/39] block: make bdrv_refresh_limits() to be a transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (25 preceding siblings ...)
2021-04-30 10:51 ` [PULL 26/39] block: make bdrv_unset_inherits_from to be a transaction action Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 28/39] block: add bdrv_set_backing_noperm() " Kevin Wolf
` (12 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
To be used in further commit.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-28-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block.h | 3 ++-
block.c | 9 ++++-----
block/io.c | 31 +++++++++++++++++++++++++++++--
3 files changed, 35 insertions(+), 8 deletions(-)
diff --git a/include/block/block.h b/include/block/block.h
index 85481a05c6..ad38259c91 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -9,6 +9,7 @@
#include "block/dirty-bitmap.h"
#include "block/blockjob.h"
#include "qemu/hbitmap.h"
+#include "qemu/transactions.h"
/*
* generated_co_wrapper
@@ -421,7 +422,7 @@ int64_t bdrv_get_allocated_file_size(BlockDriverState *bs);
BlockMeasureInfo *bdrv_measure(BlockDriver *drv, QemuOpts *opts,
BlockDriverState *in_bs, Error **errp);
void bdrv_get_geometry(BlockDriverState *bs, uint64_t *nb_sectors_ptr);
-void bdrv_refresh_limits(BlockDriverState *bs, Error **errp);
+void bdrv_refresh_limits(BlockDriverState *bs, Transaction *tran, Error **errp);
int bdrv_commit(BlockDriverState *bs);
int bdrv_make_empty(BdrvChild *c, Error **errp);
int bdrv_change_backing_file(BlockDriverState *bs, const char *backing_file,
diff --git a/block.c b/block.c
index 1dc14908ac..9922943793 100644
--- a/block.c
+++ b/block.c
@@ -49,7 +49,6 @@
#include "qemu/timer.h"
#include "qemu/cutils.h"
#include "qemu/id.h"
-#include "qemu/transactions.h"
#include "block/coroutines.h"
#ifdef CONFIG_BSD
@@ -1577,7 +1576,7 @@ static int bdrv_open_driver(BlockDriverState *bs, BlockDriver *drv,
return ret;
}
- bdrv_refresh_limits(bs, &local_err);
+ bdrv_refresh_limits(bs, NULL, &local_err);
if (local_err) {
error_propagate(errp, local_err);
return -EINVAL;
@@ -3363,7 +3362,7 @@ int bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd,
}
out:
- bdrv_refresh_limits(bs, NULL);
+ bdrv_refresh_limits(bs, NULL, NULL);
return ret;
}
@@ -4847,7 +4846,7 @@ static void bdrv_reopen_commit(BDRVReopenState *reopen_state)
bdrv_set_backing_hd(bs, reopen_state->new_backing_bs, &error_abort);
}
- bdrv_refresh_limits(bs, NULL);
+ bdrv_refresh_limits(bs, NULL, NULL);
}
/*
@@ -5244,7 +5243,7 @@ int bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top,
out:
tran_finalize(tran, ret);
- bdrv_refresh_limits(bs_top, NULL);
+ bdrv_refresh_limits(bs_top, NULL, NULL);
return ret;
}
diff --git a/block/io.c b/block/io.c
index ca2dca3007..35b6c56efc 100644
--- a/block/io.c
+++ b/block/io.c
@@ -133,13 +133,40 @@ static void bdrv_merge_limits(BlockLimits *dst, const BlockLimits *src)
dst->max_iov = MIN_NON_ZERO(dst->max_iov, src->max_iov);
}
-void bdrv_refresh_limits(BlockDriverState *bs, Error **errp)
+typedef struct BdrvRefreshLimitsState {
+ BlockDriverState *bs;
+ BlockLimits old_bl;
+} BdrvRefreshLimitsState;
+
+static void bdrv_refresh_limits_abort(void *opaque)
+{
+ BdrvRefreshLimitsState *s = opaque;
+
+ s->bs->bl = s->old_bl;
+}
+
+static TransactionActionDrv bdrv_refresh_limits_drv = {
+ .abort = bdrv_refresh_limits_abort,
+ .clean = g_free,
+};
+
+/* @tran is allowed to be NULL, in this case no rollback is possible. */
+void bdrv_refresh_limits(BlockDriverState *bs, Transaction *tran, Error **errp)
{
ERRP_GUARD();
BlockDriver *drv = bs->drv;
BdrvChild *c;
bool have_limits;
+ if (tran) {
+ BdrvRefreshLimitsState *s = g_new(BdrvRefreshLimitsState, 1);
+ *s = (BdrvRefreshLimitsState) {
+ .bs = bs,
+ .old_bl = bs->bl,
+ };
+ tran_add(tran, &bdrv_refresh_limits_drv, s);
+ }
+
memset(&bs->bl, 0, sizeof(bs->bl));
if (!drv) {
@@ -156,7 +183,7 @@ void bdrv_refresh_limits(BlockDriverState *bs, Error **errp)
QLIST_FOREACH(c, &bs->children, next) {
if (c->role & (BDRV_CHILD_DATA | BDRV_CHILD_FILTERED | BDRV_CHILD_COW))
{
- bdrv_refresh_limits(c->bs, errp);
+ bdrv_refresh_limits(c->bs, tran, errp);
if (*errp) {
return;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 28/39] block: add bdrv_set_backing_noperm() transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (26 preceding siblings ...)
2021-04-30 10:51 ` [PULL 27/39] block: make bdrv_refresh_limits() " Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 29/39] block: bdrv_reopen_multiple(): move bdrv_flush to separate pre-prepare Kevin Wolf
` (11 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Split out no-perm part of bdrv_set_backing_hd() as a separate
transaction action. Note the in case of existing BdrvChild we reuse it,
not recreate, just to do less actions.
We don't need to create extra reference to backing_hd as we don't lose
it in bdrv_attach_child().
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-29-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 54 +++++++++++++++++++++++++++++++++++++-----------------
1 file changed, 37 insertions(+), 17 deletions(-)
diff --git a/block.c b/block.c
index 9922943793..bdfe59d94d 100644
--- a/block.c
+++ b/block.c
@@ -92,6 +92,8 @@ static int bdrv_attach_child_noperm(BlockDriverState *parent_bs,
BdrvChild **child,
Transaction *tran,
Error **errp);
+static void bdrv_remove_filter_or_cow_child(BlockDriverState *bs,
+ Transaction *tran);
static int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue
*queue, Error **errp);
@@ -3322,8 +3324,9 @@ static BdrvChildRole bdrv_backing_role(BlockDriverState *bs)
* Sets the bs->backing link of a BDS. A new reference is created; callers
* which don't need their own reference any more must call bdrv_unref().
*/
-int bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd,
- Error **errp)
+static int bdrv_set_backing_noperm(BlockDriverState *bs,
+ BlockDriverState *backing_hd,
+ Transaction *tran, Error **errp)
{
int ret = 0;
bool update_inherits_from = bdrv_chain_contains(bs, backing_hd) &&
@@ -3333,36 +3336,53 @@ int bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd,
return -EPERM;
}
- if (backing_hd) {
- bdrv_ref(backing_hd);
- }
-
if (bs->backing) {
/* Cannot be frozen, we checked that above */
- bdrv_unref_child(bs, bs->backing);
- bs->backing = NULL;
+ bdrv_unset_inherits_from(bs, bs->backing, tran);
+ bdrv_remove_filter_or_cow_child(bs, tran);
}
if (!backing_hd) {
goto out;
}
- bs->backing = bdrv_attach_child(bs, backing_hd, "backing", &child_of_bds,
- bdrv_backing_role(bs), errp);
- if (!bs->backing) {
- ret = -EPERM;
- goto out;
+ ret = bdrv_attach_child_noperm(bs, backing_hd, "backing",
+ &child_of_bds, bdrv_backing_role(bs),
+ &bs->backing, tran, errp);
+ if (ret < 0) {
+ return ret;
}
- /* If backing_hd was already part of bs's backing chain, and
+
+ /*
+ * If backing_hd was already part of bs's backing chain, and
* inherits_from pointed recursively to bs then let's update it to
- * point directly to bs (else it will become NULL). */
+ * point directly to bs (else it will become NULL).
+ */
if (update_inherits_from) {
- backing_hd->inherits_from = bs;
+ bdrv_set_inherits_from(backing_hd, bs, tran);
}
out:
- bdrv_refresh_limits(bs, NULL, NULL);
+ bdrv_refresh_limits(bs, tran, NULL);
+
+ return 0;
+}
+
+int bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd,
+ Error **errp)
+{
+ int ret;
+ Transaction *tran = tran_new();
+
+ ret = bdrv_set_backing_noperm(bs, backing_hd, tran, errp);
+ if (ret < 0) {
+ goto out;
+ }
+
+ ret = bdrv_refresh_perms(bs, errp);
+out:
+ tran_finalize(tran, ret);
return ret;
}
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 29/39] block: bdrv_reopen_multiple(): move bdrv_flush to separate pre-prepare
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (27 preceding siblings ...)
