46b03819ae
When setting up namespace for QEMU we look at mount points under /dev (like /dev/pts, /dev/mqueue/, etc.) because we want to preserve those (which is done by moving them to a temp location, unshare(), and then moving them back). We have a convenience helper - qemuDomainGetPreservedMounts() - that processes the mount table and (optionally) moves the other filesystems too. This helper is also used when attempting to create a path in NS, because the path, while starting with "/dev/" prefix, may actually lead to one of those filesystems that we preserved. And here comes the corner case: while we require the parent mount table to be in shared mode (equivalent of `mount --make-rshared /'), these mount events propagate iff the target path exist inside the slave mount table (= QEMU's private namespace). And since we create only a subset of /dev nodes, well, that assumption is not always the case. For instance, assume that a domain is already running, no hugepages were configured for it nor any hugetlbfs is mounted. Now, when a hugetlbfs is mounted into '/dev/hugepages', this is propagated into the QEMU's namespace, but since the target dir does not exist in the private /dev, the FS is not mounted in the namespace. Fortunately, this difference between namespaces is visible when comparing /proc/mounts and /proc/$PID/mounts (where PID is the QEMU's PID). Therefore, if possible we should look at the latter. Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com> |
||
|---|---|---|
| .ctags.d | ||
| .github/workflows | ||
| .gitlab/issue_templates | ||
| build-aux | ||
| ci | ||
| docs | ||
| examples | ||
| include | ||
| po | ||
| scripts | ||
| src | ||
| tests | ||
| tools | ||
| .ctags | ||
| .dir-locals.el | ||
| .editorconfig | ||
| .gitattributes | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .gitmodules | ||
| .gitpublish | ||
| .mailmap | ||
| AUTHORS.rst.in | ||
| config.h | ||
| configmake.h.in | ||
| CONTRIBUTING.rst | ||
| COPYING | ||
| COPYING.LESSER | ||
| gitdm.config | ||
| libvirt-admin.pc.in | ||
| libvirt-lxc.pc.in | ||
| libvirt-qemu.pc.in | ||
| libvirt.pc.in | ||
| libvirt.spec.in | ||
| meson_options.txt | ||
| meson.build | ||
| NEWS.rst | ||
| README.rst | ||
| run.in | ||
Libvirt API for virtualization
Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
For some of these hypervisors, it provides a stateful management daemon which runs on the virtualization host allowing access to the API both by non-privileged local users and remote users.
Layered packages provide bindings of the libvirt C API into other languages including Python, Perl, PHP, Go, Java, OCaml, as well as mappings into object systems such as GObject, CIM and SNMP.
Further information about the libvirt project can be found on the website:
License
The libvirt C API is distributed under the terms of GNU Lesser General Public License, version 2.1 (or later). Some parts of the code that are not part of the C library may have the more restrictive GNU General Public License, version 2.0 (or later). See the files COPYING.LESSER and COPYING for full license terms & conditions.
Installation
Instructions on building and installing libvirt can be found on the website:
https://libvirt.org/compiling.html
Contributing
The libvirt project welcomes contributions in many ways. For most components the best way to contribute is to send patches to the primary development mailing list. Further guidance on this can be found on the website:
https://libvirt.org/contribute.html
Contact
The libvirt project has two primary mailing lists:
- libvirt-users@redhat.com (for user discussions)
- libvir-list@redhat.com (for development only)
Further details on contacting the project are available on the website: