[PATCH 00/10] qemu: Introduce shared_filesystems configuration option
An alternative take on [1] based on review feedback.
The need to have something like this in the first place is driven by
KubeVirt (see [2] and [3]). A draft version of this series has been
integrated into KubeVirt and it has been confirmed that it was
effective in removing the need to use LD_PRELOAD hacks in the storage
provider.
CC'ing Stefan so he can have a look at the TPM part and shout if I've
gotten anything wrong :)
[1]
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/MM...
[2] https://issues.redhat.com/browse/CNV-34322
[3] https://issues.redhat.com/browse/CNV-39370
Andrea Bolognani (10):
security: Fix alignment
security: Fix name for _virSecurityDACChardevCallbackData
security: Drop virSecurity(DAC|SELinux)RestoreImageLabelSingle()
security: Drop virSecurity(DAC|SELinux)SetImageLabelRelative()
qemu: Tweak augeas schema
qemu: Introduce shared_filesystems configuration option
qemu: Propagate shared_filesystems
utils: Use overrides in virFileIsSharedFS()
qemu: Always set labels for TPM state
NEWS: Document qemu shared_filesystems option
NEWS.rst | 7 +++
src/lxc/lxc_controller.c | 2 +-
src/lxc/lxc_driver.c | 2 +-
src/lxc/lxc_process.c | 4 +-
src/qemu/libvirtd_qemu.aug | 11 ++--
src/qemu/qemu.conf.in | 17 ++++++
src/qemu/qemu_conf.c | 17 ++++++
src/qemu/qemu_conf.h | 2 +
src/qemu/qemu_domain.c | 2 +-
src/qemu/qemu_extdevice.c | 2 +-
src/qemu/qemu_migration.c | 12 ++--
src/qemu/qemu_security.c | 14 ++++-
src/qemu/qemu_tpm.c | 36 ++++++------
src/qemu/qemu_tpm.h | 8 ++-
src/qemu/test_libvirtd_qemu.aug.in | 5 ++
src/security/security_apparmor.c | 2 +
src/security/security_dac.c | 67 +++++++++-------------
src/security/security_driver.h | 4 ++
src/security/security_manager.c | 34 +++++++-----
src/security/security_manager.h | 20 ++++---
src/security/security_nop.c | 4 ++
src/security/security_selinux.c | 58 ++++++++-----------
src/security/security_stack.c | 16 ++++--
src/util/virfile.c | 89 +++++++++++++++++++++++++-----
src/util/virfile.h | 3 +-
tests/securityselinuxlabeltest.c | 2 +-
tests/virfiletest.c | 2 +-
27 files changed, 289 insertions(+), 153 deletions(-)
--
2.44.0