From: Kevin Wolf <kwolf@redhat.com>
To: Markus Armbruster <armbru@redhat.com>
Cc: qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@redhat.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: Re: [Qemu-devel] The unholy encrypted image key mess
Date: Mon, 3 Mar 2014 11:58:37 +0100 [thread overview]
Message-ID: <20140303105837.GD4850@dhcp-200-207.str.redhat.com> (raw)
In-Reply-To: <87wqgflzno.fsf@blackfin.pond.sub.org>
Am 28.02.2014 um 22:01 hat Markus Armbruster geschrieben:
> Questions:
>
> 1. Should we protect guests from state NEEDKEY?
Yes. An image in state NEEDKEY isn't fully initialised, so we should
make sure that it isn't used.
> 2. If yes, how?
>
> Pause the guest when something enters state NEEDKEY? I'd hate that.
>
> Fail device_add in state NEEDKEY? Takes care of hot-plug, and
> cold-plug is already protected by cont.
'device_add' should refuse to accept a backend that isn't fully
initialised, so yes, I agree.
'change' is a bit trickier because it involves several low-level actions
at once, and device_add is not one of them. What we probably really need
to do is support a state where no BDS is attached to the device
emulation (a BlockBackend might still be attached, not sure about this
one), but the VM is still running. And then 'change' can detach the BDS,
bring it back to the NEEDKEY state (unrealize in QOM speech?), magic
happens and then we reattach the BDS to the guest device.
We'll also want to protect other parts of qemu from not fully
initialised BDSes, e.g. block jobs or NBD servers shouldn't take such an
BDS as their source.
Kevin
next prev parent reply other threads:[~2014-03-03 10:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-28 21:01 [Qemu-devel] The unholy encrypted image key mess Markus Armbruster
2014-02-28 22:08 ` Eric Blake
2014-03-01 14:44 ` Paolo Bonzini
2014-03-05 8:24 ` Markus Armbruster
2014-03-05 9:01 ` Paolo Bonzini
2014-03-05 9:49 ` Markus Armbruster
2014-03-05 8:15 ` Markus Armbruster
2014-03-05 9:29 ` Gerd Hoffmann
2014-03-05 10:16 ` Kevin Wolf
2014-03-05 12:45 ` Markus Armbruster
2014-03-03 10:58 ` Kevin Wolf [this message]
2014-03-05 8:43 ` Markus Armbruster
2014-03-05 9:17 ` Paolo Bonzini
2014-03-05 9:33 ` Andreas Färber
2014-03-05 10:36 ` Markus Armbruster
2014-03-05 10:40 ` Paolo Bonzini
2014-03-05 12:50 ` Markus Armbruster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140303105837.GD4850@dhcp-200-207.str.redhat.com \
--to=kwolf@redhat.com \
--cc=armbru@redhat.com \
--cc=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).