On Thu, Jan 20, 2011 at 9:15 PM, Venkateswararao Jujjuri (JV) <jv...@linux.vnet.ibm.com> wrote: > On 1/20/2011 12:59 AM, Stefan Hajnoczi wrote: >> On Tue, Jan 18, 2011 at 01:54:16PM +0530, M. Mohan Kumar wrote: >>> After creating a file object, its permission and ownership details are >>> updated >>> as per client's request for both passthrough and none security model. But >>> with >>> chrooted environment its not required for passthrough security model. Move >>> all >>> post file creation changes to none security model >>> >>> Signed-off-by: M. Mohan Kumar <mo...@in.ibm.com> >>> --- >>> hw/9pfs/virtio-9p-local.c | 19 ++++++------------- >>> 1 files changed, 6 insertions(+), 13 deletions(-) >>> >>> diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c >>> index 08fd67f..d2e32e2 100644 >>> --- a/hw/9pfs/virtio-9p-local.c >>> +++ b/hw/9pfs/virtio-9p-local.c >>> @@ -208,21 +208,14 @@ static int local_set_xattr(const char *path, FsCred >>> *credp) >>> return 0; >>> } >>> >>> -static int local_post_create_passthrough(FsContext *fs_ctx, const char >>> *path, >>> +static int local_post_create_none(FsContext *fs_ctx, const char *path, >>> FsCred *credp) >>> { >>> + int retval; >>> if (chmod(rpath(fs_ctx, path), credp->fc_mode & 07777) < 0) { >>> return -1; >>> } >>> - if (lchown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid) < 0) { >>> - /* >>> - * If we fail to change ownership and if we are >>> - * using security model none. Ignore the error >>> - */ >>> - if (fs_ctx->fs_sm != SM_NONE) { >>> - return -1; >>> - } >>> - } >>> + retval = lchown(rpath(fs_ctx, path), credp->fc_uid, credp->fc_gid); >>> return 0; >>> } >> >> retval is unused. >> >> Can multiple virtio-9p requests execute at a time? chmod() and lchown() >> after creation is a race condition if other requests can execute >> concurrently. > > If some level of serialization is needed it will be done at the client/guest > inode level. > Are you worried about filesystem semantics? or do you see some corruption if > they > get executed in parallel?
My main concern is unreliable results due to the race conditions between creation and the fixups that are performed afterwards. Is virtio-9p only useful for single guest exclusive access? I thought both guest and host could access files at the same time? What about multiple VMs sharing a directory? These scenarios can only work if operations are made atomic. Stefan