from:"Stefan Berger"

[PATCH v3 09/10] qemu: Move adding of keys to swtpm command line into own function

2024-10-18 Thread Stefan Berger

Factor-out code related to adding key to the swtpm command line into its own function. Signed-off-by: Stefan Berger --- src/qemu/qemu_tpm.c | 60 +++-- 1 file changed, 36 insertions(+), 24 deletions(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu

[PATCH v3 10/10] qemu: Read the profile name after creation of TPM instance

2024-10-18 Thread Stefan Berger

t emulator descriptions and have the persistent stored with the update. Signed-off-by: Stefan Berger --- src/qemu/qemu_extdevice.c | 5 +- src/qemu/qemu_tpm.c | 105 -- src/qemu/qemu_tpm.h | 3 +- src/util/virtpm.c | 1 + src/uti

[PATCH v3 06/10] conf: Add support for profile parameter on TPM emulator in domain XML

2024-10-18 Thread Stefan Berger

Extend the parser and XML builder with support for the profile parameter and its remove_disabled attribute. Signed-off-by: Stefan Berger --- src/conf/domain_conf.c | 36 src/conf/domain_conf.h | 2 ++ src/conf/domain_validate.c | 7 +++ 3 files

[PATCH v3 07/10] docs: Add documentation for the TPM backend profile node

2024-10-18 Thread Stefan Berger

Add documentation for the TPM backend profile node and point the reader to further documentation about TPM profiles available in the swtpm and TPMLIB_SetProfile man pages. Signed-off-by: Stefan Berger --- docs/formatdomain.rst | 30 ++ 1 file changed, 30 insertions

[PATCH v3 08/10] qemu: Extend swtpm_setup command line to set a profile by its name

2024-10-18 Thread Stefan Berger

to try to use an internal profile with the given name. Also set the --profile-remove-disabled option if the user provided a value in the remove_disabled attribute in the profile XML node. Signed-off-by: Stefan Berger --- src/qemu/qemu_tpm.c | 37 + 1 file c

[PATCH v3 04/10] conf: Define enum virDomainTPMProfileRemoveDisabled

2024-10-18 Thread Stefan Berger

Reviewed-by: Marc-André Lureau Signed-off-by: Stefan Berger --- src/conf/domain_conf.c | 7 +++ src/conf/domain_conf.h | 9 + 2 files changed, 16 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 6d7dee7956..9e9b9000a8 100644 --- a/src/conf

[PATCH v3 03/10] util: Add parsing support for swtpm_setup's cmdarg-profile capability

2024-10-18 Thread Stefan Berger

Add support for parsing swtpm_setup 'cmdarg-profile' capability (since v0.10). Reviewed-by: Marc-André Lureau Signed-off-by: Stefan Berger --- src/util/virtpm.c | 1 + src/util/virtpm.h | 1 + tests/testutilsqemu.c | 1 + 3 files changed, 3 insertions(+) diff --git a/src/uti

[PATCH v3 02/10] qemu: Pass virQEMUDriverConfig rather than some of its fields

2024-10-18 Thread Stefan Berger

Reviewed-by: Marc-André Lureau Signed-off-by: Stefan Berger --- v3: - Adjustments due to rebase - Applied Marc-André's R-b --- src/qemu/qemu_tpm.c | 52 + 1 file changed, 20 insertions(+), 32 deletions(-) diff --git a/src/qemu/qemu_tpm.c

[PATCH v3 01/10] conf: Move TPM emulator parameters into own struct

2024-10-18 Thread Stefan Berger

To avoid passing TPM emulator parameters around individually, move them into a structure and pass around the structure. Reviewed-by: Marc-André Lureau Signed-off-by: Stefan Berger --- v3: - Made virDomainTPMEmulatorDef first parameter to functions - Applied Marc-André's R-b --- src

