On 07/08/11 10:58, Stefan Hajnoczi wrote: > On Thu, Jul 7, 2011 at 8:34 PM, Eric Blake <eblake@xxxxxxxxxx> wrote: >> Well, the best thing (from libvirt's point of view) would be if >> snapshot_blkdev took a single string argument, which is either a >> /path/to/filename (and qemu does open()) or fd:name notation (to refer >> to a previously-named fd passed via the getfd monitor command, so that >> libvirt does open()). This would make SELinux integration easier, as >> one of the sVirt goals is to get to the point where we can use SELinux >> to forbid qemu from open()ing files on NFS shares, while still >> permitting all other operations on already-open fds passed in from libvirt. > > Today QEMU supports /path/to/filename. An fd argument to > snapshot_blkdev requires a little bit of work since the QEMU block > layer .bdrv_create() interface takes a filename and tries to create > it. > > Jes: Is the fd argument to snapshot_blkdev in your plans? I only ever heard suggestions for taking fd arguments yesterday, so I cannot say it really is in my plans. If I get a good justification I might be convinced :) Cheers, Jes -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list