On Fri, Mar 13, 2015 at 07:01:06AM -0600, Eric Blake wrote: > On 03/13/2015 02:02 AM, Peter Krempa wrote: > >> @@ -16172,8 +16169,12 @@ qemuDomainBlockJobImpl(virDomainObjPtr vm, > >> } > >> > >> qemuDomainObjEnterMonitor(driver, vm); > >> - ret = qemuMonitorBlockJob(priv->mon, device, basePath, backingPath, > >> - speed, mode, async); > >> + if (baseSource) > >> + basePath = qemuMonitorDiskNameLookup(priv->mon, device, disk->src, > > > > I remember that at some point accessing of domain definition while in > > the monitor was not okay for some reason, but I can't now remember why > > nor whether it was fixed. > > Oh, right. You're thinking of CVE-2013-6458. That problem was that as > soon as we enter the monitor, we drop locks. If we do not already own a > block job, then some other parallel API could be hot-unplugging a disk > before we regain control, freeing 'disk' before we dereference it. But > we fixed that problem by guaranteeing that we always own the job early > enough (no other thread can hot-unplug the disk as long as we own the > job), so it is not an issue for this patch. > > > >> - * Copyright (C) 2006-2014 Red Hat, Inc. > >> + * Copyright (C) 2006-2015 Red Hat, Inc. > > > > Shouldn't we employ something as in gnulib, where copyrights would be > > bumped at once everywhere? > > Might be nice, but one wrinkle. Gnulib has a single copyright holder > (FSF), so they can afford to bump all files at once (the bump is also > owned by FSF, so FSF adding another year to its copyright is > appropriate). But libvirt is split among multiple copyright holders - > Red Hat can't claim copyright over all files, so it wouldn't be wise to > bump all files, just the ones that Red Hat has already touched. > > Personally, I've just got an emacs hook that checks if any file I touch > has an up-to-date copyright line. Technically there is no need to actually assert copyright over the code at all, since copyright is an automatic right you get the moment you author the code. Given that the copyright notice is not even required in the first place, asserting a year alongside the copyright notice is by implication not required either, nor is updating the year when you change code. Adding the Copyright lines is at most an informative step, to assist those reading the code in seeing its providence & ownership. Of course GIT history is much more useful for that purpose, but not everyone will receive a copy of GIT repo when they receive the code. In essence, the Copyright lines had a moderate benefit in clarifying ownership, but no legal benefit. By all means include a date when first starting a new file, but I think updating existing dates is pretty much a waste of time. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list