February 2019 - Devel - libvirt List Archives

[libvirt] New Feature: Intel MKTME Support
by Carvalho, Larkins L 23 Apr '19

23 Apr '19

Hello Team, Greetings. We want to add Intel MKTME support to the Libvirt. Intel MKTME is a capability to encrypt entirety of physical memory of a system similar to AMD SEV. Please let us know what are the expectations from us to initiate the design and development of the feature. Regards, Larkins Carvalho Intel Corporation

5 15

[libvirt] [PATCH 0/2] rpc: client: stream bugfix and improvement
by Nikolay Shirokovskiy 17 Apr '19

17 Apr '19

Nikolay Shirokovskiy (2): rpc: client: fix race on stream error and stream creation rpc: client: stream: notify streams of closing connection src/rpc/virnetclient.c | 13 ++++++++++--- src/rpc/virnetclientstream.c | 30 ++++++++++++++++++++++++++++-- src/rpc/virnetclientstream.h | 2 ++ 3 files changed, 40 insertions(+), 5 deletions(-) -- 1.8.3.1

2 6

[libvirt] [PATCH] security: apparmor: make vhost-net access a static rule
by Christian Ehrhardt 10 Apr '19

10 Apr '19

So far we were detecting at guest start if any devices needed vhost net and only if that was true added a rule for /dev/vhost-net. It turns out that it is an absolutely valid case to start a guest without any vhost-net networking but later on wanting to hotplug such a device which then would be denied by apparmor. Unfortunately there also is no security labeling callback involved other than the one to /dev/net/tun. But on the other hand vhost-net is no more new and considered rather safe. Therefore drop the old detection and just add it as a static rule. Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1815910 Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com> --- src/security/apparmor/libvirt-qemu | 1 + src/security/virt-aa-helper.c | 17 +---------------- 2 files changed, 2 insertions(+), 16 deletions(-) diff --git a/src/security/apparmor/libvirt-qemu b/src/security/apparmor/libvirt-qemu index eaa5167525..a71f34c175 100644 --- a/src/security/apparmor/libvirt-qemu +++ b/src/security/apparmor/libvirt-qemu @@ -21,6 +21,7 @@ signal (receive) peer=/usr/sbin/libvirtd, /dev/net/tun rw, + /dev/vhost-net rw, /dev/kvm rw, /dev/ptmx rw, /dev/kqemu rw, diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 8e22e9978a..ebc4feac77 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -937,7 +937,7 @@ get_files(vahControl * ctl) size_t i; char *uuid; char uuidstr[VIR_UUID_STRING_BUFLEN]; - bool needsVfio = false, needsvhost = false; + bool needsVfio = false; /* verify uuid is same as what we were given on the command line */ virUUIDFormat(ctl->def->uuid, uuidstr); @@ -1248,21 +1248,6 @@ get_files(vahControl * ctl) } } - if (ctl->def->virtType == VIR_DOMAIN_VIRT_KVM) { - for (i = 0; i < ctl->def->nnets; i++) { - virDomainNetDefPtr net = ctl->def->nets[i]; - if (net && net->model) { - if (net->driver.virtio.name == VIR_DOMAIN_NET_BACKEND_TYPE_QEMU) - continue; - if (!virDomainNetIsVirtioModel(net)) - continue; - } - needsvhost = true; - } - } - if (needsvhost) - virBufferAddLit(&buf, " \"/dev/vhost-net\" rw,\n"); - if (needsVfio) { virBufferAddLit(&buf, " \"/dev/vfio/vfio\" rw,\n"); virBufferAddLit(&buf, " \"/dev/vfio/[0-9]*\" rw,\n"); -- 2.17.1

2 5

[libvirt] [PATCH v2 0/3] qemu: don't duplicate suspended events and state changes
by Nikolay Shirokovskiy 03 Apr '19

03 Apr '19

Patches 1 and 2 are already Reviewed-by: John. Patch 3 needs Peter comments. Diff from v1: ============ - minor rebase changes - minor changes according to review [1] PATCH v1 : https://www.redhat.com/archives/libvir-list/2018-October/msg00591.html Nikolay Shirokovskiy (3): qemu: Pass stop reason from qemuProcessStopCPUs to stop handler qemu: Map suspended state reason to suspended event detail qemu: Don't duplicate suspend events and state changes src/qemu/qemu_domain.c | 34 ++++++++++++++++++++++++++++++++++ src/qemu/qemu_domain.h | 7 +++++++ src/qemu/qemu_driver.c | 26 +++----------------------- src/qemu/qemu_migration.c | 42 ++++++------------------------------------ src/qemu/qemu_migration.h | 4 ---- src/qemu/qemu_process.c | 38 +++++++++++++++++++++++++------------- 6 files changed, 75 insertions(+), 76 deletions(-) -- 1.8.3.1

3 6

[libvirt] [PATCH v6 00/33] BaselineHypervisorCPU using QEMU QMP exchanges
by Chris Venteicher 02 Apr '19

