Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1671798

Summary: Add facility to use block jobs with backing images without write permission
Product: Red Hat Enterprise Linux Advanced Virtualization Reporter: Peter Krempa <pkrempa>
Component: qemu-kvmAssignee: Kevin Wolf <kwolf>
Status: CLOSED DUPLICATE QA Contact: aihua liang <aliang>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.1CC: chayang, coli, juzhang, ngu, rbalakri, virt-maint
Target Milestone: rc   
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1685989 (view as bug list) Environment:
Last Closed: 2019-06-05 00:55:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1685989    

Description Peter Krempa 2019-02-01 16:53:09 UTC 
Description of problem:
When discussing the use of 'auto-read-only' property for use with -blockdev so that libvirt is able to use block jobs I forgot that sVirt labelling of the backing chain images actually forbids the write permission. [1]

This means that the 'auto-read-only' property works as expected and opens the images as read-only in this case. This unfortunately means that when libvirt attempts a block-commit which needs to write into the backing chain we relabel the image to allow write, but qemu will not reopen it any more.

This means that we unfortunately still need a way to control reopening of the images of the backing chain:
1) automatically by block-commit doing the right thing
2) manually by providing an interface to achieve that

Libvirt is relabeling the files anyways so 2) is also acceptable.

[1] Unfortunately it's very unpleasant to run a development git image of libvirt under full enforcing selinux, thus I neglected todo when testing 'auto-read-only'. I'm sorry for that.