Re: [libvirt] [PATCH v2 0/5] RFC: grant KVM guests retain arbitrary capabilities

On 2011-12-22 14:49, Taku Izumi wrote:
Hi Daniel-san and all,

This patchset adds an option for KVM guests to retain arbitrary capabilities.
The first version is here:

According to Daniel-san's comment, I changed my patch like the following:

v1 ->  v2
  - introduce "process" and "cap" elements in the capability XML
  - change XML element name of domain XML likewise

; process capabilities host supports are found in the capability XML.
# virsh capabilities

       <cap name='chown'/>
       <cap name='dac_override'/>
       <cap name='dac_read_search'/>
       <cap name='fowner'/>

; VM can retain cap_sys_rawio capability
# virsh edit VM
     <cap name='sys_rawio'/>
   <clock offset='utc'/>

# virsh start VM
# cat /proc/<VM's PID>/status
CapInh: 0000000000000000
CapPrm: fffffffc00020000
CapEff: fffffffc00020000
CapBnd: fffffffc00020000

Does this mean that if the 'sys_rawio' is not set in the "features" list, there will be no "CapInh", "CapPrm"... in the proc status file? I was just wondering it is more like a QEMU/KVM options instead of a libvirt options, it is more reasonable to make QEMU/KVM
to guard these options in proc status file instead of libvirt xml file.

   *[PATCH v2 1/5] conf: add XML schema for capability XML
   *[PATCH v2 2/5] conf: add XML schema for domain XML
   *[PATCH v2 3/5] util: add functions to keep capabilities
   *[PATCH v2 4/5] util: extend virExecWithHook()
   *[PATCH v2 5/5] qemu: make qemu processes to retain capabilities

Best regards,
Taku Izumi

libvir-list mailing list
libvir-list redhat com

Shu Ming<shuming linux vnet ibm com>
IBM China Systems and Technology Laboratory