02 Apr '19

Some architectures (S390) depend on QEMU to compute baseline CPU model and expand a models feature set. Interacting with QEMU requires starting the QEMU process and completing one or more query-cpu-model-baseline QMP exchanges with QEMU in addition to a query-cpu-model-expansion QMP exchange to expand all features in the model. See "s390x CPU models: exposing features" patch set on Qemu-devel for discussion of QEMU aspects. This is part of resolution of: https://bugzilla.redhat.com/show_bug.cgi?id=1511999 ----- v6 addresses these issues from v5: qemu_process: Move process code from qemu_capabilities to qemu_process [x] Remove exception statement from commit message qemu_process: Use qemuProcessQmp prefix [x] s/ProcessQmp/ProcessQMP/ in this and all subsequent patches qemu_process: Refer to proc not cmd in process code [x] Back port indentation fix in qemuProcessQMPRun qemu_capabilities: Stop QEMU process before freeing [x] Back port !proc check in qemuProcessQmpStop qemu_process: Use qemuProcessQmp struct for a single process [x] Remove extra empty lines qemu_process: All ProcessQMP errors are fatal [x] Split into multiple patches qemu_process: Introduce qemuProcessQmpStart [x] Log function parameters separately in the first function debug message [x] Removed NULLSTR check on proc-binary (would fail previously on proc activate) [x] Back port referring to stderr rather than qmperr in comment [ ] Combine qemuProcessQmpStop and qemuProcessQmpFree (See reply to v5 email) emu_process: Collect monitor code in single function [x] Back port qemuMonitorOpen indent fix to earlier patch qemu_process: Don't open monitor if process failed [x] Drop patch qemu_process: Cleanup qemuProcessQmp alloc function [x] s/Qemu/QEMU/ in comments for qemuProcessQMPNew [x] Remove unneeded use of NULLSTR and NULL check before calling qemuProcessQmpFree qemu_process: Cleanup qemuProcessQmpStop function [x] Remove lines from from commit message [x] Remove capitalization from comment [x] Fix func def to match coding style [x] Back port !proc check to earlier patch qemu_process: Catch process free before process stop [x] Remove capitalization from comment [x] Don't do proc NULL check in VIR_DEBUG [ ] Combine qemuProcessQmpStop and qemuProcessQmpFree (See reply to v5 email) qemu_monitor: Make monitor callbacks optional [x] Drop patch qemu_process: Enter QMP command mode when starting QEMU Process [ ] Don't call qemuMonitorSetCapabilities in qemuProcessQMPConnectMonitor (See reply to v5 email) qemu_process: Use unique directories for QMP processes [x] s/qemu./qmp-/ for QMP process directory name prefix [x] Catch mkdtemp returns NULL qemu_process: Stop locking QMP process monitor immediately [x] Drop patch qemu_monitor: Introduce qemuMonitorCPUModelInfoNew [x] Use qemuMonitorCPUModelInfoNew to set model name [x] Drop variable initialization [x] Use qemuMonitorCPUModelInfoNew in qemuMonitorJSONGetCPUModelExpansion (Pull forward) [ ] Remove orig NULL check (Unit tests fail if I do this) qemu_monitor: Introduce qemuMonitorCPUModelInfo / JSON conversion [x] Make variable initialization easier to read in PropAdd [x] Require at least one "prop" (don't allow zero in this commit) qemu_capabilities: Introduce virQEMuCapsMigratablePropsDiff [x] Remove template txt in commit message [x] Change function name [x] Distinguish nmProp from mProp [x] Don't set cpuData->info to NULL [ ] Don't use tmp (defer to next patch set... out of time) qemu_monitor: qemuMonitorGetCPUModelExpansion inputs and outputs CPUModelInfo [x] Remove extra line from commit message [x] Change parameter order [x] Don't use VIR_STEAL_PTR qemu_capabilities: Introduce CPUModelInfo to virCPUDef function [x] Change comment [x] Change parameter order [x] Separate lines [x] Move debug message before alloc [x] Back port function spacing fix from next patch qemu_capabilities: Introduce virCPUDef to CPUModelInfo function [x] Change comment [x] Move debug message before alloc [x] Remove NULL check on feature->name [x] Document prop value semantics Reviewed in v5 but no changes required: qemu_process: Limit qemuProcessQmpNew to const