[libvirt] Release of libvirt-3.10.0
by Daniel Veillard
A little bit late but it's out, the new release is tagged in git and
signed tarball and rpms have been pushed to the usual place:
ftp://libvirt.org/libvirt/
I also pushed the corresponding release of python bindings at
ftp://libvirt.org/libvirt/python/
This release brings a significant set of new features and noticeable
improvements in addition to bug fixes:
New features:
- conf: Support defining distances between virtual NUMA cells
A NUMA hardware architecture supports the notion of distances between
NUMA cells. This can now be specified using the <distances> element
within the NUMA cell configuration. Drivers which support this include
Xen and QEMU.
- Xen: Support defining vNUMA topology
Xen now supports defining a virtual NUMA topology for VMs, including
specifying distances between NUMA cells.
- qemu: Add the ability to configure HPT resizing for pSeries guests
The user can now decide whether HPT (Hash Page Table) resizing should
be enabled, disabled or required instead of leaving it up to hypervisor
defaults and negotiation between the guest and the host.
- qemu: Add vmcoreinfo feature
Starting with QEMU 2.11, the guest can save kernel debug details when
this feature is enabled and the kernel supports it. It is useful to
process kernel dump with KASLR enabled, and also provides various
kernel details to crash tools.
- conf: Move the auth and encryption definitions to disk source
Allow parsing and formatting of the auth and encryption sub-elements to
be a child of the source element. This will allow adding an auth
sub-element to a backingStore or mirror elements as a means to track
specific authentication and/or encryption needs.
Improvements:
- vbox: Add VirtualBox 5.2 support
- vbox: Add support for configuring storage controllers
The VirtualBox driver now supports the <controller> element in the
domain XML for configuring storage controllers in VBOX VMs.
Additionally, libvirt's domain XML schema was updated to allow optional
model attribute for <controller type='ide'> which is used by the VBOX
driver to set the IDE controller model to be one of 'piix4', 'piix4'
(default), or 'ich6'. Finally, with this change dumpxml generates
<controller> elements that correspond to current VBOX VM storage
controller configuration.
- vbox: Add support for attaching empty removable disks
The VirutalBox driver now supports adding CD-ROM and floppy disk
devices that do not have the disk source specified. Previously such
devices were silently ignored.
- vbox: Add support for attaching SAS storage controllers
In VirtualBox, SCSI and SAS are distinct controller types whereas
libvirt does not make such distinction. Therefore, the VBOX driver was
updated to allow attaching SAS controllers via <controller type='scsi'
model='lsisas1068'> element. If there are both SCSI and SAS controllers
present in the VBOX VM, the domain XML can associate the disk device
using the <address> element with the controller attribute, and
optionally, set the port via unit attribute.
- qemu: Generate predictable paths for qemu memory backends
In some cases management applications need to know paths passed to
memory-backend-file objects upfront. Libvirt now generates predictable
paths so applications can prepare the files if they need to do so.
- Shareable disks work properly with recent qemu
Recent qemu versions added image locking to avoid potential corruption
of disk images. This broke shareable disks with libvirt since the
feature was turned on by default in qemu. Libvirt now enables sharing
of those disks in qemu so that the image locking is not applied in that
case. Additionally libvirt now checks that shareable disks have
supported format (raw) to avoid metadata corruption.
- Improve serial console behavior on non-x86 architectures
ppc64, aarch64 and s390x guests were treating the <serial> and
<console> elements differently from x86, in some cases presenting
misleading information to the user. The behavior is now consistent
across all architectures and the information reported is always
accurate.
Bug fixes:
- vbox: Do not ignore failures to attach disk devices when defining
The define now fails and reports an error if any of the controller or
disk devices specified in the domain XML fail to attach to the
VirtualBox VM.
- vbox: Fix dumpxml to always output disk devices
The VirtualBox driver was ignoring any disk devices in dumpxml output
if there was a SAS storage controller attached to the VM.
