Re: [RFC PATCH] Prevent defining a domain has disk used by other domain

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/23/2011 02:17 AM, Osier Yang wrote:
> Hmm, preventing the relabeling in security driver instead might be the
> more proper way? (If the disk source is used by other *running* domain,
> then quit relabeling and exit with error).

No, prevent the relabeling in the lock manager.  If one domain is
running and the lock manager is running, that should be sufficient to
prevent any other domain from starting with the same disk, even before
we get to the labeling point.

> 
> However, this won't prevent one using same disk source for multiple domains
> if security_driver is disabled.
> 
> And if security_driver is disabled, there will be no permission problem, all
> the domains can write to the same disk source, thus it might cause
> inconsistency
> between the domains or corrupt.
> 
>> to see whether if the pricinple
>> is right or not.

The principle here is whether the lock manager is running.  Only if you
can still reproduce the problem with a lock manager (whether sanlock or
fcntl) do we have a bug to fix.

-- 
Eric Blake   eblake@xxxxxxxxxx    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]