input strings qemu_process: Use consistent name for stop process function qemu_process: Persist stderr in qemuProcessQmp struct qemu_process: Store libDir in qemuProcessQmp struct qemu_process: Setup paths within qemuProcessQmpInit qemu_process: Stop retaining Monitor config in qemuProcessQmp Not reviewed in v5: qemu_monitor: Support query-cpu-model-baseline QMP command qemu_driver: Consolidate code to baseline using libvirt qemu_driver: Decouple code for baseline using libvirt qemu_driver: Identify using libvirt as a distinct way to compute baseline qemu_driver: Support baseline calculation using QEMU qemu_driver: Support feature expansion via QEMU when baselining cpu qemu_driver: Remove unsupported props in expanded hypervisor baseline output qemu_monitor: Default props to migratable when expanding cpu model ----- v5: Fixes all process issues identified here: https://www.redhat.com/archives/libvir-list/2018-November/msg00349.html - Make the process code generic (not capabilities specific) for use by BaselineHypervisorCPU - Many of the process patches are simple code moves with implementation changes in other distinct patches - A thread safe library function creates a unique directory under libDir for each QEMU process (for QMP messaging) to decouple processes in terms of sockets and file system footprint. The remaining (non-process) patches in v4 address all issues in v1-v4 of 'BaselineHypervisorCPU using QEMU QMP exchanges' Thanks, Chris *** BLURB HERE *** Chris Venteicher (33): qEmu_process: Move process code from qemu_capabilities to qemu_process qemu_process: Use qemuProcessQMP prefix qemu_process: Limit qemuProcessQMPNew to const input strings qemu_process: Refer to proc not cmd in process code qemu_process: Use consistent name for stop process function qemu_capabilities: Stop QEMU process before freeing qemu_process: Use qemuProcessQMP struct for a single process qemu_process: All ProcessQMP errors are fatal qemu_process: Expose process exit status code qemu_process: Persist stderr in qemuProcessQMP struct qemu_process: Introduce qemuProcessQMPStart qemu_process: Collect monitor code in single function qemu_process: Store libDir in qemuProcessQMP struct qemu_process: Setup paths within qemuProcessQMPInit qemu_process: Stop retaining Monitor config in qemuProcessQMP qemu_process: Cleanup qemuProcessQMP alloc function qemu_process: Cleanup qemuProcessQMPStop function qemu_process: Catch process free before process stop qemu_process: Enter QMP command mode when starting QEMU Process qemu_process: Use unique directories for QMP processes qemu_monitor: Introduce qemuMonitorCPUModelInfoNew qemu_monitor: Introduce qemuMonitorCPUModelInfo / JSON conversion qemu_capabilities: Introduce virQEMuCapsMigratablePropsCalc qemu_monitor: qemuMonitorGetCPUModelExpansion inputs and outputs CPUModelInfo qemu_capabilities: Introduce CPUModelInfo to virCPUDef function qemu_capabilities: Introduce virCPUDef to CPUModelInfo function qemu_monitor: Support query-cpu-model-baseline QMP command qemu_driver: Consolidate code to baseline using libvirt qemu_driver: Decouple code for baseline using libvirt qemu_driver: Identify using libvirt as a distinct way to compute baseline qemu_driver: Support baseline calculation using QEMU qemu_driver: Support feature expansion via QEMU when baselining cpu qemu_monitor: Default props to migratable when expanding cpu model src/qemu/qemu_capabilities.c | 631 ++++++++---------- src/qemu/qemu_capabilities.h | 4 + src/qemu/qemu_driver.c | 216 +++++- src/qemu/qemu_monitor.c | 165 ++++- src/qemu/qemu_monitor.h | 29 +- src/qemu/qemu_monitor_json.c | 223 +++++-- src/qemu/qemu_monitor_json.h | 10 +- src/qemu/qemu_process.c | 345 ++++++++++ src/qemu/qemu_process.h | 32 + tests/cputest.c | 11 +- .../caps_2.10.0.s390x.xml | 60 +- .../caps_2.11.0.s390x.xml | 58 +- .../caps_2.12.0.s390x.xml | 56 +- .../qemucapabilitiesdata/caps_2.8.0.s390x.xml | 32 +- .../qemucapabilitiesdata/caps_2.9.0.s390x.xml | 34 +- .../qemucapabilitiesdata/caps_3.0.0.s390x.xml | 64 +- tests/qemucapabilitiestest.c | 7 + 17 files changed, 1375 insertions(+), 602 deletions(-) -- 2.17.1

