On 15.07.2011 16:29, Eric Blake wrote:
On 07/15/2011 07:58 AM, Michal Privoznik wrote:
Right now it is possible to undefine an active interface, or destroy inactive. This patch add some checking to these operations to prevent this. Also fix test driver.
I'm inclined to NACK this on design principles (I haven't read the patch itself, though). Given the discussion about domains and undefine, the ability to undefine an active interface is a feature, provided we support the concept of a transient interface like we do for transient domains.
That is, we have the following transitions:
nothing -> transient/running via Create nothing -> persistent/inactive via Define
persistent/inactive -> persistent/active via Start persistent/inactive -> gone via Undefine
persistent/running -> persistent/inactive via Destroy persistent/running -> transient/running via Undefine
transient/running -> gone via Destroy transient/running -> persistent/running via Define
and rejecting Undefine on a running interface would prevent the ability to transistion a persistent over to a transient interface.
On the other hand, if we don't support transient interfaces, then the above analysis which works for domains would have to be adjusted for interfaces, so you may have something to patch after all.
Well, although we have function interfaceCreate, it is actually (from semantic POV) interfaceStart, because it just start inactive but defined interface. So we do not support transient interfaces. Therefore transitions for interfaces are slightly different from transitions for domains. That's why I think we do need this patch. Michal