|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [RFC PATCH 0/2] libxl: support common cases without block script
On Wed, Apr 28, 2021 at 3:00 AM Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx> wrote: > > When it comes to file-based block devices, the major difficulty is > the extremely bad kernel API. The only fully safe way to use loop > devices is to use LOOP_CONFIGURE with LO_FLAGS_AUTOCLEAR and hold a > file descriptor open to the device until another piece of code (either > another userspace program or the kernel) has grabbed a reference to it. > Everything else risks either using a freed loop device (that might now > be attached to a different file) or risks leaking them on unclean exit. > The only exception is if one can make certain assumptions, such as no > other program freeing loop devices for the file in question. This is > a reasonable assumption for Qubes dom0, but neither for Qubes domU nor > for Xen dom0 in general. Nevertheless, this is effectively what the > current block script does: if I understand the code correctly, there > is a race where badly timed calls to losetup by another process could > result in the block script freeing the wrong loop device. I posted this a while ago, but didn't get any response: https://lore.kernel.org/xen-devel/CAKf6xpv-U91nF2Fik7GRN3SFeOWWcdR5R+ZcK5fgojE+-D43sg@xxxxxxxxxxxxxx/ tl;dr: AFAICT, the block script check_sharing function doesn't work for loop devices Regards, Jason
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |