Re: [libvirt] [PATCH] storage: fix device detach regression with cgroup ACLs

Tuesday, 27 November 2012

...
 On 11/27/12 15:04, Eric Blake wrote:
 > https://bugzilla.redhat.com/show_bug.cgi?id=876828
 >
 > Commit 38c4a9cc introduced a regression in hot unplugging of disks
 > from qemu, where cgroup device ACLs were no longer being revoked
 > (thankfully not a security hole: cgroup ACLs only prevent open()
 > of the disk; so reverting the ACL prevents future abuse but doesn't
 > stop abuse from an fd that was already opened before the ACL
 > change).
 > 
...
 >   src/qemu/qemu_hotplug.c |    2 ++
 >   1 files changed, 2 insertions(+), 0 deletions(-)
 >

 ACK. 
Thanks; pushed. [And pardon me if this web-mail interface breaks
threading; I'm still recovering from a failed hard drive on the machine
where I normally send mail.  Thank goodness that git is distributed,
so I didn't lose everything I had been working on, but it was
definitely an unplanned setback...]

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [libvirt] [PATCH] storage: fix device detach regression with cgroup ACLs