2021-04-30 10:51 ` [PULL 28/39] block: add bdrv_set_backing_noperm() " Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 30/39] block: bdrv_reopen_multiple: refresh permissions on updated graph Kevin Wolf
` (10 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
During reopen we may add backing bs from other aio context, which may
lead to changing original context of top bs.
We are going to move graph modification to prepare stage. So, it will
be possible that bdrv_flush() in bdrv_reopen_prepare called on bs in
non-original aio context, which we didn't aquire which leads to crash.
To avoid this problem move bdrv_flush() to be a separate reopen stage
before bdrv_reopen_prepare().
This doesn't seem correct to acquire only one aio context and not all
contexts participating in reopen. But it's not obvious how to do it
correctly, keeping in mind:
1. rules of bdrv_set_aio_context_ignore() that requires new_context
lock not being held
2. possible deadlocks because of holding all (or several?) AioContext
locks
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-30-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/block.c b/block.c
index bdfe59d94d..357ec1be2c 100644
--- a/block.c
+++ b/block.c
@@ -4274,6 +4274,14 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
assert(bs_queue != NULL);
+ QTAILQ_FOREACH(bs_entry, bs_queue, entry) {
+ ret = bdrv_flush(bs_entry->state.bs);
+ if (ret < 0) {
+ error_setg_errno(errp, -ret, "Error flushing drive");
+ goto cleanup;
+ }
+ }
+
QTAILQ_FOREACH(bs_entry, bs_queue, entry) {
assert(bs_entry->state.bs->quiesce_counter > 0);
if (bdrv_reopen_prepare(&bs_entry->state, bs_queue, errp)) {
@@ -4669,12 +4677,6 @@ static int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
bdrv_reopen_perm(queue, reopen_state->bs,
&reopen_state->perm, &reopen_state->shared_perm);
- ret = bdrv_flush(reopen_state->bs);
- if (ret) {
- error_setg_errno(errp, -ret, "Error flushing drive");
- goto error;
- }
-
if (drv->bdrv_reopen_prepare) {
/*
* If a driver-specific option is missing, it means that we
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 30/39] block: bdrv_reopen_multiple: refresh permissions on updated graph
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (28 preceding siblings ...)
2021-04-30 10:51 ` [PULL 29/39] block: bdrv_reopen_multiple(): move bdrv_flush to separate pre-prepare Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 22:38 ` Peter Maydell
2021-04-30 10:51 ` [PULL 31/39] block: drop unused permission update functions Kevin Wolf
` (9 subsequent siblings)
39 siblings, 1 reply; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Move bdrv_reopen_multiple to new paradigm of permission update:
first update graph relations, then do refresh the permissions.
We have to modify reopen process in file-posix driver: with new scheme
we don't have prepared permissions in raw_reopen_prepare(), so we
should reconfigure fd in raw_check_perm(). Still this seems more native
and simple anyway.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-31-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block.h | 3 +-
block.c | 187 ++++++++++++------------------------------
block/file-posix.c | 91 +++++++-------------
3 files changed, 84 insertions(+), 197 deletions(-)
diff --git a/include/block/block.h b/include/block/block.h
index ad38259c91..8d5b3ecebd 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -208,8 +208,7 @@ typedef struct BDRVReopenState {
BlockdevDetectZeroesOptions detect_zeroes;
bool backing_missing;
bool replace_backing_bs; /* new_backing_bs is ignored if this is false */
- BlockDriverState *new_backing_bs; /* If NULL then detach the current bs */
- uint64_t perm, shared_perm;
+ BlockDriverState *old_backing_bs; /* keep pointer for permissions update */
QDict *options;
QDict *explicit_options;
void *opaque;
diff --git a/block.c b/block.c
index 357ec1be2c..ffaa367a1b 100644
--- a/block.c
+++ b/block.c
@@ -95,8 +95,9 @@ static int bdrv_attach_child_noperm(BlockDriverState *parent_bs,
static void bdrv_remove_filter_or_cow_child(BlockDriverState *bs,
Transaction *tran);
-static int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue
- *queue, Error **errp);
+static int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
+ BlockReopenQueue *queue,
+ Transaction *set_backings_tran, Error **errp);
static void bdrv_reopen_commit(BDRVReopenState *reopen_state);
static void bdrv_reopen_abort(BDRVReopenState *reopen_state);
@@ -2468,6 +2469,7 @@ static void bdrv_list_abort_perm_update(GSList *list)
}
}
+__attribute__((unused))
static void bdrv_abort_perm_update(BlockDriverState *bs)
{
g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
@@ -2563,6 +2565,7 @@ char *bdrv_perm_names(uint64_t perm)
*
* Needs to be followed by a call to either bdrv_set_perm() or
* bdrv_abort_perm_update(). */
+__attribute__((unused))
static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
uint64_t new_used_perm,
uint64_t new_shared_perm,
@@ -4183,10 +4186,6 @@ static BlockReopenQueue *bdrv_reopen_queue_child(BlockReopenQueue *bs_queue,
bs_entry->state.explicit_options = explicit_options;
bs_entry->state.flags = flags;
- /* This needs to be overwritten in bdrv_reopen_prepare() */
- bs_entry->state.perm = UINT64_MAX;
- bs_entry->state.shared_perm = 0;
-
/*
* If keep_old_opts is false then it means that unspecified
* options must be reset to their original value. We don't allow
@@ -4271,6 +4270,9 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
{
int ret = -1;
BlockReopenQueueEntry *bs_entry, *next;
+ Transaction *tran = tran_new();
+ g_autoptr(GHashTable) found = NULL;
+ g_autoptr(GSList) refresh_list = NULL;
assert(bs_queue != NULL);
@@ -4284,33 +4286,33 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
QTAILQ_FOREACH(bs_entry, bs_queue, entry) {
assert(bs_entry->state.bs->quiesce_counter > 0);
- if (bdrv_reopen_prepare(&bs_entry->state, bs_queue, errp)) {
- goto cleanup;
+ ret = bdrv_reopen_prepare(&bs_entry->state, bs_queue, tran, errp);
+ if (ret < 0) {
+ goto abort;
}
bs_entry->prepared = true;
}
+ found = g_hash_table_new(NULL, NULL);
QTAILQ_FOREACH(bs_entry, bs_queue, entry) {
BDRVReopenState *state = &bs_entry->state;
- ret = bdrv_check_perm(state->bs, bs_queue, state->perm,
- state->shared_perm, errp);
- if (ret < 0) {
- goto cleanup_perm;
- }
- /* Check if new_backing_bs would accept the new permissions */
- if (state->replace_backing_bs && state->new_backing_bs) {
- uint64_t nperm, nshared;
- bdrv_child_perm(state->bs, state->new_backing_bs,
- NULL, bdrv_backing_role(state->bs),
- bs_queue, state->perm, state->shared_perm,
- &nperm, &nshared);
- ret = bdrv_check_update_perm(state->new_backing_bs, NULL,
- nperm, nshared, errp);
- if (ret < 0) {
- goto cleanup_perm;
- }
+
+ refresh_list = bdrv_topological_dfs(refresh_list, found, state->bs);
+ if (state->old_backing_bs) {
+ refresh_list = bdrv_topological_dfs(refresh_list, found,
+ state->old_backing_bs);
}
- bs_entry->perms_checked = true;
+ }
+
+ /*
+ * Note that file-posix driver rely on permission update done during reopen
+ * (even if no permission changed), because it wants "new" permissions for
+ * reconfiguring the fd and that's why it does it in raw_check_perm(), not
+ * in raw_reopen_prepare() which is called with "old" permissions.
