1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-26 03:21:44 +03:00
Commit Graph

37545 Commits

Author SHA1 Message Date
Jiri Denemark
5fba42c21b qemu: Probe for a few params supported by migrate-set-parameters
These parameters were originally set via dedicated commands which are
now deprecated. We want to use migrate-set-parameters instead if
possible.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-17 10:25:33 +02:00
Michal Privoznik
d659cd341f virsysinfo: Don't leak fw_cfg
In v6.4.0-72-g3dda889a44 I've introduced parsing and formatting
of new sysinfo type 'fwcfg'. However, I've forgot to introduce
code that would free parsed data.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-06-16 16:34:30 +02:00
Daniel Henrique Barboza
1b22dd6dd4 qemuDomainSetNumaParamsLive: set nodeset for root cgroup
This function handles the change of NUMA nodeset for a given
guest, setting CpusetMems for the emulator, vcpus and IOThread
sub-groups. It doesn't set the same  nodeset to the root cgroup
though. This means that cpuset.mems of the root cgroup ends up
holding the new nodeset and the old nodeset as well. For
a guest with placement=strict, nodeset='0', doing

virsh numatune <vm> 0 8 --live

Will make cpuset.mems of emulator, vcpus and iothread to be
"8", but cpuset.mems of the root cgroup will be "0,8".

This means that any new tasks that ends up landing in the
root cgroup, aside from the emulator/vcpus/iothread sub-groups,
will be split between the old nodeset and the new nodeset,
which is not what we want.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-06-16 16:29:36 +02:00
John Ferlan
87386ddcb6 conf: Fix memory leak in virCPUDefParseXML
Since a08669c31, @tsc is not automatically free'd by any g_auto* method.

Found by Coverity.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:06 +02:00
John Ferlan
40ef01697f conf: Fix memory leak in openvzReadFSConf
Since 1f5deed9, @veid_str has been leaked in the error path.

Found by Coverity.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:06 +02:00
John Ferlan
dd0e292992 conf: Fix memory leak in openvzWriteConfigParam
Since 60623a7c, @temp_file was not properly free'd on the non error path.

Found by Coverity.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:06 +02:00
John Ferlan
072f6d6e43 test: Fix memory leak in testParseXMLDocFromFile
Since ceb3255c, @absFile is leaked.

Found by Coverity.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:06 +02:00
John Ferlan
16818ad4a3 util: Fix memory leak in virPCIProbeStubDriver
Since 9ea90206, @drvpath could be overwritten if we jumped to recheck

Found by Coverity.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:06 +02:00
John Ferlan
52e3c2b480 lxc: Fix memory leak in virLXCControllerPopulateDevices
Since 5b82f7f3, @path should have been placed inside the for loop
since it'd need to be free'd for each pass through the loop; otherwise,
we'd leak like a sieve.

Found by Coverity.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:06 +02:00
John Ferlan
d257581417 util: Fix memory leak in virAuthConfigLookup
Since 5084091a, @authcred is filled by a g_key_file_get_string which is
now an allocated string as opposed to some hash table lookup value, so
we need to treat it as so.

Found by Coverity

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:05 +02:00
John Ferlan
d585847d2e util: Fix memory leak in virAuthGetCredential
Since 5084091a, @tmp is filled by a g_key_file_get_string which is
now an allocated string as opposed to some hash table lookup value,
so we need to treat it as so.

Found by Coverity

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-06-16 15:01:05 +02:00
Daniel Henrique Barboza
3a58613b0c manpages/virsh.rst: clarify numatune memory migration on Linux
On Linux, changing the nodeset on 'numatune' does not imply that
the guest memory will be migrated on the spot to the new nodeset.
The memory migration is tied on guest usage of the memory pages,
and an idle guest will take longer to have its memory migrated
to the new nodeset.

This is a behavior explained in detail in the Linux kernel
documentation in Documentation/admin-guide/cgroup-v1/cpusets.rst.
The user doesn't need this level of detail though - just needs
his/her expectations under check. Running 'numastat' and hoping
for instant memory migration from the previous nodeset to the new
one is not viable.

