From nobody Sun Feb  8 20:28:21 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1672936280; cv=none;
	d=zohomail.com; s=zohoarc;
	b=nrlMR0tpoN1fnEQEL4h2OktUX/l/FZGGps+wNc0TYZmkRIM1WoB58eIvb6T19xeJEkOnnEQKTnEnV5AyqizkTOCZU5nCNw4XDzEWYRRws/ChzpOiRlgC0fWLh3v5skr88p/acW+nYG8t2SNojChBjZMt+d67gLxCNKKUB3Mr5MU=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1672936280;
 h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=LJaZaRaEU5KewldPD/ypdu5kEPwur1sss8Ngg+EeNrk=;
	b=Oce4QEi85jBc+ALfsWMO7duBSeXOKbeAQk1koc+HOXL+FgpEnnAanZVvDbUdozqQLC9aIVRZW2CQOAuTbYwkrQJc/DbuDRMmbVD8C1sGRG5gp8U5rIlMq/u0Mn/Uj3j9mSqg4KPN25v2kgO2OAm+UC+uI33p+LQrJK2UuJisRuY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1672936280781428.1429531555792;
 Thu, 5 Jan 2023 08:31:20 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-658-XggXmLVbO5aZ2V-DMYPWHw-1; Thu, 05 Jan 2023 11:31:13 -0500
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com
 [10.11.54.1])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A84933C10259;
	Thu,  5 Jan 2023 16:30:57 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 8E4E640C2007;
	Thu,  5 Jan 2023 16:30:57 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 7DA6619465A2;
	Thu,  5 Jan 2023 16:30:57 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
 [10.11.54.6])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 1F6F119465B3 for <libvir-list@listman.corp.redhat.com>;
 Thu,  5 Jan 2023 16:30:57 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id 04FAE2166B31; Thu,  5 Jan 2023 16:30:57 +0000 (UTC)
Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com
 [10.40.208.20])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 6234E2166B30
 for <libvir-list@redhat.com>; Thu,  5 Jan 2023 16:30:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1672936279;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=LJaZaRaEU5KewldPD/ypdu5kEPwur1sss8Ngg+EeNrk=;
	b=XzcGb97xSrFsv2jDryLpxm/sj+Zune9OnegT8rG9gIhyEfhPzcOWIGPg+h7Zjj/5N50BI/
	7NlYxVRk9QzLuQkCKq0JdcjOuDYcVLMVMiJ79KH03rfK/sbRGjrIeydOR6GwRPQZVqTunt
	rTChXNn3/h6kHskYw/hFtA81QDZ27Lk=
X-MC-Unique: XggXmLVbO5aZ2V-DMYPWHw-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH 25/36] conf: Add 'fdgroup' attribute for 'file' disks
Date: Thu,  5 Jan 2023 17:30:14 +0100
Message-Id: 
 <26e67d68668fb73fc10b20ce051ee4bc77459c96.1672935969.git.pkrempa@redhat.com>
In-Reply-To: <cover.1672935968.git.pkrempa@redhat.com>
References: <cover.1672935968.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1672936281919100002
Content-Type: text/plain; charset="utf-8"

The 'fdgroup' will allow users to specify a passed FD (via the
'virDomainFDAssociate()' API)  use instead of opening a path. This is
useful in cases when e.g. the file is not accessible from inside a
container.

