On Wed, Dec 12, 2018 at 07:49:36AM +0100, Gerd Hoffmann wrote: > On Tue, Dec 11, 2018 at 02:09:11PM +0300, Ilya Maximets wrote: > > On 11.12.2018 13:53, Daniel P. Berrangé wrote: > > >> > > >> Let's restrict memfd backend to systems with sealing support. > > > > > > I don't think we need todo that - sealing is optional in the QEMU code, > > > we simply have it set to the wrong default when sealing is not available. > > > > That was literally what I've fixed in v1: > > https://lists.nongnu.org/archive/html/qemu-devel/2018-11/msg05483.html > > > > but 2 people suggested me to disable memfd entirely for this case. > > Do you think I need to get patch from v1 back ? > > > > Gerd, Marc-André, what do you think? > > I still think it makes sense to require sealing support. Sealing is > very useful, and there are only a few kernel versions with memfd but > without sealing. So finding such kernels in the wild will become more > rare over time. I wouldn't worry too much about them.
-object memory-backend-memfd,id=mem,size=2M,seal=off still works on those systems, doesn't it? What's the rationale for breaking a working configuration without following the deprecation policy? -- Eduardo