There's also parts of the memory that are locked by QEMU in the
same place, e.g. when VFIO devices are present. Let's also
mention it as another factor that impacts the results the
user might expect from NUMA memory migration with numatune.

https://bugzilla.redhat.com/show_bug.cgi?id=1640869

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-06-16 14:06:37 +02:00
Peter Krempa
8f58a40035 virQEMUDriverConfigNew: Add slash to cfg->defaultTLSx509certdir for non-embedded driver
Commit 068efae5b1 accidentally removed the slash.

https://bugzilla.redhat.com/show_bug.cgi?id=1847234

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-06-16 12:52:07 +02:00
Jiri Denemark
cf9e7726b3 qemuxml2*test: Add cases for CPU pinning to large host CPU IDs
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-06-16 10:32:32 +02:00
Jiri Denemark
e728ffba51 conf: Increase cpuset length limit for CPU pinning
Domains are now allowed to be pinned to host CPUs with IDs up to 16383.
The new limit is as arbitrary as the old one. It's just bigger.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-06-16 10:32:32 +02:00
Viktor Mihajlovski
f0d0cd6179 docs: Describe protected virtualization guest setup
Protected virtualization/IBM Secure Execution for Linux protects
guest memory and state from the host.

Add some basic information about technology and a brief guide
on setting up secure guests with libvirt.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.ibm.com>
Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Paulo de Rezende Pinatti <ppinatti@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-16 09:43:45 +02:00
Boris Fiuczynski
2c3ffa3728 docs: Update AMD launch secure description
Update document with changes in qemu capability caching and the added
secure guest support checking for AMD SEV in virt-host-validate.

Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-16 09:43:45 +02:00
Boris Fiuczynski
4b561d49ad tools: Secure guest check for AMD in virt-host-validate
Add checking in virt-host-validate for secure guest support
on x86 for AMD Secure Encrypted Virtualization.

Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Paulo de Rezende Pinatti <ppinatti@linux.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-16 09:43:44 +02:00
Boris Fiuczynski
0254ceab82 tools: Secure guest check on s390 in virt-host-validate
Add checking in virt-host-validate for secure guest support
on s390 for IBM Secure Execution.

Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Tested-by: Viktor Mihajlovski <mihajlov@linux.ibm.com>
Reviewed-by: Paulo de Rezende Pinatti <ppinatti@linux.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-16 09:43:44 +02:00
Paulo de Rezende Pinatti
657365e74f qemu: Check if AMD secure guest support is enabled
Implement secure guest check for AMD SEV (Secure Encrypted
Virtualization) in order to invalidate the qemu capabilities
cache in case the availability of the feature changed.

For AMD SEV the verification consists of:
 - checking if /sys/module/kvm_amd/parameters/sev contains the
   value '1': meaning SEV is enabled in the host kernel;
 - checking if /dev/sev exists

Signed-off-by: Paulo de Rezende Pinatti <ppinatti@linux.ibm.com>
Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-16 09:43:44 +02:00
Paulo de Rezende Pinatti
b611b620ce qemu: Check if s390 secure guest support is enabled
This patch introduces a common function to verify if the
availability of the so-called Secure Guest feature on the host
has changed in order to invalidate the qemu capabilities cache.
It can be used as an entry point for verification on different
architectures.

For s390 the verification consists of:
- checking if /sys/firmware/uv is available: meaning the HW
facility is available and the host OS supports it;
- checking if the kernel cmdline contains 'prot_virt=1': meaning
the host OS wants to use the feature.

Whenever the availability of the feature does not match the secure
guest flag in the cache then libvirt will re-build it in order to
pick up the new set of capabilities available.

Signed-off-by: Paulo de Rezende Pinatti <ppinatti@linux.ibm.com>
Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Tested-by: Viktor Mihajlovski <mihajlov@linux.ibm.com>
Reviewed-by: Bjoern Walk <bwalk@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-16 09:43:44 +02:00
Paulo de Rezende Pinatti
c5fffb959d util: Introduce a parser for kernel cmdline arguments
Introduce two utility functions to parse a kernel command
line string according to the kernel code parsing rules in
order to enable the caller to perform operations such as
verifying whether certain argument=value combinations are
present or retrieving an argument's value.

Signed-off-by: Paulo de Rezende Pinatti <ppinatti@linux.ibm.com>
Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-16 09:43:34 +02:00
Laine Stump
1eabe312ea conf: use g_steal_pointer in network_conf.c
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-15 16:02:39 -04:00
Laine Stump
257aba2daf conf: convert network_conf.c to use g_auto* pointers
This was mostly boilerplate conversion, but in one case I needed to
define several differently named char* to take the place of a single
char *tmp that was re-used multiple times, and in another place there
was a single char* that was used at the toplevel of the function, and
then later used repeatedly inside a for loop, so I defined a new
separate char* inside the loop.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-15 16:02:16 -04:00
Daniel P. Berrangé
8a4f331e8c network: wire up support for IPv6 NAT rules
Now that we have support for IPv6 in the iptables helpers, and a new
option in the XML schema, we can wire up support for it in the network
driver.

