On 01/04/2018 12:43 AM, Marek Marczykowski-Górecki wrote:
> On Wed, Jan 03, 2018 at 05:00:10PM -0700, Jim Fehlig wrote:
>> On 12/19/2017 06:19 AM, Joao Martins wrote:
>>> On 12/13/2017 07:09 PM, Marek Marczykowski-Górecki wrote:
+/*
+ * Translate CPU feature name from libvirt to libxl
On 01/04/2018 12:00 AM, Jim Fehlig wrote:
> On 12/19/2017 06:19 AM, Joao Martins wrote:
>> On 12/13/2017 07:09 PM, Marek Marczykowski-Górecki wrote:
>>> Convert CPU features policy into libxl cpuid policy settings. Use new
>>> ("libxl") syntax, which allow to enable/disable specific bits, using
On 12/09/2017 07:10 PM, Marek Marczykowski-Górecki wrote:
Test enabling/disabling individual CPU features and also setting
nested HVM support, which is also controlled by CPU features node.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes since v1:
-
On 12/09/2017 07:10 PM, Marek Marczykowski-Górecki wrote:
This change make libvirt XML with plain element invalid for libxl,
which affect not only upcoming CPUID support, but also NUMA. In fact,
default mode 'custom' does not match what the driver actually does, so
it was a bug. Adjust
On Wed, Jan 03, 2018 at 05:00:10PM -0700, Jim Fehlig wrote:
> On 12/19/2017 06:19 AM, Joao Martins wrote:
> > On 12/13/2017 07:09 PM, Marek Marczykowski-Górecki wrote:
> > > +/*
> > > + * Translate CPU feature name from libvirt to libxl (from_libxl=false)
> > > or from
> > > + * libxl to libvirt
Need to beef up this commit message.
On 12/13/2017 10:39 AM, Martin Kletzander wrote:
> Signed-off-by: Martin Kletzander
> ---
> src/qemu/qemu_process.c | 61
> +
> 1 file changed, 56 insertions(+), 5 deletions(-)
>
Is
On 12/13/2017 10:39 AM, Martin Kletzander wrote:
> Signed-off-by: Martin Kletzander
> ---
> docs/news.xml | 9 +
> 1 file changed, 9 insertions(+)
>
Just for completeness... Obviously this will need final tweaks... So far
so good though...
John
> diff --git
On 12/13/2017 10:39 AM, Martin Kletzander wrote:
> This test initializes capabilities from vircaps2xmldata (since it exists there
> already) and then requests list of free bitmaps (all unallocated space) from
> virresctrl.c
>
> Desirable outputs are saved in virresctrldata.
>
> Signed-off-by:
On 12/19/2017 06:19 AM, Joao Martins wrote:
On 12/13/2017 07:09 PM, Marek Marczykowski-Górecki wrote:
Convert CPU features policy into libxl cpuid policy settings. Use new
("libxl") syntax, which allow to enable/disable specific bits, using
host CPU as a base. For this reason, only
On 12/13/2017 10:39 AM, Martin Kletzander wrote:
> More info in the documentation, this is basically the XML parsing/formatting
> support, schemas, tests and documentation for the new cputune/cachetune
> element
> that will get used by following patches.
>
> Signed-off-by: Martin Kletzander
On 01/03/2018 08:46 AM, Peter Krempa wrote:
>>
>> No bright ideas on this other than perhaps only including changes just
>> prior to the particular one that breaks things or somehow revert just
>> that one in our local copy.
>
> How about just killing that stupid syntax check in our local copy?
On 01/02/2018 11:20 PM, Michal Privoznik wrote:
> On 01/02/2018 11:23 PM, Eric Blake wrote:
>> From: Michal Privoznik
>>
>> Unfortunately, since gnulib's commit of 2c5d558745 there's an
>> unused parameter to stat_time_normalize() function which gnulib
>> developers don't
On 12/13/2017 10:39 AM, Martin Kletzander wrote:
> With this commit we finally have a way to read and manipulate basic resctrl
> settings. Locking is done only on exposed functions that read/write from/to
> resctrlfs. Not in functions that are exposed in virresctrlpriv.h as those are
> only
On 01/03/2018 01:40 AM, Erik Skultety wrote:
On Fri, Dec 22, 2017 at 01:05:26PM +0800, Fei Li wrote:
Commit 8708ca01c added virNetDevSwitchdevFeature to check whether
the NIC had Switchdev capabilities; however this causes errors for
network devices whose address is not in PCI format, like qeth
This is now covered by DomainSetPathLabel being implemented in apparmor.
