[libvirt] [PATCH] qemu: Warn of restore with managed save being risky
Daniel Henrique Barboza
danielhb413 at gmail.com
Tue Dec 31 20:19:54 UTC 2019
On 12/30/19 3:07 PM, Michael Weiser wrote:
> Internal snapshots of a non-running domain do not carry any memory state
> and restoring such a snapshot will not replace existing saved memory
> state. This allows a scenario, where a user first suspends a domain into
> managedsave, restores a non-running snapshot and then resumes the domain
> from managedsave. After that, the guest system will run with its
> previous memory state atop a different disk state. The most obvious
> possible fallout from this is extensive file system corruption. Swap
> content and RAID bitmaps might also be off.
>
> This has been discussed[1] and fixed[2] from the end-user perspective for
> virt-manager.
>
> This patch marks the restore operation as risky at the libvirt level,
> requiring the user to remove the saved memory state first or force the
> operation.
>
> [1] https://www.redhat.com/archives/virt-tools-list/2019-November/msg00011.html
> [2] https://www.redhat.com/archives/virt-tools-list/2019-December/msg00049.html
>
> Signed-off-by: Michael Weiser <michael.weiser at gmx.de>
> Cc: Cole Robinson <crobinso at redhat.com>
> ---
As said in [1], I agree that the API needs a flag override to allow the user
to roll with it despite the risks. Given that this is somewhat a corner case,
I also believe that such override can go in a separated patch/series later
on.
Reviewed-by: Daniel Henrique Barboza <danielhb413 at gmail.com>
More information about the libvir-list
mailing list