On 07/05/2012 10:51 AM, Kevin Wolf wrote:
Am 05.07.2012 16:22, schrieb Corey Bryant:
For some examples:
1. client calls 'add-fd', qemu is now tracking fd=4 with refcount 1, in
use by monitor, as member of fdset1
2. client crashes, so all tracked fds are visited; fd=4 had not yet b
On 07/05/2012 12:35 PM, Corey Bryant wrote:
On 07/05/2012 10:51 AM, Kevin Wolf wrote:
Am 05.07.2012 16:22, schrieb Corey Bryant:
For some examples:
1. client calls 'add-fd', qemu is now tracking fd=4 with refcount
1, in
use by monitor, as member of fdset1
2. client crashes, so a
On 07/05/2012 01:00 PM, Eric Blake wrote:
On 07/05/2012 10:35 AM, Corey Bryant wrote:
1. client calls 'add-fd', qemu is now tracking fd=4 in fdset1 with
refcount of 0; fd=4's in-use flag is turned on
2. client calls 'device-add' with /dev/fdset/1 as the backi
On 07/06/2012 05:11 AM, Kevin Wolf wrote:
Am 05.07.2012 19:00, schrieb Eric Blake:
On 07/05/2012 10:35 AM, Corey Bryant wrote:
1. client calls 'add-fd', qemu is now tracking fd=4 in fdset1 with
refcount of 0; fd=4's in-use flag is turned on
2. client calls 'device-add&#
Ugh... please disregard this. I hit send accidentally.
On 07/06/2012 01:14 PM, Corey Bryant wrote:
On 07/06/2012 05:11 AM, Kevin Wolf wrote:
Am 05.07.2012 19:00, schrieb Eric Blake:
On 07/05/2012 10:35 AM, Corey Bryant wrote:
1. client calls 'add-fd', qemu is now tracking fd=4
On 07/06/2012 05:11 AM, Kevin Wolf wrote:
Am 05.07.2012 19:00, schrieb Eric Blake:
On 07/05/2012 10:35 AM, Corey Bryant wrote:
1. client calls 'add-fd', qemu is now tracking fd=4 in fdset1 with
refcount of 0; fd=4's in-use flag is turned on
2. client calls 'device-add&#
On 07/06/2012 01:40 PM, Corey Bryant wrote:
On 07/06/2012 05:11 AM, Kevin Wolf wrote:
Am 05.07.2012 19:00, schrieb Eric Blake:
On 07/05/2012 10:35 AM, Corey Bryant wrote:
1. client calls 'add-fd', qemu is now tracking fd=4 in fdset1 with
refcount of 0; fd=4's in-use flag
prove security, use libcap to reduce our capability set to just
cap_net_admin, then reduce privileges down to the calling user. This is
hopefully close to equivalent to fscap support from a security perspective.
Signed-off-by: Anthony Liguori
Signed-off-by: Richa Marwaha
Signed-off-by: Corey B
ux.img -netdev tap,helper="/usr/local/libexec/qemu-bridge-helper
--br=qemubr0",id=hn0
-device virtio-net-pci,netdev=hn0,id=nic1
Signed-off-by: Anthony Liguori
Signed-off-by: Richa Marwaha
Signed-off-by: Corey Bryant
---
configure |2 +
net.c
ption from -netdev tap
v8:
- Rebased on top of commit 5b4448d27d7c6ff6e18a1edc8245cb1db783e37c
- Rebase required changes in configure script for libcap-ng config
Corey Bryant (4):
Add basic version of bridge helper
Add access control support to qemu bridge helper
Add cap reduction support to ena
ny Liguori
Signed-off-by: Richa Marwaha
Signed-off-by: Corey Bryant
---
qemu-bridge-helper.c | 153 ++
1 files changed, 153 insertions(+), 0 deletions(-)
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index 48c5e22..01eeb38 100644
--- a/q
.
The helper can then exit and let qemu use the tap device.
Signed-off-by: Anthony Liguori
Signed-off-by: Richa Marwaha
Signed-off-by: Corey Bryant
---
Makefile | 12 +++-
configure|1 +
qemu-bridge-helper.c | 221
On 02/04/2012 03:24 AM, Stefan Weil wrote:
Commit a7c36ee4920ea3acc227a0248dd161693f207357 added code for a net
bridge and explicitly said that "this is very Linux centric".
