On 07/08/11 10:58, Stefan Hajnoczi wrote:
On Thu, Jul 7, 2011 at 8:34 PM, Eric Blake <eblake@redhat.com> wrote:
Well, the best thing (from libvirt's point of view) would be if snapshot_blkdev took a single string argument, which is either a /path/to/filename (and qemu does open()) or fd:name notation (to refer to a previously-named fd passed via the getfd monitor command, so that libvirt does open()). This would make SELinux integration easier, as one of the sVirt goals is to get to the point where we can use SELinux to forbid qemu from open()ing files on NFS shares, while still permitting all other operations on already-open fds passed in from libvirt.
Today QEMU supports /path/to/filename. An fd argument to snapshot_blkdev requires a little bit of work since the QEMU block layer .bdrv_create() interface takes a filename and tries to create it.
Jes: Is the fd argument to snapshot_blkdev in your plans?
I only ever heard suggestions for taking fd arguments yesterday, so I cannot say it really is in my plans. If I get a good justification I might be convinced :) Cheers, Jes