Re: [PATCH v3 06/17] hw/sd/sdcard: Do not store vendor data on block drive (CMD56)

On Tue, Jul 09, 2024 at 05:38:54PM -0300, Fabiano Rosas wrote: > Philippe Mathieu-Daudé writes: > > > "General command" (GEN_CMD, CMD56) is described as: > > > > GEN_CMD is the same as the single block read or write > > commands (CMD24 or CMD17). The difference is that [...] > > the data bl

Re: [PATCH v3 06/17] hw/sd/sdcard: Do not store vendor data on block drive (CMD56)

Philippe Mathieu-Daudé writes: > "General command" (GEN_CMD, CMD56) is described as: > > GEN_CMD is the same as the single block read or write > commands (CMD24 or CMD17). The difference is that [...] > the data block is not a memory payload data but has a > vendor specific format and mea

Re: cpugroups for hyperv hypervisor

On Wed, Jun 26, 2024 at 09:18:37AM -0500, Praveen K Paladugu wrote: > Hey folks, > > My team is working on exposing `cpugroups` to Libvirt while using 'hyperv' > hypervisor with cloud-hypervisor(VMM). cpugroups are relevant in a specific > configuration of hyperv called 'minroot'. In Minroot confi

Re: [PATCH] virt-aa-helper: Drop needless comments

On 7/9/24 04:04, Michal Privoznik wrote: When generating paths for a domain specific AppArmor profile each path undergoes a validation where it's matched against an array of well known prefixes (among other things). Now, for OVMF/AAVMF/... images we have a list and some entries have comments to w

[PATCH] network: allow "modify" option for DNS-Txt records

The "modify" command allows to replace an existing record (its text value). The primary key is the name of the record. If duplicity or missing record detected, throw error. Tests in networkxml2xmlupdatetest.c contain replacements of an existing DNS-text record and failure due to non-existing recor

[PATCH] network: allow "modify" option for DNS-Srv records

The "modify" command allows to replace an existing Srv record (some of its elements respectively: port, priority and weight). The primary key used to choose the modify record is the remaining parameters, only one of them is required. Not using some of these parameters may cause duplicate records an

[PATCH] network: allow "modify" option for DNS hostname

The "modify" command allows you to replace an existing record (its hostname, sub-elements). IP address acts as the primary key. If it is not found, the attempt ends with an error message. If the XML contains a duplicate address, it will select the last one. Tests in networkxml2xmlupdatetest.c cont

Re: [libvirt PATCHv2 3/5] qemu: fill capabilities for virtiofsd

On 7/4/24 15:54, Ján Tomko wrote: > Run the daemon with --print-capabilities first, to see what it supports. > > Signed-off-by: Ján Tomko > --- > src/conf/domain_conf.h | 1 + > src/qemu/qemu_vhost_user.c | 60 ++ > src/qemu/qemu_vhost_user.h | 12 +++

Re: [libvirt PATCHv2 0/5] qemu: do not use deprecated options for new virtiofsd (virtiofs epopee)

On 7/4/24 15:54, Ján Tomko wrote: > Also, allow migration if we think we can. > > Ján Tomko (5): > tests: vhostuser: add virtiofsd json descriptor > tests: qemuxmlconf: adjust test case to new virtiofsd > qemu: fill capabilities for virtiofsd > qemu: do not use deprecated options for new v

Re: [PATCH 1/1] qemuDomainChangeNet: check virtio options for non-virtio models

On 7/4/24 17:44, Miroslav Los via Devel wrote: > In a domain created with an interface with a subelement, > the device contains a non-NULL virDomainVirtioOptions struct, even > for non-virtio NIC models. The subelement need not be present again > after libvirt restarts, or when the interface is pa

Re: [PATCH v3 1/2] security_manager: Ensure top lock is acquired before nested locks

On 7/5/24 10:01, hongmianquan wrote: > Fix libvirtd hang since fork() was called while another thread had > security manager locked. > > We have the stack security driver, which internally manages other security > drivers, > just call them "top" and "nested". > > We call virSecurityStackPreFork(

Re: [PATCH v3 0/2] security_manager: Fix security manager deadlock after libvirtd fork()

On 7/5/24 10:01, hongmianquan wrote: > We have the stack security driver, which internally manages other security > drivers, > just call them "top" and "nested". > > We call virSecurityStackPreFork() to lock the top one, and it also locks > and then unlocks the nested drivers prior to fork. Then

[PATCH] virt-aa-helper: Drop needless comments

When generating paths for a domain specific AppArmor profile each path undergoes a validation where it's matched against an array of well known prefixes (among other things). Now, for OVMF/AAVMF/... images we have a list and some entries have comments to which type of image the entry belongs to. Fo

Re: [PATCH] virt-aa-helper: Allow RO access to /usr/share/edk2-ovmf

On 7/5/24 10:46, Andrea Bolognani wrote: > On Thu, Jul 04, 2024 at 01:13:36PM GMT, Michal Privoznik wrote: >> When binary version of edk2 is distributed, the files reside >> under /usr/share/edk2-ovmf as can be seen from Gentoo's ebuild >> [1]. Allow virt-aa-helper to generate paths under that dir.

Re: [PATCH] security: AppArmor allow write when os loader readonly=no

My reply by email has not arrived by now, hence I'll post it via the archive site. Sorry for the potential double post. Older bootloaders were not split into separate _CODE.fd and _VARS.fd, i.e. there was no separate nvram for the latter file to create. The guest could write to the single bootloa

Re: [PATCH 0/6] qemu: Fixes to firmware selection

On a Monday in 2024, Andrea Bolognani wrote: Andrea Bolognani (6): tests: Update firmware descriptors tests: Add more firmware selection coverage qemu: Filter firmware images by type qemu: ROM firmware images are always readonly tests: Add firmware descriptor for edk2 on riscv64 tests: Ad