[libvirt] [PATCH v2] virt-aa-helper: Set the supported features
Peter Krempa
pkrempa at redhat.com
Fri Feb 2 09:51:21 UTC 2018
On Fri, Feb 02, 2018 at 08:14:29 +0100, Christian Ehrhardt wrote:
> On Fri, Jan 19, 2018 at 3:55 PM, Shivaprasad G Bhat
> <sbhat at linux.vnet.ibm.com> wrote:
> > The virt-aa-helper fails to parse the xmls with the memory/cpu
> > hotplug features or user assigned aliases. Set the features in
> > xmlopt->config for the parsing to succeed.
> >
> > Signed-off-by: Shivaprasad G Bhat <sbhat at linux.vnet.ibm.com>
> > ---
> > src/security/virt-aa-helper.c | 8 +++++++-
> > 1 file changed, 7 insertions(+), 1 deletion(-)
> >
> > diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
> > index f7ccae0..29a459d 100644
> > --- a/src/security/virt-aa-helper.c
> > +++ b/src/security/virt-aa-helper.c
> > @@ -654,6 +654,11 @@ caps_mockup(vahControl * ctl, const char *xmlStr)
> > return rc;
> > }
> >
> > +virDomainDefParserConfig virAAHelperDomainDefParserConfig = {
> > + .features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
> > + VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
> > + VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS,
> > +};
>
> Sure we can't link against qemu_domain.c to get "the original"
> virQEMUDriverDomainDefParserConfig.
> But a comment here that the define is essentially taken there might
> helpful to later on follow any updates there.
>
> Also mentioning why exactly you dropped
> VIR_DOMAIN_DEF_FEATURE_USER_ALIAS for the same reason.
Actually, we might want to add a parser flag (or feature bit) to ignore
all other features when parsing. The aa-helper binary does not really
want or need to validate all the stuff necessary here and it might also
create problems since the feature bits are specifically designed to
reject XMLs which have certain elements (if the bit is not enabled).
This means that not-defining VIR_DOMAIN_DEF_FEATURE_USER_ALIAS would
actually make the parser fail on any XML which has user aliases despite
the fact that the aa-helper does not actually care about them at all.
Having a way to disable that is preferred, since having two definitions
of this would actualy result into one of them being out of sync all the
time.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20180202/cedbad7f/attachment-0001.sig>
More information about the libvir-list
mailing list