Am 20.04.2017 um 09:52 hat Fam Zheng geschrieben:
> Signed-off-by: Fam Zheng
> ---
> block.c | 12 +---
> 1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/block.c b/block.c
> index 1fbbb8d..f5182d8 100644
> --- a/block.c
> +++ b/block.c
> @@ -1722,9 +1722,15 @@ void bdrv_format_default_perms(BlockDriverState *bs,
> BdrvChild *c,
> }
>
> /* bs->file always needs to be consistent because of the metadata. We
> - * can never allow other users to resize or write to it. */
> -perm |= BLK_PERM_CONSISTENT_READ;
> -shared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
> + * cannot allow other users to resize or write to it unless the
> caller
> + * explicitly expects unsafe readings. */
> +if (!(bdrv_get_flags(bs) & BDRV_O_UNSAFE_READ)) {
We have already spent considerable time to get rid of flags and instead
convert them into options passed in the QDict, so that they become
configurable with things like blockdev-add. Adding new flags potentially
moves in the opposite direction, so we have to be careful there.
I would be okay with patch 1, because in this case it's basically just a
shortcut for callers of blk_new_open(), which is fine. As soon as we
start querying the flag later and even rely on it being inherited, like
in this patch, I think it becomes a problem.
So if we need the flag in all nodes, can we make it an option that is
parsed in bdrv_open_common() into a bool bs->unsafe_read and inherited
explicitly in bdrv_inherited_options() and bdrv_backing_options()?
> +perm |= BLK_PERM_CONSISTENT_READ;
> +shared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
> +} else {
> +perm &= ~BLK_PERM_CONSISTENT_READ;
> +shared |= BLK_PERM_WRITE | BLK_PERM_RESIZE;
> +}
I'm not completely sure why we would be interested in CONSISTENT_READ
anyway, isn't allowing shared writes what we really need? (Which you
already do here in addition to dropping CONSISTENT_READ, without it
being mentioned in the commit message.)
Also, another thought: Being only at the start of the series, I'm not
sure what this will be used for, but can we make sure that unsafe_read
is only set if the image is opened read-only? If this is for the
libguestfs use case, this restriction should be fine.
Kevin