Since this uses the same disk type as when we open files via names this
patch also introduces a hypervisor feature which the hypervisor asserts
that code paths are ready for this possibility.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
---
 docs/formatdomain.rst                     |  8 +++++
 src/conf/domain_conf.c                    |  2 ++
 src/conf/domain_conf.h                    |  1 +
 src/conf/domain_postparse.c               |  9 +++++
 src/conf/schemas/domaincommon.rng         |  3 ++
 src/conf/storage_source_conf.c            |  2 ++
 src/conf/storage_source_conf.h            |  1 +
 src/security/virt-aa-helper.c             |  3 +-
 tests/qemuxml2argvdata/disk-source-fd.xml | 40 +++++++++++++++++++++++
 9 files changed, 68 insertions(+), 1 deletion(-)
 create mode 100644 tests/qemuxml2argvdata/disk-source-fd.xml

diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index d7fffc6e0b..109a2ac45a 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -2701,6 +2701,14 @@ paravirtualized driver is specified via the ``disk``=
 element.
    ``file``
       The ``file`` attribute specifies the fully-qualified path to the file
       holding the disk. :since:`Since 0.0.3`
+
+      :since:`Since 9.0.0` a new optional attribute ``fdgroup`` can be add=
ed
+      instructing to access the disk via file descriptiors associated to t=
he
+      domain object via the ``virDomainFDAssociate()`` API rather than ope=
ning
+      the files. The files do not necessarily have to be accessible by lib=
virt
+      via the filesystem. The filename passed via ``file`` can still be us=
ed
+      to generate paths to write into image metadata when doing block oper=
ations
+      but libvirt will not access these natively.
    ``block``
       The ``dev`` attribute specifies the fully-qualified path to the host
       device to serve as the disk. :since:`Since 0.0.3`
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 66189277fd..939b221bc7 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -7345,6 +7345,7 @@ virDomainStorageSourceParse(xmlNodePtr node,
     switch (src->type) {
     case VIR_STORAGE_TYPE_FILE:
         src->path =3D virXMLPropString(node, "file");
+        src->fdgroup =3D virXMLPropString(node, "fdgroup");
         break;
     case VIR_STORAGE_TYPE_BLOCK:
         src->path =3D virXMLPropString(node, "dev");
@@ -21877,6 +21878,7 @@ virDomainDiskSourceFormat(virBuffer *buf,
     switch (src->type) {
     case VIR_STORAGE_TYPE_FILE:
         virBufferEscapeString(&attrBuf, " file=3D'%s'", src->path);
+        virBufferEscapeString(&attrBuf, " fdgroup=3D'%s'", src->fdgroup);
         break;

     case VIR_STORAGE_TYPE_BLOCK:
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 33c4ff69dd..0b7a095ffd 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -3167,6 +3167,7 @@ typedef enum {
     VIR_DOMAIN_DEF_FEATURE_NO_BOOT_ORDER =3D (1 << 6),
     VIR_DOMAIN_DEF_FEATURE_FW_AUTOSELECT =3D (1 << 7),
     VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING =3D (1 << 8),
+    VIR_DOMAIN_DEF_FEATURE_DISK_FD =3D (1 << 9),
 } virDomainDefFeatures;


diff --git a/src/conf/domain_postparse.c b/src/conf/domain_postparse.c
index 9a3e8f494c..d1f0b80338 100644
--- a/src/conf/domain_postparse.c
+++ b/src/conf/domain_postparse.c
@@ -885,6 +885,15 @@ virDomainDeviceDefPostParseCheckFeatures(virDomainDevi=
ceDef *dev,
         return -1;
     }

+    if (dev->type =3D=3D VIR_DOMAIN_DEVICE_DISK &&
+        dev->data.disk->src->fdgroup &&
+        UNSUPPORTED(VIR_DOMAIN_DEF_FEATURE_DISK_FD)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("driver does not support FD passing for disk '%s'=
"),
+                       dev->data.disk->dst);
+        return -1;
+    }
+
     return 0;
 }
 #undef UNSUPPORTED
diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom=
mon.rng
index c588a48fd2..ccc114beff 100644
--- a/src/conf/schemas/domaincommon.rng
+++ b/src/conf/schemas/domaincommon.rng
@@ -1806,6 +1806,9 @@
                 <ref name=3D"vmwarePath"/>
               </choice>
             </attribute>
+            <optional>
+              <attribute name=3D"fdgroup"/>
+            </optional>
           </optional>
           <ref name=3D"diskSourceCommon"/>
           <optional>
diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c
index e9d9c3a558..395b78844d 100644
--- a/src/conf/storage_source_conf.c
+++ b/src/conf/storage_source_conf.c
@@ -817,6 +817,7 @@ virStorageSourceCopy(const virStorageSource *src,
     def->drv =3D NULL;