Indeed, compilation failed for w32, so the bridge code is now
conditional. Hosts which don't support it can simply remov
On 02/04/2012 03:29 AM, Stefan Weil wrote:
Am 04.02.2012 00:43, schrieb Anthony Liguori:
On 02/03/2012 06:11 PM, q...@buildbot.b1-systems.de wrote:
The Buildbot has detected a new failure on builder default_mingw32
while building qemu.
Full details are available at:
http://buildbot.b1-systems
;/usr/local/libexec/qemu-bridge-helper
--br=qemubr0",id=hn0
-device virtio-net-pci,netdev=hn0,id=nic1
Signed-off-by: Corey Bryant
---
net.c |2 +-
net/tap.c | 14 +++---
qemu-options.hx | 24
3 files changed, 20 insertions(+), 20 deletio
On 02/07/2012 05:28 AM, Stefan Hajnoczi wrote:
On Mon, Feb 6, 2012 at 8:27 PM, Corey Bryant wrote:
On 02/04/2012 03:29 AM, Stefan Weil wrote:
Am 04.02.2012 00:43, schrieb Anthony Liguori:
On 02/03/2012 06:11 PM, q...@buildbot.b1-systems.de wrote:
The Buildbot has detected a new
On 02/07/2012 09:59 AM, Stefan Hajnoczi wrote:
On Tue, Feb 7, 2012 at 2:32 PM, Corey Bryant wrote:
On 02/07/2012 05:28 AM, Stefan Hajnoczi wrote:
On Mon, Feb 6, 2012 at 8:27 PM, Corey Bryant
wrote:
On 02/04/2012 03:29 AM, Stefan Weil wrote:
Am 04.02.2012 00:43, schrieb Anthony
fd.
v5:
-This patch is new in v5.
-This support addresses concerns from v4 regarding fd leakage
if the client disconnects unexpectedly. (ebl...@redhat.com,
kw...@redhat.com, dberra...@redhat.com)
v6:
-No changes
Signed-off-by: Corey Bryant
---
monitor.c | 15 +++
1 file
This patch converts all block layer close calls, that correspond
to qemu_open calls, to qemu_close.
v5:
-This patch is new in v5. (kw...@redhat.com, ebl...@redhat.com)
v6:
-No changes
Signed-off-by: Corey Bryant
---
block/raw-posix.c | 24
block/raw-win32.c |2
)
Signed-off-by: Corey Bryant
---
qemu-char.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/qemu-char.c b/qemu-char.c
index c2aaaee..ab4a928 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2238,6 +2238,9 @@ static void unix_process_msgfd(CharDriverState *chr
set
can be closed. If an fd set has dup() references open, then we
must keep the other fds in the fd set open in case a reopen
of the file occurs that requires an fd with a different access
mode.
Signed-off-by: Corey Bryant
v2:
-Get rid of file_open and move dup code to qemu_open
(kw...@redhat.
om,
kw...@redhat.com, dberra...@redhat.com)
v6
-Make @fd optional for remove-fd (ebl...@redhat.com)
-Make @fdset-id optional for add-fd (ebl...@redhat.com)
Signed-off-by: Corey Bryant
---
monitor.c| 172 +
This patch converts all block layer open calls to qemu_open.
Note that this adds the O_CLOEXEC flag to the changed open paths
when the O_CLOEXEC macro is defined.
Signed-off-by: Corey Bryant
---
v2:
-Convert calls to qemu_open instead of file_open (kw...@redhat.com)
-Mention introduction of
nfs_t). The virt_use_nfs boolean type simply
needs to be set to false, and open will be prevented (and dup will
be allowed). For example:
# setsebool virt_use_nfs 0
# getsebool virt_use_nfs
virt_use_nfs --> off
Corey Bryant (6):
qemu-char: Add MSG_CMSG_CLOEXEC flag to recvms
If these patches are acceptable, I'll resend and get the version history
out of the commit message.
