Skip to content

vmm: open backing file read-only when not shared#7674

Merged
rbradford merged 1 commit intocloud-hypervisor:mainfrom
Rowen-Ye:main
Feb 6, 2026
Merged

vmm: open backing file read-only when not shared#7674
rbradford merged 1 commit intocloud-hypervisor:mainfrom
Rowen-Ye:main

Conversation

@Rowen-Ye
Copy link
Copy Markdown
Contributor

@Rowen-Ye Rowen-Ye commented Feb 6, 2026
edited
Loading

When restoring a VM from snapshot with a backing_file and shared=false, the code still opens the file read‑write.
This unnecessarily requires write permission even though the mapping is MAP_PRIVATE and does not persist changes to disk.

This becomes a blocker for common read‑only workflows, such as:

  • backing files stored on read‑only media,
  • or scenarios where the backing file may be deleted or replaced in a read‑only source after snapshot creation.

For shared=false, the backing file is now opened read‑only, which:

  • removes the write permission requirement,
  • allows restore to succeed on read‑only storage / overlay lower layers,
  • aligns file access with the MAP_PRIVATE semantics (no write‑back).

Signed-off-by: Rowen-Ye rowenye1@gmail.com

@Rowen-Ye Rowen-Ye requested a review from a team as a code owner February 6, 2026 11:30
phip1611
phip1611 approved these changes Feb 6, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@phip1611 phip1611 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, nice catch!

rbradford
rbradford reviewed Feb 6, 2026
View reviewed changes
Comment thread vmm/src/memory_manager.rs
rbradford
rbradford requested changes Feb 6, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@rbradford rbradford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to follow the repository commit message format

@Rowen-Ye
vmm: open backing file read-only when not shared
f899627 
When restoring from snapshot with shared=false, write access to the
backing file is not required. Opening it read-only allows restore to
succeed on read-only media and overlay lower layers while preserving
MAP_PRIVATE semantics.

Signed-off-by: Rowen-Ye <rowenye1@gmail.com>
@Rowen-Ye Rowen-Ye changed the title fix(memory): open backing file read-only when not shared vmm: open backing file read-only when not shared Feb 6, 2026
rbradford
rbradford approved these changes Feb 6, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@rbradford rbradford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your contribution!

@rbradford rbradford enabled auto-merge February 6, 2026 15:15
@rbradford rbradford added this pull request to the merge queue Feb 6, 2026
Merged via the queue into cloud-hypervisor:main with commit 2c2f5d2 Feb 6, 2026
42 of 43 checks passed
@likebreath likebreath added the bug-fix Bug fix to include in release notes label Feb 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rbradford rbradford rbradford approved these changes

@alyssais alyssais alyssais approved these changes

@phip1611 phip1611 phip1611 approved these changes

Assignees

No one assigned

Labels

bug-fix Bug fix to include in release notes

Projects

Cloud Hypervisor Roadmap
Status: ✅ Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Rowen-Ye @rbradford @alyssais @phip1611 @likebreath