From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <s.reiter@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 2F49F70778
 for <pve-devel@lists.proxmox.com>; Mon,  7 Jun 2021 12:35:57 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 25E2D10157
 for <pve-devel@lists.proxmox.com>; Mon,  7 Jun 2021 12:35:57 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id A48D91014C
 for <pve-devel@lists.proxmox.com>; Mon,  7 Jun 2021 12:35:52 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 7692F42B78
 for <pve-devel@lists.proxmox.com>; Mon,  7 Jun 2021 12:35:52 +0200 (CEST)
To: =?UTF-8?Q?Fabian_Gr=c3=bcnbichler?= <f.gruenbichler@proxmox.com>,
 Proxmox VE development discussion <pve-devel@lists.proxmox.com>
References: <20210604094748.3383339-1-f.gruenbichler@proxmox.com>
 <20210604094748.3383339-3-f.gruenbichler@proxmox.com>
 <a3c8a6a5-1c3b-573b-b187-edf763c1259f@proxmox.com>
 <1623060685.ii80j5ty3c.astroid@nora.none>
From: Stefan Reiter <s.reiter@proxmox.com>
Message-ID: <fc296768-465f-fbe6-cf2a-64637ffc107f@proxmox.com>
Date: Mon, 7 Jun 2021 12:35:51 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <1623060685.ii80j5ty3c.astroid@nora.none>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.948 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 NICE_REPLY_A           -0.001 Looks like a legit reply (A)
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: Re: [pve-devel] [PATCH qemu-server 2/6] drive: factor out read-only
 helper
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 10:35:57 -0000

On 6/7/21 12:23 PM, Fabian Grünbichler wrote:
> On June 7, 2021 11:29 am, Stefan Reiter wrote:
>> On 6/4/21 11:47 AM, Fabian Grünbichler wrote:
>>> we also need it for efidisks.
>>>
>>> Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
>>> ---
>>>    PVE/QemuServer.pm       |  8 ++------
>>>    PVE/QemuServer/Drive.pm | 10 ++++++++++
>>>    2 files changed, 12 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
>>> index 25ac052..0d49415 100644
>>> --- a/PVE/QemuServer.pm
>>> +++ b/PVE/QemuServer.pm
>>> @@ -48,7 +48,7 @@ use PVE::QemuServer::Helpers qw(min_version config_aware_timeout);
>>>    use PVE::QemuServer::Cloudinit;
>>>    use PVE::QemuServer::CGroup;
>>>    use PVE::QemuServer::CPUConfig qw(print_cpu_device get_cpu_options);
>>> -use PVE::QemuServer::Drive qw(is_valid_drivename drive_is_cloudinit drive_is_cdrom parse_drive print_drive);
>>> +use PVE::QemuServer::Drive qw(is_valid_drivename drive_is_cloudinit drive_is_cdrom drive_is_read_only parse_drive print_drive);
>>>    use PVE::QemuServer::Machine;
>>>    use PVE::QemuServer::Memory;
>>>    use PVE::QemuServer::Monitor qw(mon_cmd);
>>> @@ -3662,11 +3662,7 @@ sub config_to_command {
>>>    	my $drive_cmd = print_drive_commandline_full($storecfg, $vmid, $drive, $pbs_name);
>>>    
>>>    	# extra protection for templates, but SATA and IDE don't support it..
>>> -	my $read_only = PVE::QemuConfig->is_template($conf)
>>> -	    && $drive->{interface} ne 'sata'
>>> -	    && $drive->{interface} ne 'ide';
>>> -
>>> -	$drive_cmd .= ',readonly=on' if $read_only;
>>> +	$drive_cmd .= ',readonly=on' if drive_is_read_only($conf, $drive);
>>>    
>>>    	push @$devices, '-drive',$drive_cmd;
>>>    	push @$devices, '-device', print_drivedevice_full(
>>> diff --git a/PVE/QemuServer/Drive.pm b/PVE/QemuServer/Drive.pm
>>> index 146a4ab..0408e32 100644
>>> --- a/PVE/QemuServer/Drive.pm
>>> +++ b/PVE/QemuServer/Drive.pm
>>> @@ -12,6 +12,7 @@ our @EXPORT_OK = qw(
>>>    is_valid_drivename
>>>    drive_is_cloudinit
>>>    drive_is_cdrom
>>> +drive_is_read_only
>>>    parse_drive
>>>    print_drive
>>>    );
>>> @@ -422,6 +423,15 @@ sub drive_is_cdrom {
>>>        return $drive && $drive->{media} && ($drive->{media} eq 'cdrom');
>>>    }
>>>    
>>> +sub drive_is_read_only {
>>
>> I really don't like this name, this checks if the drive *should* be
>> read-only, and only related to template backups, not in general.
> 
> yeah, `drive_should_be_read_only` would be more apt, but also sounds
> wrong. I did have the non-template case in mind as well (e.g., adding a
> 'ro' flag to the drive in our VM config as a future addon, like we have
> for container mountpoints).
> 

Yes, I actually assumed we could already do that before I looked more 
closely when reviewing your patches :)

>>
>> Maybe 'drive_template_read_only'?
>>
>> The function does two pretty unrelated things in general IMO, so maybe
>> it would be clearer to do the is_template check at call site and make
>> this 'drive_supports_read_only', even if it causes a little bit more
>> duplication.
> 
> would work as well. or we drop all of it and no longer mark any drives
> as read-only, if we use the patch that adds '-snapshot' for
> 'start-template-for-backup'? at the risk of re-doing it if we ever add a
> 'ro' property for individual regular disks/drives..
> 

Hm, I do like the idea of marking them read-only if possible, even if we 
pass '-snapshot' - all of this is just preventative anyway, as the guest 
is stopped and should never write anything, so at this point might as 
well make it in-depth if it's cheap like here. And potentially reuseable 
for a ro flag.

>>
>>> +    my ($conf, $drive) = @_;
>>> +
>>> +    return 0 if !PVE::QemuConfig->is_template($conf);
>>> +
>>> +    # don't support being marked read-only
>>> +    return $drive->{interface} ne 'sata' && $drive->{interface} ne 'ide';
>>> +}
>>> +
>>>    # ideX = [volume=]volume-id[,media=d][,cyls=c,heads=h,secs=s[,trans=t]]
>>>    #        [,snapshot=on|off][,cache=on|off][,format=f][,backup=yes|no]
>>>    #        [,rerror=ignore|report|stop][,werror=enospc|ignore|report|stop]
>>>
>>