+ */
+ ret = bdrv_list_refresh_perms(refresh_list, bs_queue, tran, errp);
+ if (ret < 0) {
+ goto abort;
}
/*
@@ -4326,51 +4328,31 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
bdrv_reopen_commit(&bs_entry->state);
}
- ret = 0;
-cleanup_perm:
- QTAILQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) {
- BDRVReopenState *state = &bs_entry->state;
-
- if (!bs_entry->perms_checked) {
- continue;
- }
-
- if (ret == 0) {
- uint64_t perm, shared;
+ tran_commit(tran);
- bdrv_get_cumulative_perm(state->bs, &perm, &shared);
- assert(perm == state->perm);
- assert(shared == state->shared_perm);
+ QTAILQ_FOREACH_REVERSE(bs_entry, bs_queue, entry) {
+ BlockDriverState *bs = bs_entry->state.bs;
- bdrv_set_perm(state->bs);
- } else {
- bdrv_abort_perm_update(state->bs);
- if (state->replace_backing_bs && state->new_backing_bs) {
- bdrv_abort_perm_update(state->new_backing_bs);
- }
+ if (bs->drv->bdrv_reopen_commit_post) {
+ bs->drv->bdrv_reopen_commit_post(&bs_entry->state);
}
}
- if (ret == 0) {
- QTAILQ_FOREACH_REVERSE(bs_entry, bs_queue, entry) {
- BlockDriverState *bs = bs_entry->state.bs;
+ ret = 0;
+ goto cleanup;
- if (bs->drv->bdrv_reopen_commit_post)
- bs->drv->bdrv_reopen_commit_post(&bs_entry->state);
+abort:
+ tran_abort(tran);
+ QTAILQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) {
+ if (bs_entry->prepared) {
+ bdrv_reopen_abort(&bs_entry->state);
}
+ qobject_unref(bs_entry->state.explicit_options);
+ qobject_unref(bs_entry->state.options);
}
+
cleanup:
QTAILQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) {
- if (ret) {
- if (bs_entry->prepared) {
- bdrv_reopen_abort(&bs_entry->state);
- }
- qobject_unref(bs_entry->state.explicit_options);
- qobject_unref(bs_entry->state.options);
- }
- if (bs_entry->state.new_backing_bs) {
- bdrv_unref(bs_entry->state.new_backing_bs);
- }
g_free(bs_entry);
}
g_free(bs_queue);
@@ -4395,53 +4377,6 @@ int bdrv_reopen_set_read_only(BlockDriverState *bs, bool read_only,
return ret;
}
-static BlockReopenQueueEntry *find_parent_in_reopen_queue(BlockReopenQueue *q,
- BdrvChild *c)
-{
- BlockReopenQueueEntry *entry;
-
- QTAILQ_FOREACH(entry, q, entry) {
- BlockDriverState *bs = entry->state.bs;
- BdrvChild *child;
-
- QLIST_FOREACH(child, &bs->children, next) {
- if (child == c) {
- return entry;
- }
- }
- }
-
- return NULL;
-}
-
-static void bdrv_reopen_perm(BlockReopenQueue *q, BlockDriverState *bs,
- uint64_t *perm, uint64_t *shared)
-{
- BdrvChild *c;
- BlockReopenQueueEntry *parent;
- uint64_t cumulative_perms = 0;
- uint64_t cumulative_shared_perms = BLK_PERM_ALL;
-
- QLIST_FOREACH(c, &bs->parents, next_parent) {
- parent = find_parent_in_reopen_queue(q, c);
- if (!parent) {
- cumulative_perms |= c->perm;
- cumulative_shared_perms &= c->shared_perm;
- } else {
- uint64_t nperm, nshared;
-
- bdrv_child_perm(parent->state.bs, bs, c, c->role, q,
- parent->state.perm, parent->state.shared_perm,
- &nperm, &nshared);
-
- cumulative_perms |= nperm;
- cumulative_shared_perms &= nshared;
- }
- }
- *perm = cumulative_perms;
- *shared = cumulative_shared_perms;
-}
-
static bool bdrv_reopen_can_attach(BlockDriverState *parent,
BdrvChild *child,
BlockDriverState *new_child,
@@ -4483,6 +4418,7 @@ static bool bdrv_reopen_can_attach(BlockDriverState *parent,
* Return 0 on success, otherwise return < 0 and set @errp.
*/
static int bdrv_reopen_parse_backing(BDRVReopenState *reopen_state,
+ Transaction *set_backings_tran,
Error **errp)
{
BlockDriverState *bs = reopen_state->bs;
@@ -4559,6 +4495,8 @@ static int bdrv_reopen_parse_backing(BDRVReopenState *reopen_state,
/* If we want to replace the backing file we need some extra checks */
if (new_backing_bs != bdrv_filter_or_cow_bs(overlay_bs)) {
+ int ret;
+
/* Check for implicit nodes between bs and its backing file */
if (bs != overlay_bs) {
error_setg(errp, "Cannot change backing link if '%s' has "
@@ -4579,9 +4517,11 @@ static int bdrv_reopen_parse_backing(BDRVReopenState *reopen_state,
return -EPERM;
}
reopen_state->replace_backing_bs = true;
- if (new_backing_bs) {
- bdrv_ref(new_backing_bs);
- reopen_state->new_backing_bs = new_backing_bs;
+ reopen_state->old_backing_bs = bs->backing ? bs->backing->bs : NULL;
+ ret = bdrv_set_backing_noperm(bs, new_backing_bs, set_backings_tran,
+ errp);
+ if (ret < 0) {
+ return ret;
}
}
@@ -4606,7 +4546,8 @@ static int bdrv_reopen_parse_backing(BDRVReopenState *reopen_state,
*
*/
static int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
- BlockReopenQueue *queue, Error **errp)
+ BlockReopenQueue *queue,
+ Transaction *set_backings_tran, Error **errp)
{
int ret = -1;
int old_flags;
@@ -4673,10 +4614,6 @@ static int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
goto error;
}
- /* Calculate required permissions after reopening */
- bdrv_reopen_perm(queue, reopen_state->bs,
- &reopen_state->perm, &reopen_state->shared_perm);
-
if (drv->bdrv_reopen_prepare) {
/*
* If a driver-specific option is missing, it means that we
@@ -4730,7 +4667,7 @@ static int bdrv_reopen_prepare(BDRVReopenState *reopen_state,
* either a reference to an existing node (using its node name)
* or NULL to simply detach the current backing file.
*/
- ret = bdrv_reopen_parse_backing(reopen_state, errp);
+ ret = bdrv_reopen_parse_backing(reopen_state, set_backings_tran, errp);
if (ret < 0) {
goto error;
}
@@ -4852,22 +4789,6 @@ static void bdrv_reopen_commit(BDRVReopenState *reopen_state)
qdict_del(bs->explicit_options, child->name);
qdict_del(bs->options, child->name);
}
-
- /*
- * Change the backing file if a new one was specified. We do this
- * after updating bs->options, so bdrv_refresh_filename() (called
- * from bdrv_set_backing_hd()) has the new values.
- */
- if (reopen_state->replace_backing_bs) {
- BlockDriverState *old_backing_bs = child_bs(bs->backing);
- assert(!old_backing_bs || !old_backing_bs->implicit);
- /* Abort the permission update on the backing bs we're detaching */
- if (old_backing_bs) {
- bdrv_abort_perm_update(old_backing_bs);
- }
- bdrv_set_backing_hd(bs, reopen_state->new_backing_bs, &error_abort);
- }
-
bdrv_refresh_limits(bs, NULL, NULL);
}
diff --git a/block/file-posix.c b/block/file-posix.c
index 20e14f8e96..10b71d9a13 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -175,7 +175,6 @@ typedef struct BDRVRawState {
} BDRVRawState;
typedef struct BDRVRawReopenState {
- int fd;
int open_flags;
bool drop_cache;
bool check_cache_dropped;
@@ -1075,7 +1074,6 @@ static int raw_reopen_prepare(BDRVReopenState *state,
BDRVRawReopenState *rs;
QemuOpts *opts;
int ret;
- Error *local_err = NULL;
assert(state != NULL);
assert(state->bs != NULL);
@@ -1101,32 +1099,18 @@ static int raw_reopen_prepare(BDRVReopenState *state,
* bdrv_reopen_prepare() will detect changes and complain. */
qemu_opts_to_qdict(opts, state->options);
- rs->fd = raw_reconfigure_getfd(state->bs, state->flags, &rs->open_flags,
- state->perm, true, &local_err);
- if (local_err) {
- error_propagate(errp, local_err);
- ret = -1;
- goto out;
- }
-
- /* Fail already reopen_prepare() if we can't get a working O_DIRECT
- * alignment with the new fd. */
- if (rs->fd != -1) {
- raw_probe_alignment(state->bs, rs->fd, &local_err);
- if (local_err) {
- error_propagate(errp, local_err);
- ret = -EINVAL;
- goto out_fd;
- }
- }
+ /*
+ * As part of reopen prepare we also want to create new fd by
+ * raw_reconfigure_getfd(). But it wants updated "perm", when in
+ * bdrv_reopen_multiple() .bdrv_reopen_prepare() callback called prior to
+ * permission update. Happily, permission update is always a part (a seprate
+ * stage) of bdrv_reopen_multiple() so we can rely on this fact and
+ * reconfigure fd in raw_check_perm().
+ */
s->reopen_state = state;
ret = 0;
-out_fd:
- if (ret < 0) {
- qemu_close(rs->fd);
- rs->fd = -1;
- }
+
out:
qemu_opts_del(opts);
return ret;
@@ -1140,10 +1124,6 @@ static void raw_reopen_commit(BDRVReopenState *state)
s->drop_cache = rs->drop_cache;
s->check_cache_dropped = rs->check_cache_dropped;
s->open_flags = rs->open_flags;
-
- qemu_close(s->fd);
- s->fd = rs->fd;
-
g_free(state->opaque);
state->opaque = NULL;
@@ -1162,10 +1142,6 @@ static void raw_reopen_abort(BDRVReopenState *state)
return;
}
- if (rs->fd >= 0) {
- qemu_close(rs->fd);
- rs->fd = -1;
- }
g_free(state->opaque);
state->opaque = NULL;
@@ -3073,39 +3049,30 @@ static int raw_check_perm(BlockDriverState *bs, uint64_t perm, uint64_t shared,
Error **errp)
{
BDRVRawState *s = bs->opaque;
- BDRVRawReopenState *rs = NULL;
+ int input_flags = s->reopen_state ? s->reopen_state->flags : bs->open_flags;
int open_flags;
int ret;
- if (s->perm_change_fd) {
+ /* We may need a new fd if auto-read-only switches the mode */
+ ret = raw_reconfigure_getfd(bs, input_flags, &open_flags, perm,
+ false, errp);
+ if (ret < 0) {
+ return ret;
+ } else if (ret != s->fd) {
+ Error *local_err = NULL;
+
/*
- * In the context of reopen, this function may be called several times
- * (directly and recursively while change permissions of the parent).
