src/conf/domain_conf.c | 21 --------------------- src/conf/domain_conf.h | 21 +++++++++++++++++++++ src/security/virt-aa-helper.c | 7 +++++++ 3 files changed, 28 insertions(+), 21 deletions(-)
The virt-aa-helper fails to parse the xmls with the memory/cpu
hotplug features or user assigned aliases. Set the features in
xmlopt->config for the parsing to succeed.
Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
---
src/conf/domain_conf.c | 21 ---------------------
src/conf/domain_conf.h | 21 +++++++++++++++++++++
src/security/virt-aa-helper.c | 7 +++++++
3 files changed, 28 insertions(+), 21 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a1c2506..20ce83e 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -64,27 +64,6 @@
VIR_LOG_INIT("conf.domain_conf");
-/* This structure holds various callbacks and data needed
- * while parsing and creating domain XMLs */
-struct _virDomainXMLOption {
- virObject parent;
-
- /* XML parser callbacks and defaults */
- virDomainDefParserConfig config;
-
- /* domain private data management callbacks */
- virDomainXMLPrivateDataCallbacks privateData;
-
- /* XML namespace callbacks */
- virDomainXMLNamespace ns;
-
- /* ABI stability callbacks */
- virDomainABIStability abi;
-
- /* Private data for save image stored in snapshot XML */
- virSaveCookieCallbacks saveCookie;
-};
-
#define VIR_DOMAIN_DEF_FORMAT_COMMON_FLAGS \
(VIR_DOMAIN_DEF_FORMAT_SECURE | \
VIR_DOMAIN_DEF_FORMAT_INACTIVE | \
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 6f7f96b..aacb88a 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2662,6 +2662,27 @@ struct _virDomainABIStability {
virDomainABIStabilityDomain domain;
};
+/* This structure holds various callbacks and data needed
+ * while parsing and creating domain XMLs */
+struct _virDomainXMLOption {
+ virObject parent;
+
+ /* XML parser callbacks and defaults */
+ virDomainDefParserConfig config;
+
+ /* domain private data management callbacks */
+ virDomainXMLPrivateDataCallbacks privateData;
+
+ /* XML namespace callbacks */
+ virDomainXMLNamespace ns;
+
+ /* ABI stability callbacks */
+ virDomainABIStability abi;
+
+ /* Private data for save image stored in snapshot XML */
+ virSaveCookieCallbacks saveCookie;
+};
+
virDomainXMLOptionPtr virDomainXMLOptionNew(virDomainDefParserConfigPtr config,
virDomainXMLPrivateDataCallbacksPtr priv,
virDomainXMLNamespacePtr xmlns,
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index f7ccae0..8b0ca46 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -699,6 +699,13 @@ get_definition(vahControl * ctl, const char *xmlStr)
goto exit;
}
+ if (virtType == VIR_DOMAIN_VIRT_QEMU || virtType == VIR_DOMAIN_VIRT_KVM) {
+ ctl->xmlopt->config.features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
+ VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
+ VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS |
+ VIR_DOMAIN_DEF_FEATURE_USER_ALIAS;
+ }
+
if (virCapabilitiesAddGuestDomain(guest,
virtType,
NULL,
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On 01/11/2018 11:09 AM, Shivaprasad G Bhat wrote:
> The virt-aa-helper fails to parse the xmls with the memory/cpu
> hotplug features or user assigned aliases. Set the features in
> xmlopt->config for the parsing to succeed.
>
> Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
> ---
> src/conf/domain_conf.c | 21 ---------------------
> src/conf/domain_conf.h | 21 +++++++++++++++++++++
> src/security/virt-aa-helper.c | 7 +++++++
> 3 files changed, 28 insertions(+), 21 deletions(-)
>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index a1c2506..20ce83e 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -64,27 +64,6 @@
>
> VIR_LOG_INIT("conf.domain_conf");
>
> -/* This structure holds various callbacks and data needed
> - * while parsing and creating domain XMLs */
> -struct _virDomainXMLOption {
> - virObject parent;
> -
> - /* XML parser callbacks and defaults */
> - virDomainDefParserConfig config;
> -
> - /* domain private data management callbacks */
> - virDomainXMLPrivateDataCallbacks privateData;
> -
> - /* XML namespace callbacks */
> - virDomainXMLNamespace ns;
> -
> - /* ABI stability callbacks */
> - virDomainABIStability abi;
> -
> - /* Private data for save image stored in snapshot XML */
> - virSaveCookieCallbacks saveCookie;
> -};
> -
> #define VIR_DOMAIN_DEF_FORMAT_COMMON_FLAGS \
> (VIR_DOMAIN_DEF_FORMAT_SECURE | \
> VIR_DOMAIN_DEF_FORMAT_INACTIVE | \
> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index 6f7f96b..aacb88a 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -2662,6 +2662,27 @@ struct _virDomainABIStability {
> virDomainABIStabilityDomain domain;
> };
>
> +/* This structure holds various callbacks and data needed
> + * while parsing and creating domain XMLs */
> +struct _virDomainXMLOption {
> + virObject parent;
> +
> + /* XML parser callbacks and defaults */
> + virDomainDefParserConfig config;
> +
> + /* domain private data management callbacks */
> + virDomainXMLPrivateDataCallbacks privateData;
> +
> + /* XML namespace callbacks */
> + virDomainXMLNamespace ns;
> +
> + /* ABI stability callbacks */
> + virDomainABIStability abi;
> +
> + /* Private data for save image stored in snapshot XML */
> + virSaveCookieCallbacks saveCookie;
> +};
No. We want to keep this struct private and use just the accessors.