- vbox: Fix dumpxml to always generate valid domain XML
When a VirtualBox VM has multiple disks attached, each to a different
storage controller that uses 'sd' prefix for block device names e.g.
one disk attached to SATA and one to SCSI controller, it no longer
generates XML where both would have 'sda' device name assigned. Instead
it properly assigns 'sda' and 'sdb' to those disks in the order of
appearance.
- Securely pass iSCSI authentication data
Rather than supplying the authentication data as part of the iSCSI URL
for a disk or host device, utilize the encrypted secret object to
securely pass the authentication data.
Thanks everybody for your help getting this release out, with ideas, patches,
reviews, documentations, bug reports ...
Enjoy this release, and please not that the next one (4.0.0) is scheduled
for mid january !
Daniel
--
Daniel Veillard | Red Hat Developers Tools http://developer.redhat.com/
veillard(a)redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | virtualization library http://libvirt.org/
7 years, 4 months
[libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline
by Jim Fehlig
Noticed the following denial in audit.log when shutting down
an apparmor confined domain
type=AVC msg=audit(1512002299.742:131): apparmor="DENIED"
operation="open" profile="libvirt-66154842-e926-4f92-92f0-1c1bf61dd1ff"
name="/proc/1475/cmdline" pid=2958 comm="qemu-system-x86"
requested_mask="r" denied_mask="r" fsuid=469 ouid=0
Squelch the denial by allowing read access to /proc/<pid>/cmdline.
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
Note: In the audit.log snippet, PID 1475 is libvirtd and 2958 is the
qemu process. I must admit it is not clear to me why
/proc/<libvirtd-pid>/cmdline is read on domain shutdown.
examples/apparmor/libvirt-qemu | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu
index 73bdbae87..3d9eed9ec 100644
--- a/examples/apparmor/libvirt-qemu
+++ b/examples/apparmor/libvirt-qemu
@@ -25,6 +25,7 @@
/dev/ptmx rw,
/dev/kqemu rw,
@{PROC}/*/status r,
+ @{PROC}/@{pid}/cmdline r,
# Per man(5) proc, the kernel enforces that a thread may
# only modify its comm value or those in its thread group.
owner @{PROC}/@{pid}/task/@{tid}/comm rw,
--
2.15.0
7 years, 4 months
[libvirt] [PATCH v2] libvirt: Adding POWER9 DD1.0/DD2.0 PVR value to cpu_map.xml
by Seeteena Thoufeek
DD1.0/DD2.0 PVR value is missing from cpu_map.xml. This patch
provides those details
Signed-off-by: Seeteena Thoufeek <s1seetee(a)linux.vnet.ibm.com>
---
src/cpu/cpu_map.xml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
index e5da7a8..be4e215 100644
--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
@@ -1729,6 +1729,8 @@
<model name='POWER9'>
<vendor name='IBM'/>
<pvr value='0x004e0000' mask='0xffff0000'/>
+ <pvr value='0x004e0100' mask='0xffff0000'/>
+ <pvr value='0x004e1200' mask='0xffff0000'/>
</model>
<!-- Freescale-based CPU models -->
--
1.8.3.1
7 years, 4 months
[libvirt] CFP deadline extended for FOSDEM18 Virt & IaaS Devroom
by Stefan Hajnoczi
The call for papers for the Virtualization and IaaS Devroom at
FOSDEM18 is extended until December 7 midnight UTC. All other dates
remain the same as you can read below.
On behalf of oVirt and the Xen Project, we are excited to announce that the
call for proposals is now open for the Virtualization & IaaS devroom at the
upcoming FOSDEM 2018, to be hosted on February 3 and 4, 2017.
This year will mark FOSDEM’s 18th anniversary as one of the longest-running
free and open source software developer events, attracting thousands of
developers and users from all over the world. FOSDEM will be held once
again in Brussels, Belgium, on February 3 & 4, 2018.