- * This is even true for children that don't inherit from the original
- * reopen node, so s->reopen_state is not set.
- *
- * Ignore all but the first call.
+ * Fail already check_perm() if we can't get a working O_DIRECT
+ * alignment with the new fd.
*/
- return 0;
- }
-
- if (s->reopen_state) {
- /* We already have a new file descriptor to set permissions for */
- assert(s->reopen_state->perm == perm);
- assert(s->reopen_state->shared_perm == shared);
- rs = s->reopen_state->opaque;
- s->perm_change_fd = rs->fd;
- s->perm_change_flags = rs->open_flags;
- } else {
- /* We may need a new fd if auto-read-only switches the mode */
- ret = raw_reconfigure_getfd(bs, bs->open_flags, &open_flags, perm,
- false, errp);
- if (ret < 0) {
- return ret;
- } else if (ret != s->fd) {
- s->perm_change_fd = ret;
- s->perm_change_flags = open_flags;
+ raw_probe_alignment(bs, ret, &local_err);
+ if (local_err) {
+ error_propagate(errp, local_err);
+ return -EINVAL;
}
+
+ s->perm_change_fd = ret;
+ s->perm_change_flags = open_flags;
}
/* Prepare permissions on old fd to avoid conflicts between old and new,
@@ -3127,7 +3094,7 @@ static int raw_check_perm(BlockDriverState *bs, uint64_t perm, uint64_t shared,
return 0;
fail:
- if (s->perm_change_fd && !s->reopen_state) {
+ if (s->perm_change_fd) {
qemu_close(s->perm_change_fd);
}
s->perm_change_fd = 0;
@@ -3158,7 +3125,7 @@ static void raw_abort_perm_update(BlockDriverState *bs)
/* For reopen, .bdrv_reopen_abort is called afterwards and will close
* the file descriptor. */
- if (s->perm_change_fd && !s->reopen_state) {
+ if (s->perm_change_fd) {
qemu_close(s->perm_change_fd);
}
s->perm_change_fd = 0;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 31/39] block: drop unused permission update functions
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (29 preceding siblings ...)
2021-04-30 10:51 ` [PULL 30/39] block: bdrv_reopen_multiple: refresh permissions on updated graph Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 32/39] block: inline bdrv_check_perm_common() Kevin Wolf
` (8 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-32-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 103 --------------------------------------------------------
1 file changed, 103 deletions(-)
diff --git a/block.c b/block.c
index ffaa367a1b..bf7c187435 100644
--- a/block.c
+++ b/block.c
@@ -1987,11 +1987,6 @@ static int bdrv_fill_options(QDict **options, const char *filename,
return 0;
}
-static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
- uint64_t new_used_perm,
- uint64_t new_shared_perm,
- Error **errp);
-
typedef struct BlockReopenQueueEntry {
bool prepared;
bool perms_checked;
@@ -2426,56 +2421,12 @@ static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
return 0;
}
-static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
- uint64_t cumulative_perms,
- uint64_t cumulative_shared_perms, Error **errp)
-{
- g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
- return bdrv_check_perm_common(list, q, true, cumulative_perms,
- cumulative_shared_perms, NULL, errp);
-}
-
static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
Transaction *tran, Error **errp)
{
return bdrv_check_perm_common(list, q, false, 0, 0, tran, errp);
}
-/*
- * Notifies drivers that after a previous bdrv_check_perm() call, the
- * permission update is not performed and any preparations made for it (e.g.
- * taken file locks) need to be undone.
- */
-static void bdrv_node_abort_perm_update(BlockDriverState *bs)
-{
- BlockDriver *drv = bs->drv;
- BdrvChild *c;
-
- if (!drv) {
- return;
- }
-
- bdrv_drv_set_perm_abort(bs);
-
- QLIST_FOREACH(c, &bs->children, next) {
- bdrv_child_set_perm_abort(c);
- }
-}
-
-static void bdrv_list_abort_perm_update(GSList *list)
-{
- for ( ; list; list = list->next) {
- bdrv_node_abort_perm_update((BlockDriverState *)list->data);
- }
-}
-
-__attribute__((unused))
-static void bdrv_abort_perm_update(BlockDriverState *bs)
-{
- g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
- return bdrv_list_abort_perm_update(list);
-}
-
static void bdrv_node_set_perm(BlockDriverState *bs)
{
BlockDriver *drv = bs->drv;
@@ -2557,60 +2508,6 @@ char *bdrv_perm_names(uint64_t perm)
return g_string_free(result, FALSE);
}
-/*
- * Checks whether a new reference to @bs can be added if the new user requires
- * @new_used_perm/@new_shared_perm as its permissions. If @ignore_children is
- * set, the BdrvChild objects in this list are ignored in the calculations;
- * this allows checking permission updates for an existing reference.
- *
- * Needs to be followed by a call to either bdrv_set_perm() or
- * bdrv_abort_perm_update(). */
-__attribute__((unused))
-static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
- uint64_t new_used_perm,
- uint64_t new_shared_perm,
- Error **errp)
-{
- BdrvChild *c;
- uint64_t cumulative_perms = new_used_perm;
- uint64_t cumulative_shared_perms = new_shared_perm;
-
-
- /* There is no reason why anyone couldn't tolerate write_unchanged */
- assert(new_shared_perm & BLK_PERM_WRITE_UNCHANGED);
-
- QLIST_FOREACH(c, &bs->parents, next_parent) {
- if ((new_used_perm & c->shared_perm) != new_used_perm) {
- char *user = bdrv_child_user_desc(c);
- char *perm_names = bdrv_perm_names(new_used_perm & ~c->shared_perm);
-
- error_setg(errp, "Conflicts with use by %s as '%s', which does not "
- "allow '%s' on %s",
- user, c->name, perm_names, bdrv_get_node_name(c->bs));
- g_free(user);
- g_free(perm_names);
- return -EPERM;
- }
-
- if ((c->perm & new_shared_perm) != c->perm) {
- char *user = bdrv_child_user_desc(c);
- char *perm_names = bdrv_perm_names(c->perm & ~new_shared_perm);
-
- error_setg(errp, "Conflicts with use by %s as '%s', which uses "
- "'%s' on %s",
- user, c->name, perm_names, bdrv_get_node_name(c->bs));
- g_free(user);
- g_free(perm_names);
- return -EPERM;
- }
-
- cumulative_perms |= c->perm;
- cumulative_shared_perms &= c->shared_perm;
- }
-
- return bdrv_check_perm(bs, q, cumulative_perms, cumulative_shared_perms,
- errp);
-}
static int bdrv_refresh_perms(BlockDriverState *bs, Error **errp)
{
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 32/39] block: inline bdrv_check_perm_common()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (30 preceding siblings ...)
2021-04-30 10:51 ` [PULL 31/39] block: drop unused permission update functions Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 33/39] block: inline bdrv_replace_child() Kevin Wolf
` (7 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
bdrv_check_perm_common() has only one caller, so no more sense in
"common".
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-33-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 32 +++-----------------------------
1 file changed, 3 insertions(+), 29 deletions(-)
diff --git a/block.c b/block.c
index bf7c187435..38bd2ea32e 100644
--- a/block.c
+++ b/block.c
@@ -2373,33 +2373,13 @@ static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
return 0;
}
-/*
- * If use_cumulative_perms is true, use cumulative_perms and
- * cumulative_shared_perms for first element of the list. Otherwise just refresh
- * all permissions.
- */
-static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
- bool use_cumulative_perms,
- uint64_t cumulative_perms,
- uint64_t cumulative_shared_perms,
- Transaction *tran, Error **errp)
+static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
+ Transaction *tran, Error **errp)
{
int ret;
+ uint64_t cumulative_perms, cumulative_shared_perms;
BlockDriverState *bs;
- if (use_cumulative_perms) {
- bs = list->data;
-
- ret = bdrv_node_check_perm(bs, q, cumulative_perms,
- cumulative_shared_perms,
- tran, errp);
- if (ret < 0) {
- return ret;
- }
-
- list = list->next;
- }
-
for ( ; list; list = list->next) {
bs = list->data;
@@ -2421,12 +2401,6 @@ static int bdrv_check_perm_common(GSList *list, BlockReopenQueue *q,
return 0;
}
-static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
- Transaction *tran, Error **errp)
-{
- return bdrv_check_perm_common(list, q, false, 0, 0, tran, errp);
-}
-
static void bdrv_node_set_perm(BlockDriverState *bs)
{
BlockDriver *drv = bs->drv;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 33/39] block: inline bdrv_replace_child()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (31 preceding siblings ...)
