On Tue, Nov 02, 2010 at 04:43:06PM -0600, Eric Blake wrote:
On 10/25/2010 09:28 AM, Daniel P. Berrange wrote:
On Fri, Oct 22, 2010 at 09:14:22AM -0500, Ryan Harper wrote:
Currently libvirt doesn't confirm whether the guest has responded to the disk removal request. In some cases this can leave the guest with continued access to the device while the mgmt layer believes that it has been removed. With a recent qemu monitor command[1] we can deterministically revoke a guests access to the disk (on the QEMU side) to ensure no futher access is permitted.
This patch adds support for the drive_unplug() command and introduces it in the disk removal paths. There is some discussion to be had about how to handle the case where the guest is running in a QEMU without this command (and the fact that we currently don't have a way of detecting what monitor commands are available).
Changes since v2: - use VIR_ERROR to report when unplug command not found Changes since v1: - return > 0 when command isn't present, < 0 on command failure - detect when drive_unplug command isn't present and log error instead of failing entire command
This looks good to me now, ACK, pending my testing with old QEMU versions under the TCK
Is there any further TCK testing needed for this before we push, or should I go ahead and push it now?
I'm not clear that they have accepted the drive_unplug command into QEMU GIT yet, since there is still a huge ongoing discussion about it on the qemu mailing list, and the QEMU git server has been unavailable for days now :-( Until I can confirm and test this, we'll have to wait. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|