From: Eric Blake <eblake@redhat.com>
To: Max Reitz <mreitz@redhat.com>, Nir Soffer <nsoffer@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>, Alberto Garcia <berto@igalia.com>,
QEMU Developers <qemu-devel@nongnu.org>,
qemu-block <qemu-block@nongnu.org>
Subject: Re: [PATCH 1/2] qcow2: Force preallocation with data-file-raw
Date: Mon, 22 Jun 2020 13:34:39 -0500 [thread overview]
Message-ID: <b72cf89a-7894-934d-cf0a-826579aa3089@redhat.com> (raw)
In-Reply-To: <3b4353d4-cbf1-df89-7f5f-1a1454cfe174@redhat.com>
On 6/22/20 10:48 AM, Max Reitz wrote:
>>> As I noted in my reply to myself, data-file-raw is an autoclear flag.
>>> That means, an old version of qemu that doesn’t recognize the flag must
>>> read the same data as a new version. It follows that the the L2 tables
>>> must be a 1:1 mapping. (Or the flag can’t be an autoclear flag.)
Yes, that argument is the strongest I've seen for why both creation and
resize with a data-file-raw image should require metadata preallocation.
In other words, we never want to expose different guest data merely
because we opened the file with an older version (the older version must
either see the same data [an autoclear bit is fine], or must know that
it cannot reliably open the image [an incompatible bit is needed]).
>>
>> Being able to read sounds like a nice to have feature, but what about writing?
>>
>> I hope that the image is not writable by older versions that do not understand
>> data_file. Otherwise older qemu versions can corrupt the image silently.
>
> It’s an autoclear flag. That means such versions of qemu will
> automatically clear the flag.
Well, an older version is only required to clear the flag if it modifies
the image; if it opens the image read-only, it may leave the autoclear
flag set. So you are more realistically guaranteed that the autoclear
flag is only cleared when writing to the image with a version that did
not understand the autoclear flag.
Following that line of thought further - reopening the image under a
qemu that once again understands the data-file-raw flag will now see
that the file is no longer raw because the flag was cleared. That is,
if you are expecting data-file-raw and no longer see the flag, then you
KNOW that the qcow2 file was modified by an older program that didn't
necessarily preserve the 1:1 correspondence, and it is up to you what to
do next (refuse to use the file, do a pass over the qcow2 file to flush
contents back to the raw file, or any number of other reactions...).
> So autoclear flags are useful for features that are optional, but that
> may be broken when the image is written to by versions of qemu that
> don’t understand them.)
More importantly, autoclear flags are useful for features where older
software can safely read the image without data loss, but where older
software modifying the image may lose whatever property the bit was
guaranteeing when interpreted correctly.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
next prev parent reply other threads:[~2020-06-22 18:42 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-19 10:40 [PATCH 0/2] qcow2: Force preallocation with data-file-raw Max Reitz
2020-06-19 10:40 ` [PATCH 1/2] " Max Reitz
2020-06-19 16:47 ` Alberto Garcia
2020-06-22 9:35 ` Max Reitz
2020-06-22 9:48 ` Max Reitz
2020-06-23 10:26 ` Kevin Wolf
2020-06-22 14:46 ` Alberto Garcia
2020-06-22 15:06 ` Max Reitz
2020-06-22 15:15 ` Nir Soffer
2020-06-22 15:48 ` Max Reitz
2020-06-22 18:34 ` Eric Blake [this message]
2020-06-22 17:36 ` Alberto Garcia
2020-06-23 7:28 ` Max Reitz
2020-06-19 10:40 ` [PATCH 2/2] iotests/244: Test preallocation for data-file-raw Max Reitz
2020-06-19 11:55 ` [PATCH 0/2] qcow2: Force preallocation with data-file-raw no-reply
2020-06-21 22:25 ` Nir Soffer
2020-06-22 9:47 ` Max Reitz
2020-06-22 15:50 ` Nir Soffer
2020-06-23 10:18 ` Kevin Wolf
2020-06-22 17:44 ` Alberto Garcia
2020-06-23 7:28 ` Max Reitz
2020-06-23 10:04 ` Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b72cf89a-7894-934d-cf0a-826579aa3089@redhat.com \
--to=eblake@redhat.com \
--cc=berto@igalia.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=nsoffer@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).