--
Regards,
Corey
On 08/03/2012 01:28 PM, Corey Bryant wrote:
Set the close-on-exec flag for the file descriptor received
via SCM_RIGHTS.
v4
-This patch is new in v4 (ebl...@redha
On 08/06/2012 05:15 AM, Kevin Wolf wrote:
Am 03.08.2012 00:21, schrieb Corey Bryant:
@@ -84,6 +158,36 @@ int qemu_open(const char *name, int flags, ...)
int ret;
int mode = 0;
+#ifndef _WIN32
+const char *fdset_id_str;
+
+/* Attempt dup of fd from fd set */
+if
On 08/06/2012 09:51 AM, Kevin Wolf wrote:
Am 06.08.2012 15:32, schrieb Corey Bryant:
On 08/06/2012 05:15 AM, Kevin Wolf wrote:
Am 03.08.2012 00:21, schrieb Corey Bryant:
@@ -84,6 +158,36 @@ int qemu_open(const char *name, int flags, ...)
int ret;
int mode = 0;
+#ifndef
prior to using a passed fd.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5.
-This support addresses concerns from v4 regarding fd leakage
if the client disconnects unexpectedly. (ebl...@redhat.com,
kw...@redhat.com, dberra...@redhat.com)
v6:
-No changes
v7:
-Removed
set
can be closed. If an fd set has dup() references open, then we
must keep the other fds in the fd set open in case a reopen
of the file occurs that requires an fd with a different access
mode.
Signed-off-by: Corey Bryant
---
v2:
-Get rid of file_open and move dup code to qemu_open
(kw...@redhat.
nfs_t). The virt_use_nfs boolean type simply
needs to be set to false, and open will be prevented (and dup will
be allowed). For example:
# setsebool virt_use_nfs 0
# getsebool virt_use_nfs
virt_use_nfs --> off
Corey Bryant (6):
qemu-char: Add MSG_CMSG_CLOEXEC flag to recvms
This patch converts all block layer close calls, that correspond
to qemu_open calls, to qemu_close.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5. (kw...@redhat.com, ebl...@redhat.com)
v6-v7:
-No changes
block/raw-posix.c | 24
block/raw-win32.c
etfd
and closefd QMP commands.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5 and replaces the pass-fd QMP command
from v4.
-By grouping fds in fd sets, we ease managability with an fd
set per file, addressing concerns raised in v4 about handling
"reopens" and preventing
Set the close-on-exec flag for the file descriptor received
via SCM_RIGHTS.
Signed-off-by: Corey Bryant
---
v4
-This patch is new in v4 (ebl...@redhat.com)
v5
-Fallback to FD_CLOEXEC if MSG_CMSG_CLOEXEC is not available
(ebl...@redhat.com, stefa...@linux.vnet.ibm.com)
v6
-Set cloexec on
This patch converts all block layer open calls to qemu_open.
Note that this adds the O_CLOEXEC flag to the changed open paths
when the O_CLOEXEC macro is defined.
Signed-off-by: Corey Bryant
---
v2:
-Convert calls to qemu_open instead of file_open (kw...@redhat.com)
-Mention introduction of
On 08/06/2012 10:15 AM, Corey Bryant wrote:
On 08/06/2012 09:51 AM, Kevin Wolf wrote:
Am 06.08.2012 15:32, schrieb Corey Bryant:
On 08/06/2012 05:15 AM, Kevin Wolf wrote:
Am 03.08.2012 00:21, schrieb Corey Bryant:
@@ -84,6 +158,36 @@ int qemu_open(const char *name, int flags
On 08/07/2012 12:49 PM, Eric Blake wrote:
On 08/07/2012 09:58 AM, Corey Bryant wrote:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor set can be used by a client like libvirt
On 08/07/2012 01:32 PM, Stefan Hajnoczi wrote:
On Fri, Aug 03, 2012 at 01:28:06PM -0400, Corey Bryant wrote:
Each fd set has a boolean that keeps track of whether or not the
fd set is in use by a monitor connection. When a monitor
disconnects, all fds that are members of an fd set with
On 08/07/2012 02:16 PM, Stefan Hajnoczi wrote:
