[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 2/2] v2 Fix Block Hotplug race with drive_unplug
From: |
Stefan Hajnoczi |
Subject: |
Re: [Qemu-devel] [PATCH 2/2] v2 Fix Block Hotplug race with drive_unplug() |
Date: |
Tue, 19 Oct 2010 16:21:13 +0100 |
On Tue, Oct 19, 2010 at 3:32 PM, Ryan Harper <address@hidden> wrote:
> Block hot unplug is racy since the guest is required to acknowlege the ACPI
> unplug event; this may not happen synchronously with the device removal
> command
>
> This series aims to close a gap where by mgmt applications that assume the
> block resource has been removed without confirming that the guest has
> acknowledged the removal may re-assign the underlying device to a second guest
> leading to data leakage.
>
> This series introduces a new montor command to decouple asynchornous device
> removal from restricting guest access to a block device. We do this by
> creating
> a new monitor command drive_unplug which maps to a bdrv_unplug() command which
> does a qemu_aio_flush; bdrv_flush() and bdrv_close(). Once complete,
> subsequent
> IO is rejected from the device and the guest will get IO errors but continue
> to
> function.
>
> A subsequent device removal command can be issued to remove the device, to
> which
> the guest may or maynot respond, but as long as the unplugged bit is set, no
> IO
> will be sumbitted.
>
> Changes since v1:
> - Added qemu_aio_flush() before bdrv_flush() to wait on pending io
>
> Signed-off-by: Ryan Harper <address@hidden>
> ---
> block.c | 7 +++++++
> block.h | 1 +
> blockdev.c | 26 ++++++++++++++++++++++++++
> blockdev.h | 1 +
> hmp-commands.hx | 15 +++++++++++++++
> 5 files changed, 50 insertions(+), 0 deletions(-)
Looks good to me.
Stefan
[Qemu-devel] [PATCH 1/2] v2 Add drive_get_by_id, Ryan Harper, 2010/10/19