mbox series

[0/3] nvdimm: read-only file support

Message ID 20200804101244.1283503-1-stefanha@redhat.com
Headers show
Series nvdimm: read-only file support | expand

Message

Stefan Hajnoczi Aug. 4, 2020, 10:12 a.m. UTC 
There is currently no way to back an NVDIMM with a read-only file so it can be
safely shared between untrusted guests.

Introduce an -object memory-backend-file,readonly=on|off option.

Julio Montes sent an earlier patch here:
https://patchew.org/QEMU/20190708211936.8037-1-julio.montes@intel.com/

Eric Ernst requested this feature again for Kata Containers so I gave it a try.

Stefan Hajnoczi (3):
  memory: add readonly support to memory_region_init_ram_from_file()
  hostmem-file: add readonly=on|off option
  nvdimm: honor -object memory-backend-file,readonly=on option

 docs/nvdimm.txt           |  8 +++++++-
 include/exec/memory.h     |  2 ++
 include/exec/ram_addr.h   |  5 +++--
 include/qemu/mmap-alloc.h |  2 ++
 backends/hostmem-file.c   | 26 +++++++++++++++++++++++++-
 exec.c                    | 18 +++++++++++-------
 hw/mem/nvdimm.c           |  4 ++++
 softmmu/memory.c          |  7 +++++--
 util/mmap-alloc.c         | 10 ++++++----
 util/oslib-posix.c        |  2 +-
 qemu-options.hx           |  5 ++++-
 11 files changed, 70 insertions(+), 19 deletions(-)

Comments

Michael S. Tsirkin Aug. 4, 2020, 12:28 p.m. UTC | #1 
On Tue, Aug 04, 2020 at 11:12:41AM +0100, Stefan Hajnoczi wrote:
> There is currently no way to back an NVDIMM with a read-only file so it can be
> safely shared between untrusted guests.
> 
> Introduce an -object memory-backend-file,readonly=on|off option.
> 
> Julio Montes sent an earlier patch here:
> https://patchew.org/QEMU/20190708211936.8037-1-julio.montes@intel.com/


makes sense:

Acked-by: Michael S. Tsirkin <mst@redhat.com>

> Eric Ernst requested this feature again for Kata Containers so I gave it a try.
> 
> Stefan Hajnoczi (3):
>   memory: add readonly support to memory_region_init_ram_from_file()
>   hostmem-file: add readonly=on|off option
>   nvdimm: honor -object memory-backend-file,readonly=on option
> 
>  docs/nvdimm.txt           |  8 +++++++-
>  include/exec/memory.h     |  2 ++
>  include/exec/ram_addr.h   |  5 +++--
>  include/qemu/mmap-alloc.h |  2 ++
>  backends/hostmem-file.c   | 26 +++++++++++++++++++++++++-
>  exec.c                    | 18 +++++++++++-------
>  hw/mem/nvdimm.c           |  4 ++++
>  softmmu/memory.c          |  7 +++++--
>  util/mmap-alloc.c         | 10 ++++++----
>  util/oslib-posix.c        |  2 +-
>  qemu-options.hx           |  5 ++++-
>  11 files changed, 70 insertions(+), 19 deletions(-)
> 
> -- 
> 2.26.2
>
Stefan Hajnoczi Aug. 21, 2020, 12:18 p.m. UTC | #2 
On Tue, Aug 04, 2020 at 11:12:41AM +0100, Stefan Hajnoczi wrote:
> There is currently no way to back an NVDIMM with a read-only file so it can be
> safely shared between untrusted guests.
> 
> Introduce an -object memory-backend-file,readonly=on|off option.
> 
> Julio Montes sent an earlier patch here:
> https://patchew.org/QEMU/20190708211936.8037-1-julio.montes@intel.com/
> 
> Eric Ernst requested this feature again for Kata Containers so I gave it a try.
> 
> Stefan Hajnoczi (3):
>   memory: add readonly support to memory_region_init_ram_from_file()
>   hostmem-file: add readonly=on|off option
>   nvdimm: honor -object memory-backend-file,readonly=on option
> 
>  docs/nvdimm.txt           |  8 +++++++-
>  include/exec/memory.h     |  2 ++
>  include/exec/ram_addr.h   |  5 +++--
>  include/qemu/mmap-alloc.h |  2 ++
>  backends/hostmem-file.c   | 26 +++++++++++++++++++++++++-
>  exec.c                    | 18 +++++++++++-------
>  hw/mem/nvdimm.c           |  4 ++++
>  softmmu/memory.c          |  7 +++++--
>  util/mmap-alloc.c         | 10 ++++++----
>  util/oslib-posix.c        |  2 +-
>  qemu-options.hx           |  5 ++++-
>  11 files changed, 70 insertions(+), 19 deletions(-)

Ping