[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] block: disable I/O limits at the beginning of b
From: |
Fam Zheng |
Subject: |
Re: [Qemu-devel] [PATCH] block: disable I/O limits at the beginning of bdrv_close() |
Date: |
Mon, 28 Sep 2015 08:18:33 +0800 |
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Fri, 09/25 16:31, Alberto Garcia wrote:
> On Fri 25 Sep 2015 04:22:26 PM CEST, Eric Blake wrote:
>
> >> Disabling I/O limits from a BDS also drains all pending throttled
> >> requests, so it should be done at the beginning of bdrv_close() with
> >> the rest of the bdrv_drain() calls before the BlockDriver is closed.
> >
> > Can this be abused? If I have a guest running in a cloud where the
> > cloud provider has put severe throttling limits on me, but lets me
> > hotplug to my heart's content, couldn't I just repeatedly plug/unplug
> > the disk to get around the throttling (every time I unplug, all writes
> > flush at full speed, then I immediately replug to start batching up a
> > new set of writes). In other words, shouldn't the draining still be
> > throttled, to prevent my abuse?
>
> I didn't think about this case, and I don't know how practical this is,
> but note that bdrv_drain() (which is already at the beginning of
> bdrv_close()) flushes the I/O queue explicitly bypassing the limits, so
> other cases where a user can trigger a bdrv_drain() would also be
> vulnerable to this.
>
Yes, the issue is pre-existing. This patch only reordered things inside
bdrv_close() so it's no worse.
But indeed there is this vulnerability, maybe we should throttle the queue in
all cases?
Fam