2021-04-30 10:51 ` [PULL 32/39] block: inline bdrv_check_perm_common() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 34/39] block: refactor bdrv_child_set_perm_safe() transaction action Kevin Wolf
` (6 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
bdrv_replace_child() has only one caller, the second argument is
unused. Inline it now. This triggers deletion of some more unused
interfaces.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-34-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 101 ++++++++++----------------------------------------------
1 file changed, 18 insertions(+), 83 deletions(-)
diff --git a/block.c b/block.c
index 38bd2ea32e..2362c934a4 100644
--- a/block.c
+++ b/block.c
@@ -2401,42 +2401,6 @@ static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
return 0;
}
-static void bdrv_node_set_perm(BlockDriverState *bs)
-{
- BlockDriver *drv = bs->drv;
- BdrvChild *c;
-
- if (!drv) {
- return;
- }
-
- bdrv_drv_set_perm_commit(bs);
-
- /* Drivers that never have children can omit .bdrv_child_perm() */
- if (!drv->bdrv_child_perm) {
- assert(QLIST_EMPTY(&bs->children));
- return;
- }
-
- /* Update all children */
- QLIST_FOREACH(c, &bs->children, next) {
- bdrv_child_set_perm_commit(c);
- }
-}
-
-static void bdrv_list_set_perm(GSList *list)
-{
- for ( ; list; list = list->next) {
- bdrv_node_set_perm((BlockDriverState *)list->data);
- }
-}
-
-static void bdrv_set_perm(BlockDriverState *bs)
-{
- g_autoptr(GSList) list = bdrv_topological_dfs(NULL, NULL, bs);
- return bdrv_list_set_perm(list);
-}
-
void bdrv_get_cumulative_perm(BlockDriverState *bs, uint64_t *perm,
uint64_t *shared_perm)
{
@@ -2776,52 +2740,6 @@ static void bdrv_replace_child_noperm(BdrvChild *child,
}
}
-/*
- * Updates @child to change its reference to point to @new_bs, including
- * checking and applying the necessary permission updates both to the old node
- * and to @new_bs.
- *
- * NULL is passed as @new_bs for removing the reference before freeing @child.
- *
- * If @new_bs is not NULL, bdrv_check_perm() must be called beforehand, as this
- * function uses bdrv_set_perm() to update the permissions according to the new
- * reference that @new_bs gets.
- *
- * Callers must ensure that child->frozen is false.
- */
-static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs)
-{
- BlockDriverState *old_bs = child->bs;
-
- /* Asserts that child->frozen == false */
- bdrv_replace_child_noperm(child, new_bs);
-
- /*
- * Start with the new node's permissions. If @new_bs is a (direct
- * or indirect) child of @old_bs, we must complete the permission
- * update on @new_bs before we loosen the restrictions on @old_bs.
- * Otherwise, bdrv_check_perm() on @old_bs would re-initiate
- * updating the permissions of @new_bs, and thus not purely loosen
- * restrictions.
- */
- if (new_bs) {
- bdrv_set_perm(new_bs);
- }
-
- if (old_bs) {
- /*
- * Update permissions for old node. We're just taking a parent away, so
- * we're loosening restrictions. Errors of permission update are not
- * fatal in this case, ignore them.
- */
- bdrv_refresh_perms(old_bs, NULL);
-
- /* When the parent requiring a non-default AioContext is removed, the
- * node moves back to the main AioContext */
- bdrv_try_set_aio_context(old_bs, qemu_get_aio_context(), NULL);
- }
-}
-
static void bdrv_child_free(void *opaque)
{
BdrvChild *c = opaque;
@@ -2989,8 +2907,25 @@ static int bdrv_attach_child_noperm(BlockDriverState *parent_bs,
static void bdrv_detach_child(BdrvChild *child)
{
- bdrv_replace_child(child, NULL);
+ BlockDriverState *old_bs = child->bs;
+
+ bdrv_replace_child_noperm(child, NULL);
bdrv_remove_empty_child(child);
+
+ if (old_bs) {
+ /*
+ * Update permissions for old node. We're just taking a parent away, so
+ * we're loosening restrictions. Errors of permission update are not
+ * fatal in this case, ignore them.
+ */
+ bdrv_refresh_perms(old_bs, NULL);
+
+ /*
+ * When the parent requiring a non-default AioContext is removed, the
+ * node moves back to the main AioContext
+ */
+ bdrv_try_set_aio_context(old_bs, qemu_get_aio_context(), NULL);
+ }
}
/*
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 34/39] block: refactor bdrv_child_set_perm_safe() transaction action
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (32 preceding siblings ...)
2021-04-30 10:51 ` [PULL 33/39] block: inline bdrv_replace_child() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 35/39] block: rename bdrv_replace_child_safe() to bdrv_replace_child() Kevin Wolf
` (5 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Old interfaces dropped, nobody directly calls
bdrv_child_set_perm_abort() and bdrv_child_set_perm_commit(), so we can
use personal state structure for the action and stop exploiting
BdrvChild structure. Also, drop "_safe" suffix which is redundant now.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-35-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block_int.h | 5 ----
block.c | 63 ++++++++++++++-------------------------
2 files changed, 22 insertions(+), 46 deletions(-)
diff --git a/include/block/block_int.h b/include/block/block_int.h
index dd2de6bd1d..c823f5b1b3 100644
--- a/include/block/block_int.h
+++ b/include/block/block_int.h
@@ -813,11 +813,6 @@ struct BdrvChild {
*/
uint64_t shared_perm;
- /* backup of permissions during permission update procedure */
- bool has_backup_perm;
- uint64_t backup_perm;
- uint64_t backup_shared_perm;
-
/*
* This link is frozen: the child can neither be replaced nor
* detached from the parent.
diff --git a/block.c b/block.c
index 2362c934a4..7b2a8844f6 100644
--- a/block.c
+++ b/block.c
@@ -2135,59 +2135,40 @@ static GSList *bdrv_topological_dfs(GSList *list, GHashTable *found,
return g_slist_prepend(list, bs);
}
-static void bdrv_child_set_perm_commit(void *opaque)
-{
- BdrvChild *c = opaque;
-
- c->has_backup_perm = false;
-}
+typedef struct BdrvChildSetPermState {
+ BdrvChild *child;
+ uint64_t old_perm;
+ uint64_t old_shared_perm;
+} BdrvChildSetPermState;
static void bdrv_child_set_perm_abort(void *opaque)
{
- BdrvChild *c = opaque;
- /*
- * We may have child->has_backup_perm unset at this point, as in case of
- * _check_ stage of permission update failure we may _check_ not the whole
- * subtree. Still, _abort_ is called on the whole subtree anyway.
- */
- if (c->has_backup_perm) {
- c->perm = c->backup_perm;
- c->shared_perm = c->backup_shared_perm;
- c->has_backup_perm = false;
- }
+ BdrvChildSetPermState *s = opaque;
+
+ s->child->perm = s->old_perm;
+ s->child->shared_perm = s->old_shared_perm;
}
static TransactionActionDrv bdrv_child_set_pem_drv = {
.abort = bdrv_child_set_perm_abort,
- .commit = bdrv_child_set_perm_commit,
+ .clean = g_free,
};
-/*
- * With tran=NULL needs to be followed by direct call to either
- * bdrv_child_set_perm_commit() or bdrv_child_set_perm_abort().
- *
- * With non-NULL tran needs to be followed by tran_abort() or tran_commit()
- * instead.
- */
-static void bdrv_child_set_perm_safe(BdrvChild *c, uint64_t perm,
- uint64_t shared, Transaction *tran)
+static void bdrv_child_set_perm(BdrvChild *c, uint64_t perm,
+ uint64_t shared, Transaction *tran)
{
- if (!c->has_backup_perm) {
- c->has_backup_perm = true;
- c->backup_perm = c->perm;
- c->backup_shared_perm = c->shared_perm;
- }
- /*
- * Note: it's OK if c->has_backup_perm was already set, as we can find the
- * same c twice during check_perm procedure
- */
+ BdrvChildSetPermState *s = g_new(BdrvChildSetPermState, 1);
+
+ *s = (BdrvChildSetPermState) {
+ .child = c,
+ .old_perm = c->perm,
+ .old_shared_perm = c->shared_perm,
+ };
c->perm = perm;
c->shared_perm = shared;
- if (tran) {
- tran_add(tran, &bdrv_child_set_pem_drv, c);
- }
+ tran_add(tran, &bdrv_child_set_pem_drv, s);
}
static void bdrv_drv_set_perm_commit(void *opaque)
@@ -2367,7 +2348,7 @@ static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
bdrv_child_perm(bs, c->bs, c, c->role, q,
cumulative_perms, cumulative_shared_perms,
&cur_perm, &cur_shared);
- bdrv_child_set_perm_safe(c, cur_perm, cur_shared, tran);
+ bdrv_child_set_perm(c, cur_perm, cur_shared, tran);
}
return 0;
@@ -2466,7 +2447,7 @@ int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared,
Transaction *tran = tran_new();
int ret;
- bdrv_child_set_perm_safe(c, perm, shared, tran);
+ bdrv_child_set_perm(c, perm, shared, tran);
ret = bdrv_refresh_perms(c->bs, &local_err);
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 35/39] block: rename bdrv_replace_child_safe() to bdrv_replace_child()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (33 preceding siblings ...)