     def->path =3D g_strdup(src->path);
+    def->fdgroup =3D g_strdup(src->fdgroup);
     def->volume =3D g_strdup(src->volume);
     def->relPath =3D g_strdup(src->relPath);
     def->backingStoreRaw =3D g_strdup(src->backingStoreRaw);
@@ -1123,6 +1124,7 @@ virStorageSourceClear(virStorageSource *def)
         return;

     VIR_FREE(def->path);
+    VIR_FREE(def->fdgroup);
     VIR_FREE(def->volume);
     VIR_FREE(def->snapshot);
     VIR_FREE(def->configFile);
diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h
index 7c99ac8976..ef82104e6c 100644
--- a/src/conf/storage_source_conf.h
+++ b/src/conf/storage_source_conf.h
@@ -289,6 +289,7 @@ struct _virStorageSource {
     unsigned int id; /* backing chain identifier, 0 is unset */
     virStorageType type;
     char *path;
+    char *fdgroup; /* name of group of file descriptors the user wishes to=
 use instead of 'path' */
     int protocol; /* virStorageNetProtocol */
     char *volume; /* volume name for remote storage */
     char *snapshot; /* for storage systems supporting internal snapshots */
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 53a1cd1048..c8db925094 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -607,7 +607,8 @@ virDomainDefParserConfig virAAHelperDomainDefParserConf=
ig =3D {
     .features =3D VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
                 VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
                 VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS |
-                VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING,
+                VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING |
+                VIR_DOMAIN_DEF_FEATURE_DISK_FD,
 };

 static int
diff --git a/tests/qemuxml2argvdata/disk-source-fd.xml b/tests/qemuxml2argv=
data/disk-source-fd.xml
new file mode 100644
index 0000000000..d8c47fa364
--- /dev/null
+++ b/tests/qemuxml2argvdata/disk-source-fd.xml
@@ -0,0 +1,40 @@
+<domain type=3D'qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit=3D'KiB'>219136</memory>
+  <currentMemory unit=3D'KiB'>219136</currentMemory>
+  <vcpu placement=3D'static'>1</vcpu>
+  <os>
+    <type arch=3D'x86_64' machine=3D'pc'>hvm</type>
+    <boot dev=3D'hd'/>
+  </os>
+  <clock offset=3D'utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type=3D'file' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'qcow2'/>
+      <source file=3D'/path/to/blah' fdgroup=3D'testgroup2'/>
+      <target dev=3D'vde' bus=3D'virtio'/>
+    </disk>
+    <disk type=3D'file' device=3D'disk'>
+      <driver name=3D'qemu' type=3D'qcow2'/>
+      <source file=3D'/var/lib/libvirt/images/rhel7.1484071880' fdgroup=3D=
'testgroup5'/>
+      <backingStore type=3D'file'>
+        <format type=3D'qcow2'/>
+        <source file=3D'/var/lib/libvirt/images/rhel7.1484071877' fdgroup=
=3D'testgroup6'/>
+        <backingStore type=3D'file'>
+          <format type=3D'qcow2'/>
+          <source file=3D'/var/lib/libvirt/images/rhel7.1484071876'/>
+          <backingStore/>
+        </backingStore>
+      </backingStore>
+      <target dev=3D'vdf' bus=3D'virtio'/>
+    </disk>
+    <controller type=3D'usb'/>
+    <controller type=3D'pci' model=3D'pci-root'/>
+    <memballoon model=3D'virtio'/>
+  </devices>
+</domain>
--=20
2.38.1