>>>Host can read all of the guest's memory or mount the image and modify
>>>the guest agent. Or even add their own communication program that can
>>>do anything.
>>>
>>
>>I get your point now! :) Thanks a lot!!
>>
>>Further more, kvm seems not as secure as xen, because xen isolates dom0 and
>dom
>On Fri, Aug 25, 2017 at 08:52:16 +, Zhangbo (Oscar) wrote:
>> >On Fri, Aug 25, 2017 at 06:45:18 +, Zhangbo (Oscar) wrote:
>
>[...]
>
>> >> The Administrator also can use other commands such as "
>> >guest-file-open" that also cause Insider Access.
>> >>
>> >> So, how to avoid t
On 08/25/2017 08:28 AM, Martin Kletzander wrote:
> On Fri, Aug 25, 2017 at 07:52:25AM -0400, John Ferlan wrote:
>>
>>
>> On 08/25/2017 05:44 AM, Martin Kletzander wrote:
>>> On Thu, Aug 24, 2017 at 06:28:27PM -0400, John Ferlan wrote:
Alter wipeVol to do same refresh operation as pool refres
On 08/25/2017 07:21 AM, Martin Kletzander wrote:
> Signed-off-by: Martin Kletzander
> ---
> docs/news.xml | 20
> 1 file changed, 20 insertions(+)
>
> diff --git a/docs/news.xml b/docs/news.xml
> index 26bd9bd6f651..2bcd27548bf3 100644
> --- a/docs/news.xml
> +++ b/docs/ne
On 08/25/2017 07:21 AM, Martin Kletzander wrote:
> Otherwise longer domain names might generate paths that are too long
> to be created. This follows what other parts of the code do as well.
>
> Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1453194
>
> Signed-off-by: Martin Kletzander
On 08/25/2017 07:21 AM, Martin Kletzander wrote:
> We always truncated the name at 20 bytes instead of characters. In
> case 20 bytes were in the middle of a multi-byte character, then the
> string became invalid and various parts of the code would error
> out (e.g. XML parsing of that string).
We can't retrieve the isolation group of a device that's
not present in the system. However, it's very common for
VFs to be created late in the boot, so they might not be
present yet when libvirtd starts, which would cause the
guests using them to disappear.
Moreover, for other architectures and e
If you use the VDDK library to access virtual machines remotely, you
really need to know the Managed Object Reference ("moref") of the VM.
This must be passed each time you connect to the API.
For example nbdkit's VDDK plugin requires a moref to be passed to
mount up a VM's disk remotely:
nbdkit
On 08/25/2017 02:30 AM, Martin Kletzander wrote:
> On Wed, Aug 23, 2017 at 04:47:03PM -0400, John Ferlan wrote:
>>
>>
>> On 08/23/2017 07:47 AM, Martin Kletzander wrote:
>>> We always truncated the name at 20 bytes instead of characters. In
>>> case 20 bytes were in the middle of a multi-byte ch
On Fri, Aug 25, 2017 at 07:52:25AM -0400, John Ferlan wrote:
On 08/25/2017 05:44 AM, Martin Kletzander wrote:
On Thu, Aug 24, 2017 at 06:28:27PM -0400, John Ferlan wrote:
Alter wipeVol to do same refresh operation as pool refresh would do.
I think we should rather keep the format as it is.
On Fri, Aug 25, 2017 at 07:43:44AM -0400, John Ferlan wrote:
On 08/25/2017 02:19 AM, Martin Kletzander wrote:
On Wed, Aug 23, 2017 at 12:56:02PM -0400, John Ferlan wrote:
On 08/21/2017 03:47 AM, Martin Kletzander wrote:
There are many places in the code where virBufferCheckError() is used
On 08/25/2017 05:44 AM, Martin Kletzander wrote:
> On Thu, Aug 24, 2017 at 06:28:27PM -0400, John Ferlan wrote:
>> Alter wipeVol to do same refresh operation as pool refresh would do.
>>
>
> I think we should rather keep the format as it is. Did I miss something
> here or isn't the source of th
On 08/25/2017 02:19 AM, Martin Kletzander wrote:
> On Wed, Aug 23, 2017 at 12:56:02PM -0400, John Ferlan wrote:
>>
>>
>> On 08/21/2017 03:47 AM, Martin Kletzander wrote:
>>> There are many places in the code where virBufferCheckError() is used
>>> and then, right after that, virBufferContentAndRe
On Fri, 2017-08-25 at 12:12 +0200, Peter Krempa wrote:
> > > @@ -1012,6 +1012,18 @@ qemuDomainFillDeviceIsolationGroup(virDomainDefPtr
> > > def,
> > > tmp = virPCIDeviceAddressGetIOMMUGroupNum(hostAddr);
> > >
> > > if (tmp < 0) {
> > > +/* If there's already a PCI ad
We always truncated the name at 20 bytes instead of characters. In
case 20 bytes were in the middle of a multi-byte character, then the
string became invalid and various parts of the code would error
out (e.g. XML parsing of that string). Let's instead properly
truncate it after 20 characters ins
Otherwise longer domain names might generate paths that are too long
to be created. This follows what other parts of the code do as well.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1453194
Signed-off-by: Martin Kletzander
---
src/qemu/qemu_domain.c | 10 --
1 file changed, 8
*** BRULB THERE ***
Martin Kletzander (3):
conf: Properly truncate wide character names in
virDomainObjGetShortName
qemu: Use short domain name in qemuDomainGetPreservedMountPath
docs: Update news with domain name bug fixes
docs/news.xml | 20
src/conf/dom
Signed-off-by: Martin Kletzander
---
docs/news.xml | 20
1 file changed, 20 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index 26bd9bd6f651..2bcd27548bf3 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -49,6 +49,26 @@
+
+
+
On Fri, Aug 25, 2017 at 10:29:03AM +, Zhangbo (Oscar) wrote:
Host can read all of the guest's memory or mount the image and modify
the guest agent. Or even add their own communication program that can
do anything.
