Right now, all users of bdrv_make_empty() call the BlockDriver method
directly. That is not only bad style, it is also wrong, unless the
caller has a BdrvChild with a WRITE or WRITE_UNCHANGED permission.
(WRITE_UNCHANGED suffices, because callers generally use this function
to clear a node with a backing file after a commit operation.)
Introduce bdrv_make_empty() that verifies that it does.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <
20200429141126.85159-2-mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
parent_bs->drv->bdrv_del_child(parent_bs, child, errp);
}
+
+int bdrv_make_empty(BdrvChild *c, Error **errp)
+{
+ BlockDriver *drv = c->bs->drv;
+ int ret;
+
+ assert(c->perm & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED));
+
+ if (!drv->bdrv_make_empty) {
+ error_setg(errp, "%s does not support emptying nodes",
+ drv->format_name);
+ return -ENOTSUP;
+ }
+
+ ret = drv->bdrv_make_empty(c->bs);
+ if (ret < 0) {
+ error_setg_errno(errp, -ret, "Failed to empty %s",
+ c->bs->filename);
+ return ret;
+ }
+
+ return 0;
+}
void bdrv_get_geometry(BlockDriverState *bs, uint64_t *nb_sectors_ptr);
void bdrv_refresh_limits(BlockDriverState *bs, Error **errp);
int bdrv_commit(BlockDriverState *bs);
+int bdrv_make_empty(BdrvChild *c, Error **errp);
int bdrv_change_backing_file(BlockDriverState *bs,
const char *backing_file, const char *backing_fmt);
void bdrv_register(BlockDriver *bdrv);