qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] PATCH: v3 Allow control over drive file open mode


From: Ian Jackson
Subject: Re: [Qemu-devel] PATCH: v3 Allow control over drive file open mode
Date: Fri, 1 Aug 2008 17:57:18 +0100

Anthony Liguori writes ("Re: [Qemu-devel] PATCH: v3 Allow control over drive 
file open mode"):
> Allowing the user to specify what mode we use to open a file is IMHO not 
> a good interface for a user.  A user should only be concerned with how 
> we expose a disk to the guest, not the underlying implementation of how 
> we support this.  It has subtle side-effects that a user is not going to 
> expect unless they are intimately familiar with how QEMU is implemented 
> (like snapshotting breaking).

I think I agree, but with qualifications:

The user readonly flag ought to mean
 1. qemu will definitely not permit the guest to write to the object
    represented (if it is a cow file then even the cow will not be
    writeable)
 2. If the emulated device type supports it the guest will be
    told that it may not write to the device.  If this is not possible
    and the user has not overridden this check then the entire request
    will be rejected (rather than exporting the device read/write).
 3. qemu will to communicate the consequences for its future use
    of the underlying host operating system object(s) appropriately
    to the host system (as this might be relevant for cacheing,
    concurrent access, etc.)
 4. qemu will take steps to try to ensure that bugs and missing
    changes in the readonly implementation don't leave a security
    hole where the 
 5. Operations (such as cow commit) that would modify data
    (either host data or data as seen by the guest or both)
    are not supported.

I think 3 and 4 mean that it should pass O_RDONLY to the underlying
filesystem objects where feasible.

I'm afraid I don't understand your point about breaking snapshotting.
Perhaps you could explain the scenario ?

Ian.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]