Reviewed-by: Laine Stump <laine@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-15 17:10:15 +01:00
Daniel P. Berrangé
927acaedec conf: add an attribute to turn on NAT for IPv6 virtual networks
Historically IPv6 did not support NAT, so when IPv6 was added to
libvirt's virtual networks, when requesting <forward mode="nat"/>
libvirt will NOT apply NAT to IPv6 traffic, only IPv4 traffic.

This is an annoying historical design decision as it means we
cannot enable IPv6 automatically. We thus need to introduce a
new attribute

   <forward mode="nat">
     <nat ipv6="yes"/>
   </forward>

Reviewed-by: Laine Stump <laine@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-15 17:10:15 +01:00
Daniel P. Berrangé
8774db431f util: add support for IPv6 masquerade rules
IPv6 does support masquerade since Linux 3.9.0 / ip6tables 1.4.18,
which is Fedora 18 / RHEL-7 vintage, which covers all our supported
Linux versions.

Reviewed-by: Laine Stump <laine@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-15 17:10:15 +01:00
Michal Privoznik
d53ab9f54e virDevMapperGetTargetsImpl: Check for dm major properly
In v6.4.0-rc1~143 I've introduced a check that is supposed to
return from the function early, if given path is not a dm target.
While the idea is still valid, the implementation had a flaw.
It calls stat() over given path and the uses major(sb.st_dev) to
learn the major of the device. This is then passed to
dm_is_dm_major() which returns true or false depending whether
the device is under devmapper's control or not.

The problem with this approach is in how the major of the device
is obtained - paths managed by devmapper are special files and
thus we want to be using st_rdev instead of st_dev to obtain the
major number. Well, that's what virIsDevMapperDevice() does
already so might as well us that.

Fixes: 01626c668e
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1839992

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2020-06-15 14:50:46 +02:00
Michal Privoznik
dfa0e118f7 util: Move virIsDevMapperDevice() to virdevmapper.c
When introducing virdevmapper.c (in v4.3.0-rc1~427) I didn't
realize there is a function that calls in devmapper. The function
is called virIsDevMapperDevice() and lives in virutil.c. Now that
we have a special file for handling devmapper move it there.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2020-06-15 14:50:46 +02:00
Andrea Bolognani
e57323ece1 docs: Remove libvirt-dockerfiles from CI dashboard
The repository is now obsolete, and it never had proper GitLab CI
support anyway.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-15 14:40:24 +02:00
Daniel P. Berrangé
ead908014d docs: add kbase entry showing KVM real time guest config
There are many different settings that required to config a KVM guest
for real time, low latency workoads. The documentation included here is
based on guidance developed & tested by the Red Hat KVM real time team.

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-15 13:10:28 +01:00
Peter Krempa
e0cf04ffd6 Remove use of variables passed only to 'VIR_FREE'
Compilers are not very good at detecting this problem. Fixed by manual
inspection of compilation warnings after replacing 'VIR_FREE' with an
empty macro.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com
2020-06-15 10:27:37 +02:00
Peter Krempa
515e62b32b vboxDomainScreenshot: Don't pass uninitialized 'screenData' to VIR_FREE
If one of the early checks to get screen resolution fails 'screenData'
would be passed to VIR_FREE uninitialized. Unfortunately the compiler
isn't able to detect this when VIR_FREE is implemented using
g_clear_pointer.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com
2020-06-15 10:27:37 +02:00
Peter Krempa
94f26f01bd remoteDispatchDomainMigratePrepare*: Don't pass uninitialized variable to VIR_FREE
'uri_out' may be passed to VIR_FREE uninitialized if 'conn' is NULL.
Unfortunately the compiler isn't able to detect this problem when
VIR_FREE is implemented using g_clear_pointer. Initialize the variable.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com
2020-06-15 10:27:37 +02:00
Peter Krempa
c5c0dc3c81 virTPMEmulatorInit: Don't use temporary variable to free path
Use VIR_FREE directly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com
2020-06-15 10:27:37 +02:00
Peter Krempa
473c54e788 cputest: Avoid use of temporary variable in DO_TEST macro
Use g_free directly to free the returned pointer from
virTestLogContentAndReset rather than store it in a temp variable which
was necessary when we only allowed VIR_FREE.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com
2020-06-15 10:27:37 +02:00
Peter Krempa
0eefd2a00a testVirFindSCSIHostByPCI: Remove unused 'path_addr'
The path is formatted but then just freed without any use since
introduction of the test function.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com
2020-06-15 10:27:37 +02:00
Peter Krempa
84a4208ed2 libxlDomainMigrationDstPrepareDef: remove use of temporary variable
We can free 'def->name' directly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com
2020-06-15 10:27:37 +02:00
Andrea Bolognani
63d08bec0b ci: Swap mipsel and ppc64le builds
Debian sid is currently broken on mipsel, so use Debian 10 for
that architecture; at the same time, move the ppc64le build from
Debian 10 to Debian sid to keep things balanced.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2020-06-11 20:08:32 +02:00
Andrea Bolognani
2250a0b56f ci: Update build system integration
The ci-* targets need to know where our container images are stored
and how they are called to work, so now that we use the GitLab
container registry instead of Quay some changes are necessary.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-11 19:06:53 +02:00
Andrea Bolognani
95abbdc432 ci: Use GitLab container registry
Instead of using pre-built containers hosted on Quay, build
containers as part of the GitLab CI pipeline and upload them to the
GitLab container registry for later use.

