On 01/31/2012 12:58 PM, Laine Stump wrote: > The original doc entry for rawio didn't mention the values it could > have, the default, or the fact that setting it to "yes" for one disk > effectively set it to "yes" for all disks in the domain. That's true for now, but hopefully something we can change in the future (then again, if we change it in the future, we can also update the docs at that time). The idea is that the kernel already has the ability to maintain whitelists of valid ioctls per device, and it already has a cgroup for maintaining which devices can be accessed by various process groups. The logical conclusion - we need a new cgroup control file under the 'devices' cgroup which lets us tune the per-device whitelist of whether rawio ioctls are allowed. Once that is in place in the kernel, then libvirt can be taught to expose rawio only for the specified device, rather than its current behavior of forcing the enablement of rawio on all other devices tied to the process. > --- > > Pushed under the trivial rule. > > docs/formatdomain.html.in | 11 ++++++++--- > 1 files changed, 8 insertions(+), 3 deletions(-) > > diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in > index a025a8e..d58a5e1 100644 > --- a/docs/formatdomain.html.in > +++ b/docs/formatdomain.html.in > @@ -1097,9 +1097,14 @@ > actual raw devices, never for individual partitions or LVM > partitions (in those cases, the kernel will reject the generic > SCSI commands, making it identical to device='disk'). > - The optional <code>rawio</code> attribute indicates that the disk > - is desirous of rawio capability. This attribute is only valid when > - device is "lun". > + The optional <code>rawio</code> attribute > + (<span class="since">since 0.9.10</span>) indicates whether > + the disk is needs rawio capability; valid settings are "yes" > + or "no" (default is "no"). If any one disk in a domain has > + rawio='yes', rawio capability will be enabled for all disks in > + the domain (because, in the case of QEMU, this capability can > + only be set on a per-process basis). This attribute is only > + valid when device is "lun". If anything, it might be worth tweaking this wording to state: Currently, if any one disk in a domain has rawio='yes', this implies that all other devices can use rawio; but this is expected to change in the future if the kernel is improved to limit rawio to a per-device rather than a per-process basis. -- Eric Blake eblake@xxxxxxxxxx +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list