diff options
| author | Kevin Wolf <kwolf@redhat.com> | 2017-05-04 18:52:38 +0200 |
|---|---|---|
| committer | Kevin Wolf <kwolf@redhat.com> | 2017-05-11 12:08:24 +0200 |
| commit | cfa1a5723f0fc8eb6563fb1d19c206fd5e40cd41 (patch) | |
| tree | 1b9b918ff73c1e5b7504c084ce91f919cdc86a49 | |
| parent | 4417ab7adf1613799054be5afedf810fc2524ee8 (diff) | |
| download | focaccia-qemu-cfa1a5723f0fc8eb6563fb1d19c206fd5e40cd41.tar.gz focaccia-qemu-cfa1a5723f0fc8eb6563fb1d19c206fd5e40cd41.zip | |
block: Drop permissions when migration completes
With image locking, permissions affect other qemu processes as well. We want to be sure that the destination can run, so let's drop permissions on the source when migration completes. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
| -rw-r--r-- | block.c | 12 | ||||
| -rw-r--r-- | block/block-backend.c | 25 | ||||
| -rw-r--r-- | include/block/block_int.h | 7 |
3 files changed, 40 insertions, 4 deletions
diff --git a/block.c b/block.c index c8e6de29f0..444a52e331 100644 --- a/block.c +++ b/block.c @@ -4019,7 +4019,7 @@ void bdrv_invalidate_cache_all(Error **errp) static int bdrv_inactivate_recurse(BlockDriverState *bs, bool setting_flag) { - BdrvChild *child; + BdrvChild *child, *parent; int ret; if (!setting_flag && bs->drv->bdrv_inactivate) { @@ -4038,6 +4038,16 @@ static int bdrv_inactivate_recurse(BlockDriverState *bs, if (setting_flag) { bs->open_flags |= BDRV_O_INACTIVE; + + QLIST_FOREACH(parent, &bs->parents, next_parent) { + if (parent->role->inactivate) { + ret = parent->role->inactivate(parent); + if (ret < 0) { + bs->open_flags &= ~BDRV_O_INACTIVE; + return ret; + } + } + } } return 0; } diff --git a/block/block-backend.c b/block/block-backend.c index a7ce72b325..f3a60081a7 100644 --- a/block/block-backend.c +++ b/block/block-backend.c @@ -156,6 +156,30 @@ static void blk_root_activate(BdrvChild *child, Error **errp) } } +static int blk_root_inactivate(BdrvChild *child) +{ + BlockBackend *blk = child->opaque; + + if (blk->disable_perm) { + return 0; + } + + /* Only inactivate BlockBackends for guest devices (which are inactive at + * this point because the VM is stopped) and unattached monitor-owned + * BlockBackends. If there is still any other user like a block job, then + * we simply can't inactivate the image. */ + if (!blk->dev && !blk->name[0]) { + return -EPERM; + } + + blk->disable_perm = true; + if (blk->root) { + bdrv_child_try_set_perm(blk->root, 0, BLK_PERM_ALL, &error_abort); + } + + return 0; +} + static const BdrvChildRole child_root = { .inherit_options = blk_root_inherit_options, @@ -168,6 +192,7 @@ static const BdrvChildRole child_root = { .drained_end = blk_root_drained_end, .activate = blk_root_activate, + .inactivate = blk_root_inactivate, }; /* diff --git a/include/block/block_int.h b/include/block/block_int.h index 563792580c..5750a448a6 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -473,10 +473,11 @@ struct BdrvChildRole { void (*drained_begin)(BdrvChild *child); void (*drained_end)(BdrvChild *child); - /* Notifies the parent that the child has been activated (e.g. when - * migration is completing) and it can start requesting permissions and - * doing I/O on it. */ + /* Notifies the parent that the child has been activated/inactivated (e.g. + * when migration is completing) and it can start/stop requesting + * permissions and doing I/O on it. */ void (*activate)(BdrvChild *child, Error **errp); + int (*inactivate)(BdrvChild *child); void (*attach)(BdrvChild *child); void (*detach)(BdrvChild *child); |