> +
> virDomainXMLOptionPtr virDomainXMLOptionNew(virDomainDefParserConfigPtr config,
> virDomainXMLPrivateDataCallbacksPtr priv,
> virDomainXMLNamespacePtr xmlns,
> diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
> index f7ccae0..8b0ca46 100644
> --- a/src/security/virt-aa-helper.c
> +++ b/src/security/virt-aa-helper.c
> @@ -699,6 +699,13 @@ get_definition(vahControl * ctl, const char *xmlStr)
> goto exit;
> }
>
> + if (virtType == VIR_DOMAIN_VIRT_QEMU || virtType == VIR_DOMAIN_VIRT_KVM) {
Firstly, I don't really understand why this needs to be just limited to
qemu/kvm virt types.
> + ctl->xmlopt->config.features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
> + VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
> + VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS |
> + VIR_DOMAIN_DEF_FEATURE_USER_ALIAS;
Secondly, you can set these features when creating the xmlopt object
just a few lines above (not to be seen in the context though). I mean,
what we can have is:
diff --git i/src/security/virt-aa-helper.c w/src/security/virt-aa-helper.c
index f7ccae0b0..e45ccc8b4 100644
--- i/src/security/virt-aa-helper.c
+++ w/src/security/virt-aa-helper.c
@@ -654,6 +654,12 @@ caps_mockup(vahControl * ctl, const char *xmlStr)
return rc;
}
+virDomainDefParserConfig virAAHelperDomainDefParserConfig = {
+ .features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
+ VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
+ VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS |
+ VIR_DOMAIN_DEF_FEATURE_USER_ALIAS,
+};
static int
get_definition(vahControl * ctl, const char *xmlStr)
@@ -673,7 +679,8 @@ get_definition(vahControl * ctl, const char *xmlStr)
goto exit;
}
- if (!(ctl->xmlopt = virDomainXMLOptionNew(NULL, NULL, NULL, NULL,
NULL))) {
+ if (!(ctl->xmlopt =
virDomainXMLOptionNew(&virAAHelperDomainDefParserConfig,
+ NULL, NULL, NULL, NULL))) {
vah_error(ctl, 0, _("Failed to create XML config object"));
goto exit;
}
Michal
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Thanks for the comments Michal..
On Fri, Jan 12, 2018 at 3:41 PM, Michal Privoznik <mprivozn@redhat.com>
wrote:
> On 01/11/2018 11:09 AM, Shivaprasad G Bhat wrote:
> > The virt-aa-helper fails to parse the xmls with the memory/cpu
> > hotplug features or user assigned aliases. Set the features in
> > xmlopt->config for the parsing to succeed.