2021-04-30 10:51 ` [PULL 34/39] block: refactor bdrv_child_set_perm_safe() transaction action Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 36/39] block: refactor bdrv_node_check_perm() Kevin Wolf
` (4 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
We don't have bdrv_replace_child(), so it's time for
bdrv_replace_child_safe() to take its place.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-36-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/block.c b/block.c
index 7b2a8844f6..df8fa6003c 100644
--- a/block.c
+++ b/block.c
@@ -2248,12 +2248,12 @@ static TransactionActionDrv bdrv_replace_child_drv = {
};
/*
- * bdrv_replace_child_safe
+ * bdrv_replace_child
*
* Note: real unref of old_bs is done only on commit.
*/
-static void bdrv_replace_child_safe(BdrvChild *child, BlockDriverState *new_bs,
- Transaction *tran)
+static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs,
+ Transaction *tran)
{
BdrvReplaceChildState *s = g_new(BdrvReplaceChildState, 1);
*s = (BdrvReplaceChildState) {
@@ -4803,7 +4803,7 @@ static void bdrv_remove_filter_or_cow_child(BlockDriverState *bs,
}
if (child->bs) {
- bdrv_replace_child_safe(child, NULL, tran);
+ bdrv_replace_child(child, NULL, tran);
}
s = g_new(BdrvRemoveFilterOrCowChild, 1);
@@ -4843,7 +4843,7 @@ static int bdrv_replace_node_noperm(BlockDriverState *from,
c->name, from->node_name);
return -EPERM;
}
- bdrv_replace_child_safe(c, to, tran);
+ bdrv_replace_child(c, to, tran);
}
return 0;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 36/39] block: refactor bdrv_node_check_perm()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (34 preceding siblings ...)
2021-04-30 10:51 ` [PULL 35/39] block: rename bdrv_replace_child_safe() to bdrv_replace_child() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 37/39] block: Add BDRV_O_NO_SHARE for blk_new_open() Kevin Wolf
` (3 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Now, bdrv_node_check_perm() is called only with fresh cumulative
permissions, so its actually "refresh_perm".
Move permission calculation to the function. Also, drop unreachable
error message and rewrite the remaining one to be more generic (as now
we don't know which node is added and which was already here).
Add also Virtuozzo copyright, as big work is done at this point.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210428151804.439460-37-vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 38 +++++++++++---------------------------
tests/qemu-iotests/245 | 2 +-
2 files changed, 12 insertions(+), 28 deletions(-)
diff --git a/block.c b/block.c
index df8fa6003c..874c22c43e 100644
--- a/block.c
+++ b/block.c
@@ -2,6 +2,7 @@
* QEMU System Emulator block driver
*
* Copyright (c) 2003 Fabrice Bellard
+ * Copyright (c) 2020 Virtuozzo International GmbH.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
@@ -2270,22 +2271,18 @@ static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs,
}
/*
- * Check whether permissions on this node can be changed in a way that
- * @cumulative_perms and @cumulative_shared_perms are the new cumulative
- * permissions of all its parents. This involves checking whether all necessary
- * permission changes to child nodes can be performed.
- *
- * A call to this function must always be followed by a call to bdrv_set_perm()
- * or bdrv_abort_perm_update().
+ * Refresh permissions in @bs subtree. The function is intended to be called
+ * after some graph modification that was done without permission update.
*/
-static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
- uint64_t cumulative_perms,
- uint64_t cumulative_shared_perms,
- Transaction *tran, Error **errp)
+static int bdrv_node_refresh_perm(BlockDriverState *bs, BlockReopenQueue *q,
+ Transaction *tran, Error **errp)
{
BlockDriver *drv = bs->drv;
BdrvChild *c;
int ret;
+ uint64_t cumulative_perms, cumulative_shared_perms;
+
+ bdrv_get_cumulative_perm(bs, &cumulative_perms, &cumulative_shared_perms);
/* Write permissions never work with read-only images */
if ((cumulative_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) &&
@@ -2294,15 +2291,8 @@ static int bdrv_node_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
if (!bdrv_is_writable_after_reopen(bs, NULL)) {
error_setg(errp, "Block node is read-only");
} else {
- uint64_t current_perms, current_shared;
- bdrv_get_cumulative_perm(bs, ¤t_perms, ¤t_shared);
- if (current_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) {
- error_setg(errp, "Cannot make block node read-only, there is "
- "a writer on it");
- } else {
- error_setg(errp, "Cannot make block node read-only and create "
- "a writer on it");
- }
+ error_setg(errp, "Read-only block node '%s' cannot support "
+ "read-write users", bdrv_get_node_name(bs));
}
return -EPERM;
@@ -2358,7 +2348,6 @@ static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
Transaction *tran, Error **errp)
{
int ret;
- uint64_t cumulative_perms, cumulative_shared_perms;
BlockDriverState *bs;
for ( ; list; list = list->next) {
@@ -2368,12 +2357,7 @@ static int bdrv_list_refresh_perms(GSList *list, BlockReopenQueue *q,
return -EINVAL;
}
- bdrv_get_cumulative_perm(bs, &cumulative_perms,
- &cumulative_shared_perms);
-
- ret = bdrv_node_check_perm(bs, q, cumulative_perms,
- cumulative_shared_perms,
- tran, errp);
+ ret = bdrv_node_refresh_perm(bs, q, tran, errp);
if (ret < 0) {
return ret;
}
diff --git a/tests/qemu-iotests/245 b/tests/qemu-iotests/245
index 11104b9208..fc5297e268 100755
--- a/tests/qemu-iotests/245
+++ b/tests/qemu-iotests/245
@@ -905,7 +905,7 @@ class TestBlockdevReopen(iotests.QMPTestCase):
# We can't reopen hd1 to read-only, as block-stream requires it to be
# read-write
self.reopen(opts['backing'], {'read-only': True},
- "Cannot make block node read-only, there is a writer on it")
+ "Read-only block node 'hd1' cannot support read-write users")
# We can't remove hd2 while the stream job is ongoing
opts['backing']['backing'] = None
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 37/39] block: Add BDRV_O_NO_SHARE for blk_new_open()
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (35 preceding siblings ...)
2021-04-30 10:51 ` [PULL 36/39] block: refactor bdrv_node_check_perm() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 38/39] qemu-img convert: Unshare write permission for source Kevin Wolf
` (2 subsequent siblings)
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
Normally, blk_new_open() just shares all permissions. This was fine
originally when permissions only protected against uses in the same
process because no other part of the code would actually get to access
the block nodes opened with blk_new_open(). However, since we use it for
file locking now, unsharing permissions becomes desirable.
Add a new BDRV_O_NO_SHARE flag that is used in blk_new_open() to unshare
any permissions that can be unshared.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210422164344.283389-2-kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
include/block/block.h | 1 +
block/block-backend.c | 19 +++++++++++++------
2 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/include/block/block.h b/include/block/block.h
index 8d5b3ecebd..82185965ff 100644
--- a/include/block/block.h
+++ b/include/block/block.h
@@ -102,6 +102,7 @@ typedef struct HDGeometry {
uint32_t cylinders;
} HDGeometry;
+#define BDRV_O_NO_SHARE 0x0001 /* don't share permissions */
#define BDRV_O_RDWR 0x0002
#define BDRV_O_RESIZE 0x0004 /* request permission for resizing the node */
#define BDRV_O_SNAPSHOT 0x0008 /* open the file read only and save writes in a snapshot */
diff --git a/block/block-backend.c b/block/block-backend.c
index e4892fd6a5..6fca9853e1 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -407,15 +407,19 @@ BlockBackend *blk_new_open(const char *filename, const char *reference,
BlockBackend *blk;
BlockDriverState *bs;
uint64_t perm = 0;
+ uint64_t shared = BLK_PERM_ALL;
- /* blk_new_open() is mainly used in .bdrv_create implementations and the
- * tools where sharing isn't a concern because the BDS stays private, so we
- * just request permission according to the flags.
+ /*
+ * blk_new_open() is mainly used in .bdrv_create implementations and the
+ * tools where sharing isn't a major concern because the BDS stays private
+ * and the file is generally not supposed to be used by a second process,
+ * so we just request permission according to the flags.
