From: Eric Blake <eblake@redhat.com>
To: Blue Swirl <blauwirbel@gmail.com>
Cc: Kevin Wolf <kwolf@redhat.com>,
Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>,
"libvir-list@redhat.com" <libvir-list@redhat.com>,
Jes Sorensen <Jes.Sorensen@redhat.com>,
QEMU Developers <qemu-devel@nongnu.org>,
Stefan Hajnoczi <stefanha@gmail.com>
Subject: Re: [Qemu-devel] live snapshot wiki updated
Date: Wed, 20 Jul 2011 14:10:57 -0600 [thread overview]
Message-ID: <4E273651.9050505@redhat.com> (raw)
In-Reply-To: <CAAu8pHtBCDG01Soz2uK_Qf2q2=YVNix=YOw1TY-kCir=sd3Vkg@mail.gmail.com>
On 07/20/2011 02:01 PM, Blue Swirl wrote:
>> Either because CA was mentioned as a backing file for C (in which case
>> libvirt already knows about it, because either libvirt handed C to qemu at
>> startup time after already parsing C's headers to learn that CA is a backing
>> file, or because libvirt called the snapshot_blkdev command with the intent
>> of having qemu populate CA with C as its backing file), or because qemu has
>> a bug (in which case, libvirt should refuse the access to CA).
>
> So no new backing files can be introduced by QEMU after it has started
> without libvirt knowing it?
No, you missed my point. A new backing file can only be introduced by
qemu after it has started by libvirt using a finite set of monitor
commands. These include disk hotplug (libvirt adds to the list of files
known to be accessed by qemu, by reading the image headers of the new
disk to be hot-plugged prior to issuing the monitor command), by disk
hot-unplug (libvirt revokes the access to the files making up that disk,
which it remembers from before the disk was added), and snapshot_blkdev
(libvirt is explicitly requesting a new qcow2 file with the old file as
the backing image, so it knows the new relationship of files to be
accessed by that block device). Since libvirt issued the monitor
commands, libvirt always knows which files qemu should be trying to
access when servicing those block devices to the guest.
>
> OK. I think fds would be useful internally in a privilege separation
> mode in plain QEMU too.
Yes, there's more than one reason to add fd support to all possible
situations where qemu is currently resorting to open().
--
Eric Blake eblake@redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
next prev parent reply other threads:[~2011-07-20 20:11 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-15 14:58 [Qemu-devel] live snapshot wiki updated Jes Sorensen
2011-07-18 14:08 ` Stefan Hajnoczi
2011-07-19 7:24 ` Jes Sorensen
2011-07-19 13:23 ` Stefan Hajnoczi
2011-07-19 13:27 ` Jes Sorensen
2011-07-19 13:58 ` Eric Blake
2011-07-19 14:09 ` Jes Sorensen
2011-07-19 14:24 ` Eric Blake
2011-07-19 14:30 ` Jes Sorensen
2011-07-19 15:14 ` Stefan Hajnoczi
2011-07-19 16:46 ` Daniel P. Berrange
2011-07-20 7:30 ` Markus Armbruster
2011-07-20 8:23 ` Jes Sorensen
2011-07-20 9:36 ` Daniel P. Berrange
2011-07-20 10:15 ` [Qemu-devel] [libvirt] " Nicolas Sebrecht
2011-07-20 10:28 ` Daniel P. Berrange
2011-07-20 11:40 ` [Qemu-devel] [libvirt] " Stefan Hajnoczi
[not found] ` <4E27E610.7090502@redhat.com>
[not found] ` <4E282DE6.1020603@redhat.com>
[not found] ` <4E283554.4080903@redhat.com>
2011-07-21 14:51 ` Eric Blake
[not found] ` <4E27E5A2.2030208@redhat.com>
[not found] ` <4E28317D.9020502@redhat.com>
2011-07-21 15:01 ` [Qemu-devel] " Stefan Hajnoczi
2011-07-21 19:42 ` Blue Swirl
2011-07-22 5:06 ` Stefan Hajnoczi
2011-07-22 15:49 ` Blue Swirl
2011-07-22 7:22 ` Kevin Wolf
2011-07-22 9:11 ` Stefan Hajnoczi
2011-07-22 16:05 ` Blue Swirl
2011-07-20 9:50 ` Kevin Wolf
2011-07-20 10:18 ` Daniel P. Berrange
2011-07-19 16:14 ` Anthony Liguori
2011-07-20 8:25 ` Jes Sorensen
2011-07-20 10:01 ` Kevin Wolf
2011-07-20 13:25 ` Jes Sorensen
2011-07-20 13:46 ` Eric Blake
2011-07-20 17:27 ` Blue Swirl
2011-07-20 17:47 ` Eric Blake
2011-07-20 19:51 ` Blue Swirl
[not found] ` <4E27DE5D.5050502@redhat.com>
2011-07-21 19:34 ` Blue Swirl
2011-07-20 13:51 ` Kevin Wolf
2011-07-20 17:20 ` Blue Swirl
2011-07-20 17:41 ` Eric Blake
2011-07-20 18:00 ` Blue Swirl
2011-07-20 18:17 ` Eric Blake
2011-07-20 20:01 ` Blue Swirl
2011-07-20 20:10 ` Eric Blake [this message]
[not found] ` <4E27E280.2060306@redhat.com>
2011-07-21 19:01 ` Blue Swirl
2011-07-22 7:36 ` Avi Kivity
2011-07-22 8:11 ` Kevin Wolf
2011-07-22 16:09 ` Blue Swirl
2011-07-20 13:50 ` Cleber Rosa
2011-07-20 14:34 ` Anthony Liguori
2011-07-20 18:34 ` Cleber Rosa
2011-07-19 16:47 ` Daniel P. Berrange
2011-07-20 8:26 ` Jes Sorensen
2011-07-20 9:38 ` Daniel P. Berrange
2011-07-20 14:35 ` Anthony Liguori
2011-07-21 18:56 ` Michael Roth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E273651.9050505@redhat.com \
--to=eblake@redhat.com \
--cc=Jes.Sorensen@redhat.com \
--cc=blauwirbel@gmail.com \
--cc=kwolf@redhat.com \
--cc=libvir-list@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
--cc=stefanha@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).