[PATCH v3 05/10] schema: Extend schema for TPM emulator profile node

2024-10-18 Thread Stefan Berger

ode on the host. Signed-off-by: Stefan Berger --- src/conf/schemas/domaincommon.rng | 25 + 1 file changed, 25 insertions(+) diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng index efb5f00d77..862de141da 100644 --- a/src/conf/schemas/domain

[PATCH v3 00/10] swtpm: Add support for profiles

2024-10-18 Thread Stefan Berger

- 2/10: Adjustments to due rebase - Applied Marc-André's R-b tags - 10/10: Read back profile name from swtpm and adjust it in emulator defs Stefan Berger (10): conf: Move TPM emulator parameters into own struct qemu: Pass virQEMUDriverConfig rather than some of its fields util: Add

Re: [PATCH v3 3/5] schema: add TPM emulator

2024-10-14 Thread Stefan Berger

On 10/14/24 9:41 AM, Daniel P. Berrangé wrote: On Mon, Oct 14, 2024 at 09:35:14AM -0400, Stefan Berger wrote: On 10/14/24 5:17 AM, Daniel P. Berrangé wrote: On Fri, Oct 11, 2024 at 10:16:51AM -0400, Stefan Berger wrote: On 10/11/24 10:10 AM, Marc-André Lureau wrote: Hi On Fri, Oct 11

Re: [PATCH v3 3/5] schema: add TPM emulator

2024-10-14 Thread Stefan Berger

On 10/14/24 5:17 AM, Daniel P. Berrangé wrote: On Fri, Oct 11, 2024 at 10:16:51AM -0400, Stefan Berger wrote: On 10/11/24 10:10 AM, Marc-André Lureau wrote: Hi On Fri, Oct 11, 2024 at 5:49 PM Stefan Berger wrote: On 10/4/24 9:32 AM, marcandre.lur...@redhat.com wrote: From: Marc

Re: [PATCH v3 3/5] schema: add TPM emulator

2024-10-14 Thread Stefan Berger

On 10/14/24 5:19 AM, Daniel P. Berrangé wrote: On Fri, Oct 11, 2024 at 10:46:58AM -0400, Stefan Berger wrote: On 10/11/24 10:32 AM, Marc-André Lureau wrote: Hi On Fri, Oct 11, 2024 at 6:17 PM Stefan Berger wrote: On 10/11/24 10:10 AM, Marc-André Lureau wrote: Hi On Fri, Oct 11

Re: [PATCH v3 3/5] schema: add TPM emulator

2024-10-11 Thread Stefan Berger

On 10/11/24 10:32 AM, Marc-André Lureau wrote: Hi On Fri, Oct 11, 2024 at 6:17 PM Stefan Berger wrote: On 10/11/24 10:10 AM, Marc-André Lureau wrote: Hi On Fri, Oct 11, 2024 at 5:49 PM Stefan Berger wrote: On 10/4/24 9:32 AM, marcandre.lur...@redhat.com wrote: From: Marc-André

Re: [PATCH v3 3/5] schema: add TPM emulator

2024-10-11 Thread Stefan Berger

On 10/11/24 10:10 AM, Marc-André Lureau wrote: Hi On Fri, Oct 11, 2024 at 5:49 PM Stefan Berger wrote: On 10/4/24 9:32 AM, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau Learn to parse a file path for the TPM state. Signed-off-by: Marc-André Lureau --- docs

Re: [PATCH v3 3/5] schema: add TPM emulator

2024-10-11 Thread Stefan Berger

On 10/4/24 9:32 AM, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau Learn to parse a file path for the TPM state. Signed-off-by: Marc-André Lureau --- docs/formatdomain.rst | 19 ++ src/conf/domain_conf.c | 28 +++

Re: [PATCH v3 1/5] util: check swtpm nvram-backend-{dir,file} capabilities

2024-10-11 Thread Stefan Berger

On 10/4/24 9:32 AM, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau Signed-off-by: Marc-André Lureau Reviewed-by: Stefan Berger --- src/util/virtpm.c | 2 ++ src/util/virtpm.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/src/util/virtpm.c b/src/util/virtpm.c

