On 15.05.2015 20:52, Jim Fehlig wrote:
> Currently, the libxl driver does not support any security drivers.
> When the qemu driver has no security driver configued,
> nodeGetSecurityModel succeeds but returns an empty virSecurityModel
> object. Do the same in the libxl driver instead of reporting
>
> this function is not supported by the connection driver:
> virNodeGetSecurityModel
>
> Signed-off-by: Jim Fehlig <jfehlig@xxxxxxxx>
> ---
>
> I was reminded of this today when looking through a libvirtd log.
> The system was running a test script that among other things
> called 'virsh dominfo'. Each time dominfo was called, the log
> was spammed with "this function is not supported by the connection
> driver: virNodeGetSecurityModel".
>
> src/libxl/libxl_driver.c | 18 ++++++++++++++++++
> 1 file changed, 18 insertions(+)
>
> diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
> index 60c139e..d6b20ae 100644
> --- a/src/libxl/libxl_driver.c
> +++ b/src/libxl/libxl_driver.c
> @@ -5027,6 +5027,23 @@ libxlDomainMigrateConfirm3Params(virDomainPtr domain,
> return libxlDomainMigrationConfirm(driver, vm, flags, cancelled);
> }
>
> +static int libxlNodeGetSecurityModel(virConnectPtr conn,
> + virSecurityModelPtr secmodel)
> +{
> + memset(secmodel, 0, sizeof(*secmodel));
> +
> + if (virNodeGetSecurityModelEnsureACL(conn) < 0)
> + return -1;
> +
> + /*
> + * Currently the libxl driver does not support security model.
> + * Similar to the qemu driver, treat this as success and simply
> + * return no data in secmodel. Avoids spamming the libvirt log
> + * with "this function is not supported by the connection driver:
> + * virNodeGetSecurityModel"
Moreover, this behaviour is defined and documented in the API description:
* Extract the security model of a hypervisor. The 'model' field
* in the @secmodel argument may be initialized to the empty
* string if the driver has not activated a security model.
Awesome.
> + */
> + return 0;
> +}
>
> static virHypervisorDriver libxlHypervisorDriver = {
> .name = LIBXL_DRIVER_NAME,
> @@ -5122,6 +5139,7 @@ static virHypervisorDriver libxlHypervisorDriver = {
> .domainMigratePerform3Params = libxlDomainMigratePerform3Params, /* 1.2.6 */
> .domainMigrateFinish3Params = libxlDomainMigrateFinish3Params, /* 1.2.6 */
> .domainMigrateConfirm3Params = libxlDomainMigrateConfirm3Params, /* 1.2.6 */
> + .nodeGetSecurityModel = libxlNodeGetSecurityModel, /* 1.2.16 */
> };
>
> static virConnectDriver libxlConnectDriver = {
>
ACK
Michal
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list