[libvirt] [jenkins-ci PATCH 0/3] Drop CentOS 6 support
by Andrea Bolognani
As suggested in
https://www.redhat.com/archives/libvir-list/2018-June/msg00943.html
Andrea Bolognani (3):
projects: Drop libvirt-master-build-website job
guests: Drop libvirt+website project
guests: Drop CentOS 6 support
guests/host_vars/libvirt-centos-6/install.yml | 3 -
guests/host_vars/libvirt-centos-6/main.yml | 3 -
guests/inventory | 1 -
guests/tasks/base.yml | 2 -
guests/vars/mappings.yml | 19 +---
guests/vars/projects/libvirt+website.yml | 5 --
guests/vars/projects/libvirt.yml | 1 -
guests/vars/vault.yml | 86 +++++++++----------
projects/libvirt.yaml | 11 ---
9 files changed, 42 insertions(+), 89 deletions(-)
delete mode 100644 guests/host_vars/libvirt-centos-6/install.yml
delete mode 100644 guests/host_vars/libvirt-centos-6/main.yml
delete mode 100644 guests/vars/projects/libvirt+website.yml
--
2.17.1
6 years, 5 months
[libvirt] [libvirt-python PATCH 0/2] Provide coverage for the AMD SEV APIs
by Erik Skultety
Add support for the recently introduced AMD SEV APIs
Erik Skultety (2):
Add support for virDomainGetLaunchSecurityInfo
Add support for virNodeGetSEVInfo
generator.py | 2 ++
libvirt-override-api.xml | 12 ++++++++
libvirt-override.c | 73 ++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 87 insertions(+)
--
2.14.4
6 years, 5 months
[libvirt] [PATCH libvirt 0/4] rmv virObjectEventStateQueue wrapper funcs
by Anya Harter
Currently, there are four wrapper functions which call
virObjectEventStateQueue:
- testObjectEventQueue
- libxlDomainEventQueue
- qemuDomainEventQueue
- umlDomainEventQueue
This patch series removes these wrappers makes all calls directly to
virObjectEventStateQueue.
Since virObjectEventStateQueue takes care of NULL checking, all NULL
checking by callers has also been removed.
This patch series should complete the BiteSizedTask entry at
https://wiki.libvirt.org/page/BiteSizedTasks#Remove_NULL_checking_around_... .
Anya Harter (4):
events: remove testObjectEventQueue wrapper func
events: remove libxlDomainEventQueue wrapper func
events: remove qemuDomainEventQueue wrapper func
events: remove umlDomainEventQueue wrapper func
src/libxl/libxl_domain.c | 24 +++-------
src/libxl/libxl_domain.h | 4 --
src/libxl/libxl_driver.c | 21 +++------
src/libxl/libxl_migration.c | 18 +++-----
src/qemu/qemu_blockjob.c | 4 +-
src/qemu/qemu_cgroup.c | 2 +-
src/qemu/qemu_domain.c | 11 +----
src/qemu/qemu_domain.h | 2 -
src/qemu/qemu_driver.c | 88 +++++++++++++++++--------------------
src/qemu/qemu_hotplug.c | 26 +++++------
src/qemu/qemu_migration.c | 24 +++++-----
src/qemu/qemu_process.c | 54 +++++++++++------------
src/test/test_driver.c | 80 ++++++++++++++++-----------------
src/uml/uml_driver.c | 33 ++++----------
14 files changed, 162 insertions(+), 229 deletions(-)
--
2.17.1
6 years, 5 months
[libvirt] [PATCH 00/12] Temporarily use other boot configuration
by Marc Hartmayer
This patch series implements a new API that allows us to temporarily
use another boot configuration than defined in the persistent domain
definition.
The s390 architecture knows only one boot device and therefore the
boot order settings doesn't work the way it would work on x86, for
example. If the first boot device fails to boot there is no trying to
boot from the next boot device. In addition, the architecture/BIOS has
no support for interactively changing the boot device during the
boot/IPL process.