Re: [RFC PATCH v2 7/8] docs: Add documentation for the TPM backend profile node

2024-09-30 Thread Stefan Berger

On 9/30/24 6:04 AM, Daniel P. Berrangé wrote: On Sat, Sep 28, 2024 at 12:33:37PM -0400, Stefan Berger wrote: On 9/27/24 1:06 PM, Daniel P. Berrangé wrote: On Thu, Sep 26, 2024 at 04:44:28PM -0400, Stefan Berger wrote: On 9/26/24 4:18 PM, Daniel P. Berrangé wrote: On Thu, Sep 26, 2024

Re: [RFC PATCH v2 0/8] swtpm: Add support for profiles

2024-09-30 Thread Stefan Berger

On 9/30/24 5:52 AM, Marc-André Lureau wrote: Hi On Thu, Sep 26, 2024 at 11:32 PM Stefan Berger wrote: Upcoming libtpms v0.10 and swtpm v0.10 will have TPM profile support that allows to restrict a TPM's provided set of crypto algorithms and commands and through which back

Re: [RFC PATCH v2 7/8] docs: Add documentation for the TPM backend profile node

2024-09-28 Thread Stefan Berger

On 9/27/24 1:06 PM, Daniel P. Berrangé wrote: On Thu, Sep 26, 2024 at 04:44:28PM -0400, Stefan Berger wrote: On 9/26/24 4:18 PM, Daniel P. Berrangé wrote: On Thu, Sep 26, 2024 at 03:32:07PM -0400, Stefan Berger wrote: Add documentation for the TPM backend profile node and point the

[RFC PATCH v2 7/8] docs: Add documentation for the TPM backend profile node

2024-09-26 Thread Stefan Berger

Add documentation for the TPM backend profile node and point the reader to further documentation about TPM profiles available in the swtpm and TPMLIB_SetProfile man pages. Signed-off-by: Stefan Berger --- docs/formatdomain.rst | 30 ++ 1 file changed, 30 insertions

[RFC PATCH v2 2/8] qemu: Pass virQEMUDriverConfig rather than some of its fields

2024-09-26 Thread Stefan Berger

Signed-off-by: Stefan Berger --- src/qemu/qemu_tpm.c | 47 + 1 file changed, 18 insertions(+), 29 deletions(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 592fcc62fa..e8e7e8b5c1 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu

Re: [RFC PATCH v2 7/8] docs: Add documentation for the TPM backend profile node

2024-09-26 Thread Stefan Berger

On 9/26/24 4:18 PM, Daniel P. Berrangé wrote: On Thu, Sep 26, 2024 at 03:32:07PM -0400, Stefan Berger wrote: Add documentation for the TPM backend profile node and point the reader to further documentation about TPM profiles available in the swtpm and TPMLIB_SetProfile man pages. Signed-off

[RFC PATCH v2 8/8] qemu: Extend swtpm_setup command line to set a profile by its name

2024-09-26 Thread Stefan Berger

ack to try to use an internal profile with the given name. Also set the --profile-remove-disabled option if the user provided a value in the remove_disabled attribute in the profile XML node. Signed-off-by: Stefan Berger --- src/qemu/qemu_tpm.c | 36 1 file c

[RFC PATCH v2 6/8] conf: Add support for profile parameter on TPM emulator in domain XML

2024-09-26 Thread Stefan Berger

Extend the parser and XML builder with support for the profile parameter and its remove_disabled attribute. Signed-off-by: Stefan Berger --- src/conf/domain_conf.c | 36 src/conf/domain_conf.h | 2 ++ src/conf/domain_validate.c | 7 +++ 3 files

[RFC PATCH v2 5/8] schema: Extend schema for TPM emulator profile node

2024-09-26 Thread Stefan Berger

ode on the host. Signed-off-by: Stefan Berger --- src/conf/schemas/domaincommon.rng | 25 + 1 file changed, 25 insertions(+) diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng index efb5f00d77..29e45d47e9 100644 --- a/src/conf/schemas/domain