This devroom is a collaborative effort, and is organized by dedicated folks
from projects such as OpenStack, Xen Project,, oVirt, QEMU, and
Foreman. We would like to invite all those who are involved in these fields
to submit your proposals by December 1st, 2017.
About the Devroom
The Virtualization & IaaS devroom will feature session topics such as open
source hypervisors and virtual machine managers such as Xen Project, KVM,
bhyve, and VirtualBox, and Infrastructure-as-a-Service projects such as
Apache CloudStack, OpenStack, oVirt, QEMU, OpenNebula, and Ganeti.
This devroom will host presentations that focus on topics of shared
interest, such as KVM; libvirt; shared storage; virtualized networking;
cloud security; clustering and high availability; interfacing with multiple
hypervisors; hyperconverged deployments; and scaling across hundreds or
thousands of servers.
Presentations in this devroom will be aimed at developers working on these
platforms who are looking to collaborate and improve shared infrastructure
or solve common problems. We seek topics that encourage dialog between
projects and continued work post-FOSDEM.
Important Dates
Submission deadline: 07 December 2017
Acceptance notifications: 14 December 2017
Final schedule announcement: 21 December 2017
Devroom: 03 and 04 February 2018 (two days- different rooms)
Submit Your Proposal
All submissions must be made via the Pentabarf event planning site[1]. If
you have not used Pentabarf before, you will need to create an account. If
you submitted proposals for FOSDEM in previous years, you can use your
existing account.
After creating the account, select Create Event to start the submission
process. Make sure to select Virtualization and IaaS devroom from the Track
list. Please fill out all the required fields, and provide a meaningful
abstract and description of your proposed session.
Submission Guidelines
We expect more proposals than we can possibly accept, so it is vitally
important that you submit your proposal on or before the deadline. Late
submissions are unlikely to be considered.
All presentation slots are 45 minutes, with 35 minutes planned for
presentations, and 10 minutes for Q&A.
All presentations will be recorded and made available under Creative
Commons licenses. In the Submission notes field, please indicate that you
agree that your presentation will be licensed under the CC-By-SA-4.0 or
CC-By-4.0 license and that you agree to have your presentation recorded.
For example:
"If my presentation is accepted for FOSDEM, I hereby agree to license all
recordings, slides, and other associated materials under the Creative
Commons Attribution Share-Alike 4.0 International License. Sincerely,
<NAME>."
In the Submission notes field, please also confirm that if your talk is
accepted, you will be able to attend FOSDEM and deliver your presentation.
We will not consider proposals from prospective speakers who are unsure
whether they will be able to secure funds for travel and lodging to attend
FOSDEM. (Sadly, we are not able to offer travel funding for prospective
speakers.)
Speaker Mentoring Program
As a part of the rising efforts to grow our communities and encourage a
diverse and inclusive conference ecosystem, we're happy to announce that
we'll be offering mentoring for new speakers. Our mentors can help you with
tasks such as reviewing your abstract, reviewing your presentation outline
or slides, or practicing your talk with you.
You may apply to the mentoring program as a newcomer speaker if you:
Never presented before or
Presented only lightning talks or
Presented full-length talks at small meetups (<50 ppl)
Submission Guidelines
Mentored presentations will have 25-minute slots, where 20 minutes will
include the presentation and 5 minutes will be reserved for questions.
The number of newcomer session slots is limited, so we will probably not be
able to accept all applications.
You must submit your talk and abstract to apply for the mentoring program,
our mentors are volunteering their time and will happily provide feedback
but won't write your presentation for you!
If you are experiencing problems with Pentabarf, the proposal submission
interface, or have other questions, you can email our devroom mailing
list[2] and we will try to help you.
How to Apply
In addition to agreeing to video recording and confirming that you can
attend FOSDEM in case your session is accepted, please write "speaker
mentoring program application" in the "Submission notes" field, and list
any prior speaking experience or other relevant information for your
application.