2 34

[libvirt] [PATCH v2 0/3] qemu: Add support for parallel migration
by Jiri Denemark 27 Mar '19

27 Mar '19

This series adds a new VIR_MIGRATE_PARALLEL flag for migration APIs which will ask the hypervisor to use multiple parallel connections for migrating a domain. The number of parallel connections can be set using VIR_MIGRATE_PARAM_PARALLEL_CONNECTIONS typed parameter. Version 2: - rebased Jiri Denemark (3): Public API for parallel migration qemu: Add support for parallel migration virsh: Add options for parallel migration include/libvirt/libvirt-domain.h | 14 ++++++++++++++ src/qemu/qemu_migration.c | 9 ++++++--- src/qemu/qemu_migration.h | 5 ++++- src/qemu/qemu_migration_params.c | 18 ++++++++++++++++++ src/qemu/qemu_migration_params.h | 2 ++ tools/virsh-domain.c | 19 +++++++++++++++++++ tools/virsh.pod | 7 +++++++ 7 files changed, 70 insertions(+), 4 deletions(-) -- 2.20.1

2 8

[libvirt] [PATCH v2 00/36] network: refactor to decouple virt drivers from network driver
by Daniel P. Berrangé 19 Mar '19

19 Mar '19

An update to v1: https://www.redhat.com/archives/libvir-list/2018-December/msg00681.html Currently the network driver registers a set of callbacks with the virt driver in order to handle allocating/releasing network ports associated with guest NICs. This series introduces a virNetworkPortPtr object and associated XML that describes a network port. The virt drivers now call public APIs associated with this new object to create/delete ports for guest NICs. Changed in v2: - Fix many bugs related to upgrades with running VMs - Convert over bandwidth controls to the new APIs - Handle reconnecting VIFs to bridges during startup - Much much more that I can't remember Daniel P. Berrangé (36): network: restrict usage of port management APIs network: pass a virNetworkPtr to port management APIs conf: simplify link from hostdev back to network device network: add missing bandwidth limits for bridge forward type network: use 'bridge' as actual type instead of 'network' util: add helper method for re-attaching a tap device to a bridge network: use virNetDevTapReattachBridge API virt drivers: don't handle type=network after resolving actual network type network: move re-attach of bridge device out of network driver network: move fixup for domain actual net def out of network driver network: unconditionally merge port profiles conf: don't pass interface type into virNetDevBandwidthParse conf: introduce virNetworkPortDefPtr struct and XML support network: stop passing virDomainNetDefPtr into bandwidth functions network: make networkLogAllocation independent of domain conf util: add API for copying virtual port profile data conf: add APIs to convert virDomainNetDef to virNetworkPortDef network: convert networkAllocateActualDevice to virNetworkPortDef network: convert networkNotifyActualDevice to virNetworkPortDef network: convert networkReleaseActualDevice to virNetworkPortDef network: convert hook script to take a network port XML network: remove the virDomainNetBandwidthChangeAllowed callback network: introduce networkAllocatePort network: introduce networkNotifyPort network: introduce networkReleasePort network: introduce networkUpdatePortBandwidth network: add public APIs for network port object access: add permissions for network port objects remote: add support for new network port APIs virsh: add support for network port APIs conf: support recording ports against virNetworkObjPtr network: add implementation of network port APIs lxc, libxl: notify network driver of NICs during reconnect lxc, libxl: save domain status after reconnect conf: record a portid against the domain conf conf: switch over to use network port APIs for virt drivers docs/formatdomain.html.in | 8 + docs/hooks.html.in | 24 +- docs/schemas/domaincommon.rng | 5 + include/libvirt/libvirt-network.h | 122 ++ include/libvirt/virterror.h | 3 + src/access/genpolkit.pl | 2 +- src/access/viraccessdriver.h | 6 + src/access/viraccessdrivernop.c | 11 + src/access/viraccessdriverpolkit.c | 26 + src/access/viraccessdriverstack.c | 25 + src/access/viraccessmanager.c | 16 + src/access/viraccessmanager.h | 6 + src/access/viraccessperm.c | 6 + src/access/viraccessperm.h | 44 + src/conf/Makefile.inc.am | 2 + src/conf/domain_conf.c | 558 ++++++- src/conf/domain_conf.h | 63 +- src/conf/netdev_bandwidth_conf.c | 22 +- src/conf/netdev_bandwidth_conf.h | 2 +- src/conf/network_conf.c | 4 +- src/conf/virnetworkobj.c | 303 ++++ src/conf/virnetworkobj.h | 34 + src/conf/virnetworkportdef.c | 514 +++++++ src/conf/virnetworkportdef.h | 112 ++ src/datatypes.c | 60 + src/datatypes.h | 41 + src/driver-network.h | 41 + src/libvirt-network.c | 444 ++++++ src/libvirt_private.syms | 24 +- src/libvirt_public.syms | 16 + src/libxl/libxl_conf.c | 21 +- src/libxl/libxl_domain.c | 28 +- src/libxl/libxl_driver.c | 60 +- src/lxc/lxc_driver.c | 37 +- src/lxc/lxc_process.c | 56 +- src/network/bridge_driver.c | 1364 +++++++++-------- src/qemu/qemu_command.c | 11 +- src/qemu/qemu_domain_address.c | 4 +- src/qemu/qemu_driver.c | 10 +- src/qemu/qemu_hotplug.c | 84 +- src/qemu/qemu_hotplug.h | 2 +- src/qemu/qemu_interface.c | 12 +- src/qemu/qemu_process.c | 32 +- src/remote/remote_daemon_dispatch.c | 73 + src/remote/remote_driver.c | 69 + src/remote/remote_protocol.x | 124 +- src/remote_protocol-structs | 69 + src/rpc/gendispatch.pl | 18 +- src/util/virerror.c | 9 + src/util/virhook.c | 4 +- src/util/virhook.h | 4 +- src/util/virhostdev.c | 17 +- src/util/virnetdevtap.c | 69 + src/util/virnetdevtap.h | 12 + src/util/virnetdevvportprofile.c | 16 + src/util/virnetdevvportprofile.h | 2 + tests/Makefile.am | 7 + .../net-virtio-network-portgroup.xml | 6 +- tests/virnetdevbandwidthtest.c | 2 +- .../plug-bridge-mactbl.xml | 9 + .../virnetworkportxml2xmldata/plug-bridge.xml | 12 + .../virnetworkportxml2xmldata/plug-direct.xml | 12 + .../plug-hostdev-pci.xml | 12 + tests/virnetworkportxml2xmldata/plug-none.xml | 8 + tests/virnetworkportxml2xmltest.c | 104 ++ tools/virsh-completer.c | 51 + tools/virsh-completer.h | 4 + tools/virsh-network.c | 399 ++++- tools/virsh-network.h | 5 + 69 files changed, 4532 insertions(+), 850 deletions(-) create mode 100644 src/conf/virnetworkportdef.c create mode 100644 src/conf/virnetworkportdef.h create mode 100644 tests/virnetworkportxml2xmldata/plug-bridge-mactbl.xml create mode 100644 tests/virnetworkportxml2xmldata/plug-bridge.xml create mode 100644 tests/virnetworkportxml2xmldata/plug-direct.xml create mode 100644 tests/virnetworkportxml2xmldata/plug-hostdev-pci.xml create mode 100644 tests/virnetworkportxml2xmldata/plug-none.xml create mode 100644 tests/virnetworkportxml2xmltest.c -- 2.20.1

