From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:60848)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <hch@lst.de>)
	id 1QvWZy-0005HE-FO
	for qemu-devel@nongnu.org; Mon, 22 Aug 2011 11:38:23 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <hch@lst.de>) id 1QvWZx-00078l-3h
	for qemu-devel@nongnu.org; Mon, 22 Aug 2011 11:38:22 -0400
Received: from verein.lst.de ([213.95.11.211]:34418 helo=newverein.lst.de)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <hch@lst.de>)
	id 1QvWZw-00078e-U5
	for qemu-devel@nongnu.org; Mon, 22 Aug 2011 11:38:21 -0400
Date: Mon, 22 Aug 2011 17:38:20 +0200
From: Christoph Hellwig <hch@lst.de>
Message-ID: <20110822153820.GA4774@lst.de>
References: <1314024650-28510-1-git-send-email-coreyb@linux.vnet.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1314024650-28510-1-git-send-email-coreyb@linux.vnet.ibm.com>
Subject: Re: [Qemu-devel] [PATCH v4] Add support for fd: protocol
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Corey Bryant <coreyb@linux.vnet.ibm.com>
Cc: kwolf@redhat.com, libvir-list@redhat.com, aliguori@us.ibm.com, eblake@redhat.com, qemu-devel@nongnu.org

I'm still totally against this.  FD passing is a nice feature for sandboxing,
but the passing should be between closely cooperating programs.  We'll
need a tool shipped from the qemu source tree to open and set up the
FDs, and not someone external.  With that setup in place we can use
a protocol similar to the various OpenBSD privilegue separated deaemons
to also allow reopening / snapshots / etc.

Opening fds in libvirt and passing them into qemu is exactly the wrong way,
and just cements the current horrors where libvirt duplicates parsing
of image format headers.