[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: qcow2: Zero-initialization of external data files
|
From: |
Kevin Wolf |
|
Subject: |
Re: qcow2: Zero-initialization of external data files |
|
Date: |
Tue, 14 Apr 2020 14:34:53 +0200 |
|
User-agent: |
Mutt/1.12.1 (2019-06-15) |
Am 09.04.2020 um 17:56 hat Eric Blake geschrieben:
> On 4/9/20 10:46 AM, Eric Blake wrote:
>
> > > > We don't support concurrent modification. But if the guest is running
> > > > and unmaps things, then shuts off, then we edit the raw file offline,
> > > > then we restart the guest, the guest should see the results of those
> > > > offline edits.
> > >
> > > Should it? The specification doesn’t say anything about that.
> > >
> > > In fact, I think we have always said we explicitly discourage that
> > > because this might lead to outdated metadata; even though we usually
> > > meant “dirty bitmaps” by that.
> >
> > Hmm. Kevin, I'd really like your opinion here. The point of the
> > raw-external-data flag is to state that "qemu MUST ensure that whatever
> > is done to this image while the guest is running is reflected through to
> > the raw file, so that after the guest stops, the raw file alone is still
> > viable to see what the guest saw". But as you say, there's a difference
> > between "the raw file will read what the guest saw" and "we can now edit
> > the raw file without regards to the qcow2 wrapper but later reuse of the
> > qcow2 wrapper won't be corrupted by those edits".
>
> Another random thought: Should we add a header extension that records the
> timestamps of an external data file? That way, if the timestamps of the
> file have changed from what we recorded in our optional header, then we can
> flag to the user that our metadata may be stale because of what appears to
> be external edits. But that's not always going to save us - timestamps on a
> block device don't behave the same as timestamps on a POSIX file, and just
> because timestamps change (such as when copying a file from one place to
> another) does not imply that contents have changed. My personal take -
> unless adding such a header can definitely add safety, it may not be worth
> the cost of complicating the standard - this was more just documenting an
> idea I had even if we don't choose to pursue it.
In the context of verifying backing file links, Jeff Cody once brought
up an idea where we would have something like a generation counter in
the header that would be increased every time you open the image
read-write. Then you could store that counter value in the backing file
and external data file links and detect if someone else wrote to the
child image and invalidated it.
Though obviously raw images still won't have a counter, and if they had
one, nobody would increase it when writing to it externally, so it
doesn't actually work for real-world external data files...
I wouldn't rely on file timestamps, you already mentioned some good
reasons.
Kevin
- Re: qcow2: Zero-initialization of external data files, Eric Blake, 2020/04/06
- Re: qcow2: Zero-initialization of external data files, Max Reitz, 2020/04/09
- Re: qcow2: Zero-initialization of external data files, Eric Blake, 2020/04/09
- Re: qcow2: Zero-initialization of external data files, Eric Blake, 2020/04/09
- Re: qcow2: Zero-initialization of external data files, Max Reitz, 2020/04/09
- Re: qcow2: Zero-initialization of external data files, Eric Blake, 2020/04/09
- Re: qcow2: Zero-initialization of external data files, Max Reitz, 2020/04/09
- Re: qcow2: Zero-initialization of external data files, Eric Blake, 2020/04/09
- Re: qcow2: Zero-initialization of external data files, Eric Blake, 2020/04/09
- Re: qcow2: Zero-initialization of external data files,
Kevin Wolf <=
- Re: qcow2: Zero-initialization of external data files, Kevin Wolf, 2020/04/14