Skip to content

Commit

Permalink
block: Deprecate bdrv_set_read_only() and users
Browse files Browse the repository at this point in the history 
bdrv_set_read_only() is used by some block drivers to override the
read-only option given by the user. This is not how read-only images
generally work in QEMU: Instead of second guessing what the user really
meant (which currently includes making an image read-only even if the
user didn't only use the default, but explicitly said read-only=off), we
should error out if we can't provide what the user requested.

This adds deprecation warnings to all callers of bdrv_set_read_only() so
that the behaviour can be corrected after the usual deprecation period.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
  • Loading branch information
@kevmw
kevmw committed Nov 17, 2017
1 parent f66afbe commit 398e6ad
Show file tree
Hide file tree
Showing 7 changed files with 54 additions and 16 deletions.
5 changes: 5 additions & 0 deletions block.c
View file
Expand Up @@ -261,6 +261,11 @@ int bdrv_can_set_read_only(BlockDriverState *bs, bool read_only,
return 0;
}

/* TODO Remove (deprecated since 2.11)
* Block drivers are not supposed to automatically change bs->read_only.
* Instead, they should just check whether they can provide what the user
* explicitly requested and error out if read-write is requested, but they can
* only provide read-only access. */
int bdrv_set_read_only(BlockDriverState *bs, bool read_only, Error **errp)
{
int ret = 0;
Expand Down
13 changes: 10 additions & 3 deletions block/bochs.c
View file
Expand Up @@ -28,6 +28,7 @@
#include "block/block_int.h"
#include "qemu/module.h"
#include "qemu/bswap.h"
#include "qemu/error-report.h"

/**************************************************************/

Expand Down Expand Up @@ -110,9 +111,15 @@ static int bochs_open(BlockDriverState *bs, QDict *options, int flags,
return -EINVAL;
}

ret = bdrv_set_read_only(bs, true, errp); /* no write support yet */
if (ret < 0) {
return ret;
if (!bdrv_is_read_only(bs)) {
error_report("Opening bochs images without an explicit read-only=on "
"option is deprecated. Future versions will refuse to "
"open the image instead of automatically marking the "
"image read-only.");
ret = bdrv_set_read_only(bs, true, errp); /* no write support yet */
if (ret < 0) {
return ret;
}
}

ret = bdrv_pread(bs->file, 0, &bochs, sizeof(bochs));
Expand Down
13 changes: 10 additions & 3 deletions block/cloop.c
View file
Expand Up @@ -23,6 +23,7 @@
*/
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qemu/error-report.h"
#include "qemu-common.h"
#include "block/block_int.h"
#include "qemu/module.h"
Expand Down Expand Up @@ -72,9 +73,15 @@ static int cloop_open(BlockDriverState *bs, QDict *options, int flags,
return -EINVAL;
}

ret = bdrv_set_read_only(bs, true, errp);
if (ret < 0) {
return ret;
if (!bdrv_is_read_only(bs)) {
error_report("Opening cloop images without an explicit read-only=on "
"option is deprecated. Future versions will refuse to "
"open the image instead of automatically marking the "
"image read-only.");
ret = bdrv_set_read_only(bs, true, errp);
if (ret < 0) {
return ret;
}
}

/* read header */
Expand Down
12 changes: 9 additions & 3 deletions block/dmg.c
View file
Expand Up @@ -419,9 +419,15 @@ static int dmg_open(BlockDriverState *bs, QDict *options, int flags,
return -EINVAL;
}

ret = bdrv_set_read_only(bs, true, errp);
if (ret < 0) {
return ret;
if (!bdrv_is_read_only(bs)) {
error_report("Opening dmg images without an explicit read-only=on "
"option is deprecated. Future versions will refuse to "
"open the image instead of automatically marking the "
"image read-only.");
ret = bdrv_set_read_only(bs, true, errp);
if (ret < 0) {
return ret;
}
}

block_module_load_one("dmg-bz2");
Expand Down
14 changes: 10 additions & 4 deletions block/rbd.c
View file
Expand Up @@ -665,10 +665,16 @@ static int qemu_rbd_open(BlockDriverState *bs, QDict *options, int flags,
/* If we are using an rbd snapshot, we must be r/o, otherwise
* leave as-is */
if (s->snap != NULL) {
r = bdrv_set_read_only(bs, true, &local_err);
if (r < 0) {
error_propagate(errp, local_err);
goto failed_open;
if (!bdrv_is_read_only(bs)) {
error_report("Opening rbd snapshots without an explicit "
"read-only=on option is deprecated. Future versions "
"will refuse to open the image instead of "
"automatically marking the image read-only.");
r = bdrv_set_read_only(bs, true, &local_err);
if (r < 0) {
error_propagate(errp, local_err);
goto failed_open;
}
}
}

Expand Down
6 changes: 5 additions & 1 deletion block/vvfat.c
View file
Expand Up @@ -1259,7 +1259,11 @@ static int vvfat_open(BlockDriverState *bs, QDict *options, int flags,
"Unable to set VVFAT to 'rw' when drive is read-only");
goto fail;
}
} else {
} else if (!bdrv_is_read_only(bs)) {
error_report("Opening non-rw vvfat images without an explicit "
"read-only=on option is deprecated. Future versions "
"will refuse to open the image instead of "
"automatically marking the image read-only.");
/* read only is the default for safety */
ret = bdrv_set_read_only(bs, true, &local_err);
if (ret < 0) {
Expand Down
7 changes: 5 additions & 2 deletions qapi/block-core.json
View file
Expand Up @@ -3134,8 +3134,11 @@
# This option is required on the top level of blockdev-add.
# @discard: discard-related options (default: ignore)
# @cache: cache-related options
# @read-only: whether the block device should be read-only
# (default: false)
# @read-only: whether the block device should be read-only (default: false).
# Note that some block drivers support only read-only access,
# either generally or in certain configurations. In this case,
# the default value does not work and the option must be
# specified explicitly.
# @detect-zeroes: detect and optimize zero writes (Since 2.1)
# (default: off)
# @force-share: force share all permission on added nodes.
Expand Down

0 comments on commit 398e6ad

Please sign in to comment.