On Wed, Jan 16, 2019 at 03:48:57PM +0000, Daniel P. Berrangé wrote: > On Wed, Jan 16, 2019 at 06:46:39PM +0300, Ilya Maximets wrote: > > > > > > On 16.01.2019 18:30, Eduardo Habkost wrote: > > > On Wed, Dec 12, 2018 at 07:49:36AM +0100, Gerd Hoffmann wrote: > > >> On Tue, Dec 11, 2018 at 02:09:11PM +0300, Ilya Maximets wrote: > > >>> On 11.12.2018 13:53, Daniel P. Berrangé wrote: > > >>>>> > > >>>>> Let's restrict memfd backend to systems with sealing support. > > >>>> > > >>>> I don't think we need todo that - sealing is optional in the QEMU code, > > >>>> we simply have it set to the wrong default when sealing is not > > >>>> available. > > >>> > > >>> That was literally what I've fixed in v1: > > >>> > > >>> https://lists.nongnu.org/archive/html/qemu-devel/2018-11/msg05483.html > > >>> > > >>> but 2 people suggested me to disable memfd entirely for this case. > > >>> Do you think I need to get patch from v1 back ? > > >>> > > >>> Gerd, Marc-André, what do you think? > > >> > > >> I still think it makes sense to require sealing support. Sealing is > > >> very useful, and there are only a few kernel versions with memfd but > > >> without sealing. So finding such kernels in the wild will become more > > >> rare over time. I wouldn't worry too much about them. > > > > > > -object memory-backend-memfd,id=mem,size=2M,seal=off still > > > works on those systems, doesn't it? What's the rationale for > > > breaking a working configuration without following the > > > deprecation policy? > > > > > > > See the commit message. > > '.seal' property is not registered if sealing is not supported. > > So, there is no way to disable sealing on the system that does not support > > it. > > As I pointed out a few lines up, this is simply because QEMU has a bug > setting seal=true as the built-in default value even when it isn't > supported.
Changing to seal=false by default may make it work on some hosts, but I don't see the point of increasing our support burden just for a few kernel versions. I agree with Gerd, I think it's simpler to keep it unsupported. -- Eduardo
