On 08/22/2017 08:18 AM, Paolo Bonzini wrote: > It is a common requirement for virtual machine to send persistent > reservations, but this currently requires either running QEMU with > CAP_SYS_RAWIO, or using out-of-tree patches that let an unprivileged > QEMU bypass Linux's filter on SG_IO commands. > > As an alternative mechanism, the next patches will introduce a > privileged helper to run persistent reservation commands without > expanding QEMU's attack surface unnecessarily.
> Signed-off-by: Paolo Bonzini <[email protected]> > --- > +++ b/qapi/block-core.json > @@ -2191,6 +2191,9 @@ > # Driver specific block device options for the file backend. > # > # @filename: path to the image file > +# @pr-manager: the if for the object that will handle persistent > reservations s/if/interface/ for legibility > +# for this device (default: forward the commands via SG_IO, > +# since 2.11) > # @aio: AIO backend (default: threads) (since: 2.8) > # @locking: whether to enable file locking. If set to 'auto', only enable > # when Open File Descriptor (OFD) locking API is available > @@ -2200,6 +2203,7 @@ > ## > { 'struct': 'BlockdevOptionsFile', > 'data': { 'filename': 'str', > + '*pr-manager': 'str', -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