[RFC PATCH v2 4/8] conf: Define enum virDomainTPMProfileRemoveDisabled

2024-09-26 Thread Stefan Berger

Signed-off-by: Stefan Berger --- src/conf/domain_conf.c | 7 +++ src/conf/domain_conf.h | 9 + 2 files changed, 16 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 7f6a91c427..1c8fffdfa5 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c

[RFC PATCH v2 3/8] util: Add parsing support for swtpm_setup's cmdarg-profile capability

2024-09-26 Thread Stefan Berger

Add support for parsing swtpm_setup 'cmdarg-profile' capability (since v0.10). Signed-off-by: Stefan Berger --- src/util/virtpm.c | 1 + src/util/virtpm.h | 1 + tests/testutilsqemu.c | 1 + 3 files changed, 3 insertions(+) diff --git a/src/util/virtpm.c b/src/util/virt

[RFC PATCH v2 1/8] conf: Move TPM emulator parameters into own struct

2024-09-26 Thread Stefan Berger

To avoid passing TPM emulator parameters around individually, move them into a structure and pass around the structure. Signed-off-by: Stefan Berger --- src/conf/domain_conf.h | 24 -- src/conf/virconftypes.h | 2 ++ src/qemu/qemu_tpm.c | 45

[RFC PATCH v2 0/8] swtpm: Add support for profiles

2024-09-26 Thread Stefan Berger

port searching for profiles though a configurable local directory, distro directory and if no profile could be found there (with appended ".json" suffix) it will fall back to try to use a built-in profile by the provided name: https://github.com/stefanberger/swtpm/pull/918 Stefan Ste

Re: [RFC PATCH v1 3/6] schema: Extend schema for TPM emulator profile node

2024-09-24 Thread Stefan Berger

On 9/24/24 4:35 AM, Daniel P. Berrangé wrote: On Mon, Sep 23, 2024 at 01:30:50PM -0400, Stefan Berger wrote: On 9/23/24 12:55 PM, Daniel P. Berrangé wrote: On Fri, Sep 20, 2024 at 10:00:40AM -0400, Stefan Berger wrote: On 9/20/24 8:55 AM, Daniel P. Berrangé wrote: Instead I think

Re: [RFC PATCH v1 3/6] schema: Extend schema for TPM emulator profile node

2024-09-23 Thread Stefan Berger

On 9/23/24 12:55 PM, Daniel P. Berrangé wrote: On Fri, Sep 20, 2024 at 10:00:40AM -0400, Stefan Berger wrote: On 9/20/24 8:55 AM, Daniel P. Berrangé wrote: Instead I think there should be a defined standard for how an distro package, or host sysadmin, would "drop in" a profile

Re: [PATCH v2 4/4] qemu_tpm: handle file/block storage source

2024-09-23 Thread Stefan Berger

On 9/23/24 2:37 AM, Marc-André Lureau wrote: Hi On Fri, Sep 13, 2024 at 5:14 PM Stefan Berger wrote: On 9/10/24 3:06 AM, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau When swtpm reports "nvram-backend-dir", it can accepts a single file or s/accepts/acce

Re: [RFC PATCH v1 3/6] schema: Extend schema for TPM emulator profile node

2024-09-20 Thread Stefan Berger

On 9/20/24 10:00 AM, Stefan Berger wrote: On 9/20/24 8:55 AM, Daniel P. Berrangé wrote: On Fri, Sep 20, 2024 at 01:53:41PM +0200, Peter Krempa wrote: On Fri, Sep 20, 2024 at 15:24:03 +0400, Marc-André Lureau wrote: Hi On Thu, Sep 19, 2024 at 10:05 PM Stefan Berger wrote: Extend the

Re: [RFC PATCH v1 5/6] docs: Add documentation for the TPM backend profile node

2024-09-20 Thread Stefan Berger

On 9/20/24 7:45 AM, Marc-André Lureau wrote: Hi Stefan On Thu, Sep 19, 2024 at 9:00 PM Stefan Berger wrote: Add documentation for the TPM backend profile node and point the reader to further documentation about TPM profiles available in the swtpm and TPMLIB_SetProfile man pages. Signed

