On 11/27/12 15:04, Eric Blake wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=876828
Commit 38c4a9cc introduced a regression in hot unplugging of disks from qemu, where cgroup device ACLs were no longer being revoked (thankfully not a security hole: cgroup ACLs only prevent open() of the disk; so reverting the ACL prevents future abuse but doesn't stop abuse from an fd that was already opened before the ACL change).
src/qemu/qemu_hotplug.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-)
ACK.
Thanks; pushed. [And pardon me if this web-mail interface breaks threading; I'm still recovering from a failed hard drive on the machine where I normally send mail. Thank goodness that git is distributed, so I didn't lose everything I had been working on, but it was definitely an unplanned setback...]