[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC PATCH 06/41] block: Involve block drivers in permi
From: |
Fam Zheng |
Subject: |
Re: [Qemu-devel] [RFC PATCH 06/41] block: Involve block drivers in permission granting |
Date: |
Tue, 14 Feb 2017 19:23:56 +0800 |
User-agent: |
Mutt/1.7.1 (2016-10-04) |
On Tue, 02/14 11:36, Kevin Wolf wrote:
> Am 14.02.2017 um 06:51 hat Fam Zheng geschrieben:
> > On Mon, 02/13 18:22, Kevin Wolf wrote:
> > > +int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared,
> > > + Error **errp)
> > > +{
> > > + int ret;
> > > +
> > > + ret = bdrv_child_check_perm(c, perm, shared, errp);
> > > + if (ret < 0) {
> > > + return ret;
> > > + }
> > > +
> > > + bdrv_child_set_perm(c, perm, shared);
> >
> > This has an issue of TOCTOU, which means image locking cannot fit in easily.
> > Maybe squash them into one callback (.bdrv_try_set_perm) that can return
> > error?
>
> That doesn't work, it would leave us with broken error handling. If one
> driver in the middle of the update process fails to update the
> permissions, we would end up with half of the nodes having the old
> permissions and half having the new ones.
>
> I think the file driver needs to lock the file already on check, and
> then we need to add a callback for the failure case so that it gives up
> the lock again. In other words, we might need a transaction with
> prepare/commit/abort here (*sigh*). Hm, or maybe just prepare/abort
> could be enough? Needs some thinking about.
Can perm change be wedged into the reopen transaction? RO flag change there
already requires transactional lock mode update in file driver. I wonder if
the bdrv_reopen call sites can ever have (transactional) perm change
requirements as well..
Fam
- [Qemu-devel] [RFC PATCH 09/41] block: Default .bdrv_child_perm() for format drivers, (continued)
[Qemu-devel] [RFC PATCH 06/41] block: Involve block drivers in permission granting, Kevin Wolf, 2017/02/13
[Qemu-devel] [RFC PATCH 08/41] block: Request child permissions in filter drivers, Kevin Wolf, 2017/02/13
[Qemu-devel] [RFC PATCH 10/41] block: Request child permissions in format drivers, Kevin Wolf, 2017/02/13
[Qemu-devel] [RFC PATCH 11/41] vvfat: Implement .bdrv_child_perm(), Kevin Wolf, 2017/02/13
[Qemu-devel] [RFC PATCH 12/41] block: Require .bdrv_child_perm() with child nodes, Kevin Wolf, 2017/02/13
[Qemu-devel] [RFC PATCH 14/41] block: Add permissions to BlockBackend, Kevin Wolf, 2017/02/13
[Qemu-devel] [RFC PATCH 13/41] block: Request real permissions in bdrv_attach_child(), Kevin Wolf, 2017/02/13