| Message ID | 20200916095150.755714-1-stefanha@redhat.com |
|---|---|
| Headers | show |
| Series | nvdimm: read-only file support | expand |
On Wed, Sep 16, 2020 at 10:51:47AM +0100, Stefan Hajnoczi wrote: > v2: > * s/the the/the/ in documentation [Philippe] > * Assign nvdimm->unarmed earlier [Philippe] Ping > There is currently no way to back an NVDIMM with a read-only file so it can be > safely shared between untrusted guests. > > Introduce an -object memory-backend-file,readonly=on|off option. > > Julio Montes sent an earlier patch here: > https://patchew.org/QEMU/20190708211936.8037-1-julio.montes@intel.com/ > > Eric Ernst requested this feature again for Kata Containers so I gave it a try. > > Stefan Hajnoczi (3): > memory: add readonly support to memory_region_init_ram_from_file() > hostmem-file: add readonly=on|off option > nvdimm: honor -object memory-backend-file,readonly=on option > > docs/nvdimm.txt | 8 +++++++- > include/exec/memory.h | 2 ++ > include/exec/ram_addr.h | 5 +++-- > include/qemu/mmap-alloc.h | 2 ++ > backends/hostmem-file.c | 26 +++++++++++++++++++++++++- > exec.c | 18 +++++++++++------- > hw/mem/nvdimm.c | 4 ++++ > softmmu/memory.c | 7 +++++-- > util/mmap-alloc.c | 10 ++++++---- > util/oslib-posix.c | 2 +- > qemu-options.hx | 5 ++++- > 11 files changed, 70 insertions(+), 19 deletions(-) > > -- > 2.26.2 >
On 16/09/2020 10:51, Stefan Hajnoczi wrote: > v2: > * s/the the/the/ in documentation [Philippe] > * Assign nvdimm->unarmed earlier [Philippe] > > There is currently no way to back an NVDIMM with a read-only file so it can be > safely shared between untrusted guests. > > Introduce an -object memory-backend-file,readonly=on|off option. > > Julio Montes sent an earlier patch here: > https://patchew.org/QEMU/20190708211936.8037-1-julio.montes@intel.com/ > > Eric Ernst requested this feature again for Kata Containers so I gave it a try. > > Stefan Hajnoczi (3): > memory: add readonly support to memory_region_init_ram_from_file() > hostmem-file: add readonly=on|off option > nvdimm: honor -object memory-backend-file,readonly=on option > Reviewed-by: Liam Merwick <liam.merwick@oracle.com> Tested-by: Liam Merwick <liam.merwick@oracle.com> (I just quickly modified kata-runtime to unconditionally pass readonly=on and verified that the root filesystem couldn't be remounted as rw) Is this a candidate for 6.0? Regards, Liam > docs/nvdimm.txt | 8 +++++++- > include/exec/memory.h | 2 ++ > include/exec/ram_addr.h | 5 +++-- > include/qemu/mmap-alloc.h | 2 ++ > backends/hostmem-file.c | 26 +++++++++++++++++++++++++- > exec.c | 18 +++++++++++------- > hw/mem/nvdimm.c | 4 ++++ > softmmu/memory.c | 7 +++++-- > util/mmap-alloc.c | 10 ++++++---- > util/oslib-posix.c | 2 +- > qemu-options.hx | 5 ++++- > 11 files changed, 70 insertions(+), 19 deletions(-) >
On Thu, Dec 10, 2020 at 04:48:57PM +0000, Liam Merwick wrote: > On 16/09/2020 10:51, Stefan Hajnoczi wrote: > > v2: > > * s/the the/the/ in documentation [Philippe] > > * Assign nvdimm->unarmed earlier [Philippe] > > > > There is currently no way to back an NVDIMM with a read-only file so it can be > > safely shared between untrusted guests. > > > > Introduce an -object memory-backend-file,readonly=on|off option. > > > > Julio Montes sent an earlier patch here: > > https://patchew.org/QEMU/20190708211936.8037-1-julio.montes@intel.com/ > > > > Eric Ernst requested this feature again for Kata Containers so I gave it a try. > > > > Stefan Hajnoczi (3): > > memory: add readonly support to memory_region_init_ram_from_file() > > hostmem-file: add readonly=on|off option > > nvdimm: honor -object memory-backend-file,readonly=on option > > > > > Reviewed-by: Liam Merwick <liam.merwick@oracle.com> > Tested-by: Liam Merwick <liam.merwick@oracle.com> > > (I just quickly modified kata-runtime to unconditionally pass readonly=on > and verified that the root filesystem couldn't be remounted as rw) > > Is this a candidate for 6.0? Thanks! Yes, this is for 6.0. Stefan