rpm/qemu
SHA256
1
0
Fork 0
forked from pool/qemu
Code Pull Requests Activity
367937cadb
qemu/block-backend-Retain-permissions-after-m.patch
Li Zhang 5435e8a804 Accepting request 955876 from home:lizhang:branches:Virtualization 
Backport patches related with iotest from upstream
* Patches added:
  block-backend-Retain-permissions-after-m.patch
  iotest-065-explicit-compression-type.patch
  iotest-214-explicit-compression-type.patch
  iotest-302-use-img_info_log-helper.patch
  iotest-303-explicit-compression-type.patch
  iotest-39-use-_qcow2_dump_header.patch
  iotests-60-more-accurate-set-dirty-bit-i.patch
  iotests-bash-tests-filter-compression-ty.patch
  iotests-common.rc-introduce-_qcow2_dump_.patch
  iotests-declare-lack-of-support-for-comp.patch
  iotests-drop-qemu_img_verbose-helper.patch
  iotests-massive-use-_qcow2_dump_header.patch
  iotests-MRCE-Write-data-to-source.patch
  iotests.py-filter-out-successful-output-.patch
  iotests.py-img_info_log-rename-imgopts-a.patch
  iotests.py-implement-unsupported_imgopts.patch
  iotests.py-qemu_img-create-support-IMGOP.patch
  iotests.py-rewrite-default-luks-support-.patch
  iotests-specify-some-unsupported_imgopts.patch
  qcow2-simple-case-support-for-downgradin.patch
  tests-qemu-iotests-Fix-051-for-binaries-.patch

OBS-URL: https://build.opensuse.org/request/show/955876
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=690
2022-02-18 14:14:04 +00:00

73 lines
2.7 KiB
Diff
Raw Blame History

From: Hanna Reitz <hreitz@redhat.com>
Date: Thu, 25 Nov 2021 14:53:16 +0100
Subject: block-backend: Retain permissions after migration
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Git-commit: 492a119610129f65217580790971fa038e5492d3
After migration, the permissions the guest device wants to impose on its
BlockBackend are stored in blk->perm and blk->shared_perm. In
blk_root_activate(), we take our permissions, but keep all shared
permissions open by calling `blk_set_perm(blk->perm, BLK_PERM_ALL)`.
Only afterwards (immediately or later, depending on the runstate) do we
restrict the shared permissions by calling
`blk_set_perm(blk->perm, blk->shared_perm)`. Unfortunately, our first
call with shared_perm=BLK_PERM_ALL has overwritten blk->shared_perm to
be BLK_PERM_ALL, so this is a no-op and the set of shared permissions is
not restricted.
Fix this bug by saving the set of shared permissions before invoking
blk_set_perm() with BLK_PERM_ALL and restoring it afterwards.
Fixes: 5f7772c4d0cf32f4e779fcd5a69ae4dae24aeebf
("block-backend: Defer shared_perm tightening migration
completion")
Reported-by: Peng Liang <liangpeng10@huawei.com>
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20211125135317.186576-2-hreitz@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Peng Liang <liangpeng10@huawei.com>
Signed-off-by: Li Zhang <lizhang@suse.de>
---
block/block-backend.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/block/block-backend.c b/block/block-backend.c
index 12ef80ea170c04a15500b42bc5e7..41e388fe1f30af8f3cf6a872b37a 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -190,6 +190,7 @@ static void blk_root_activate(BdrvChild *child, Error **errp)
{
BlockBackend *blk = child->opaque;
Error *local_err = NULL;
+ uint64_t saved_shared_perm;
if (!blk->disable_perm) {
return;
@@ -197,12 +198,22 @@ static void blk_root_activate(BdrvChild *child, Error **errp)
blk->disable_perm = false;
+ /*
+ * blk->shared_perm contains the permissions we want to share once
+ * migration is really completely done. For now, we need to share
+ * all; but we also need to retain blk->shared_perm, which is
+ * overwritten by a successful blk_set_perm() call. Save it and
+ * restore it below.
+ */
+ saved_shared_perm = blk->shared_perm;
+
blk_set_perm(blk, blk->perm, BLK_PERM_ALL, &local_err);
if (local_err) {
error_propagate(errp, local_err);
blk->disable_perm = true;
return;
}
+ blk->shared_perm = saved_shared_perm;
if (runstate_check(RUN_STATE_INMIGRATE)) {
/* Activation can happen when migration process is still active, for
View Git Blame Copy Permalink