Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

2018-02-12 Thread Daniel P . Berrangé 
On Mon, Feb 12, 2018 at 01:42:11PM +0100, Kevin Wolf wrote:
> Am 12.02.2018 um 11:02 hat Daniel P. Berrangé geschrieben:
> > On Mon, Feb 12, 2018 at 10:58:31AM +0100, Paolo Bonzini wrote:
> > > On 10/02/2018 00:07, John Snow wrote:
> > > >> +/* Early check to avoid creating target */
> > > >> +if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_MIRROR_SOURCE, errp)) {
> > > >> +return;
> > > >> +}
> > > >> +
> > > >>  aio_context = bdrv_get_aio_context(bs);
> > > >>  aio_context_acquire(aio_context);
> > > >>  
> > > >>
> > > > What's the implication of the temporarily-extant target node that it
> > > > needs to be avoided so strictly?
> > > > 
> > > 
> > > Creating a file on disk, that no one will ever remvoe. :)
> > 
> > Fortunately libvirt's SELinux policy will probably prevent QEMU creating
> > it in the first place :-)
> 
> Well, calling drive-mirror without allowing QEMU to create the target
> image would be a bit pointless, so I think we can assume that libvirt
> did set up the file permission so that QEMU can create it. (Unless
> mode=existing is used, but I understand that libvirt doesn't want to
> create images with qemu-img, so that doesn't seem to be the case...)

We use either mode=existing or mode=absolute-paths depending on what
the mgmt app asked for in the API call to libvirt. I'm still kind of
suprised if mode=absolute-paths will work because we ought to be
blocking the creation of the file AFAIK and we can't pre-label a file
that doesn't exist yet.

Regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

2018-02-12 Thread Kevin Wolf 
Am 12.02.2018 um 11:02 hat Daniel P. Berrangé geschrieben:
> On Mon, Feb 12, 2018 at 10:58:31AM +0100, Paolo Bonzini wrote:
> > On 10/02/2018 00:07, John Snow wrote:
> > >> +/* Early check to avoid creating target */
> > >> +if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_MIRROR_SOURCE, errp)) {
> > >> +return;
> > >> +}
> > >> +
> > >>  aio_context = bdrv_get_aio_context(bs);
> > >>  aio_context_acquire(aio_context);
> > >>  
> > >>
> > > What's the implication of the temporarily-extant target node that it
> > > needs to be avoided so strictly?
> > > 
> > 
> > Creating a file on disk, that no one will ever remvoe. :)
> 
> Fortunately libvirt's SELinux policy will probably prevent QEMU creating
> it in the first place :-)

Well, calling drive-mirror without allowing QEMU to create the target
image would be a bit pointless, so I think we can assume that libvirt
did set up the file permission so that QEMU can create it. (Unless
mode=existing is used, but I understand that libvirt doesn't want to
create images with qemu-img, so that doesn't seem to be the case...)

I don't know if libvirt takes care to remove a potentially already
created file if the command then fails, but hopefully it does and the
patch is not actually needed with libvirt.

Kevin

Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

2018-02-12 Thread Daniel P . Berrangé 
On Mon, Feb 12, 2018 at 10:58:31AM +0100, Paolo Bonzini wrote:
> On 10/02/2018 00:07, John Snow wrote:
> >> +/* Early check to avoid creating target */
> >> +if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_MIRROR_SOURCE, errp)) {
> >> +return;
> >> +}
> >> +
> >>  aio_context = bdrv_get_aio_context(bs);
> >>  aio_context_acquire(aio_context);
> >>  
> >>
> > What's the implication of the temporarily-extant target node that it
> > needs to be avoided so strictly?
> > 
> 
> Creating a file on disk, that no one will ever remvoe. :)

Fortunately libvirt's SELinux policy will probably prevent QEMU creating
it in the first place :-)

Regards,
Daniel
-- 
|: https://berrange.com  -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|

Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

2018-02-12 Thread Paolo Bonzini 
On 10/02/2018 00:07, John Snow wrote:
>> +/* Early check to avoid creating target */
>> +if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_MIRROR_SOURCE, errp)) {
>> +return;
>> +}
>> +
>>  aio_context = bdrv_get_aio_context(bs);
>>  aio_context_acquire(aio_context);
>>  
>>
> What's the implication of the temporarily-extant target node that it
> needs to be avoided so strictly?
> 

Creating a file on disk, that no one will ever remvoe. :)

Paolo

Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

2018-02-09 Thread John Snow 


On 02/07/2018 11:29 AM, Paolo Bonzini wrote:
> Even if an op blocker is present for BLOCK_OP_TYPE_MIRROR_SOURCE,
> it is checked a bit late and the result is that the target is
> created even if drive-mirror subsequently fails.  Add an early
> check to avoid this.
> 
> Signed-off-by: Paolo Bonzini 
> ---
>  blockdev.c | 5 +
>  1 file changed, 5 insertions(+)
> 
> diff --git a/blockdev.c b/blockdev.c
> index 8e977eef11..c7e2e0a00e 100644
> --- a/blockdev.c
> +++ b/blockdev.c
> @@ -3565,6 +3565,11 @@ void qmp_drive_mirror(DriveMirror *arg, Error **errp)
>  return;
>  }
>  
> +/* Early check to avoid creating target */
> +if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_MIRROR_SOURCE, errp)) {
> +return;
> +}
> +
>  aio_context = bdrv_get_aio_context(bs);
>  aio_context_acquire(aio_context);
>  
> 

What's the implication of the temporarily-extant target node that it
needs to be avoided so strictly?

Re: [Qemu-block] [Qemu-devel] [PATCH] block: early check for blockers on drive-mirror

2018-02-07 Thread Fam Zheng 
On Wed, 02/07 17:29, Paolo Bonzini wrote:
> Even if an op blocker is present for BLOCK_OP_TYPE_MIRROR_SOURCE,
> it is checked a bit late and the result is that the target is
> created even if drive-mirror subsequently fails.  Add an early
> check to avoid this.
> 
> Signed-off-by: Paolo Bonzini 
> ---
>  blockdev.c | 5 +
>  1 file changed, 5 insertions(+)
> 
> diff --git a/blockdev.c b/blockdev.c
> index 8e977eef11..c7e2e0a00e 100644
> --- a/blockdev.c
> +++ b/blockdev.c
> @@ -3565,6 +3565,11 @@ void qmp_drive_mirror(DriveMirror *arg, Error **errp)
>  return;
>  }
>  
> +/* Early check to avoid creating target */
> +if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_MIRROR_SOURCE, errp)) {
> +return;
> +}
> +
>  aio_context = bdrv_get_aio_context(bs);
>  aio_context_acquire(aio_context);
>  
> -- 
> 2.14.3
> 
> 

Reviewed-by: Fam Zheng