Currently the API is implemented for the remote/QEMU/test driver and
for virsh.
It can be used as follows
$ virsh start {{DOMAIN}} --with-kernel {{KERNEL_FILE}} \
--with-initrd {{INITRD_FILE}} --with-cmdline {{CMDLINE}} \
--with-bootdevice {{DEVICE_IDENTIFIER}}
E.g.
$ virsh start dom_01 --with-bootdevice='vdb'
Marc Hartmayer (12):
virsh: Force boot emulation is only required for
virDomainCreateWithFlags
Introduce new domain create API virDomainCreateWithParams
remote: Add support for virDomainCreateWithParams
utils: Add virStringUpdate
conf: Add functions to change the boot configuration of a domain
qemu: Add the functionality to override the boot configuration
qemu: Add support for virDomainCreateWithParams
test: Implement virConnectSupportsFeature
test: Add support for virDomainCreateWithParams
tests: Add tests for virDomainCreateWithParams
virsh: Add with-{bootdevice,kernel,initrd,cmdline} options for start
docs: Add news entry for new API virDomainCreateWithParams
docs/news.xml | 11 ++
include/libvirt/libvirt-domain.h | 37 +++++
src/conf/domain_conf.c | 226 +++++++++++++++++++++++++++
src/conf/domain_conf.h | 11 ++
src/driver-hypervisor.h | 6 +
src/libvirt-domain.c | 64 ++++++++
src/libvirt_private.syms | 2 +
src/libvirt_public.syms | 4 +
src/qemu/qemu_driver.c | 83 ++++++++--
src/qemu/qemu_migration.c | 3 +-
src/qemu/qemu_process.c | 16 +-
src/qemu/qemu_process.h | 2 +
src/remote/remote_driver.c | 1 +
src/remote/remote_protocol.x | 22 ++-
src/remote_protocol-structs | 12 ++
src/rpc/gendispatch.pl | 18 ++-
src/test/test_driver.c | 108 +++++++++++--
src/util/virstring.c | 27 ++++
src/util/virstring.h | 2 +
tests/objecteventtest.c | 321 +++++++++++++++++++++++++++++++++++++++
tools/virsh-domain.c | 136 ++++++++++++++---
tools/virsh.pod | 14 ++
22 files changed, 1064 insertions(+), 62 deletions(-)
--
2.13.4
6 years, 5 months
[libvirt] [PATCH] lib: Document limitation of virDomainInterfaceAddresses
by Michal Privoznik
https://bugzilla.redhat.com/show_bug.cgi?id=1588336
This API takes @source argument which tells it where to get
domain IP addresses from. However, not all sources are capable of
providing all the information we report, for instance ARP table
has no notion of IP address prefixes. Document this limitation.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/libvirt-domain.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
index dcfc7d4c57..4a899f31c8 100644
--- a/src/libvirt-domain.c
+++ b/src/libvirt-domain.c
@@ -11780,6 +11780,10 @@ virDomainFSInfoFree(virDomainFSInfoPtr info)
* be unreachable. Depending on the route table config of the
* guest, the returned mac address may be duplicated.
*
+ * Note that for some @source values some pieces of returned @ifaces
+ * might be unset (e.g. VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_ARP does not
+ * set IP address prefix as ARP table does not have any notion of that).
+ *
* @ifaces->name and @ifaces->hwaddr are never NULL.
*
* The caller *must* free @ifaces when no longer needed. Usual use case
--
2.16.4
6 years, 5 months
[libvirt] [PATCH v2 00/21] nwfilter: refactor the driver to make it independent of virt drivers
by Daniel P. Berrangé
v1: https://www.redhat.com/archives/libvir-list/2018-April/msg02616.html
Today the nwfilter driver is entangled with the virt drivers in both
directions. At various times when rebuilding filters nwfilter will call
out to the virt driver to iterate over running guest's NICs. This has
caused very complicated lock ordering rules to be required. If we are to
split the virt drivers out into separate daemons we need to get rid of
this coupling since we don't want the separate daemons calling each
other, as that risks deadlock if all of the RPC workers are busy.