Signed-off-by: Christian Ehrhardt
---
src/security/virt-aa-helper.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index
This came up in discussions around huge pages, but it will cover
more per guest paths that should be added to the guests apparmor profile:
- keys via qemuDomainWriteMasterKeyFile
- per domain dirs via qemuProcessMakeDir
- memory backing paths via qemuProcessBuildDestroyMemoryPathsImpl
virSecurityManagerDomainSetPathLabel is used to make a path known
to the security modules, but today is used interchangably for
- paths to files/dirs to be accessed directly
- paths to a dir, but the access will actually be to files therein
Depending on the security module it is important to
Since 1b4f66e "security: introduce virSecurityManager
(Set|Restore)ChardevLabel" this is a public API of security manager.
Implementing this in apparmor avoids miss any rules that should be
added for devices labeled via these calls.
Signed-off-by: Christian Ehrhardt
Based on a discussion in [1] I found that the AppArmor security
module lacked some callbacks. Implementing those not only fixes
the issue I had before but will also cover a few more cases I
didn't even run into so far.
[1]: https://www.redhat.com/archives/libvir-list/2017-December/msg00726.html
[...]
>> To me, 1 feels most correct cause while the other two fix hugepages,
>> there seem to be lurking bugs since we aren't implementing
>> domainSetPathLabel.
>>
>
> I work on #1 a while and I think we can do a lot good here.
> Yet while I'm convinced at the changes this is currently a
钅艮 彳亍 卡 出 售 他人账户洗¥钱专用,送礼专用 加球球 4 4 5 4 9 6 1 0 8备用,以防不时之需
应晖当然知道她要和他商量什么,接口说:“正好,我也有事情请你帮忙。”
当她睁开一双倦眼,橡眺地,见到一个人。
"道具吧,我没见过么?张牙舞爪的,小角色!"
我问:
见她迷惑,便问:
On Wed, 2018-01-03 at 10:55 +0100, Cédric Bosdonnat wrote:
> Fix rule introduced by commit 0f33025a:
> * to handle /var/run not being a symlink to /run
> * to be properly parsed: missing comma at the end.
> ---
> examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 +-
> 1 file changed, 1
On Tue, Jan 02, 2018 at 16:53:13 -0200, Julio Faracco wrote:
> Hi guys,
>
> Any possibility to include a test case for this scenario?
You can look into adding it to virstoragetest if you want to pursue
adding the test.
I'll push this patch in the meanwhile.
signature.asc
Description: PGP
On 01/03/2018 03:46 PM, Peter Krempa wrote:
> On Tue, Jan 02, 2018 at 08:09:37 -0500, John Ferlan wrote:
>>
>>
>> On 01/02/2018 04:28 AM, Michal Privoznik wrote:
>>> Unfortunately, since gnulib's commit of 2c5d558745 there's an
>>> unused parameter to stat_time_normalize() function which gnulib
On Wed, Jan 03, 2018 at 07:06:01AM +0100, Michal Privoznik wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=1448149
If a domain has no numa nodes, that means we don't put any
memory-backend-file onto the qemu command line. That in turn
means we can't set access='shared'. Therefore, we should
ping?
Tks -
John
On 12/18/2017 07:56 AM, John Ferlan wrote:
> v1: https://www.redhat.com/archives/libvir-list/2017-December/msg00543.html
>
> Changes since v1...
>
> * Added a patch to handle a NULL return with pool obj lock
>
> * Alter the IsDuplicate API to use a bool parameter
>
> *
ping?
Tks -
John
On 12/12/2017 10:06 AM, John Ferlan wrote:
> v3: https://www.redhat.com/archives/libvir-list/2017-December/msg00209.html
>
> Differences since v3:
>
> * Pushed first 4 ACK'd patches of v3
>
> * Rework/Separate out a few patches for the SCSI handling
>
> * Alter the PCI
On Tue, Jan 02, 2018 at 08:09:37 -0500, John Ferlan wrote:
>
>
> On 01/02/2018 04:28 AM, Michal Privoznik wrote:
> > Unfortunately, since gnulib's commit of 2c5d558745 there's an
> > unused parameter to stat_time_normalize() function which gnulib
> > developers don't want to fix [1]. Therefore,
On Thu, Dec 21, 2017 at 12:16:50PM +0100, Peter Krempa wrote:
I was debugging a case where 200 snapshots of a disk would result in a
VERY long reconnect time after libvirtd restart when debug logging was
enabled.