I get your point now! :) Thanks a lot!!
Further more, kvm seems not as
>
>Host can read all of the guest's memory or mount the image and modify
>the guest agent. Or even add their own communication program that can
>do anything.
>
I get your point now! :) Thanks a lot!!
Further more, kvm seems not as secure as xen, because xen isolates dom0 and
domU well,
The ad
On Fri, Aug 25, 2017 at 11:41:22 +0200, Martin Kletzander wrote:
> On Thu, Aug 24, 2017 at 05:12:20PM +0200, Andrea Bolognani wrote:
> > We can't retrieve the isolation group of a device that's
> > not present in the system. However, it's very common for
> > VFs to be created late in the boot, so t
On Fri, Aug 25, 2017 at 08:52:16 +, Zhangbo (Oscar) wrote:
> >On Fri, Aug 25, 2017 at 06:45:18 +, Zhangbo (Oscar) wrote:
[...]
> >> The Administrator also can use other commands such as "
> >guest-file-open" that also cause Insider Access.
> >>
> >> So, how to avoid this secur
On Fri, Aug 25, 2017 at 08:30:52AM +0200, Martin Kletzander wrote:
On Wed, Aug 23, 2017 at 04:47:03PM -0400, John Ferlan wrote:
On 08/23/2017 07:47 AM, Martin Kletzander wrote:
We always truncated the name at 20 bytes instead of characters. In
case 20 bytes were in the middle of a multi-byte
On Fri, Aug 25, 2017 at 08:52:16AM +, Zhangbo (Oscar) wrote:
On Fri, Aug 25, 2017 at 06:45:18 +, Zhangbo (Oscar) wrote:
Hi all:
The Host Administrator is capable of running any exec in guests via the
qemu-ga command "guest-exec", eg:
virsh qemu-agent-command test_guest
On Fri, Aug 25, 2017 at 08:59:54AM +, Zhangbo (Oscar) wrote:
On Fri, Aug 25, 2017 at 06:45:18AM +, Zhangbo (Oscar) wrote:
Hi all:
The Host Administrator is capable of running any exec in guests via the
qemu-ga command "guest-exec", eg:
virsh qemu-agent-command test_guest '{
On Thu, Aug 24, 2017 at 06:28:27PM -0400, John Ferlan wrote:
Alter wipeVol to do same refresh operation as pool refresh would do.
I think we should rather keep the format as it is. Did I miss something
here or isn't the source of the problem just the fact that we wipe the
volume without keepi
On Thu, Aug 24, 2017 at 05:12:20PM +0200, Andrea Bolognani wrote:
We can't retrieve the isolation group of a device that's
not present in the system. However, it's very common for
VFs to be created late in the boot, so they might not be
present yet when libvirtd starts, which would cause the
gues
>On Fri, Aug 25, 2017 at 06:45:18AM +, Zhangbo (Oscar) wrote:
>>Hi all:
>> The Host Administrator is capable of running any exec in guests via the
>qemu-ga command "guest-exec", eg:
>>
>>virsh qemu-agent-command test_guest '{"execute": "guest-exec",
>"arguments": {"path": "ifconfig"
>On Fri, Aug 25, 2017 at 06:45:18 +, Zhangbo (Oscar) wrote:
>> Hi all:
>> The Host Administrator is capable of running any exec in guests via the
>qemu-ga command "guest-exec", eg:
>>
>> virsh qemu-agent-command test_guest '{"execute": "guest-exec",
>"arguments": {"path": "ifconfi
On Fri, Aug 25, 2017 at 06:45:18AM +, Zhangbo (Oscar) wrote:
Hi all:
The Host Administrator is capable of running any exec in guests via the qemu-ga
command "guest-exec", eg:
virsh qemu-agent-command test_guest '{"execute": "guest-exec", "arguments": {"path": "ifconfig",
"arg":
On Fri, Aug 25, 2017 at 06:45:18 +, Zhangbo (Oscar) wrote:
> Hi all:
> The Host Administrator is capable of running any exec in guests via the
> qemu-ga command "guest-exec", eg:
>
> virsh qemu-agent-command test_guest '{"execute": "guest-exec",
> "arguments": {"path": "ifconfig
On Thu, Aug 24, 2017 at 08:50:30PM -0500, Eric Blake wrote:
> On 08/24/2017 12:20 PM, Erik Skultety wrote:
> > Revert @f8172388c which broke the build on Centos 6, because of old
> > autoconf (< 2.63b) not properly quoting arguments for shell.
> > ---
> > So, the last working commit is cbc700208, b
32 matches
Mail list logo