*
* The exceptions are xen_disk and blockdev_init(); in these cases, the
* caller of blk_new_open() doesn't make use of the permissions, but they
* shouldn't hurt either. We can still share everything here because the
- * guest devices will add their own blockers if they can't share. */
+ * guest devices will add their own blockers if they can't share.
+ */
if ((flags & BDRV_O_NO_IO) == 0) {
perm |= BLK_PERM_CONSISTENT_READ;
if (flags & BDRV_O_RDWR) {
@@ -425,8 +429,11 @@ BlockBackend *blk_new_open(const char *filename, const char *reference,
if (flags & BDRV_O_RESIZE) {
perm |= BLK_PERM_RESIZE;
}
+ if (flags & BDRV_O_NO_SHARE) {
+ shared = BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE_UNCHANGED;
+ }
- blk = blk_new(qemu_get_aio_context(), perm, BLK_PERM_ALL);
+ blk = blk_new(qemu_get_aio_context(), perm, shared);
bs = bdrv_open(filename, reference, options, flags, errp);
if (!bs) {
blk_unref(blk);
@@ -435,7 +442,7 @@ BlockBackend *blk_new_open(const char *filename, const char *reference,
blk->root = bdrv_root_attach_child(bs, "root", &child_root,
BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY,
- perm, BLK_PERM_ALL, blk, errp);
+ perm, shared, blk, errp);
if (!blk->root) {
blk_unref(blk);
return NULL;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 38/39] qemu-img convert: Unshare write permission for source
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (36 preceding siblings ...)
2021-04-30 10:51 ` [PULL 37/39] block: Add BDRV_O_NO_SHARE for blk_new_open() Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 10:51 ` [PULL 39/39] vhost-user-blk: Fail gracefully on too large queue size Kevin Wolf
2021-04-30 15:00 ` [PULL 00/39] Block layer patches Peter Maydell
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
For a successful conversion of an image, we must make sure that its
content doesn't change during the conversion.
A special case of this is using the same image file both as the source
and as the destination. If both input and output format are raw, the
operation would just be useless work, with other formats it is a sure
way to destroy the image. This will now fail because the image file
can't be opened a second time for the output when opening it for the
input has already acquired file locks to unshare BLK_PERM_WRITE.
Nevertheless, if there is some reason in a special case why it is
actually okay to allow writes to the image while it is being converted,
-U can still be used to force sharing all permissions.
Note that for most image formats, BLK_PERM_WRITE would already be
unshared by the format driver, so this only really makes a difference
for raw source images (but any output format).
Reported-by: Xueqiang Wei <xuwei@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20210422164344.283389-3-kwolf@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
qemu-img.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/qemu-img.c b/qemu-img.c
index babb5573ab..a5993682aa 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -2146,7 +2146,7 @@ static void set_rate_limit(BlockBackend *blk, int64_t rate_limit)
static int img_convert(int argc, char **argv)
{
- int c, bs_i, flags, src_flags = 0;
+ int c, bs_i, flags, src_flags = BDRV_O_NO_SHARE;
const char *fmt = NULL, *out_fmt = NULL, *cache = "unsafe",
*src_cache = BDRV_DEFAULT_CACHE, *out_baseimg = NULL,
*out_filename, *out_baseimg_param, *snapshot_name = NULL;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* [PULL 39/39] vhost-user-blk: Fail gracefully on too large queue size
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (37 preceding siblings ...)
2021-04-30 10:51 ` [PULL 38/39] qemu-img convert: Unshare write permission for source Kevin Wolf
@ 2021-04-30 10:51 ` Kevin Wolf
2021-04-30 15:00 ` [PULL 00/39] Block layer patches Peter Maydell
39 siblings, 0 replies; 43+ messages in thread
From: Kevin Wolf @ 2021-04-30 10:51 UTC (permalink / raw)
To: qemu-block; +Cc: kwolf, peter.maydell, qemu-devel
virtio_add_queue() aborts when queue_size > VIRTQUEUE_MAX_SIZE, so
vhost_user_blk_device_realize() should check this before calling it.
Simple reproducer:
qemu-system-x86_64 \
-chardev null,id=foo \
-device vhost-user-blk-pci,queue-size=4096,chardev=foo
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1935014
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-Id: <20210413165654.50810-1-kwolf@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Raphael Norwitz <raphael.norwitz@nutanix.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
hw/block/vhost-user-blk.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/hw/block/vhost-user-blk.c b/hw/block/vhost-user-blk.c
index 0b5b9d44cd..f5e9682703 100644
--- a/hw/block/vhost-user-blk.c
+++ b/hw/block/vhost-user-blk.c
@@ -467,6 +467,11 @@ static void vhost_user_blk_device_realize(DeviceState *dev, Error **errp)
error_setg(errp, "vhost-user-blk: queue size must be non-zero");
return;
}
+ if (s->queue_size > VIRTQUEUE_MAX_SIZE) {
+ error_setg(errp, "vhost-user-blk: queue size must not exceed %d",
+ VIRTQUEUE_MAX_SIZE);
+ return;
+ }
if (!vhost_user_init(&s->vhost_user, &s->chardev, errp)) {
return;
--
2.30.2
^ permalink raw reply related [flat|nested] 43+ messages in thread
* Re: [PULL 00/39] Block layer patches
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
` (38 preceding siblings ...)
2021-04-30 10:51 ` [PULL 39/39] vhost-user-blk: Fail gracefully on too large queue size Kevin Wolf
@ 2021-04-30 15:00 ` Peter Maydell
39 siblings, 0 replies; 43+ messages in thread
From: Peter Maydell @ 2021-04-30 15:00 UTC (permalink / raw)
To: Kevin Wolf; +Cc: QEMU Developers, Qemu-block
On Fri, 30 Apr 2021 at 11:51, Kevin Wolf <kwolf@redhat.com> wrote:
>
> The following changes since commit ccdf06c1db192152ac70a1dd974c624f566cb7d4:
>
> Open 6.1 development tree (2021-04-30 11:15:40 +0100)
>
> are available in the Git repository at:
>
> git://repo.or.cz/qemu/kevin.git tags/for-upstream
>
> for you to fetch changes up to 68bf7336533faa6aa90fdd4558edddbf5d8ef814:
>
> vhost-user-blk: Fail gracefully on too large queue size (2021-04-30 12:27:48 +0200)
>
> ----------------------------------------------------------------
> Block layer patches
>
> - Fix permission update order problems with block graph changes
> - qemu-img convert: Unshare write permission for source
> - vhost-user-blk: Fail gracefully on too large queue size
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/6.1
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 43+ messages in thread
* Re: [PULL 18/39] block: add bdrv_attach_child_common() transaction action
2021-04-30 10:51 ` [PULL 18/39] block: add bdrv_attach_child_common() transaction action Kevin Wolf
@ 2021-04-30 22:33 ` Peter Maydell
0 siblings, 0 replies; 43+ messages in thread
From: Peter Maydell @ 2021-04-30 22:33 UTC (permalink / raw)
To: Kevin Wolf; +Cc: QEMU Developers, Qemu-block
On Fri, 30 Apr 2021 at 11:53, Kevin Wolf <kwolf@redhat.com> wrote:
>
> From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
>
> Split out no-perm part of bdrv_root_attach_child() into separate
> transaction action. bdrv_root_attach_child() now moves to new
> permission update paradigm: first update graph relations then update
> permissions.
>
> qsd-jobs test output updated. Seems now permission update goes in
> another order. Still, the test comment say that we only want to check
> that command doesn't crash, and it's still so.
>
> Error message is a bit misleading as it looks like job was added first.
> But actually in new paradigm of graph update we can't distinguish such
> things. We should update the error message, but let's not do it now.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
> Message-Id: <20210428151804.439460-19-vsementsov@virtuozzo.com>
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Hi; Coverity thinks it's found a resource leak in this function
(CID 1452773):
> +/*
> + * This function steals the reference to child_bs from the caller.
> + * That reference is later dropped by bdrv_root_unref_child().
> + *
> + * On failure NULL is returned, errp is set and the reference to
> + * child_bs is also dropped.
> + *
> + * The caller must hold the AioContext lock @child_bs, but not that of @ctx
> + * (unless @child_bs is already in @ctx).
> + */
> +BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
> + const char *child_name,
> + const BdrvChildClass *child_class,
> + BdrvChildRole child_role,
> + uint64_t perm, uint64_t shared_perm,
> + void *opaque, Error **errp)
> +{
> + int ret;
> + BdrvChild *child = NULL;
> + Transaction *tran = tran_new();
Here we create a new Transaction...
> +
> + ret = bdrv_attach_child_common(child_bs, child_name, child_class,
> + child_role, perm, shared_perm, opaque,
> + &child, tran, errp);
> + if (ret < 0) {
> + bdrv_unref(child_bs);
> + return NULL;
...but in this error-return path we don't free it.
