mirror of
https://github.com/xemu-project/xemu.git
synced 2024-11-27 21:40:49 +00:00
Block patches for 5.1:
- Let LUKS images only be shared between VMs if the guest device was configured to allow that - Fix abort() from bdrv_aio_cancel() for guest devices without a BDS -----BEGIN PGP SIGNATURE----- iQFGBAABCAAwFiEEkb62CjDbPohX0Rgp9AfbAGHVz0AFAl8W1cUSHG1yZWl0ekBy ZWRoYXQuY29tAAoJEPQH2wBh1c9AA7wH/1ckTrSDMroVi1adBrz+KycA3O9kSmzl Z4qvLEdj/j7oc3ud96faCguPBv36ogjq/Wu7wl2/5ufNCVtr39LQLi7LeUiuzcuM mZaov8BaFPWcVnEyqJKES/VfOB4AbT2LfFhqC+L2VGShsxFDTVOAno6R87Onkkuy 87qN9gs2b77pyhUQxvgKJzfvjDy0YRDyYn30eBo/WisEjfDfLrf2Fv/wpZze0OC8 9cqEvczTU2nQzX5k2NnANbf8Vr/U6H3tay/f/C3FZ0lWHcqWEieIKlWp4iYezsTk B/LKDMWtvPgrZGxmsHrwOs9Y1Tfre3w86PrLXAC44WpX6OghhXKNKrQ= =BV7d -----END PGP SIGNATURE----- Merge remote-tracking branch 'remotes/maxreitz/tags/pull-block-2020-07-21' into staging Block patches for 5.1: - Let LUKS images only be shared between VMs if the guest device was configured to allow that - Fix abort() from bdrv_aio_cancel() for guest devices without a BDS # gpg: Signature made Tue 21 Jul 2020 12:47:17 BST # gpg: using RSA key 91BEB60A30DB3E8857D11829F407DB0061D5CF40 # gpg: issuer "mreitz@redhat.com" # gpg: Good signature from "Max Reitz <mreitz@redhat.com>" [full] # Primary key fingerprint: 91BE B60A 30DB 3E88 57D1 1829 F407 DB00 61D5 CF40 * remotes/maxreitz/tags/pull-block-2020-07-21: block: fix bdrv_aio_cancel() for ENOMEDIUM requests qemu-iotests: add testcase for bz #1857490 block/crypto: disallow write sharing by default Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
commit
98d897eb4b
@ -1394,8 +1394,16 @@ typedef struct BlkAioEmAIOCB {
|
||||
bool has_returned;
|
||||
} BlkAioEmAIOCB;
|
||||
|
||||
static AioContext *blk_aio_em_aiocb_get_aio_context(BlockAIOCB *acb_)
|
||||
{
|
||||
BlkAioEmAIOCB *acb = container_of(acb_, BlkAioEmAIOCB, common);
|
||||
|
||||
return blk_get_aio_context(acb->rwco.blk);
|
||||
}
|
||||
|
||||
static const AIOCBInfo blk_aio_em_aiocb_info = {
|
||||
.aiocb_size = sizeof(BlkAioEmAIOCB),
|
||||
.get_aio_context = blk_aio_em_aiocb_get_aio_context,
|
||||
};
|
||||
|
||||
static void blk_aio_complete(BlkAioEmAIOCB *acb)
|
||||
|
@ -881,7 +881,7 @@ block_crypto_child_perms(BlockDriverState *bs, BdrvChild *c,
|
||||
* For backward compatibility, manually share the write
|
||||
* and resize permission
|
||||
*/
|
||||
*nshared |= (BLK_PERM_WRITE | BLK_PERM_RESIZE);
|
||||
*nshared |= shared & (BLK_PERM_WRITE | BLK_PERM_RESIZE);
|
||||
/*
|
||||
* Since we are not fully a format driver, don't always request
|
||||
* the read/resize permission but only when explicitly
|
||||
|
@ -133,6 +133,21 @@ class EncryptionSetupTestCase(iotests.QMPTestCase):
|
||||
)
|
||||
self.assert_qmp(result, 'return', {})
|
||||
|
||||
|
||||
###########################################################################
|
||||
# add virtio-blk consumer for a block device
|
||||
def addImageUser(self, vm, id, disk_id, share_rw=False):
|
||||
result = vm.qmp('device_add', **
|