> >
> > Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
> > ---
> > src/conf/domain_conf.c | 21 ---------------------
> > src/conf/domain_conf.h | 21 +++++++++++++++++++++
> > src/security/virt-aa-helper.c | 7 +++++++
> > 3 files changed, 28 insertions(+), 21 deletions(-)
> >
> > diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> > index a1c2506..20ce83e 100644
> > --- a/src/conf/domain_conf.c
> > +++ b/src/conf/domain_conf.c
> > @@ -64,27 +64,6 @@
> >
> > VIR_LOG_INIT("conf.domain_conf");
> >
> > -/* This structure holds various callbacks and data needed
> > - * while parsing and creating domain XMLs */
> > -struct _virDomainXMLOption {
> > - virObject parent;
> > -
> > - /* XML parser callbacks and defaults */
> > - virDomainDefParserConfig config;
> > -
> > - /* domain private data management callbacks */
> > - virDomainXMLPrivateDataCallbacks privateData;
> > -
> > - /* XML namespace callbacks */
> > - virDomainXMLNamespace ns;
> > -
> > - /* ABI stability callbacks */
> > - virDomainABIStability abi;
> > -
> > - /* Private data for save image stored in snapshot XML */
> > - virSaveCookieCallbacks saveCookie;
> > -};
> > -
> > #define VIR_DOMAIN_DEF_FORMAT_COMMON_FLAGS \
> > (VIR_DOMAIN_DEF_FORMAT_SECURE | \
> > VIR_DOMAIN_DEF_FORMAT_INACTIVE | \
> > diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> > index 6f7f96b..aacb88a 100644
> > --- a/src/conf/domain_conf.h
> > +++ b/src/conf/domain_conf.h
> > @@ -2662,6 +2662,27 @@ struct _virDomainABIStability {
> > virDomainABIStabilityDomain domain;
> > };
> >
> > +/* This structure holds various callbacks and data needed
> > + * while parsing and creating domain XMLs */
> > +struct _virDomainXMLOption {
> > + virObject parent;
> > +
> > + /* XML parser callbacks and defaults */
> > + virDomainDefParserConfig config;
> > +
> > + /* domain private data management callbacks */
> > + virDomainXMLPrivateDataCallbacks privateData;
> > +
> > + /* XML namespace callbacks */
> > + virDomainXMLNamespace ns;
> > +
> > + /* ABI stability callbacks */
> > + virDomainABIStability abi;
> > +
> > + /* Private data for save image stored in snapshot XML */
> > + virSaveCookieCallbacks saveCookie;
> > +};
>
>
> No. We want to keep this struct private and use just the accessors.
> > +
> > virDomainXMLOptionPtr virDomainXMLOptionNew(virDomainDefParserConfigPtr
> config,
> >
> virDomainXMLPrivateDataCallbacksPtr priv,
> > virDomainXMLNamespacePtr
> xmlns,
> > diff --git a/src/security/virt-aa-helper.c
> b/src/security/virt-aa-helper.c
> > index f7ccae0..8b0ca46 100644
> > --- a/src/security/virt-aa-helper.c
> > +++ b/src/security/virt-aa-helper.c
> > @@ -699,6 +699,13 @@ get_definition(vahControl * ctl, const char *xmlStr)
> > goto exit;
> > }
> >
> > + if (virtType == VIR_DOMAIN_VIRT_QEMU || virtType ==
> VIR_DOMAIN_VIRT_KVM) {
>
> Firstly, I don't really understand why this needs to be just limited to
> qemu/kvm virt types.
>
I figured, its only QEMU/KVM and LXC drivers which allow/support the
security driver to be set
to "apparmor". Though I see lxc.conf not documenting anything about
apparmor, the virt-aa-helper.c
does handle LXC driver. I wanted virt-aa-helper to fail for LXC for these
unsupported features.
>
> > + ctl->xmlopt->config.features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG
> |
> > + VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN
> |
> > + VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS
> |
> > + VIR_DOMAIN_DEF_FEATURE_USER_A
> LIAS;
>
> Secondly, you can set these features when creating the xmlopt object
> just a few lines above (not to be seen in the context though). I mean,
> what we can have is:
Yes. This works for the way virt-aa-helper is intended to be used .That is,
I see the binary
virt-aa-helper is kind of "private", and used only by libvirt after
"define" and before "start".
So, the virt-aa-helper is not called by LXC driver in first place if there
is an unsupported
feature as the "define" itself fails. So, its fine to have like you
suggested.
>
diff --git i/src/security/virt-aa-helper.c w/src/security/virt-aa-helper.c
> index f7ccae0b0..e45ccc8b4 100644
> --- i/src/security/virt-aa-helper.c
> +++ w/src/security/virt-aa-helper.c
> @@ -654,6 +654,12 @@ caps_mockup(vahControl * ctl, const char *xmlStr)
> return rc;
> }
>
> +virDomainDefParserConfig virAAHelperDomainDefParserConfig = {
> + .features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
> + VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
> + VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS |
> + VIR_DOMAIN_DEF_FEATURE_USER_ALIAS,
>
I realize we need not set the VIR_DOMAIN_DEF_FEATURE_USER_ALIAS here.
Sending V2 as you suggested with this correction.
+};
>
> static int
> get_definition(vahControl * ctl, const char *xmlStr)
> @@ -673,7 +679,8 @@ get_definition(vahControl * ctl, const char *xmlStr)
> goto exit;
> }
>
> - if (!(ctl->xmlopt = virDomainXMLOptionNew(NULL, NULL, NULL, NULL,
> NULL))) {
> + if (!(ctl->xmlopt =
> virDomainXMLOptionNew(&virAAHelperDomainDefParserConfig,
> + NULL, NULL, NULL, NULL))) {
> vah_error(ctl, 0, _("Failed to create XML config object"));
> goto exit;
> }
>
> Michal
>
> --
> libvir-list mailing list
> libvir-list@redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2025 Red Hat, Inc.