This will not significantly slow down builds, because containers are
only rebuilt when the corresponding Dockerfile has been modified.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-11 19:06:51 +02:00
Andrea Bolognani
7ef1324284 ci: Use variables to build image names
This removes a lot of repetition and makes the configuration much
easier to read.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-11 19:06:49 +02:00
Andrea Bolognani
9170b0ee6f docs: Document CIRRUS_GITHUB_REPO variable
This needs to be set for every repository for Cirrus CI integration
to work.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-11 12:03:41 +02:00
Yi Li
414aee194a conf: snapshot: Drop unused variable 'creation'
Signed-off-by: Yi Li <yili@winhong.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-06-11 09:30:18 +02:00
Andrea Bolognani
0d009ca646 ci: Reduce number of stages
Right now we're dividing the jobs into three stages: prebuild, which
includes DCO checking as well as building artifacts such as the
website, and native_build/cross_build, which do exactly what you'd
expect based on their names.

This organization is nice from the logical point of view, but results
in poor utilization of the available CI resources: in particular, the
fact that cross_build jobs can only start after all native_build jobs
have finished means that if even a single one of the latter takes a
bit longer the pipeline will stall, and with native builds taking
anywhere from less than 10 minutes to more than 20, this happens all
the time.

Building artifacts in a separate pipeline stage also doesn't have any
advantages, and only delays further stages by a couple of minutes.
The only job that really makes sense in its own stage is the DCO
check, because it's extremely fast (less than 1 minute) and, if that
fails, we can avoid kicking off all other jobs.

Reducing the number of stages results in significant speedups:
specifically, going from three stages to two stages reduces the
overall completion time for a full CI pipeline from ~45 minutes[1]
to ~30 minutes[2].

[1] https://gitlab.com/abologna/libvirt/-/pipelines/154751893
[2] https://gitlab.com/abologna/libvirt/-/pipelines/154771173

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-10 19:33:09 +02:00
Michal Privoznik
2072c39541 news: Document -fw_cfg
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-10 14:00:38 +02:00
Michal Privoznik
14c32cd10f qemu: Generate command line for -fw_cfg
This is pretty straightforward and self explanatory.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1837990

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-10 14:00:38 +02:00
Michal Privoznik
d024a7da7a secdrivers: Relabel firmware config files
For the case where -fw_cfg uses a file, we need to set the
seclabels on it to allow QEMU the access. While QEMU allows
writing into the file (if specified on the command line), so far
we are enabling reading only and thus we can use read only label
(in case of SELinux).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-10 14:00:38 +02:00
Michal Privoznik
9ce32b0935 qemu: Introduce fw_cfg capability
This capability tracks whether QEMU supports -fw_cfg command line
option, more specifically whether it allows specifying filename.

There are some releases of QEMU which support -fw_cfg but not
filename. If this is ever a problem we can refine the capability
later on.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-10 14:00:38 +02:00
Michal Privoznik
b5f8f04989 qemu: Validate firmware blob configuration
There are recommendations and limitations to the name of the
config blobs we need to follow [1].

We don't want users to change any value only add new blobs. This
means, that the name must have "opt/" prefix and at the same time
must not begin with "opt/ovmf" nor "opt/org.qemu" as these are
reserved for OVMF or QEMU respectively.

1: docs/specs/fw_cfg.txt from qemu.git

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-06-10 14:00:38 +02:00