||||
{
|
||||
'driver': 'virtio-blk',
|
||||
'id': id,
|
||||
'drive': disk_id,
|
||||
'share-rw' : share_rw
|
||||
}
|
||||
)
|
||||
|
||||
iotests.log(result)
|
||||
|
||||
# close the encrypted block device
|
||||
def closeImageQmp(self, vm, id):
|
||||
result = vm.qmp('blockdev-del', **{ 'node-name': id })
|
||||
@ -159,7 +174,7 @@ class EncryptionSetupTestCase(iotests.QMPTestCase):
|
||||
vm.run_job('job0')
|
||||
|
||||
# test that when the image opened by two qemu processes,
|
||||
# neither of them can update the image
|
||||
# neither of them can update the encryption keys
|
||||
def test1(self):
|
||||
self.createImg(test_img, self.secrets[0]);
|
||||
|
||||
@ -193,6 +208,9 @@ class EncryptionSetupTestCase(iotests.QMPTestCase):
|
||||
os.remove(test_img)
|
||||
|
||||
|
||||
# test that when the image opened by two qemu processes,
|
||||
# even if first VM opens it read-only, the second can't update encryption
|
||||
# keys
|
||||
def test2(self):
|
||||
self.createImg(test_img, self.secrets[0]);
|
||||
|
||||
@ -226,6 +244,30 @@ class EncryptionSetupTestCase(iotests.QMPTestCase):
|
||||
self.closeImageQmp(self.vm1, "testdev")
|
||||
os.remove(test_img)
|
||||
|
||||
# test that two VMs can't open the same luks image by default
|
||||
# and attach it to a guest device
|
||||
def test3(self):
|
||||
self.createImg(test_img, self.secrets[0]);
|
||||
|
||||
self.openImageQmp(self.vm1, "testdev", test_img, self.secrets[0])
|
||||
self.addImageUser(self.vm1, "testctrl", "testdev")
|
||||
|
||||
self.openImageQmp(self.vm2, "testdev", test_img, self.secrets[0])
|
||||
self.addImageUser(self.vm2, "testctrl", "testdev")
|
||||
|
||||
|
||||
# test that two VMs can attach the same luks image to a guest device,
|
||||
# if both use share-rw=on
|
||||
def test4(self):
|
||||
self.createImg(test_img, self.secrets[0]);
|
||||
|
||||
self.openImageQmp(self.vm1, "testdev", test_img, self.secrets[0])
|
||||
self.addImageUser(self.vm1, "testctrl", "testdev", share_rw=True)
|
||||
|
||||
self.openImageQmp(self.vm2, "testdev", test_img, self.secrets[0])
|
||||
self.addImageUser(self.vm2, "testctrl", "testdev", share_rw=True)
|
||||
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
# support only raw luks since luks encrypted qcow2 is a proper
|
||||
|
@ -26,8 +26,16 @@ Job failed: Failed to get shared "consistent read" lock
|
||||
{"return": {}}
|
||||
{"execute": "job-dismiss", "arguments": {"id": "job0"}}
|
||||
{"return": {}}
|
||||
..
|
||||
Formatting 'TEST_DIR/test.img', fmt=luks size=1048576 key-secret=keysec0 iter-time=10
|
||||
|
||||
{"return": {}}
|
||||
{"error": {"class": "GenericError", "desc": "Failed to get \"write\" lock"}}
|
||||
Formatting 'TEST_DIR/test.img', fmt=luks size=1048576 key-secret=keysec0 iter-time=10
|
||||
|
||||
{"return": {}}
|
||||
{"return": {}}
|
||||
....
|
||||
----------------------------------------------------------------------
|
||||
Ran 2 tests
|
||||
Ran 4 tests
|
||||
|
||||
OK
|
||||
|
Loading…
Reference in New Issue
Block a user