[libvirt] [PATCH v2 00/21] Run qemu under its own namespace

Wednesday, 7 December 2016

v1 posted here:
  https://www.redhat.com/archives/libvir-list/2016-November/msg01208.html

diff to v1:
- I've dropped the patches for hugepages which are posted separately [1]
- I've reworked some parts according to Dan's suggestions
- Filled missing impl for virSCSIVHostDevice which was merged meanwhile

Please note that patches 1-5, 7 were ACKed already.

You can also find the patches on my github:

  https://github.com/zippy2/libvirt/tree/qemu_container_v3

(Yeah, _v2 branch is not good enough.)

1: https://www.redhat.com/archives/libvir-list/2016-November/msg01415.html

Michal Privoznik (21):
  virprocess: Introduce virProcessSetupPrivateMountNS
  virfile: Introduce virFileSetupDev
  virfile: Introduce ACL helpers
  virusb: Introduce virUSBDeviceGetPath
  virscsi: Introduce virSCSIDeviceGetPath
  virscsivhost: Introduce virSCSIVHostDeviceGetPath
  qemu_cgroup: Expose defaultDeviceACL
  qemu: Spawn qemu under mount namespace
  qemu: Prepare disks when starting a domain
  qemu: Prepare hostdevs when starting a domain
  qemu: Prepare chardevs when starting a domain
  qemu: Prepare TPM when starting a domain
  qemu: Prepare inputs when starting a domain
  qemu: Prepare RNGs when starting a domain
  qemu: Enter the namespace on relabelling
  qemu: Manage /dev entry on disk hotplug
  qemu: Manage /dev entry on hostdev hotplug
  qemu: Manage /dev entry on chardev hotplug
  qemu: Manage /dev entry on RNG hotplug
  qemu: Let users opt-out from containerization
  qemu: Enable mount namespace

 config-post.h                      |    2 +
 configure.ac                       |   12 +-
 src/Makefile.am                    |    7 +-
 src/libvirt_private.syms           |   10 +
 src/lxc/lxc_container.c            |   20 +-
 src/lxc/lxc_controller.c           |   32 +-
 src/qemu/libvirtd_qemu.aug         |    1 +
 src/qemu/qemu.conf                 |    8 +
 src/qemu/qemu_cgroup.c             |    2 +-
 src/qemu/qemu_cgroup.h             |    1 +
 src/qemu/qemu_conf.c               |   33 +
 src/qemu/qemu_conf.h               |    2 +
 src/qemu/qemu_domain.c             | 1244 +++++++++++++++++++++++++++++++++++-
 src/qemu/qemu_domain.h             |   52 ++
 src/qemu/qemu_driver.c             |    5 +-
 src/qemu/qemu_hotplug.c            |   90 ++-
 src/qemu/qemu_process.c            |   28 +-
 src/qemu/qemu_security.c           |  198 ++++++
 src/qemu/qemu_security.h           |   55 ++
 src/qemu/test_libvirtd_qemu.aug.in |    3 +
 src/util/virfile.c                 |  153 +++++
 src/util/virfile.h                 |   17 +
 src/util/virprocess.c              |   38 ++
 src/util/virprocess.h              |    2 +
 src/util/virscsi.c                 |    6 +
 src/util/virscsi.h                 |    1 +
 src/util/virscsivhost.c            |    7 +
 src/util/virscsivhost.h            |    1 +
 src/util/virusb.c                  |    5 +
 src/util/virusb.h                  |    1 +
 30 files changed, 1951 insertions(+), 85 deletions(-)
 create mode 100644 src/qemu/qemu_security.c
 create mode 100644 src/qemu/qemu_security.h

-- 
2.11.0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH v2 00/21] Run qemu under its own namespace