Call for Mentors
Interested in mentoring newcomer speakers? We'd love to have your help!
Please email iaas-virt-devroom at lists.fosdem.org with a short speaker
biography and any specific fields of expertise (for example, KVM,
OpenStack, storage, etc.) so that we can match you with a newcomer speaker
from a similar field. Estimated time investment can be as low as a 5-10
hours in total, usually distributed weekly or bi-weekly.
Never mentored a newcomer speaker but interested to try? As the mentoring
program coordinator, email Brian Proffitt[3] and he will be happy to answer
your questions!
Code of Conduct
Following the release of the updated code of conduct for FOSDEM, we'd like
to remind all speakers and attendees that all of the presentations and
discussions in our devroom are held under the guidelines set in the CoC and
we expect attendees, speakers, and volunteers to follow the CoC at all
times.
If you submit a proposal and it is accepted, you will be required to
confirm that you accept the FOSDEM CoC. If you have any questions about the
CoC or wish to have one of the devroom organizers review your presentation
slides or any other content for CoC compliance, please email us and we will
do our best to assist you.
Call for Volunteers
We are also looking for volunteers to help run the devroom. We need
assistance watching time for the speakers, and helping with video for the
devroom. Please contact me, Brian Proffitt, for more information.
Questions?
If you have any questions about this devroom, please send your questions to
our devroom mailing list. You can also subscribe to the list to receive
updates about important dates, session announcements, and to connect with
other attendees.
See you all at FOSDEM!
[1] https://penta.fosdem.org/submission/FOSDEM18
[2] iaas-virt-devroom at lists.fosdem.org
[3] bkp at redhat.com
7 years, 4 months
[libvirt] [PATCH] Adjust backslash alignment syntax-check
by Martin Kletzander
We have a check for backslash alignment that checks for two blanks preceding a
backslash. However there can be alignment done using a tabulator and in some
cases one might be enough. There are none currently, but I found out that was
the case before. at some point. so let's check for \t preceding the final
backslash as well.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
cfg.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cfg.mk b/cfg.mk
index 5321a52b7ee2..ea10ca19f512 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -1038,7 +1038,7 @@ sc_prohibit_http_urls:
$(_sc_search_regexp)
sc_prohibit_backslash_alignment:
- @prohibit='[[:blank:]][[:blank:]]\\$$' \
+ @prohibit='([[:blank:]][[:blank:]]| )\\$$' \
in_vc_files='*\.([chx]|am|mk)$$' \
halt='Do not attempt to right-align backslashes' \
$(_sc_search_regexp)
--
2.15.0
7 years, 4 months
[libvirt] [PATCH 0/2] fix chardev security labels
by Pavel Hrdina
Pavel Hrdina (2):
security: introduce virSecurityManager(Set|Restore)ChardevLabel
qemu: fix security labeling for attach/detach of char devices
src/libvirt_private.syms | 2 ++
src/qemu/qemu_hotplug.c | 10 +++++++
src/qemu/qemu_security.c | 60 +++++++++++++++++++++++++++++++++++++++++
src/qemu/qemu_security.h | 8 ++++++
src/security/security_dac.c | 3 +++
src/security/security_driver.h | 11 ++++++++
src/security/security_manager.c | 40 +++++++++++++++++++++++++++
src/security/security_manager.h | 10 +++++++
src/security/security_nop.c | 20 ++++++++++++++
src/security/security_selinux.c | 3 +++
src/security/security_stack.c | 43 +++++++++++++++++++++++++++++
11 files changed, 210 insertions(+)
--
2.14.3
7 years, 4 months
[libvirt] [PATCH v3 0/4] Move ide validation from qemuBuildControllerDevStr to qemuDomainDeviceDefValidate
by Lin Ma
Validate IDE controllers in qemuDomainDeviceDefValidate for reminding users earlier.
v2->v3:
* split original patch to multiple patches.
