Re: [libvirt] [PATCH v3] Add support for fd: protocol

On 07/26/2011 06:51 AM, Corey Bryant wrote: > There are some additional features provided by certain image types > where Qemu reopens the image file. All of these scenarios will be > unsupported for the fd: protocol, at least for this patch: > > - The -snapshot command line option > - The savevm monitor command > - The snapshot_blkdev monitor command > - Use of copy-on-write image files > - The -cdrom command line option > - The -drive command line option with media=cdrom > - The change monitor command > > The thought is that this support can be added in the future, but is > not required for the initial fd: support. Libvirt will eventually need support for fd passing on savevm, snapshot_blkdev, and change monitor commands, as well as for -cdrom, before this feature can be used to provide the desired security enhancements. I agree that for an incremental patch, you don't have to solve all points at once, but until all places have been modified to support fd usage, you aren't gaining any security, except for severely constrained guests. Furthermore, how do you plan to map fd: to filename? There's already been big threads on why snapshot_blkdev needs both the new fd: and the name of the old backing file at the same time, so that qemu can write the correct headers into new qcow2 files.