On Fri, Aug 3, 2012 at 6:28 PM, Corey Bryant wrote:
diff --git a/monitor.c b/monitor.c
index 49dccfe..9aa9f7e 100644
--- a/monitor.c
+++ b/monitor.c
@@ -140,6 +140,24 @@ struct mon_fd_t {
QLIST_ENTRY(mon_fd_t) next;
};
+/* file
On 08/08/2012 04:52 AM, Stefan Hajnoczi wrote:
On Tue, Aug 7, 2012 at 8:59 PM, Corey Bryant wrote:
On 08/07/2012 02:16 PM, Stefan Hajnoczi wrote:
On Fri, Aug 3, 2012 at 6:28 PM, Corey Bryant
wrote:
+snprintf(fd_str, sizeof(fd_str), "%ld", fd);
+qerror_report(QERR_FD
On 08/08/2012 09:02 AM, Stefan Hajnoczi wrote:
On Tue, Aug 07, 2012 at 11:58:28AM -0400, Corey Bryant wrote:
@@ -2566,6 +2567,92 @@ FdsetInfoList *qmp_query_fdsets(Error **errp)
return fdset_list;
}
+int monitor_fdset_get_fd(int64_t fdset_id, int flags)
+{
+mon_fdset_t *mon_fdset
On 08/08/2012 09:04 AM, Stefan Hajnoczi wrote:
On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant wrote:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process
On 08/08/2012 11:58 AM, Stefan Hajnoczi wrote:
On Wed, Aug 8, 2012 at 3:54 PM, Corey Bryant wrote:
On 08/08/2012 09:04 AM, Stefan Hajnoczi wrote:
On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant
wrote:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest proc
On 08/07/2012 06:16 PM, Eric Blake wrote:
On 08/07/2012 11:07 AM, Corey Bryant wrote:
+#
+# Since: 1.2.0
We're not very consistent on '1.2' vs. '1.2.0' in since listings, but
that's probably worth a global cleanup closer to hard freeze.
I'll make a not
On 08/08/2012 04:48 PM, Luiz Capitulino wrote:
On Wed, 08 Aug 2012 15:07:02 -0400
Corey Bryant wrote:
On 08/07/2012 06:16 PM, Eric Blake wrote:
On 08/07/2012 11:07 AM, Corey Bryant wrote:
+#
+# Since: 1.2.0
We're not very consistent on '1.2' vs. '1.2.0' in s
On 08/08/2012 05:13 PM, Luiz Capitulino wrote:
On Wed, 08 Aug 2012 16:52:41 -0400
Corey Bryant wrote:
On 08/08/2012 04:48 PM, Luiz Capitulino wrote:
On Wed, 08 Aug 2012 15:07:02 -0400
Corey Bryant wrote:
On 08/07/2012 06:16 PM, Eric Blake wrote:
On 08/07/2012 11:07 AM, Corey Bryant
On 08/09/2012 09:06 AM, Eric Blake wrote:
On 08/09/2012 03:04 AM, Stefan Hajnoczi wrote:
On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant wrote:
+##
+# @FdsetFdInfo:
+#
+# Information about a file descriptor that belongs to an fd set.
+#
+# @fd: The file descriptor value.
+#
+# @removed: If
On 08/09/2012 06:11 AM, Kevin Wolf wrote:
Am 07.08.2012 18:49, schrieb Eric Blake:
On 08/07/2012 09:58 AM, Corey Bryant wrote:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor
prior to using a passed fd.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5.
-This support addresses concerns from v4 regarding fd leakage
if the client disconnects unexpectedly. (ebl...@redhat.com,
kw...@redhat.com, dberra...@redhat.com)
v6:
-No changes
v7:
-Removed
nfs_t). The virt_use_nfs boolean type simply
needs to be set to false, and open will be prevented (and dup will
be allowed). For example:
# setsebool virt_use_nfs 0
# getsebool virt_use_nfs
virt_use_nfs --> off
Corey Bryant (7):
qemu-char: Add MSG_CMSG_CLOEXEC flag to recvms
set
can be closed. If an fd set has dup() references open, then we
must keep the other fds in the fd set open in case a reopen
of the file occurs that requires an fd with a different access
mode.
Signed-off-by: Corey Bryant
---
v2:
-Get rid of file_open and move dup code to qemu_open
(kw...@redhat.
Signed-off-by: Corey Bryant
---
v8
-This patch is new in v8. It was reported on a prior fd passing
approach and I realized it's needed in this series.
