[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Block device not presented read-only in HVM domain


  • To: xen-devel@xxxxxxxxxxxxxxxxxxx
  • From: Steve Dobbelstein <steved@xxxxxxxxxx>
  • Date: Wed, 25 Oct 2006 14:52:44 -0500
  • Delivery-date: Wed, 25 Oct 2006 12:53:05 -0700
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>




I'm running Xen 3.0.3.  dom0 and the domains (PV and HVM) are running
64-bit SMP SLES 10.

I have a config file for an HVM domain with the following line for the
disks:

disk = [ 'phy:/dev/vbd-backend/hvm1,hda,w',
'phy:/dev/vbd-backend/usr,hdb,r', 'phy:/dev/vbd-disktest/dom1,hdd,w' ]

/dev/vbd-backend/hvm1 is an LVM volume containing a disk image with a
partition for the root filesystem for the hvm1 domain.
/dev/vbd-backend/usr is an LVM volume containing a disk image with a
partition for /usr which is shared read-only across multiple HVM domains.
/dev/vbd-disktest/dom1 is an LVM volume that is used as a scratch disk.

The /etc/fstab in the HVM domain has the lines:

/dev/hda1            /                    ext3       acl,user_xattr
1 0
/dev/hdb1            /usr                 ext3       acl,user_xattr
1 0

In the domain I can write to /usr, even though it is supposed to be shared
read-only!

x3850-hvm1:~ # ls -l /usr/bob
/bin/ls: /usr/bob: No such file or directory
x3850-hvm1:~ # touch /usr/bob
x3850-hvm1:~ # ls -l /usr/bob
-rw-r--r-- 1 root root 0 Oct 25 14:29 /usr/bob
x3850-hvm1:~ #

Since I am sharing the /usr partition across multiple active HVM domains, I
am now naturally fearful of file system corruption since that partition is
writable from several domains at the same time.

I have a similar configuration for a paravirtuallized domain:

disk = [ 'phy:/dev/vbd-backend/dom1,hda,w',
'phy:/dev/vbd-backend/usr,hdb,r', 'phy:/dev/vbd-disktest/dom1,hdd,w' ]

/dev/hda1            /                    ext3       acl,user_xattr
1 1
/dev/hdb1            /usr                 ext3       acl,user_xattr
1 2

In the paravirtualized domain I am not allowed to write to /usr:

x3850-dom1:~ # touch /usr/bob
touch: cannot touch `/usr/bob': Read-only file system
x3850-dom1:~ #

(Note: the /dev/vbd-disktest/dom1 device is used as a scratch disk for
testing.  Since I am short on disk space, I use the same device for the HVM
and PV domains.  In my testing I never have an HVM domain and a PV domain
running at the same time, so I don't have to worry about corruption on
/dev/vbd-disktest/dom1.)

Steve D.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.