From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=52220 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PsGm9-00005O-IN
	for qemu-devel@nongnu.org; Wed, 23 Feb 2011 10:37:17 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1PsGkS-0001kg-J3
	for qemu-devel@nongnu.org; Wed, 23 Feb 2011 10:35:29 -0500
Received: from mx1.redhat.com ([209.132.183.28]:42156)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1PsGkS-0001ka-7E
	for qemu-devel@nongnu.org; Wed, 23 Feb 2011 10:35:28 -0500
Date: Wed, 23 Feb 2011 15:33:04 +0000
From: "Daniel P. Berrange" <berrange@redhat.com>
Subject: Re: [Qemu-devel] Re: Strategic decision: COW format
Message-ID: <20110223153304.GI26589@redhat.com>
References: <OFF3B73D6C.D1225EB2-ON85257838.006A5FC5-85257838.006C65F3@us.ibm.com>
	<4D5BC467.4070804@redhat.com>
	<m3r5b53duy.fsf_-_@blackfin.pond.sub.org>
	<4D5E4271.80501@redhat.com> <4D5E8031.5020402@codemonkey.ws>
	<m3fwrgpis0.fsf@blackfin.pond.sub.org>
	<4D637A20.9020307@redhat.com> <4D650F10.3060900@redhat.com>
	<4D651858.9040106@codemonkey.ws> <4D652675.1070908@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <4D652675.1070908@redhat.com>
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Avi Kivity <avi@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>, Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>, qemu-devel@nongnu.org, Markus Armbruster <armbru@redhat.com>, Chunqiang Tang <ctang@us.ibm.com>

On Wed, Feb 23, 2011 at 05:23:33PM +0200, Avi Kivity wrote:
> On 02/23/2011 04:23 PM, Anthony Liguori wrote:
> >On 02/23/2011 07:43 AM, Avi Kivity wrote:
> >>On 02/22/2011 10:56 AM, Kevin Wolf wrote:
> >>>*sigh*
> >>>
> >>>It starts to get annoying, but if you really insist, I can repeat it
> >>>once more: These features that you don't need (this is the correct
> >>>description for what you call "misfeatures") _are_ implemented in a way
> >>>that they don't impact the "normal" case. And they are it today.
> >>>
> >>
> >>Plus, encryption and snapshots can be implemented in a way that
> >>doesn't impact performance more than is reasonable.
> >
> >We're still missing the existence proof of this, but even assuming
> >it existed,
> 
> dm-crypt isn't any more complicated, and it's used by default in
> most distributions these days.

IMHO dm-crypt isn't a generally usable alternative to native built
in encryption in qcow2. It isn't usable at all by non-root. If you
want to use with plain files, then you need to turn the file into
a loopback device and then layer in dm-crypt. It is generally
just a PITA to manage.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|