The obvious way to solve this is to have the nwfilter driver remember
all the filters it has active, avoiding the need to iterate over running
guests.
Easy parts of the v1 posting have already been merged. This v2 is much
more complete, though still not entirely ready for merge.
- The virNWFilterBindingPtr was renamed virNWFilterBindingDefPtr
- New virNWFilterBindingObjPtr & virNWFilterBindingObjListPtr
structs added to track the objects in the driver
- New virNWFilterBindingPtr public API type was added
- New public APIs for listing filter bindings, querying XML, and
creating/deleting them
- Convert the virt drivers to use the public API for creating
and deleting bindings
- Persistent active bindings out to disk so they're preserved
across restarts
- Added RNG schema and XML-2-XML test
- New virsh commands for listing/querying XML/creating/deleting
bindings
Still todo
- Document the new XML format
- Run the nwfilter stress tests to see what I've undoubtably broken
- Think about recording the NIC index in the virNWFilterBindingObjPtr
and persisting across restarts, so we can track if the NIC we had
previously used was deleted & recreated - in which case we can drop
the stale binding.
- Probably something else...
Daniel P. Berrangé (21):
util: fix misleading command for virObjectLock
conf: change virNWFilterBindingPtr to virNWFilterBindingDefPtr
conf: add missing virxml.h include for nwfilter_params.h
conf: move virNWFilterBindingDefPtr into its own files
conf: add support for parsing/formatting virNWFilterBindingDefPtr
schemas: add schema for nwfilter binding XML document
nwfilter: export port binding concept in the public API
access: add nwfilter binding object permissions
remote: add support for nwfilter binding objects
virsh: add nwfilter binding commands
nwfilter: convert the gentech driver code to use
virNWFilterBindingDefPtr
nwfilter: convert IP address learning code to virNWFilterBindingDefPtr
nwfilter: convert DHCP address snooping code to
virNWFilterBindingDefPtr
conf: report an error if nic needs filtering by no driver is present
conf: introduce a virNWFilterBindingObjPtr struct
conf: introduce a virNWFilterBindingObjListPtr struct
nwfilter: keep track of active filter bindings
nwfilter: remove virt driver callback layer for rebuilding filters
nwfilter: wire up new APIs for listing and querying filter bindings
nwfilter: wire up new APIs for creating and deleting nwfilter bindings
nwfilter: convert virt drivers to use public API for nwfilter bindings
docs/schemas/domaincommon.rng | 27 +-
docs/schemas/nwfilter.rng | 29 +-
docs/schemas/nwfilter_params.rng | 32 ++
docs/schemas/nwfilterbinding.rng | 49 ++
include/libvirt/libvirt-nwfilter.h | 39 ++
include/libvirt/virterror.h | 2 +
src/access/viraccessdriver.h | 5 +
src/access/viraccessdrivernop.c | 10 +
src/access/viraccessdriverpolkit.c | 21 +
src/access/viraccessdriverstack.c | 24 +
src/access/viraccessmanager.c | 15 +
src/access/viraccessmanager.h | 5 +
src/access/viraccessperm.c | 7 +-
src/access/viraccessperm.h | 39 ++
src/conf/Makefile.inc.am | 6 +
src/conf/domain_nwfilter.c | 125 ++++-
src/conf/domain_nwfilter.h | 13 -
src/conf/nwfilter_conf.c | 223 ++------
src/conf/nwfilter_conf.h | 68 +--
src/conf/nwfilter_params.h | 1 +
src/conf/virnwfilterbindingdef.c | 279 ++++++++++
src/conf/virnwfilterbindingdef.h | 65 +++
