From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:53337)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1QOd5q-0004nB-5x
	for qemu-devel@nongnu.org; Mon, 23 May 2011 17:55:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1QOd5p-0005Mu-9K
	for qemu-devel@nongnu.org; Mon, 23 May 2011 17:55:18 -0400
Received: from mail-yx0-f173.google.com ([209.85.213.173]:42146)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1QOd5p-0005Mo-71
	for qemu-devel@nongnu.org; Mon, 23 May 2011 17:55:17 -0400
Received: by yxk8 with SMTP id 8so2759717yxk.4
	for <qemu-devel@nongnu.org>; Mon, 23 May 2011 14:55:16 -0700 (PDT)
Message-ID: <4DDAD7C1.80708@codemonkey.ws>
Date: Mon, 23 May 2011 16:55:13 -0500
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
References: <4DD6B777.9020800@us.ibm.com>	<BANLkTi=xZMTfvcbhZ2MdmJoFmot--bU2Fg@mail.gmail.com>	<4DD6C424.1020104@codemonkey.ws>	<BANLkTi=0TsoibXTyC6BANFTQKeSCfGAPpQ@mail.gmail.com>	<4DDA6EFA.9040501@redhat.com>	<m3k4dhv3r6.fsf@blackfin.pond.sub.org>
	<4DDA83C2.5060104@redhat.com>
In-Reply-To: <4DDA83C2.5060104@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] Add support for fd: protocol
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Kevin Wolf <kwolf@redhat.com>
Cc: aliguori@us.ibm.com, Corey Bryant <bryntcor@us.ibm.com>, Markus Armbruster <armbru@redhat.com>, qemu-devel@nongnu.org, Blue Swirl <blauwirbel@gmail.com>, Tyler C Hicks <tchicks@us.ibm.com>

On 05/23/2011 10:56 AM, Kevin Wolf wrote:
> Am 23.05.2011 17:24, schrieb Markus Armbruster:
>> Kevin Wolf<kwolf@redhat.com>  writes:
>>
>> An fd: protocol can't easily support reopen.  So fail it.  This doesn't
>> break any existing usage.  It's just a restriction on the new protocol.
>> Restrictions can render the new protocol useless in practice, but we're
>> not "breaking qemu without libvirt" there.
>>
>> Perhaps we can make relax the restriction on some system by avoiding the
>> reopen in a system-dependent way.
>
> Right, you only get the regression once libvirt starts using it (or even
> worse, qemu itself, like Blue Swirl suggested). Doesn't make it much better.

libvirt already has the problem you describe.  QEMU is designed assuming 
that we can access whatever resources the invoking user can.  That's how 
our UI is constructed.

But libvirt chooses to invoke QEMU in such a way that the actual QEMU 
process does not have the same rights as the invoking user.  In fact, 
the context is entirely different.

That means that to get isolation, libvirt has to understand what QEMU 
does for each operation and then do some magic behind the scenes to make 
it all work.

This is not different really.  'commit' could require magic in libvirt 
anyway if libvirt was smart enough to mark the backing file with 
read-only rights.

libvirt already has to parse image file formats to figure out backing 
files so it can set the permissions right.

Regards,

Anthony Liguori


> Kevin
>