Re: [RFC PATCH v1 3/6] schema: Extend schema for TPM emulator profile node

2024-09-20 Thread Stefan Berger

On 9/20/24 8:55 AM, Daniel P. Berrangé wrote: On Fri, Sep 20, 2024 at 01:53:41PM +0200, Peter Krempa wrote: On Fri, Sep 20, 2024 at 15:24:03 +0400, Marc-André Lureau wrote: Hi On Thu, Sep 19, 2024 at 10:05 PM Stefan Berger wrote: Extend the schema for the TPM emulator profile node

[RFC PATCH v1 6/6] qemu: Run swtpm_setup with --profile option if profile given

2024-09-19 Thread Stefan Berger

Runs swtpm_setup with the --profile option if the user provided a profile and swtpm_setup supports the option. Also use the --profile-remove-disabled option if the user provided a value in the remove_disabled attribute in the profile XML node. Signed-off-by: Stefan Berger --- src/qemu

[RFC PATCH v1 2/6] conf: Define enum virDomainTPMProfileRemoveDisabled

2024-09-19 Thread Stefan Berger

Signed-off-by: Stefan Berger --- src/conf/domain_conf.c | 7 +++ src/conf/domain_conf.h | 9 + 2 files changed, 16 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 7f6a91c427..1c8fffdfa5 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c

[RFC PATCH v1 5/6] docs: Add documentation for the TPM backend profile node

2024-09-19 Thread Stefan Berger

Add documentation for the TPM backend profile node and point the reader to further documentation about TPM profiles available in the swtpm and TPMLIB_SetProfile man pages. Signed-off-by: Stefan Berger --- docs/formatdomain.rst | 20 1 file changed, 20 insertions(+) diff

[RFC PATCH v1 3/6] schema: Extend schema for TPM emulator profile node

2024-09-19 Thread Stefan Berger

Extend the schema for the TPM emulator profile node. Require that the profile the user provides looks like a JSON map that at least starts with '{' and ends with '}'. Signed-off-by: Stefan Berger --- src/conf/schemas/basictypes.rng | 6 ++ src/conf/schemas/d

[RFC PATCH v1 4/6] conf: Add support for profile parameter on TPM emulator in domain XML

2024-09-19 Thread Stefan Berger

Extend the parser and XML builder with support for the profile parameter and its remove_disabled attribute. Signed-off-by: Stefan Berger --- src/conf/domain_conf.c | 32 src/conf/domain_conf.h | 2 ++ src/conf/domain_validate.c | 7 +++ 3 files

[RFC PATCH v1 1/6] util: Add parsing support for swtpm_setup's cmdarg-profile capability

2024-09-19 Thread Stefan Berger

Add support for parsing swtpm_setup 'cmdarg-profile' capability (since v0.10). Signed-off-by: Stefan Berger --- src/util/virtpm.c | 1 + src/util/virtpm.h | 1 + tests/testutilsqemu.c | 1 + 3 files changed, 3 insertions(+) diff --git a/src/util/virtpm.c b/src/util/virt

[RFC PATCH v1 0/6] swtpm: Add support for profiles

2024-09-19 Thread Stefan Berger

not test but remove all potentially disabled crypto algorithms Also extend the documentation but point the user to swtpm and libtpms documentation for further details. Stefan Stefan Berger (6): util: Add parsing support for swtpm_setup's cmdarg-profile capability c

Re: [PATCH v2 4/4] qemu_tpm: handle file/block storage source

2024-09-13 Thread Stefan Berger

file paths but the file backend will not prevent it ... Signed-off-by: Marc-André Lureau Reviewed-by: Stefan Berger --- src/qemu/qemu_tpm.c | 76 + 1 file changed, 63 insertions(+), 13 deletions(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/