I've figured out that qemu responds with 9MiB of json after calling
On Wed, 2018-01-03 at 11:54 +0100, intrigeri wrote:
> Cédric Bosdonnat:
> > * to handle /var/run not being a symlink to /run
>
> Does this still really exist in any distro that has chances to run
> a recent libvirt?
At least some people tweak their distro for that, since the openSUSE
AppArmor
On Wed, Jan 03, 2018 at 05:56:35PM +0800, Chen Hanxiao wrote:
> From: Chen Hanxiao
>
> commit 9026d1152c236ac7a7ab25845220a8e14d6bc630
> forgot to change the referenced @result variable.
> This patch completed this.
>
> Signed-off-by: Chen Hanxiao
Cédric Bosdonnat:
> * to handle /var/run not being a symlink to /run
Does this still really exist in any distro that has chances to run
a recent libvirt?
If yes, then:
> - /run/libvirt/**/[sv]d[a-z] r
> + /{,var/}run/libvirt/**/[sv]d[a-z] r,
+1
And in any case, +1 the missing comma.
--
From: Chen Hanxiao
commit 9026d1152c236ac7a7ab25845220a8e14d6bc630
forgot to change the referenced @result variable.
This patch completed this.
Signed-off-by: Chen Hanxiao
---
src/util/virstring.c | 2 +-
1 file changed, 1 insertion(+), 1
At 2018-01-03 17:46:02, "Ján Tomko" wrote:
>On Sat, Dec 23, 2017 at 05:49:08PM +0800, Chen Hanxiao wrote:
>>From: Chen Hanxiao
>>
>>We don't have @result. Use the right one: @matches
>>
>>Signed-off-by: Chen Hanxiao
>>---
>>
Fix rule introduced by commit 0f33025a:
* to handle /var/run not being a symlink to /run
* to be properly parsed: missing comma at the end.
---
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
On Sat, Dec 30, 2017 at 09:15:34AM +0100, fran...@telecos.upc.edu wrote:
> From: Francesc Guasch
>
> ---
> lib/Sys/Virt/StoragePool.pm | 7 ++-
> 1 file changed, 2 insertions(+), 5 deletions(-)
>
> diff --git a/lib/Sys/Virt/StoragePool.pm
On Sat, Dec 23, 2017 at 05:49:08PM +0800, Chen Hanxiao wrote:
From: Chen Hanxiao
We don't have @result. Use the right one: @matches
Signed-off-by: Chen Hanxiao
---
src/util/virstring.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
On Sat, Dec 23, 2017 at 05:49:08PM +0800, Chen Hanxiao wrote:
> From: Chen Hanxiao
>
> We don't have @result. Use the right one: @matches
>
> Signed-off-by: Chen Hanxiao
I slightly adjusted the commit message, but
Reviewed-by: Erik Skultety
On 12/19/2017 02:13 PM, Christian Ehrhardt wrote:
> On live migration with --p2p like:
> $ virsh migrate --live --p2p kvmguest-bionic-normal \
>qemu+ssh://10.6.221.80/system
>
> We hit an apparmor deny like:
> apparmor="DENIED" operation="file_inherit"
> profile="/usr/sbin/libvirtd"
On 12/18/2017 03:56 PM, Cédric Bosdonnat wrote:
> Hey there,
>
> Here are two commits to set a transient hostname on lxc containers based
> on the guest name.
>
> Cédric Bosdonnat (2):
> Add virStringFilterChars() string utility
> lxc: set a hostname based on the container name
>
>
On Fri, Dec 22, 2017 at 01:05:26PM +0800, Fei Li wrote:
> Commit 8708ca01c added virNetDevSwitchdevFeature to check whether
> the NIC had Switchdev capabilities; however this causes errors for
> network devices whose address is not in PCI format, like qeth device
> whose address is 0.0.0800, when
41 matches
Mail list logo