3 39

[libvirt] [PATCH v5] openvswitch: Add new port VLAN mode "802.1ad"
by ZhiPeng LU 18 Mar '19

18 Mar '19

This patch adds functionality to allow libvirt to configure the '802.1ad' modes(802.1ad double-tagged) on openvswitch networks. For example: <interface type='bridge'> <mac address='2c:da:41:1d:05:42'/> <source bridge='ovs0'/> <vlan> <tag id='41' nativeMode='dot1q-tunnel'/> </vlan> <virtualport type='openvswitch'> <parameters interfaceid='6401a152-0b99-40b5-92be-858810aa6d37'/> </virtualport> <model type='virtio'/> <driver name='vhost'/> <alias name='net0'/> </interface> Signed-off-by: ZhiPeng Lu <luzhipeng(a)uniudc.com> --- v1->v2: 1. Fix "make syntax-check" failure v2->v3: 1. remove other_config when updating vlan v3->v4: 1. add commit message that has a brief description of the new feature 2. add tests for 'dot1q-tunnel' vlan mode v4->v5: 1. modify some description and format v4-resend: https://www.redhat.com/archives/libvir-list/2019-February/msg00988.html docs/formatdomain.html.in | 33 +++++++++++++++------- docs/formatnetwork.html.in | 26 ++++++++++------- docs/schemas/networkcommon.rng | 1 + src/conf/netdev_vlan_conf.c | 2 +- src/util/virnetdevopenvswitch.c | 7 +++++ src/util/virnetdevvlan.h | 1 + tests/networkxml2xmlin/openvswitch-net.xml | 9 ++++++ tests/networkxml2xmlout/openvswitch-net.xml | 9 ++++++ .../openvswitch-net-modified.xml | 9 ++++++ .../openvswitch-net-more-portgroups.xml | 9 ++++++ .../openvswitch-net-without-alice.xml | 9 ++++++ 11 files changed, 94 insertions(+), 21 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index b848e53..253f329 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -6097,6 +6097,13 @@ qemu-kvm -net nic,model=? /dev/null </vlan> ... </interface> + <interface type='bridge'> + <vlan trunk='yes'> + <tag id='42'/> + <tag id='555' nativeMode='802.1ad'/> + </vlan> + ... + </interface> </devices> ...</pre> @@ -6132,16 +6139,22 @@ qemu-kvm -net nic,model=? /dev/null For network connections using Open vSwitch it is also possible - to configure 'native-tagged' and 'native-untagged' VLAN modes - Since 1.1.0. This is done with the - optional <code>nativeMode</code> attribute on - the <code><tag></code> subelement: <code>nativeMode</code> - may be set to 'tagged' or 'untagged'. The <code>id</code> - attribute of the <code><tag></code> subelement - containing <code>nativeMode</code> sets which VLAN is considered - to be the "native" VLAN for this interface, and - the <code>nativeMode</code> attribute determines whether or not - traffic for that VLAN will be tagged. + to configure the following VLAN modes: + + <ul> + <li>'tagged' Since 1.1.0.</li> + <li>'untagged' Since 1.1.0.</li> + <li>'802.1ad' Since 5.1.0.</li> + </ul> + + This is done with the optional <code>nativeMode</code> attribute + on the <code><tag></code> subelement. The attribute may be + set to a string from the above list. The <code>id</code> attribute + of the <code><tag></code> subelement containing + <code>nativeMode</code> sets which VLAN is considered to be the + "native" VLAN for this interface and the <code>nativeMode</code> + attribute determines whether or not traffic for that VLAN will be + tagged or 802.1ad double tagged. <h5><a id="elementLink">Modifying virtual link state</a></h5> diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in index 509cca9..eea86f4 100644 --- a/docs/formatnetwork.html.in +++ b/docs/formatnetwork.html.in @@ -705,16 +705,22 @@ For network connections using Open vSwitch it is also possible - to configure 'native-tagged' and 'native-untagged' VLAN modes - Since 1.1.0. This is done with the - optional <code>nativeMode</code> attribute on - the <code><tag></code> subelement: <code>nativeMode</code> - may be set to 'tagged' or 'untagged'. The <code>id</code> - attribute of the <code><tag></code> subelement - containing <code>nativeMode</code> sets which VLAN is considered - to be the "native" VLAN for this interface, and - the <code>nativeMode</code> attribute determines whether or not - traffic for that VLAN will be tagged. + to configure the following VLAN modes: + + <ul> + <li>'tagged' Since 1.1.0.</li> + <li>'untagged' Since 1.1.0.</li> + <li>'802.1ad' Since 5.1.0.