src/conf/virnwfilterbindingobj.c | 260 ++++++++++
src/conf/virnwfilterbindingobj.h | 60 +++
src/conf/virnwfilterbindingobjlist.c | 475 ++++++++++++++++++
src/conf/virnwfilterbindingobjlist.h | 66 +++
src/conf/virnwfilterobj.c | 4 +-
src/conf/virnwfilterobj.h | 4 +
src/datatypes.c | 67 +++
src/datatypes.h | 31 ++
src/driver-nwfilter.h | 30 ++
src/libvirt-nwfilter.c | 305 +++++++++++
src/libvirt_private.syms | 42 +-
src/libvirt_public.syms | 13 +
src/lxc/lxc_driver.c | 28 --
src/nwfilter/nwfilter_dhcpsnoop.c | 151 +++---
src/nwfilter/nwfilter_dhcpsnoop.h | 7 +-
src/nwfilter/nwfilter_driver.c | 211 ++++++--
src/nwfilter/nwfilter_gentech_driver.c | 307 +++++------
src/nwfilter/nwfilter_gentech_driver.h | 22 +-
src/nwfilter/nwfilter_learnipaddr.c | 98 ++--
src/nwfilter/nwfilter_learnipaddr.h | 7 +-
src/qemu/qemu_driver.c | 25 -
src/remote/remote_daemon_dispatch.c | 15 +
src/remote/remote_driver.c | 20 +
src/remote/remote_protocol.x | 90 +++-
src/remote_protocol-structs | 43 ++
src/rpc/gendispatch.pl | 15 +-
src/uml/uml_driver.c | 29 --
src/util/virerror.c | 12 +
src/util/virobject.c | 2 +-
tests/Makefile.am | 7 +
.../filter-vars.xml | 11 +
.../virnwfilterbindingxml2xmldata/simple.xml | 9 +
tests/virnwfilterbindingxml2xmltest.c | 113 +++++
tests/virschematest.c | 1 +
tools/virsh-completer.c | 45 ++
tools/virsh-completer.h | 4 +
tools/virsh-nwfilter.c | 318 ++++++++++++
tools/virsh-nwfilter.h | 8 +
60 files changed, 3247 insertions(+), 792 deletions(-)
create mode 100644 docs/schemas/nwfilter_params.rng
create mode 100644 docs/schemas/nwfilterbinding.rng
create mode 100644 src/conf/virnwfilterbindingdef.c
create mode 100644 src/conf/virnwfilterbindingdef.h
create mode 100644 src/conf/virnwfilterbindingobj.c
create mode 100644 src/conf/virnwfilterbindingobj.h
create mode 100644 src/conf/virnwfilterbindingobjlist.c
create mode 100644 src/conf/virnwfilterbindingobjlist.h
create mode 100644 tests/virnwfilterbindingxml2xmldata/filter-vars.xml
create mode 100644 tests/virnwfilterbindingxml2xmldata/simple.xml
create mode 100644 tests/virnwfilterbindingxml2xmltest.c
--
2.17.0
6 years, 5 months
[libvirt] [PATCH] libvirtd: Add service dependency on systemd-logind
by Cole Robinson
At daemon startup we query logind for host PM support status. Without
a service dependency host startup can trigger libvirtd errors like:
error : virNodeSuspendSupportsTarget:336 : internal error: Cannot probe for
supported suspend types
warning : virQEMUCapsInit:949 : Failed to get host power management
capabilities
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1588288
Signed-off-by: Cole Robinson <crobinso(a)redhat.com>
---
src/remote/libvirtd.service.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in
index 769702ea75..7f689e08a8 100644
--- a/src/remote/libvirtd.service.in
+++ b/src/remote/libvirtd.service.in
@@ -15,6 +15,7 @@ After=iscsid.service
After=apparmor.service
After=local-fs.target
After=remote-fs.target
+After=systemd-logind.service
After=systemd-machined.service
Documentation=man:libvirtd(8)
Documentation=https://libvirt.org
--
2.17.1
6 years, 5 months
[libvirt] [PATCH libvirt 0/3] events: clean up NULL checking involving virObjectEventStateQueueRemote
by Anya Harter
Currently, all virObjectEventStateQueue callers and
virObjectEventStateQueueRemote callers need to do NULL checking.
