Am 11.09.2014 um 16:45 hat Markus Armbruster geschrieben: > For some device models, the guest can prevent unplug. Some users need a > way to forcibly revoke device model access to the block backend then, so > the underlying images can be safely used for something else. > > drive_del lets you do that. Unfortunately, it conflates revoking access > with destroying the backend. > > Commit 9063f81 made drive_del immediately destroy the root BDS. Nice: > the device name becomes available for reuse immediately. Not so nice: > the device model's pointer to the root BDS dangles, and we're prone to > crash when the memory gets reused. > > Commit d22b2f4 fixed that by hiding the root BDS instead of destroying > it. Destruction only happens on unplug. "Hiding" means removing it > from bdrv_states and graph_bdrv_states; see bdrv_make_anon(). > > This "destroy on revoke" is a misfeature we don't want to carry > forward to blockdev-add, just like "destroy on unplug" (commit > 2d246f0). So make drive_del fail on anything added with blockdev-add. > > We'll add separate QMP commands to revoke device model access and to > destroy backends. > > Signed-off-by: Markus Armbruster <arm...@redhat.com>
Oops, was this still missing? I've been meaning to forbid this since we introduced blockdev-add, but apparently never got around to doing it. Thanks, applied to the block branch. Kevin