* making the validation is preferred over the PostParse for avoiding guests disappear.
* remove ide from the pseries and the ccw tests.
Lin Ma (4):
tests: qemuxml2argv: Use scsi controller instead of ide in pseries
tests: qemuhotplugtest: Drop ide controller in ccw
qemu_command: Drop IDE validation code in qemuBuildControllerDevStr
qemu_domain: Error out earlier when configuring IDE controller
incorrectly
src/qemu/qemu_command.c | 10 +------
src/qemu/qemu_domain.c | 35 +++++++++++++++++++++-
.../qemuhotplug-base-ccw-live+ccw-virtio.xml | 4 ---
...ive-with-2-ccw-virtio+ccw-virtio-1-explicit.xml | 4 ---
...live-with-2-ccw-virtio+ccw-virtio-1-reverse.xml | 4 ---
...qemuhotplug-base-ccw-live-with-2-ccw-virtio.xml | 4 ---
...-live-with-ccw-virtio+ccw-virtio-2-explicit.xml | 4 ---
...-base-ccw-live-with-ccw-virtio+ccw-virtio-2.xml | 4 ---
.../qemuhotplug-base-ccw-live-with-ccw-virtio.xml | 4 ---
.../qemuhotplug-base-ccw-live.xml | 4 ---
.../qemuxml2argv-disk-floppy-pseries.args | 2 +-
.../qemuxml2argv-disk-floppy-pseries.xml | 4 +--
12 files changed, 38 insertions(+), 45 deletions(-)
--
2.9.2
7 years, 4 months
[libvirt] [PATCH jenkins-ci] Make args to 'go test' configurable
by Daniel P. Berrange
Each module has its own set of tags it may wish to pass to 'go test',
so set it based on an env variable
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
jobs/go.yaml | 2 +-
projects/libvirt-go-xml.yaml | 2 ++
projects/libvirt-go.yaml | 2 ++
3 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/jobs/go.yaml b/jobs/go.yaml
index 93b61ca..29a9f51 100644
--- a/jobs/go.yaml
+++ b/jobs/go.yaml
@@ -80,7 +80,7 @@
- shell: |
{global_env}
{local_env}
- go test -tags api
+ go test $TEST_ARGS
publishers:
- email:
recipients: '{obj:spam}'
diff --git a/projects/libvirt-go-xml.yaml b/projects/libvirt-go-xml.yaml
index 1c42e3d..3083b9f 100644
--- a/projects/libvirt-go-xml.yaml
+++ b/projects/libvirt-go-xml.yaml
@@ -11,6 +11,8 @@
- libvirt-freebsd-10
- libvirt-freebsd-11
title: Libvirt Go XML
+ local_env: |
+ export TEST_ARGS="-tags xmlroundtrip"
jobs:
- go-build-job:
parent_jobs:
diff --git a/projects/libvirt-go.yaml b/projects/libvirt-go.yaml
index faa5265..141c862 100644
--- a/projects/libvirt-go.yaml
+++ b/projects/libvirt-go.yaml
@@ -11,6 +11,8 @@
- libvirt-freebsd-10
- libvirt-freebsd-11
title: Libvirt Go
+ local_env: |
+ export TEST_ARGS="-tags api"
jobs:
- go-build-job:
parent_jobs: 'libvirt-master-build'
--
2.14.3
7 years, 4 months
[libvirt] [PATCH 0/3] Couple of memleak fixes
by Michal Privoznik
Ideally, I'd like to merge these to the release.
Michal Privoznik (3):
virDomainDiskSourceNetworkParse: Don't leak @tlsCfg or @haveTLS
virDomainDiskBackingStoreParse: Don't leak @idx
qemuStateInitialize: Don't leak @memoryBackingPath
src/conf/domain_conf.c | 3 +++
src/qemu/qemu_driver.c | 1 +
2 files changed, 4 insertions(+)
--
2.13.6
7 years, 4 months
