Filter out the given capabilities and set domain taint if we done so.
Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
src/qemu/qemu_domain.c | 3 ++-
src/qemu/qemu_process.c | 15 +++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 2e0a0ca88b..9685d13ade 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -8304,7 +8304,8 @@ void qemuDomainObjCheckTaint(virQEMUDriverPtr driver,
custom_hypervisor_feat = true;
}
- if (custom_hypervisor_feat) {
+ if (custom_hypervisor_feat ||
+ (cfg->capabilityfilters && *cfg->capabilityfilters)) {
qemuDomainObjTaint(driver, obj,
VIR_DOMAIN_TAINT_CUSTOM_HYPERVISOR_FEATURE, logCtxt);
}
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 8fafd067ce..a5cc4daa1b 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -5410,10 +5410,25 @@ static int
qemuProcessStartUpdateCustomCaps(virDomainObjPtr vm)
{
qemuDomainObjPrivatePtr priv = vm->privateData;
+ VIR_AUTOUNREF(virQEMUDriverConfigPtr) cfg = virQEMUDriverGetConfig(priv->driver);
qemuDomainXmlNsDefPtr nsdef = vm->def->namespaceData;
+ char **next;
int tmp;
size_t i;
+ if (cfg->capabilityfilters) {
+ for (next = cfg->capabilityfilters; *next; next++) {
+ if ((tmp = virQEMUCapsTypeFromString(*next)) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("invalid capability_filters capability '%s'"),
+ *next);
+ return -1;
+ }
+
+ virQEMUCapsClear(priv->qemuCaps, tmp);
+ }
+ }
+
if (nsdef) {
for (i = 0; i < nsdef->ncapsadd; i++) {
if ((tmp = virQEMUCapsTypeFromString(nsdef->capsadd[i])) < 0) {
--
2.21.0
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
