On Wed, Jan 16, 2019 at 06:46:39PM +0300, Ilya Maximets wrote: > > > On 16.01.2019 18:30, Eduardo Habkost wrote: > > On Wed, Dec 12, 2018 at 07:49:36AM +0100, Gerd Hoffmann wrote: > >> On Tue, Dec 11, 2018 at 02:09:11PM +0300, Ilya Maximets wrote: > >>> On 11.12.2018 13:53, Daniel P. Berrangé wrote: > >>>>> > >>>>> Let's restrict memfd backend to systems with sealing support. > >>>> > >>>> I don't think we need todo that - sealing is optional in the QEMU code, > >>>> we simply have it set to the wrong default when sealing is not available. > >>> > >>> That was literally what I've fixed in v1: > >>> https://lists.nongnu.org/archive/html/qemu-devel/2018-11/msg05483.html > >>> > >>> but 2 people suggested me to disable memfd entirely for this case. > >>> Do you think I need to get patch from v1 back ? > >>> > >>> Gerd, Marc-André, what do you think? > >> > >> I still think it makes sense to require sealing support. Sealing is > >> very useful, and there are only a few kernel versions with memfd but > >> without sealing. So finding such kernels in the wild will become more > >> rare over time. I wouldn't worry too much about them. > > > > -object memory-backend-memfd,id=mem,size=2M,seal=off still > > works on those systems, doesn't it? What's the rationale for > > breaking a working configuration without following the > > deprecation policy? > > > > See the commit message. > '.seal' property is not registered if sealing is not supported. > So, there is no way to disable sealing on the system that does not support it.
As I pointed out a few lines up, this is simply because QEMU has a bug setting seal=true as the built-in default value even when it isn't supported. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