Re: [PATCH v2 3/4] schema: add TPM emulator

2024-09-13 Thread Stefan Berger

On 9/10/24 3:05 AM, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau Learn to parse a directory for the TPM state. Signed-off-by: Marc-André Lureau Reviewed-by: Stefan Berger --- docs/formatdomain.rst | 3 +++ src/conf/domain_conf.c

Re: [PATCH v2 2/4] schema: add TPM emulator

2024-09-13 Thread Stefan Berger

On 9/10/24 3:05 AM, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau Learn to parse a file path for the TPM state. Signed-off-by: Marc-André Lureau Reviewed-by: Stefan Berger --- docs/formatdomain.rst | 15 +++ src/conf/domain_conf.c

Re: [PATCH v2 1/4] util: check swtpm nvram-backend-dir capability

2024-09-13 Thread Stefan Berger

On 9/10/24 3:05 AM, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau Signed-off-by: Marc-André Lureau Reviewed-by: Stefan Berger --- src/util/virtpm.c | 1 + src/util/virtpm.h | 1 + 2 files changed, 2 insertions(+) diff --git a/src/util/virtpm.c b/src/util/virtpm.c

Re: [PATCH 2/3] schema: add TPM emulator

2024-08-29 Thread Stefan Berger

On 8/28/24 11:26 AM, Daniel P. Berrangé wrote: On Wed, Aug 28, 2024 at 11:02:28AM +0400, marcandre.lur...@redhat.com wrote: From: Marc-André Lureau Learn to parse a file path for the TPM state. Signed-off-by: Marc-André Lureau When we have two different backend options - in this case '

Re: [PATCH v2 5/5] qemu: Always set labels for TPM state

2024-04-18 Thread Stefan Berger

just because it makes the error seen above go away, but also because no such check currently exists for disks and other types of persistent storage such as NVRAM files, which always get relabeled. Signed-off-by: Andrea Bolognani Reviewed-by: Stefan Berger --- src/qemu/qemu_tpm.c | 11 ++--

Re: [PATCH v2 3/5] qemu: Propagate shared_filesystems

2024-04-18 Thread Stefan Berger

rough several layers in order to make use of it. Note that with this change the list is propagated all the way through, but its contents are still ignored, so the behavior remains the same for now. Signed-off-by: Andrea Bolognani Reviewed-by: Stefan B

Re: [PATCH v2 4/5] utils: Use overrides in virFileIsSharedFS()

2024-04-18 Thread Stefan Berger

clare a path as shared they must omit the trailing '/' then. It may be wroth mentioning this in 2/5. Reviewed-by: Stefan Berger + +if (g_strv_contains((const char *const *) overrides, dirpath)) +return true; +} + +return false; +} + int virFileIsS

Re: [PATCH 09/10] qemu: Always set labels for TPM state

2024-04-18 Thread Stefan Berger

On 4/17/24 11:20, Andrea Bolognani wrote: On Wed, Mar 20, 2024 at 09:10:48AM -0700, Andrea Bolognani wrote: On Wed, Mar 20, 2024 at 10:18:39AM -0400, Stefan Berger wrote: On 3/20/24 08:23, Peter Krempa wrote: Did you consider the case when the migration fails and the VM will be restored to

Re: [PATCH v2 2/5] qemu: Introduce shared_filesystems configuration option

2024-04-17 Thread Stefan Berger

On 4/17/24 09:29, Andrea Bolognani wrote: As explained in the comment, this can help in scenarios where a shared filesystem can't be detected as such by libvirt, by giving the admin the opportunity to provide this information manually. Signed-off-by: Andrea Bolognani --- src/qemu/libvirtd_q

Re: [PATCH v2 1/5] security: Fix alignment

2024-04-17 Thread Stefan Berger

On 4/17/24 09:29, Andrea Bolognani wrote: Signed-off-by: Andrea Bolognani Reviewed-by: Stefan Berger --- src/security/security_selinux.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index