</li> + </ul> + + This is done with the optional <code>nativeMode</code> attribute + on the <code><tag></code> subelement. The attribute may be + set to a string from the above list. The <code>id</code> attribute + of the <code><tag></code> subelement containing + <code>nativeMode</code> sets which VLAN is considered to be the + "native" VLAN for this interface and the <code>nativeMode</code> + attribute determines whether or not traffic for that VLAN will be + tagged or 802.1ad double tagged. <code><vlan></code> elements can also be specified in diff --git a/docs/schemas/networkcommon.rng b/docs/schemas/networkcommon.rng index 2699555..7262783 100644 --- a/docs/schemas/networkcommon.rng +++ b/docs/schemas/networkcommon.rng @@ -223,6 +223,7 @@ <choice> <value>tagged</value> <value>untagged</value> + <value>802.1ad</value> </choice> </attribute> </optional> diff --git a/src/conf/netdev_vlan_conf.c b/src/conf/netdev_vlan_conf.c index 57d73ed..54e2b02 100644 --- a/src/conf/netdev_vlan_conf.c +++ b/src/conf/netdev_vlan_conf.c @@ -25,7 +25,7 @@ #define VIR_FROM_THIS VIR_FROM_NONE VIR_ENUM_IMPL(virNativeVlanMode, VIR_NATIVE_VLAN_MODE_LAST, - "default", "tagged", "untagged", + "default", "tagged", "untagged", "802.1ad", ); int diff --git a/src/util/virnetdevopenvswitch.c b/src/util/virnetdevopenvswitch.c index 4fa3a57..d8268bc 100644 --- a/src/util/virnetdevopenvswitch.c +++ b/src/util/virnetdevopenvswitch.c @@ -85,6 +85,11 @@ virNetDevOpenvswitchConstructVlans(virCommandPtr cmd, virNetDevVlanPtr virtVlan) virCommandAddArg(cmd, "vlan_mode=native-untagged"); virCommandAddArgFormat(cmd, "tag=%d", virtVlan->nativeTag); break; + case VIR_NATIVE_VLAN_MODE_8021AD: + virCommandAddArg(cmd, "vlan_mode=dot1q-tunnel"); + virCommandAddArg(cmd, "other_config:qinq-ethtype=802.1q"); + virCommandAddArgFormat(cmd, "tag=%d", virtVlan->nativeTag); + break; case VIR_NATIVE_VLAN_MODE_DEFAULT: default: break; @@ -498,6 +503,8 @@ int virNetDevOpenvswitchUpdateVlan(const char *ifname, "--", "--if-exists", "clear", "Port", ifname, "tag", "--", "--if-exists", "clear", "Port", ifname, "trunk", "--", "--if-exists", "clear", "Port", ifname, "vlan_mode", + "--", "--if-exists", "remove", "Port", ifname, + "other_config", "qinq-ethtype", "--", "--if-exists", "set", "Port", ifname, NULL); if (virNetDevOpenvswitchConstructVlans(cmd, virtVlan) < 0) diff --git a/src/util/virnetdevvlan.h b/src/util/virnetdevvlan.h index 2a13759..54109c6 100644 --- a/src/util/virnetdevvlan.h +++ b/src/util/virnetdevvlan.h @@ -27,6 +27,7 @@ typedef enum { VIR_NATIVE_VLAN_MODE_DEFAULT = 0, VIR_NATIVE_VLAN_MODE_TAGGED, VIR_NATIVE_VLAN_MODE_UNTAGGED, + VIR_NATIVE_VLAN_MODE_8021AD, VIR_NATIVE_VLAN_MODE_LAST } virNativeVlanMode; diff --git a/tests/networkxml2xmlin/openvswitch-net.xml b/tests/networkxml2xmlin/openvswitch-net.xml index 2f6084d..5734d36 100644 --- a/tests/networkxml2xmlin/openvswitch-net.xml +++ b/tests/networkxml2xmlin/openvswitch-net.xml @@ -30,4 +30,13 @@ <parameters profileid='native-profile'/> </virtualport> </portgroup> + <portgroup name='8021ad'> + <vlan trunk='yes'> + <tag id='555' nativeMode='802.1ad'/> + <tag id='666'/> + </vlan> + <virtualport> + <parameters profileid='8021ad-profile'/> + </virtualport> + </portgroup> </network> diff --git a/tests/networkxml2xmlout/openvswitch-net.xml b/tests/networkxml2xmlout/openvswitch-net.xml index 2f6084d..5734d36 100644 --- a/tests/networkxml2xmlout/openvswitch-net.xml +++ b/tests/networkxml2xmlout/openvswitch-net.xml @@ -30,4 +30,13 @@ <parameters profileid='native-profile'/> </virtualport> </portgroup> + <portgroup name='8021ad'> + <vlan trunk='yes'> + <tag id='555' nativeMode='802.1ad'/> + <tag id='666'/> + </vlan> + <virtualport> + <parameters profileid='8021ad-profile'/> + </virtualport> + </portgroup> </network> diff --git a/tests/networkxml2xmlupdateout/openvswitch-net-modified.xml b/tests/networkxml2xmlupdateout/openvswitch-net-modified.xml index cc0c344..ed605bf 100644 --- a/tests/networkxml2xmlupdateout/openvswitch-net-modified.xml +++ b/tests/networkxml2xmlupdateout/openvswitch-net-modified.xml @@ -30,4 +30,13 @@ <parameters profileid='native-profile'/> </virtualport> </portgroup> + <portgroup name='8021ad'> + <vlan trunk='yes'> + <tag id='555' nativeMode='802.1ad'/> + <tag id='666'/> + </vlan> + <virtualport> + <parameters profileid='8021ad-profile'/> + </virtualport> + </portgroup> </network> diff --git a/tests/networkxml2xmlupdateout/openvswitch-net-more-portgroups.xml b/tests/networkxml2xmlupdateout/openvswitch-net-more-portgroups.xml index 7c19ad9..0237e42 100644 --- a/tests/networkxml2xmlupdateout/openvswitch-net-more-portgroups.xml +++ b/tests/networkxml2xmlupdateout/openvswitch-net-more-portgroups.xml @@ -41,4 +41,13 @@ <parameters profileid='native-profile'/> </virtualport> </portgroup> + <portgroup name='8021ad'> + <vlan trunk='yes'> + <tag id='555' nativeMode='802.1ad'/> + <tag id='666'/> + </vlan> + <virtualport> + <parameters profileid='8021ad-profile'/> + </virtualport> + </portgroup> </network> diff --git a/tests/networkxml2xmlupdateout/openvswitch-net-without-alice.xml b/tests/networkxml2xmlupdateout/openvswitch-net-without-alice.xml index 4104424..cb9d12d 100644 --- a/tests/networkxml2xmlupdateout/openvswitch-net-without-alice.xml +++ b/tests/networkxml2xmlupdateout/openvswitch-net-without-alice.xml @@ -20,4 +20,13 @@ <parameters profileid='native-profile'/> </virtualport> </portgroup> + <portgroup name='8021ad'> + <vlan trunk='yes'> + <tag id='555' nativeMode='802.1ad'/> + <tag id='666'/> + </vlan> + <virtualport> + <parameters profileid='8021ad-profile'/> + </virtualport> + </portgroup> </network> -- 1.8.3.1

