On Thu, Nov 03, 2016 at 08:19:04PM +0800, Michal Privoznik wrote: > Now that security drivers are capable of writing into virUdevMgr > module, we also need it to flush its internal database right > after that. > > Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> > --- > src/qemu/qemu_domain.c | 12 +++++++++++- > src/qemu/qemu_domain.h | 3 ++- > src/qemu/qemu_driver.c | 9 +++++++-- > src/qemu/qemu_hotplug.c | 35 ++++++++++++++++++++++++++++------- > src/qemu/qemu_process.c | 47 +++++++++++++++++++++++++++++++++++++++++++++-- > src/qemu/qemu_process.h | 3 +++ > 6 files changed, 96 insertions(+), 13 deletions(-) > diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c > index 1b67aee..10f29ff 100644 > --- a/src/qemu/qemu_process.c > +++ b/src/qemu/qemu_process.c > @@ -5499,6 +5499,9 @@ qemuProcessLaunch(virConnectPtr conn, > */ > ret = -2; > > + if (qemuProcessFlushUdev(driver) < 0) > + goto cleanup; This is leaving a non-negligable delay between the point at which libvirt sets the labels, and when we write out the new udev data, and thus potential for racing with udev still. IMHO, we need to be saving out any data related to a device immediately *before* setting labelling on that device. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list