On 23/08/2021 05.00, Yanan Wang wrote:
Commit 29e0447551
(docs/about/removed-features: Document removed CLI options from QEMU v3.1)
has recorded some CLI options as replaced/removed from QEMU v3.1, but one
of the subjects has missed the release record. Let's fix it.
Reported-by: Cornelia Huck
On 23/08/2021 05.00, Yanan Wang wrote:
There is a mixture of "since/removed in X.Y" vs "since/removed in X.Y.Z"
in the subjects in deprecated.rst/removed-features.rst. It will be better
to use an unified format. It seems unlikely that we will ever deprecate
something in a stable release, and
On 23/08/2021 05.00, Yanan Wang wrote:
There are two places describing the same thing about deprecation
of invalid topologies of -smp CLI, so remove the duplicated one.
Signed-off-by: Yanan Wang
Reviewed-by: Cornelia Huck
---
docs/about/removed-features.rst | 13 -
1 file
This series makes some clean-up and fix for docs/about, including removing
the duplicated section, unifying the subject format, and adding the missed
release record in the subject.
v1->v2:
- update the commit message, combined with Cornelia's comment
- add the missing release record in the
There are two places describing the same thing about deprecation
of invalid topologies of -smp CLI, so remove the duplicated one.
Signed-off-by: Yanan Wang
Reviewed-by: Cornelia Huck
---
docs/about/removed-features.rst | 13 -
1 file changed, 13 deletions(-)
diff --git
Commit 29e0447551
(docs/about/removed-features: Document removed CLI options from QEMU v3.1)
has recorded some CLI options as replaced/removed from QEMU v3.1, but one
of the subjects has missed the release record. Let's fix it.
Reported-by: Cornelia Huck
Signed-off-by: Yanan Wang
---
There is a mixture of "since/removed in X.Y" vs "since/removed in X.Y.Z"
in the subjects in deprecated.rst/removed-features.rst. It will be better
to use an unified format. It seems unlikely that we will ever deprecate
something in a stable release, and even more unlikely that we'll remove
Signed-off-by: Peng Liang
---
src/libvirt_private.syms| 1 +
src/security/security_driver.h | 5 +
src/security/security_manager.c | 29 +
src/security/security_manager.h | 5 +
4 files changed, 40 insertions(+)
diff --git
Bacause the timestamp (the uptime of the host) is used to validate the
remembered labels, it need to update after migration.
Signed-off-by: Peng Liang
---
src/qemu/qemu_migration.c | 12
1 file changed, 12 insertions(+)
diff --git a/src/qemu/qemu_migration.c
virSecurityDACSetImageLabelInt will be added in the next patch, so
rename virSecurityDACSetImageLabelInternal to
virSecurityDACSetImageLabelSingle to avoid confusion and keep consistent
with virSecurityDACRestoreImageLabelInt and
virSecurityDACRestoreImageLabelSingle.
Signed-off-by: Peng Liang
Signed-off-by: Peng Liang
---
src/security/security_stack.c | 20
1 file changed, 20 insertions(+)
diff --git a/src/security/security_stack.c b/src/security/security_stack.c
index f7a9ed1e33a3..490238a92511 100644
--- a/src/security/security_stack.c
+++
When migrating with shared fs, the image labels has been remembered and
the ownership of the image has been set in the src host. If the dst
host remembers the ownership of the image again, the ownership of the
image remembered in the src host (the origin ownership) will lost.
Signed-off-by: Peng
Signed-off-by: Peng Liang
---
src/qemu/qemu_security.c | 10 ++
src/qemu/qemu_security.h | 5 +
2 files changed, 15 insertions(+)
diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c
index e582a66071a1..eb211a9b0c4c 100644
--- a/src/qemu/qemu_security.c
+++
Signed-off-by: Peng Liang
---
src/security/security_dac.c | 18 ++
1 file changed, 18 insertions(+)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 04b9ecf02877..217fed203063 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
Signed-off-by: Peng Liang
---
src/security/security_util.c | 32
src/security/security_util.h | 4
2 files changed, 36 insertions(+)
diff --git a/src/security/security_util.c b/src/security/security_util.c
index 26a7861e2935..1b5ba2b92b09 100644
---
After migration, the image labels will be removed in the src host (on
success) or the dst host (on failure). However, if we migrate using
shared fs and remove image labels after migration in one host, the image
labels will also lost in another host, which leads to that the ownership
of the image
When migrating using shared fs, the dst host will remember the image
labels again before launching the VM and the src host will remove the
image labels after migration. It leads to that the image labels lost
after migration.
Patch 7-9 are the real fix patches.
Peng Liang (9):
security: add
On 2021/8/20 18:18, Cornelia Huck wrote:
On Fri, Aug 20 2021, Yanan Wang wrote:
Unify the subject format in deprecated.rst to "since X.Y".
Unify the subject format in removed-features.rst to "removed in X.Y".
It seems unlikely that we will ever deprecate something in a stable
release, and
Hi all,
When we change the user for QEMU process (change "user" and "group" in
/etc/libvirt/qemu.conf) to a normal user, we found that libvirtd will
also change the ownership of /var/cache/libvirt/qemu but will keep the
ownership of /var/cache/libvirt/qemu/capabilities as root.
Is it secure to
19 matches
Mail list logo