5 5

[libvirt] [PATCH] vz: build fix for virStorageBackendVzPoolStart
by Nikolay Shirokovskiy 18 Mar '19

18 Mar '19

Remove unused variable. Fix for [1] [1] 821dd6d8: storage: Use VIR_AUTOFREE for storage backends Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com> --- Pushed as trivial build fix. src/storage/storage_backend_vstorage.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/storage/storage_backend_vstorage.c b/src/storage/storage_backend_vstorage.c index df157a4..d446aa2 100644 --- a/src/storage/storage_backend_vstorage.c +++ b/src/storage/storage_backend_vstorage.c @@ -37,7 +37,6 @@ virStorageBackendVzPoolBuild(virStoragePoolObjPtr pool, static int virStorageBackendVzPoolStart(virStoragePoolObjPtr pool) { - int ret = -1; virStoragePoolDefPtr def = virStoragePoolObjGetDef(pool); VIR_AUTOFREE(char *) grp_name = NULL; VIR_AUTOFREE(char *) usr_name = NULL; -- 1.8.3.1

3 4

[libvirt] [PATCH v2 00/25] qemu: virtio-{non-}transitional support
by Cole Robinson 15 Mar '19

15 Mar '19

v1 libvirt patches: https://www.redhat.com/archives/libvir-list/2019-January/msg00593.html Previous incomplete RFC here: https://www.redhat.com/archives/libvir-list/2019-January/msg00346.html qemu patches, queued for qemu 4.0.0: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00923.html Previous libvirt discussion around this: https://www.redhat.com/archives/libvir-list/2018-August/msg01073.html Long story short we need to expose these options so apps have a usable way to support rhel6 + virtio + q35. This series exposes the new devices as model= values. This required adding new model= attributes for several devices. See v1 posting for a summary of the XML changes introduced, mostly it's adding virtio-transitional and virtio-non-transitional to existing model= enums, and adding model= XML attributes for devices that don't have them (disk, fs, input) Changes from v1: - <filesystem> models are now named virtio-9p, virtio-9p-transitional, virtio-9p-non-transitional. This is to avoid ambiguity as in the near future we will likely add virtio-fs <filesystem> support - Cleanup and prep work is separated into separate patches and front loaded into the series. - qemu caps additions are separated from the qemu_command.c patches, and squashed together upfront. - virDomainDeviceSetData is added to make it easier to compose a virDomainDeviceDef on the fly. This is used for the transitional cli building but can be useful elsewhere too, but that's for another series. - Lots of small improvements and fixes suggested by Andrea. Thanks, Cole Cole Robinson (25): conf: Set net->model earlier conf: Add virDomainNetIsVirtioModel qemu: Move <memballoon> validation out of qemu_command.c qemu: Move <rng> validation out of qemu_command.c qemu: command: Make vhost-scsi device string depend on address qemu: command: Convert vhost-{vsock,scsi} to qemuBuildVirtioDevStr conf: Add virDomainDeviceSetData qemu: command: Make BuildVirtioDevStr more generic qemu: command: Add qemuCaps to BuildVirtioStr qemu: capabilities: Add virtio/vhost {non-}transitional conf: Add <disk model='virtio-{non-}transitional'/> qemu: Support disk model=virtio-{non-}transitional qemu: Support interface model=virtio-{non-}transitional conf: Add <hostdev model='virtio-{non-}transitional'/> qemu: Support hostdev model=virtio-{non-}transitional qemu: Support rng model=virtio-{non-}transitional conf: Add <filesystem