Re: [PATCH 06/10] qemu: Introduce shared_filesystems configuration option

2024-03-26 Thread Stefan Berger

On 3/26/24 12:38, Andrea Bolognani wrote: On Tue, Mar 26, 2024 at 12:04:21PM -0400, Stefan Berger wrote: On 3/26/24 11:54, Andrea Bolognani wrote: On Wed, Mar 20, 2024 at 08:43:24AM -0700, Andrea Bolognani wrote: On Wed, Mar 20, 2024 at 12:37:37PM +0100, Peter Krempa wrote: On Wed, Mar

Re: [PATCH 06/10] qemu: Introduce shared_filesystems configuration option

2024-03-26 Thread Stefan Berger

On 3/26/24 11:54, Andrea Bolognani wrote: On Wed, Mar 20, 2024 at 08:43:24AM -0700, Andrea Bolognani wrote: On Wed, Mar 20, 2024 at 12:37:37PM +0100, Peter Krempa wrote: On Wed, Mar 20, 2024 at 10:19:11 +0100, Andrea Bolognani wrote: +# libvirt will normally prevent migration if the storage

Re: [PATCH 10/10] NEWS: Document qemu shared_filesystems option

2024-03-20 Thread Stefan Berger

On 3/20/24 11:59, Andrea Bolognani wrote: On Wed, Mar 20, 2024 at 10:07:11AM -0400, Stefan Berger wrote: On 3/20/24 05:19, Andrea Bolognani wrote: + * qemu: Add ``shared_filesystems`` configuration option + +This option can be used to configure libvirt so that migration between two

Re: [PATCH 02/10] security: Fix name for _virSecurityDACChardevCallbackData

2024-03-20 Thread Stefan Berger

On 3/20/24 05:19, Andrea Bolognani wrote: It was clearly copied over from the SELinux driver without updating its name in the process. Signed-off-by: Andrea Bolognani Reviewed-by: Stefan Berger ___ Devel mailing list -- devel@lists.libvirt.org

Re: [PATCH 09/10] qemu: Always set labels for TPM state

2024-03-20 Thread Stefan Berger

On 3/20/24 08:23, Peter Krempa wrote: On Wed, Mar 20, 2024 at 10:19:14 +0100, Andrea Bolognani wrote: Up until this point, we have avoided setting labels for incoming migration when the TPM state is stored on a shared filesystem. This seems to make sense, because since the underlying storage i

Re: [PATCH 10/10] NEWS: Document qemu shared_filesystems option

2024-03-20 Thread Stefan Berger

On 3/20/24 05:19, Andrea Bolognani wrote: Signed-off-by: Andrea Bolognani --- NEWS.rst | 7 +++ 1 file changed, 7 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 489201d3fc..7e17043c2a 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -17,6 +17,13 @@ v10.2.0 (unreleased) * **New featur

Re: [PATCH 01/10] security: Fix alignment

2024-03-20 Thread Stefan Berger

On 3/20/24 05:19, Andrea Bolognani wrote: Signed-off-by: Andrea Bolognani Reviewed-by: Stefan Berger ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org

Re: [PATCH 05/10] qemu: Tweak augeas schema

2024-03-20 Thread Stefan Berger

lowing ... *) let entry = default_tls_entry | vnc_entry Reviewed-by: Stefan Berger ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org

Re: [PATCH 04/10] security: Drop virSecurity(DAC|SELinux)SetImageLabelRelative()

2024-03-20 Thread Stefan Berger

On 3/20/24 05:19, Andrea Bolognani wrote: The single caller for each function passes the same value for @src and @parent, which means that we don't really need the additional API. Signed-off-by: Andrea Bolognani Reviewed-by: Stefan B

Re: [PATCH 03/10] security: Drop virSecurity(DAC|SELinux)RestoreImageLabelSingle()

2024-03-20 Thread Stefan Berger

On 3/20/24 05:19, Andrea Bolognani wrote: Each one only has a single, trivial caller. Signed-off-by: Andrea Bolognani Reviewed-by: Stefan Berger ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le

65 matches

Mail list logo