> + }
> +
> + ret = bdrv_refresh_perms(child_bs, errp);
> + tran_finalize(tran, ret);
> +
> + bdrv_unref(child_bs);
> return child;
> }
thanks
-- PMM
^ permalink raw reply [flat|nested] 43+ messages in thread
* Re: [PULL 30/39] block: bdrv_reopen_multiple: refresh permissions on updated graph
2021-04-30 10:51 ` [PULL 30/39] block: bdrv_reopen_multiple: refresh permissions on updated graph Kevin Wolf
@ 2021-04-30 22:38 ` Peter Maydell
0 siblings, 0 replies; 43+ messages in thread
From: Peter Maydell @ 2021-04-30 22:38 UTC (permalink / raw)
To: Kevin Wolf; +Cc: QEMU Developers, Qemu-block
On Fri, 30 Apr 2021 at 11:53, Kevin Wolf <kwolf@redhat.com> wrote:
>
> From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
>
> Move bdrv_reopen_multiple to new paradigm of permission update:
> first update graph relations, then do refresh the permissions.
>
> We have to modify reopen process in file-posix driver: with new scheme
> we don't have prepared permissions in raw_reopen_prepare(), so we
> should reconfigure fd in raw_check_perm(). Still this seems more native
> and simple anyway.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
> Reviewed-by: Kevin Wolf <kwolf@redhat.com>
> Message-Id: <20210428151804.439460-31-vsementsov@virtuozzo.com>
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Hi; Coverity thinks this change introduced a resource leak
(CID 1452772):
> @@ -4271,6 +4270,9 @@ int bdrv_reopen_multiple(BlockReopenQueue *bs_queue, Error **errp)
> {
> int ret = -1;
> BlockReopenQueueEntry *bs_entry, *next;
> + Transaction *tran = tran_new();
> + g_autoptr(GHashTable) found = NULL;
> + g_autoptr(GSList) refresh_list = NULL;
Now we allocate a new Transaction at the start of the function...
>
> assert(bs_queue != NULL);
>
...but in the code between these two hunks there is this:
QTAILQ_FOREACH(bs_entry, bs_queue, entry) {
ret = bdrv_flush(bs_entry->state.bs);
if (ret < 0) {
error_setg_errno(errp, -ret, "Error flushing drive");
goto cleanup;
}
}
which jumps to 'cleanup' on failure...
> - if (ret == 0) {
> - QTAILQ_FOREACH_REVERSE(bs_entry, bs_queue, entry) {
> - BlockDriverState *bs = bs_entry->state.bs;
> + ret = 0;
> + goto cleanup;
>
> - if (bs->drv->bdrv_reopen_commit_post)
> - bs->drv->bdrv_reopen_commit_post(&bs_entry->state);
> +abort:
> + tran_abort(tran);
> + QTAILQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) {
> + if (bs_entry->prepared) {
> + bdrv_reopen_abort(&bs_entry->state);
> }
> + qobject_unref(bs_entry->state.explicit_options);
> + qobject_unref(bs_entry->state.options);
> }
> +
> cleanup:
> QTAILQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) {
> - if (ret) {
> - if (bs_entry->prepared) {
> - bdrv_reopen_abort(&bs_entry->state);
> - }
> - qobject_unref(bs_entry->state.explicit_options);
> - qobject_unref(bs_entry->state.options);
> - }
> - if (bs_entry->state.new_backing_bs) {
> - bdrv_unref(bs_entry->state.new_backing_bs);
> - }
> g_free(bs_entry);
> }
> g_free(bs_queue);
...and the 'cleanup' label doesn't free the Transaction.
An easy fix would be to move the call to tran_new() down to
below the loop that calls bdrv_flush().
thanks
-- PMM
^ permalink raw reply [flat|nested] 43+ messages in thread
end of thread, other threads:[~2021-04-30 22:40 UTC | newest]
Thread overview: 43+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-30 10:51 [PULL 00/39] Block layer patches Kevin Wolf
2021-04-30 10:51 ` [PULL 01/39] tests/test-bdrv-graph-mod: add test_parallel_exclusive_write Kevin Wolf
2021-04-30 10:51 ` [PULL 02/39] tests/test-bdrv-graph-mod: add test_parallel_perm_update Kevin Wolf
2021-04-30 10:51 ` [PULL 03/39] tests/test-bdrv-graph-mod: add test_append_greedy_filter Kevin Wolf
2021-04-30 10:51 ` [PULL 04/39] block: bdrv_append(): don't consume reference Kevin Wolf
2021-04-30 10:51 ` [PULL 05/39] block: BdrvChildClass: add .get_parent_aio_context handler Kevin Wolf
2021-04-30 10:51 ` [PULL 06/39] block: drop ctx argument from bdrv_root_attach_child Kevin Wolf
2021-04-30 10:51 ` [PULL 07/39] block: make bdrv_reopen_{prepare,commit,abort} private Kevin Wolf
2021-04-30 10:51 ` [PULL 08/39] util: add transactions.c Kevin Wolf
2021-04-30 10:51 ` [PULL 09/39] block: bdrv_refresh_perms: check for parents permissions conflict Kevin Wolf
2021-04-30 10:51 ` [PULL 10/39] block: refactor bdrv_child* permission functions Kevin Wolf
2021-04-30 10:51 ` [PULL 11/39] block: rewrite bdrv_child_try_set_perm() using bdrv_refresh_perms() Kevin Wolf
2021-04-30 10:51 ` [PULL 12/39] block: inline bdrv_child_*() permission functions calls Kevin Wolf
2021-04-30 10:51 ` [PULL 13/39] block: use topological sort for permission update Kevin Wolf
2021-04-30 10:51 ` [PULL 14/39] block: add bdrv_drv_set_perm transaction action Kevin Wolf
2021-04-30 10:51 ` [PULL 15/39] block: add bdrv_list_* permission update functions Kevin Wolf
2021-04-30 10:51 ` [PULL 16/39] block: add bdrv_replace_child_safe() transaction action Kevin Wolf
2021-04-30 10:51 ` [PULL 17/39] block: fix bdrv_replace_node_common Kevin Wolf
2021-04-30 10:51 ` [PULL 18/39] block: add bdrv_attach_child_common() transaction action Kevin Wolf
2021-04-30 22:33 ` Peter Maydell
2021-04-30 10:51 ` [PULL 19/39] block: add bdrv_attach_child_noperm() " Kevin Wolf
2021-04-30 10:51 ` [PULL 20/39] block: split out bdrv_replace_node_noperm() Kevin Wolf
2021-04-30 10:51 ` [PULL 21/39] block: adapt bdrv_append() for inserting filters Kevin Wolf
2021-04-30 10:51 ` [PULL 22/39] block: add bdrv_remove_filter_or_cow transaction action Kevin Wolf
2021-04-30 10:51 ` [PULL 23/39] block: introduce bdrv_drop_filter() Kevin Wolf
2021-04-30 10:51 ` [PULL 24/39] block/backup-top: drop .active Kevin Wolf
2021-04-30 10:51 ` [PULL 25/39] block: drop ignore_children for permission update functions Kevin Wolf
2021-04-30 10:51 ` [PULL 26/39] block: make bdrv_unset_inherits_from to be a transaction action Kevin Wolf
2021-04-30 10:51 ` [PULL 27/39] block: make bdrv_refresh_limits() " Kevin Wolf
2021-04-30 10:51 ` [PULL 28/39] block: add bdrv_set_backing_noperm() " Kevin Wolf
2021-04-30 10:51 ` [PULL 29/39] block: bdrv_reopen_multiple(): move bdrv_flush to separate pre-prepare Kevin Wolf
2021-04-30 10:51 ` [PULL 30/39] block: bdrv_reopen_multiple: refresh permissions on updated graph Kevin Wolf
2021-04-30 22:38 ` Peter Maydell
2021-04-30 10:51 ` [PULL 31/39] block: drop unused permission update functions Kevin Wolf
2021-04-30 10:51 ` [PULL 32/39] block: inline bdrv_check_perm_common() Kevin Wolf
2021-04-30 10:51 ` [PULL 33/39] block: inline bdrv_replace_child() Kevin Wolf
2021-04-30 10:51 ` [PULL 34/39] block: refactor bdrv_child_set_perm_safe() transaction action Kevin Wolf
2021-04-30 10:51 ` [PULL 35/39] block: rename bdrv_replace_child_safe() to bdrv_replace_child() Kevin Wolf
2021-04-30 10:51 ` [PULL 36/39] block: refactor bdrv_node_check_perm() Kevin Wolf
2021-04-30 10:51 ` [PULL 37/39] block: Add BDRV_O_NO_SHARE for blk_new_open() Kevin Wolf
2021-04-30 10:51 ` [PULL 38/39] qemu-img convert: Unshare write permission for source Kevin Wolf
2021-04-30 10:51 ` [PULL 39/39] vhost-user-blk: Fail gracefully on too large queue size Kevin Wolf
2021-04-30 15:00 ` [PULL 00/39] Block layer patches Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).