On Thu, Nov 29, 2012 at 14:48:41 -0700, Eric Blake wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=876828 > > Commit 38c4a9cc introduced a regression in hot unplugging of disks > from qemu, where cgroup device ACLs were no longer being revoked > (thankfully not a security hole: cgroup ACLs only prevent open() > of the disk; so reverting the ACL prevents future abuse but doesn't > stop abuse from an fd that was already opened before the ACL change). > > Commit 1b2ebf95 overlooked that there were two spots affected. > > * src/qemu/qemu_hotplug.c (qemuDomainDetachDiskDevice): > Transfer backing chain before deletion. > * src/qemu/qemu_driver.c (qemuDomainDetachDeviceDiskLive): Fix > spacing (partly to ensure a different-looking patch). > --- > > I blame git for letting me find this - I did a 'pull --rebase' on > top of libvirt.git, and noticed that my working patch was still > on the tree - it turns out that the hunk for qemu_hotplug.c is > _identical_ except for the context of the function name needing > a fix. I still wish git would be more vocal when it finds an > alternate place to apply a patch when function names don't match. ACK Jirka -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list