From nobody Thu Nov 21 13:07:39 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1730280200011350.8490105745826; Wed, 30 Oct 2024 02:23:20 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id E7CC1143F; Wed, 30 Oct 2024 05:23:18 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 540E71410; Wed, 30 Oct 2024 05:22:58 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id C160913D5; Wed, 30 Oct 2024 05:22:55 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 23D5313CC for ; Wed, 30 Oct 2024 05:22:54 -0400 (EDT) Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-688-kEkxatD5NFiydHFjiK6d5g-1; Wed, 30 Oct 2024 05:22:52 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 9855F19560AB for ; Wed, 30 Oct 2024 09:22:51 +0000 (UTC) Received: from speedmetal.lan (unknown [10.45.242.4]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id CDB2019560A2 for ; Wed, 30 Oct 2024 09:22:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1730280173; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bA71Puh/LQTVZT8JDNJRG92a7o2TRR4VrKonzKTfVGA=; b=KqMaSDn6A0htpPLw3tU1lpXVSmIIVYoqVldIQST4tBMute5IXu1ZWVoOAw4bzvvYdzS46Z X7e/LxnsqXNWW27OO7T9nTpm7lDQ2oa0FQp2WqvVbVMi6Mz/zlpN91aie51/GPVUxjAXsN PXGpvPxSh07W07p6S5/F4myUVfaRhk4= X-MC-Unique: kEkxatD5NFiydHFjiK6d5g-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH] docs: domain: Be more upfront about 'sgio' not being actually supported Date: Wed, 30 Oct 2024 10:22:49 +0100 Message-ID: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: JFKORPFD2JQ6HWZPSK6KHCJW37LO6572 X-Message-ID-Hash: JFKORPFD2JQ6HWZPSK6KHCJW37LO6572 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1730280201037116600 Content-Type: text/plain; charset="utf-8" The support for the 'sgio' attribute for SCSI-backed devices was dropped as there wasn't really ever any upstream support for it. The docs do state that support for this depends on the hypervisor itself, but we can be more clear that there is no hypervisor which does support it. There is also a suggestion to use 'sgio' instead of 'rawio' as being more "secure" but since it no longer works drop this suggestion. Resolves: https://issues.redhat.com/browse/RHEL-65268 Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- docs/formatdomain.rst | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 3253a28e5a..d16e00661a 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -2767,14 +2767,13 @@ paravirtualized driver is specified via the ``disk`= ` element. per-process basis). This attribute is only valid when device is "lun= ". NB, ``rawio`` intends to confine the capability per-device, however, cur= rent QEMU implementation gives the domain process broader capability than= that - (per-process basis, affects all the domain disks). To confine the - capability as much as possible for QEMU driver as this stage, ``sgio= `` is - recommended, it's more secure than ``rawio``. :since:`Since 0.9.10` + (per-process basis, affects all the domain disks). :since:`Since 0.9= .10` ``sgio`` If supported by the hypervisor and OS, indicates whether unprivileged SG_IO commands are filtered for the disk. Valid settings are "filter= ed" or "unfiltered" where the default is "filtered". Only available when the - ``device`` is 'lun'. :since:`Since 1.0.2` + ``device`` is 'lun'. The attribute exists :since:`Since 1.0.2`, alth= ough + currently it's no longer supported by any hypervisor. ``snapshot`` Indicates the default behavior of the disk during disk snapshots: ``internal`` requires a file format such as qcow2 that can store both @@ -4346,7 +4345,7 @@ or: ... - +
@@ -4436,14 +4435,19 @@ or: ``display`` attribute to be set to ``on``. ``scsi`` For SCSI devices, user is responsible to make sure the device is not= used - by host. If supported by the hypervisor and OS, the optional ``sgio`= ` ( - :since:`since 1.0.6` ) attribute indicates whether unprivileged SG_IO - commands are filtered for the disk. Valid settings are "filtered" or - "unfiltered", where the default is "filtered". The optional ``rawio`= ` ( - :since:`since 1.2.9` ) attribute indicates whether the lun needs the= rawio - capability. Valid settings are "yes" or "no". See the rawio descript= ion - within the `Hard drives, floppy disks, CDROMs`_ section. If a disk l= un in the domain - already has the rawio capability, then this setting not required. + by host. + + If supported by the hypervisor and OS, the optional ``sgio`` ( + :since:`since 1.0.6`, but currently no longer supported by any hyper= visor + driver ) attribute indicates whether unprivileged SG_IO commands are + filtered for the disk. Valid settings are "filtered" or + "unfiltered", where the default is "filtered". + + The optional ``rawio`` (:since:`since 1.2.9` ) attribute indicates w= hether + the lun needs the rawio capability. Valid settings are "yes" or "no". + See the rawio description within the `Hard drives, floppy disks, CDR= OMs`_ + section. If a disk lun in the domain already has the rawio capabilit= y, + then this setting not required. ``scsi_host`` :since:`since 2.5.0` For SCSI devices, user is responsible to make s= ure the device is not used by host. This ``type`` passes all LUNs presen= ted by --=20 2.47.0