(kw...@redhat.com)
block/raw-posix.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/block/raw-posix.c b/
This patch converts all block layer close calls, that correspond
to qemu_open calls, to qemu_close.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5. (kw...@redhat.com, ebl...@redhat.com)
v6-v8:
-No changes
block/raw-posix.c | 24
block/raw-win32.c
etfd
and closefd QMP commands.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5 and replaces the pass-fd QMP command
from v4.
-By grouping fds in fd sets, we ease managability with an fd
set per file, addressing concerns raised in v4 about handling
"reopens" and preventing
Set the close-on-exec flag for the file descriptor received
via SCM_RIGHTS.
Signed-off-by: Corey Bryant
---
v4
-This patch is new in v4 (ebl...@redhat.com)
v5
-Fallback to FD_CLOEXEC if MSG_CMSG_CLOEXEC is not available
(ebl...@redhat.com, stefa...@linux.vnet.ibm.com)
v6
-Set cloexec on
This patch converts all block layer open calls to qemu_open.
Note that this adds the O_CLOEXEC flag to the changed open paths
when the O_CLOEXEC macro is defined.
Signed-off-by: Corey Bryant
---
v2:
-Convert calls to qemu_open instead of file_open (kw...@redhat.com)
-Mention introduction of
On 08/10/2012 01:57 AM, Eric Blake wrote:
On 08/09/2012 08:10 PM, Corey Bryant wrote:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor set can be used by a client like libvirt
On 07/30/2012 05:34 PM, Supriya Kannery wrote:
raw-posix driver changes for bdrv_reopen_xx functions to
safely reopen image files. Reopening of image files while
changing hostcache dynamically is handled here.
Signed-off-by: Supriya Kannery
---
Index: qemu/block/raw.c
===
On 08/10/2012 02:16 AM, Eric Blake wrote:
On 08/09/2012 08:10 PM, Corey Bryant wrote:
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If
On 08/10/2012 03:20 AM, Stefan Hajnoczi wrote:
On Thu, Aug 09, 2012 at 10:10:44PM -0400, Corey Bryant wrote:
+void qmp_remove_fd(int64_t fdset_id, bool has_fd, int64_t fd, Error **errp)
+{
+MonFdset *mon_fdset;
+MonFdsetFd *mon_fdset_fd;
+char fd_str[20];
+
+QLIST_FOREACH
On 08/10/2012 11:25 AM, Eric Blake wrote:
On 08/10/2012 08:17 AM, Corey Bryant wrote:
can be closed. If an fd set has dup() references open, then we
must keep the other fds in the fd set open in case a reopen
of the file occurs that requires an fd with a different access
mode.
Is this
On 08/10/2012 12:08 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified file
descriptor sets.
A file descriptor set can be used by a client like libvirt to
On 08/10/2012 12:34 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If
On 08/10/2012 12:36 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
On 08/10/2012 12:56 PM, Corey Bryant wrote:
On 08/10/2012 12:34 PM, Kevin Wolf wrote:
Am 10.08.2012 04:10, schrieb Corey Bryant:
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched
nfs_t). The virt_use_nfs boolean type simply
needs to be set to false, and open will be prevented (and dup will
be allowed). For example:
# setsebool virt_use_nfs 0
# getsebool virt_use_nfs
virt_use_nfs --> off
Corey Bryant (7):
qemu-char: Add MSG_CMSG_CLOEXEC flag to recvms
Signed-off-by: Corey Bryant
---
v8
-This patch is new in v8. It was reported on a prior fd passing
approach and I realized it's needed in this series.
(kw...@redhat.com)
v9
-No changes
block/raw-posix.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/bloc
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If the fd is found, a dup of the fd will be returned
from qemu_open.
Signed-off-by: Corey Brya
This patch converts all block layer close calls, that correspond
to qemu_open calls, to qemu_close.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5. (kw...@redhat.com, ebl...@redhat.com)
v6-v9:
-No changes
block/raw-posix.c | 24
block/raw-win32.c
This patch converts all block layer open calls to qemu_open.
Note that this adds the O_CLOEXEC flag to the changed open paths
when the O_CLOEXEC macro is defined.
Signed-off-by: Corey Bryant
---
v2:
-Convert calls to qemu_open instead of file_open (kw...@redhat.com)
-Mention introduction of
client disconnect prior to using a passed fd.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5.