In this patch series, all NULL checking has been moved to
virObjectEventStateQueueRemote and all callers of the Remote or
not Remote function have their NULL checking removed.
Anya Harter (3):
events: add NULL check in virObjectEventStateQueue
events: move NULL check to EventStateQueueRemote
events: remove remoteEventQueue wrapper function
src/bhyve/bhyve_driver.c | 15 ++----
src/conf/object_event.c | 3 ++
src/lxc/lxc_driver.c | 24 ++++------
src/lxc/lxc_process.c | 9 ++--
src/network/bridge_driver.c | 15 ++----
src/node_device/node_device_udev.c | 6 +--
src/qemu/qemu_domain.c | 3 +-
src/remote/remote_driver.c | 75 +++++++++++++-----------------
src/secret/secret_driver.c | 9 ++--
src/storage/storage_driver.c | 27 ++++-------
src/test/test_driver.c | 3 --
src/vz/vz_sdk.c | 3 +-
12 files changed, 73 insertions(+), 119 deletions(-)
--
2.17.1
6 years, 5 months
[libvirt] [PATCH] apparmor: fix vfio usage without initial hostdev
by Christian Ehrhardt
The base vfio has not much functionality but to provide a custom
container by opening this path.
See https://www.kernel.org/doc/Documentation/vfio.txt for more.
Systems with static hostdevs will get /dev/vfio/vfio by virt-aa-hotplug
right from the beginning. But if the guest initially had no hostdev at
all it will run into the following deny before the security module
labelling callbacks will make the actual vfio device (like /dev/vfio/93)
known.
Access by qemu is "wr" even thou in theory it could maybe be "r":
[ 2652.756712] audit: type=1400 audit(1491303691.719:25):
apparmor="DENIED" operation="open"
profile="libvirt-17a61b87-5132-497c-b928-421ac2ee0c8a"
name="/dev/vfio/vfio" pid=8486 comm="qemu-system-x86"
requested_mask="wr" denied_mask="wr" fsuid=64055 ouid=0
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1678322
Bug-Ubuntu: https://bugs.launchpad.net/bugs/1775777
Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com>
Signed-off-by: Stefan Bader <stefan.bader(a)canonical.com>
---
examples/apparmor/libvirt-qemu | 3 +++
1 file changed, 3 insertions(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu
index 2c47652250..874aca2092 100644
--- a/examples/apparmor/libvirt-qemu
+++ b/examples/apparmor/libvirt-qemu
@@ -193,6 +193,9 @@
deny /dev/shm/lttng-ust-wait-* r,
deny /run/shm/lttng-ust-wait-* r,
+ # for vfio hotplug on systems without static vfio (LP: #1775777)
+ /dev/vfio/vfio rw,
+
# required for sasl GSSAPI plugin
/etc/gss/mech.d/ r,
/etc/gss/mech.d/* r,
--
2.17.1
6 years, 5 months
[libvirt] [PATCH] qemu: Check for existing hostdev address for cold attach device
by John Ferlan
https://bugzilla.redhat.com/show_bug.cgi?id=1559867
Add a check if the incoming <hostdev ...> with specified <address>
already exists and if so fail the attach.
Signed-off-by: John Ferlan <jferlan(a)redhat.com>
---
src/qemu/qemu_driver.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 38ea865ce3..7b4cdbcdcf 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -8014,6 +8014,12 @@ qemuDomainAttachDeviceConfig(virDomainDefPtr vmdef,
_("device is already in the domain configuration"));
return -1;
}
+ if (dev->data.hostdev->info->type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE &&
+ virDomainDefHasDeviceAddress(vmdef, dev->data.hostdev->info)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("a device with the same address already exists "));
+ return -1;
+ }
if (virDomainHostdevInsert(vmdef, hostdev))
return -1;
dev->data.hostdev = NULL;
--
2.14.4
6 years, 5 months
