From: Peter Krempa Date: Tue, 18 Jun 2019 08:04:32 +0000 (+0200) Subject: qemu: Implement support for 'capability_filters' config option X-Git-Tag: v5.5.0-rc1~43 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2cb86fc26028385bc604ff34d279f3de1b052d8a;p=thirdparty%2Flibvirt.git qemu: Implement support for 'capability_filters' config option Filter out the given capabilities and set domain taint if we've done so. Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko --- diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0a9056d1a0..1326c3d6b1 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -8339,7 +8339,8 @@ void qemuDomainObjCheckTaint(virQEMUDriverPtr driver, custom_hypervisor_feat = true; } - if (custom_hypervisor_feat) { + if (custom_hypervisor_feat || + (cfg->capabilityfilters && *cfg->capabilityfilters)) { qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_CUSTOM_HYPERVISOR_FEATURE, logCtxt); } diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index f0d410306c..aa09ef175a 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -5452,10 +5452,25 @@ static int qemuProcessStartUpdateCustomCaps(virDomainObjPtr vm) { qemuDomainObjPrivatePtr priv = vm->privateData; + VIR_AUTOUNREF(virQEMUDriverConfigPtr) cfg = virQEMUDriverGetConfig(priv->driver); qemuDomainXmlNsDefPtr nsdef = vm->def->namespaceData; + char **next; int tmp; size_t i; + if (cfg->capabilityfilters) { + for (next = cfg->capabilityfilters; *next; next++) { + if ((tmp = virQEMUCapsTypeFromString(*next)) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("invalid capability_filters capability '%s'"), + *next); + return -1; + } + + virQEMUCapsClear(priv->qemuCaps, tmp); + } + } + if (nsdef) { for (i = 0; i < nsdef->ncapsadd; i++) { if ((tmp = virQEMUCapsTypeFromString(nsdef->capsadd[i])) < 0) {