model='virtio-9p-{non-}transitional'/> qemu: Support filesystem model=virtio-9p-{non-}transitional qemu: Support memballoon model=virtio-{non-}transitional qemu: Support vsock model=virtio-{non-}transitional conf: Add <input model='virtio-{non-}transitional'/> qemu: Support input model=virtio-{non-}transitional qemu: Support virtio-serial controller model=virtio-{non-}transitional qemu: Support scsi controller model=virtio-{non-}transitional qemu: domcaps: Report disk <enum name="model"> docs/formatdomain.html.in | 39 ++- docs/schemas/domaincommon.rng | 61 +++- src/conf/domain_capabilities.c | 1 + src/conf/domain_capabilities.h | 1 + src/conf/domain_conf.c | 328 ++++++++++++++++-- src/conf/domain_conf.h | 67 ++++ src/libvirt_private.syms | 6 + src/libxl/libxl_conf.c | 2 + src/qemu/qemu_capabilities.c | 61 ++++ src/qemu/qemu_capabilities.h | 28 ++ src/qemu/qemu_command.c | 252 +++++++++++--- src/qemu/qemu_domain.c | 79 ++++- src/qemu/qemu_domain_address.c | 97 ++++-- src/qemu/qemu_driver.c | 17 +- src/qemu/qemu_hotplug.c | 2 +- src/qemu/qemu_interface.c | 8 +- src/qemu/qemu_process.c | 3 +- src/security/virt-aa-helper.c | 2 +- src/vbox/vbox_common.c | 2 + src/vmx/vmx.c | 5 +- .../bhyve_basic.x86_64.xml | 1 + .../bhyve_fbuf.x86_64.xml | 1 + .../bhyve_uefi.x86_64.xml | 1 + tests/domaincapsschemadata/full.xml | 6 + .../domaincapsschemadata/libxl-xenfv-usb.xml | 1 + .../domaincapsschemadata/libxl-xenpv-usb.xml | 1 + .../qemu_1.7.0.x86_64.xml | 3 + .../qemu_2.12.0-virt.aarch64.xml | 5 + .../qemu_2.12.0.ppc64.xml | 5 + .../qemu_2.12.0.s390x.xml | 5 + .../qemu_2.12.0.x86_64.xml | 5 + .../qemu_2.6.0-virt.aarch64.xml | 5 + .../qemu_2.6.0.aarch64.xml | 5 + .../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 5 + .../qemu_2.6.0.x86_64.xml | 5 + .../domaincapsschemadata/qemu_2.7.0.s390x.xml | 5 + .../qemu_2.8.0-tcg.x86_64.xml | 5 + .../domaincapsschemadata/qemu_2.8.0.s390x.xml | 5 + .../qemu_2.8.0.x86_64.xml | 5 + .../qemu_2.9.0-q35.x86_64.xml | 5 + .../qemu_2.9.0-tcg.x86_64.xml | 5 + .../qemu_2.9.0.x86_64.xml | 5 + .../domaincapsschemadata/qemu_3.0.0.s390x.xml | 5 + .../qemu_4.0.0.x86_64.xml | 154 ++++++++ tests/domaincapstest.c | 4 + .../caps_4.0.0.x86_64.xml | 20 ++ .../virtio-non-transitional.x86_64-3.1.0.args | 65 ++++ ...virtio-non-transitional.x86_64-latest.args | 62 ++++ .../virtio-non-transitional.xml | 40 +++ .../virtio-transitional.x86_64-3.1.0.args | 50 +++ .../virtio-transitional.x86_64-latest.args | 52 +++ .../qemuxml2argvdata/virtio-transitional.xml | 40 +++ tests/qemuxml2argvmock.c | 2 +- tests/qemuxml2argvtest.c | 6 + .../virtio-non-transitional.xml | 121 +++++++ .../virtio-transitional.xml | 80 +++++ tests/qemuxml2xmltest.c | 26 +- 57 files changed, 1736 insertions(+), 141 deletions(-) create mode 100644 tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml create mode 100644 tests/qemuxml2argvdata/virtio-non-transitional.x86_64-3.1.0.args create mode 100644 tests/qemuxml2argvdata/virtio-non-transitional.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/virtio-non-transitional.xml create mode 100644 tests/qemuxml2argvdata/virtio-transitional.x86_64-3.1.0.args create mode 100644 tests/qemuxml2argvdata/virtio-transitional.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/virtio-transitional.xml create mode 100644 tests/qemuxml2xmloutdata/virtio-non-transitional.xml create mode 100644 tests/qemuxml2xmloutdata/virtio-transitional.xml -- 2.20.1

5 75