On Fri, Aug 02, 2024 at 12:40:33PM -0400, Michael S. Tsirkin wrote:
> On Fri, Aug 02, 2024 at 12:26:22PM -0400, Peter Xu wrote:
> > And that's why I was thinking (where I totally agree with you on this) that
> > whether we should settle a short term plan first to be on the safe side
> > that we sta
On Fri, Aug 02, 2024 at 12:26:22PM -0400, Peter Xu wrote:
> And that's why I was thinking (where I totally agree with you on this) that
> whether we should settle a short term plan first to be on the safe side
> that we start with migration always being compatible, then we figure the
> other approa
On Sat, Aug 03, 2024 at 12:54:51AM +0900, Akihiko Odaki wrote:
> > > > I'm not sure if I read it right. Perhaps you meant something more
> > > > generic
> > > > than -platform but similar?
> > > >
> > > > For example, "-profile [PROFILE]" qemu cmdline, where PROFILE can be
> > > > either
> > >
On 2024/08/03 0:05, Peter Xu wrote:
On Fri, Aug 02, 2024 at 01:30:51PM +0900, Akihiko Odaki wrote:
On 2024/08/02 0:13, Peter Xu wrote:
On Thu, Aug 01, 2024 at 02:05:54PM +0900, Akihiko Odaki wrote:
On 2024/07/31 4:11, Peter Xu wrote:
On Tue, Jul 30, 2024 at 07:46:12PM +0100, Daniel P. Berrang
On Fri, Aug 02, 2024 at 01:30:51PM +0900, Akihiko Odaki wrote:
> On 2024/08/02 0:13, Peter Xu wrote:
> > On Thu, Aug 01, 2024 at 02:05:54PM +0900, Akihiko Odaki wrote:
> > > On 2024/07/31 4:11, Peter Xu wrote:
> > > > On Tue, Jul 30, 2024 at 07:46:12PM +0100, Daniel P. Berrangé wrote:
> > > > > On
Typo in subject: it's "deprecate".
In case when the user exports images from current host and there is an
incoming migration from a remote host, security label remembering would
be possible but would attempt to remember the label allowing access to
the image as the image is already used by a VM on remote host.
To prevent rememberin
In case of incoming migration where a local directory is shared to other
hosts we'll need to avoid seclabel remembering as the code would
remember the seclabel already allowing access to the image.
As the decision requires a lot of information not available in the
security driver it would either r
When 'qemuSecurityRestoreAllLabel' is called on outgoing migration it
skips the actual relabeling part of the images in dac/selinux drivers in
order to avoid cutting off access to the image.
As shared filesystems don't really support the trusted XATTR groups,
remembering of security labels never w
Reorganize the code so that the 'migrated' flag isn't checked multiple
times and thus that it's more obvious what is happening when the
'migrated' flag is assterted.
Signed-off-by: Peter Krempa
---
src/security/security_selinux.c | 28 ++--
1 file changed, 14 insertions(+
Use automatic clearing for temporary variable, remove 'cleanup' label
and declare parameters according to new coding style rules.
Signed-off-by: Peter Krempa
---
src/util/virutil.c | 20 +++-
1 file changed, 7 insertions(+), 13 deletions(-)
diff --git a/src/util/virutil.c b/src/
Document the function and export it for use outside of the 'virfile'
utils module.
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 1 +
src/util/virfile.c | 12 +++-
src/util/virfile.h | 2 ++
3 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/src/lib
From: Andrea Bolognani
Up until this point, we have avoided setting labels for
incoming migration when the TPM state is stored on a shared
filesystem. This seems to make sense, because since the
underlying storage is shared surely the labels will be as
well.
There's one problem, though: when a g
From: Andrea Bolognani
virFileIsSharedFS() is the function that ultimately decides
whether a filesystem should be considered shared, but the list
of manually configured shared filesystems is part of the QEMU
driver's configuration, so we need to pass the information
through several layers in orde
From: Andrea Bolognani
If the local admin has explicitly declared that a certain
filesystem is to be considered shared, we should treat it as
such.
Signed-off-by: Andrea Bolognani
Reviewed-by: Stefan Berger
---
src/util/virfile.c | 42 +-
1 file changed
From: Andrea Bolognani
As explained in the comment, this can help in scenarios where
a shared filesystem can't be detected as such by libvirt, by
giving the admin the opportunity to provide this information
manually.
Signed-off-by: Andrea Bolognani
Signed-off-by: Peter Krempa
---
src/qemu/lib
v4: https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/FWR7YCZJUHBZH33EX465GSE4EQI6KRWA/
For justification see v3:
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/PISBZCI5MAQQWPN7NMMEGV4VPLJKGEFJ/
This version includes patches that deal with seclabel
From: Andrea Bolognani
Signed-off-by: Andrea Bolognani
Reviewed-by: Stefan Berger
---
src/security/security_selinux.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 31df4d22db..713b5f2b0e 100644
On Fri, Aug 02, 2024 at 01:30:51PM +0900, Akihiko Odaki wrote:
> 4) is the second easiest to implement, but the design of 4) will depend on
> whether we will satisfy 2) or 3). In the email I cited earlier, I suggested
> an option -use-platform to specify the expectation on the platform. If it is
>
Vladimir Sementsov-Ogievskiy writes:
> On 18.07.24 14:01, Markus Armbruster wrote:
>> Vladimir Sementsov-Ogievskiy writes:
>>
>>> That's a first step to move on newer job-* APIs.
>>>
>>> The difference between block-job-change and job-change is in
>>> find_block_job_locked() vs find_job_locked(
Reviewed-by: Boris Fiuczynski
and tested.
On 8/1/24 3:52 PM, Peter Krempa wrote:
Replace the 'misc-acpi' case by testing a bunch of architectures for how
ACPI is handled including a test for the s390 ACPI strip hack added in
previous commit.
The input files are adapted from the corresponding
On 18.07.24 14:01, Markus Armbruster wrote:
Vladimir Sementsov-Ogievskiy writes:
That's a first step to move on newer job-* APIs.
The difference between block-job-change and job-change is in
find_block_job_locked() vs find_job_locked() functions. What's
different?
1. find_block_job_locked()
On 18.07.24 13:59, Markus Armbruster wrote:
Vladimir Sementsov-Ogievskiy writes:
Add a new-style command job-change, doing same thing as
block-job-change. The aim is finally deprecate block-job-* APIs and
move to job-* APIs.
We add a new command to qapi/block-core.json, not to
qapi/job.json t
On 8/1/24 3:52 PM, Peter Krempa wrote:
The s390(x) machines never supported ACPI. That didn't stop users
enabling ACPI in their config. As of libvirt-9.2 (98c4e3d073) with new
enough qemu we reject configs which require ACPI, but qemu can't satisfy
it.
This breaks migration of existing VMs with
24 matches
Mail list logo