-This support addresses concerns from v4 regarding fd leakage
if the client disconnects unexpectedly. (ebl...@redhat.com,
kw...@redhat.com, dberra...@redhat.com)
v6:
-No changes
v7
Set the close-on-exec flag for the file descriptor received
via SCM_RIGHTS.
Signed-off-by: Corey Bryant
---
v4
-This patch is new in v4 (ebl...@redhat.com)
v5
-Fallback to FD_CLOEXEC if MSG_CMSG_CLOEXEC is not available
(ebl...@redhat.com, stefa...@linux.vnet.ibm.com)
v6
-Set cloexec on
etfd
and closefd QMP commands.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5 and replaces the pass-fd QMP command
from v4.
-By grouping fds in fd sets, we ease managability with an fd
set per file, addressing concerns raised in v4 about handling
"reopens" and preventing
On 08/11/2012 09:22 AM, Blue Swirl wrote:
On Sat, Aug 11, 2012 at 1:14 PM, Corey Bryant wrote:
This patch converts all block layer close calls, that correspond
to qemu_open calls, to qemu_close.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5. (kw...@redhat.com, ebl
I'll send a new version shortly with these updates.
--
Regards,
Corey
On 08/11/2012 10:16 AM, Eric Blake wrote:
On 08/11/2012 07:14 AM, Corey Bryant wrote:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified
I'll send a new version shortly with these updates.
--
Regards,
Corey
On 08/11/2012 10:16 AM, Eric Blake wrote:
On 08/11/2012 07:14 AM, Corey Bryant wrote:
This patch adds support that enables passing of file descriptors
to the QEMU monitor where they will be stored in specified
I'll send a new version shortly with these updates also.
--
Regards,
Corey
On 08/11/2012 10:28 AM, Eric Blake wrote:
On 08/11/2012 07:14 AM, Corey Bryant wrote:
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with match
Set the close-on-exec flag for the file descriptor received
via SCM_RIGHTS.
Signed-off-by: Corey Bryant
---
v4
-This patch is new in v4 (ebl...@redhat.com)
v5
-Fallback to FD_CLOEXEC if MSG_CMSG_CLOEXEC is not available
(ebl...@redhat.com, stefa...@linux.vnet.ibm.com)
v6
-Set cloexec on
This patch converts all block layer open calls to qemu_open.
Note that this adds the O_CLOEXEC flag to the changed open paths
when the O_CLOEXEC macro is defined.
Signed-off-by: Corey Bryant
---
v2:
-Convert calls to qemu_open instead of file_open (kw...@redhat.com)
-Mention introduction of
This patch converts all block layer close calls, that correspond
to qemu_open calls, to qemu_close.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5. (kw...@redhat.com, ebl...@redhat.com)
v6-v9:
-No changes
v10:
-Don't use underscore prefix on functions. (blauwir...@gmai
Signed-off-by: Corey Bryant
---
v8
-This patch is new in v8. It was reported on a prior fd passing
approach and I realized it's needed in this series.
(kw...@redhat.com)
v9-v10
-No changes
block/raw-posix.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/
etfd
and closefd QMP commands.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5 and replaces the pass-fd QMP command
from v4.
-By grouping fds in fd sets, we ease managability with an fd
set per file, addressing concerns raised in v4 about handling
"reopens" and preventing
client disconnect prior to using a passed fd.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5.
-This support addresses concerns from v4 regarding fd leakage
if the client disconnects unexpectedly. (ebl...@redhat.com,
kw...@redhat.com, dberra...@redhat.com)
v6:
-No changes
v7
nfs_t). The virt_use_nfs boolean type simply
needs to be set to false, and open will be prevented (and dup will
be allowed). For example:
# setsebool virt_use_nfs 0
# getsebool virt_use_nfs
virt_use_nfs --> off
Corey Bryant (7):
qemu-char: Add MSG_CMSG_CLOEXEC flag to recvms
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If the fd is found, a dup of the fd will be returned
from qemu_open.
Signed-off-by: Corey Brya
On 08/13/2012 12:16 PM, Eric Blake wrote:
On 08/13/2012 07:44 AM, Corey Bryant wrote:
I'll send a new version shortly with these updates also.
