On Tue, 02/14 11:37, Kevin Wolf wrote:
> Am 14.02.2017 um 07:01 hat Fam Zheng geschrieben:
> > On Mon, 02/13 18:22, Kevin Wolf wrote:
> > > Almost all format drivers have the same characteristics as far as
> > > permissions are concerned: They have one or more children for storing
> > > their own data and, more importantly, metadata (can be written to and
> > > grow even without external write requests, must be protected against
> > > other writers and present consistent data) and optionally a backing file
> > > (this is just data, so like for a filter, it only depends on what the
> > > parent nodes need).
> > >
> > > This provides a default implementation that can be shared by most of
> > > our format drivers.
> > >
> > > Signed-off-by: Kevin Wolf <kw...@redhat.com>
> > > ---
> > > block.c | 37 +++++++++++++++++++++++++++++++++++++
> > > include/block/block_int.h | 8 ++++++++
> > > 2 files changed, 45 insertions(+)
> > >
> > > diff --git a/block.c b/block.c
> > > index 290768d..8e99bb5 100644
> > > --- a/block.c
> > > +++ b/block.c
> > > @@ -1459,6 +1459,43 @@ void bdrv_filter_default_perms(BlockDriverState
> > > *bs, BdrvChild *c,
> > > (c->shared_perm & DEFAULT_PERM_UNCHANGED);
> > > }
> > >
> > > +void bdrv_format_default_perms(BlockDriverState *bs, BdrvChild *c,
> > > + const BdrvChildRole *role,
> > > + uint64_t perm, uint64_t shared,
> > > + uint64_t *nperm, uint64_t *nshared)
> > > +{
> > > + bool backing = (role == &child_backing);
> > > + assert(role == &child_backing || role == &child_file);
> > > +
> > > + if (!backing) {
> > > + /* Apart from the modifications below, the same permissions are
> > > + * forwarded and left alone as for filters */
> > > + bdrv_filter_default_perms(bs, c, role, perm, shared, &perm,
> > > &shared);
> > > +
> > > + /* Format drivers may touch metadata even if the guest doesn't
> > > write */
> > > + if (!bdrv_is_read_only(bs)) {
> > > + perm |= BLK_PERM_WRITE | BLK_PERM_RESIZE;
> > > + }
> > > +
> > > + /* bs->file always needs to be consistent because of the
> > > metadata. We
> > > + * can never allow other users to resize or write to it. */
> > > + perm |= BLK_PERM_CONSISTENT_READ;
> > > + shared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
> > > + } else {
> > > + /* We want consistent read from backing files if the parent
> > > needs it.
> > > + * No other operations are performed on backing files. */
> > > + perm &= BLK_PERM_CONSISTENT_READ;
> >
> > Do you mean "perm &= ~BLK_PERM_CONSISTENT_READ"?
>
> No. As the comment explains, we want to "forward" the CONSISTENT_READ
> permission and clear everything else.
I see, my thinko.
Fam
