
On Thu, Feb 02, 2017 at 12:47:30PM +0000, Richard W.M. Jones wrote:
On Wed, Feb 01, 2017 at 04:54:01PM +0000, Daniel P. Berrange wrote:
The virtlockd daemon has existed for years now, but we have never turned it on by default, requiring explicit user opt-in. This leaves users unprotected against accidents out of the box.
By turning it on by default, users will at least be protected for mistakes involving local files, and files on shared filesystems that support fcntl() (eg NFS).
What are the implications of this for passively reading live disks? (a la tools such as virt-df)
None - at this time, a disk marked <readonly/> won't acquire any locks. We map <readonly/> -> no lock <shareable/> -> fnctl read lock default -> fcntl write lock In future we'll likely copy the trick qemu has done to use a pair of fcntl locks on separate bytes, in order to map all combinations to locks. As long as you always mark disks <readonly/> though you should be fine no matter what we do. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|