+
+ret = monitor_fdset_dup_fd_add(fdset_id, dupfd);
+if (ret == -1) {
+close(dupfd);
+return -1;
On 08/13/2012 01:13 PM, Eric Blake wrote:
On 08/13/2012 10:33 AM, Corey Bryant wrote:
The only way it could fail is if we are trying to add an fd that is
already in the set, or if we don't find mon_fdset; both of which would
indicate logic bugs earlier in our program. Would it be
On 08/13/2012 02:02 PM, Eric Blake wrote:
On 08/13/2012 08:08 AM, Corey Bryant wrote:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
On 08/14/2012 08:07 AM, Kevin Wolf wrote:
Am 13.08.2012 16:08, schrieb Corey Bryant:
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If
This patch converts all block layer open calls to qemu_open.
Note that this adds the O_CLOEXEC flag to the changed open paths
when the O_CLOEXEC macro is defined.
Signed-off-by: Corey Bryant
---
v2:
-Convert calls to qemu_open instead of file_open (kw...@redhat.com)
-Mention introduction of
Signed-off-by: Corey Bryant
---
v8
-This patch is new in v8. It was reported on a prior fd passing
approach and I realized it's needed in this series.
(kw...@redhat.com)
v9-v11
-No changes
block/raw-posix.c |4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/
This patch converts all block layer close calls, that correspond
to qemu_open calls, to qemu_close.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5. (kw...@redhat.com, ebl...@redhat.com)
v6-v9:
-No changes
v10:
-Don't use underscore prefix on functions. (blauwir...@gmai
When qemu_open is passed a filename of the "/dev/fdset/nnn"
format (where nnn is the fdset ID), an fd with matching access
mode flags will be searched for within the specified monitor
fd set. If the fd is found, a dup of the fd will be returned
from qemu_open.
Signed-off-by: Corey Brya
nfs_t). The virt_use_nfs boolean type simply
needs to be set to false, and open will be prevented (and dup will
be allowed). For example:
# setsebool virt_use_nfs 0
# getsebool virt_use_nfs
virt_use_nfs --> off
Corey Bryant (7):
qemu-char: Add MSG_CMSG_CLOEXEC flag to recvms
client disconnect prior to using a passed fd.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5.
-This support addresses concerns from v4 regarding fd leakage
if the client disconnects unexpectedly. (ebl...@redhat.com,
kw...@redhat.com, dberra...@redhat.com)
v6:
-No changes
v7
Set the close-on-exec flag for the file descriptor received
via SCM_RIGHTS.
Signed-off-by: Corey Bryant
---
v4
-This patch is new in v4 (ebl...@redhat.com)
v5
-Fallback to FD_CLOEXEC if MSG_CMSG_CLOEXEC is not available
(ebl...@redhat.com, stefa...@linux.vnet.ibm.com)
v6
-Set cloexec on
etfd
and closefd QMP commands.
Signed-off-by: Corey Bryant
---
v5:
-This patch is new in v5 and replaces the pass-fd QMP command
from v4.
-By grouping fds in fd sets, we ease managability with an fd
set per file, addressing concerns raised in v4 about handling
"reopens" and preventing
On 08/16/2012 07:15 AM, Peter Maydell wrote:
Fix compilation failure on BSD systems (which don't have
O_DIRECT or O_NOATIME:
osdep.c:116: error: ‘O_DIRECT’ undeclared (first use in this function)
osdep.c:116: error: (Each undeclared identifier is reported only once
osdep.c:116: error: for each
On 08/21/2012 06:31 AM, Jordi Cucurull Juan wrote:
Dear all,
After applying the TPM patches to QEMU, I was wondering if it is
possible to simultaneously use the TPM in more than one virtual machine,
i.e. virtualisation of the TPM.
According to the paper "Stefan Berger, Ramón Cáceres, Kenneth
This patch provides support for the -filefd command line option.
This option will allow passing of a filename and its corresponding
file descriptor to QEMU at exec time.
Signed-off-by: Corey Bryant
---
qemu-config.c | 17 +
qemu-config.h |1 +
qemu-options.hx | 17
method.
Usage:
./test-fd-passing /path/hda.img /path/hdb.img /path/hdc.img
Signed-off-by: Corey Bryant
---
test-fd-passing.c | 224 +
1 files changed, 224 insertions(+), 0 deletions(-)
create mode 100644 test-fd-passing.c
diff --git a/test-fd
101 - 200 of 565 matches
Mail list logo
