May 2020 - Devel - Libvirt List Archives

by Daniel Veillard

We are getting at the end of the month and Monday is closed here, so I though it was better to roll RC1 even if I had not yet announced the release plan, I assume it's better than skipping by a few days. So it is there, I tagged it in git head and pushed signed tarball and source rpm to the usual place: https://libvirt.org/sources/ I seems to work in my limited testing and there is only a few red spots on the CI https://ci.centos.org/view/libvirt/ but TBH that doesn't look critical. Please give it a try, I will try to roll RC2 on Friday, then assuming everything looks fine 6.4.0 could go out on Tuesday, thanks in advance, Daniel -- Daniel Veillard | Red Hat Developers Tools http://developer.redhat.com/ veillard(a)redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/

4 years, 5 months

1
0
0 / 0

[PATCH v5 00/10] Introducing TPM Proxy device support for PPC64

by Daniel Henrique Barboza

changes in v5: - rebased and fixed commits to master at d265171b5784 - moved two TPMs validation from domain_conf.c (patch 05) to qemu_domain.c (patch 06) Gitlab tree: https://gitlab.com/danielhb/libvirt/tree/spapr_tpm_proxy_v5 v4 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00814.html v3 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00642.html v2 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00604.html v1 link: https://www.redhat.com/archives/libvir-list/2020-May/msg00604.html Daniel Henrique Barboza (10): docs: documentation and schema for the new TPM Proxy model qemu: Extend QEMU capabilities with 'spapr-tpm-proxy' qemu_extdevice.c: remove unneeded 'ret' variable qemu_tpm, security, tests: change 'switch' clauses for 'if' conf, qemu, security, tests: introducing 'def->tpms' array qemu: add validations after TPM Proxy model introduction tests: add XML schema tests for the TPM Proxy device qemu: build command line for the TPM Proxy device tests/qemuxml2argvtest.c: add TPM Proxy command line tests docs/news.xml: update for the new TPM Proxy device docs/formatdomain.html.in | 19 ++++- docs/news.xml | 17 +++++ docs/schemas/domaincommon.rng | 1 + src/conf/domain_audit.c | 4 +- src/conf/domain_conf.c | 50 +++++++----- src/conf/domain_conf.h | 6 +- src/qemu/qemu_alias.c | 9 ++- src/qemu/qemu_capabilities.c | 4 + src/qemu/qemu_capabilities.h | 3 + src/qemu/qemu_cgroup.c | 10 ++- src/qemu/qemu_command.c | 59 +++++++++++--- src/qemu/qemu_domain.c | 68 ++++++++++++++--- src/qemu/qemu_domain_address.c | 11 ++- src/qemu/qemu_extdevice.c | 24 +++--- src/qemu/qemu_tpm.c | 76 +++++++++---------- src/qemu/qemu_validate.c | 19 +++++ src/security/security_dac.c | 8 +- src/security/security_selinux.c | 44 +++++------ src/security/virt-aa-helper.c | 14 ++-- .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + tests/qemuxml2argvdata/ppc64-tpm-double.xml | 34 +++++++++ .../ppc64-tpmproxy-double.xml | 38 ++++++++++ .../ppc64-tpmproxy-single.ppc64-latest.args | 34 +++++++++ .../ppc64-tpmproxy-single.xml | 33 ++++++++ .../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 37 +++++++++ .../ppc64-tpmproxy-with-tpm.xml | 36 +++++++++ tests/qemuxml2argvtest.c | 33 +++++--- .../ppc64-tpmproxy-single.ppc64-latest.xml | 42 ++++++++++ .../ppc64-tpmproxy-with-tpm.ppc64-latest.xml | 46 +++++++++++ tests/qemuxml2xmltest.c | 2 + 31 files changed, 631 insertions(+), 152 deletions(-) create mode 100644 tests/qemuxml2argvdata/ppc64-tpm-double.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-double.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.ppc64-latest.args create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-single.xml create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.ppc64-latest.args create mode 100644 tests/qemuxml2argvdata/ppc64-tpmproxy-with-tpm.xml create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-single.ppc64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/ppc64-tpmproxy-with-tpm.ppc64-latest.xml -- 2.26.2

4 years, 5 months

3
16
0 / 0

[PULL 00/14] mips-hw-next patches for 2020-05-26

by Philippe Mathieu-Daudé

The following changes since commit 8f72c75cfc9b3c84a9b5e7a58ee5e471cb2f19c8: Merge remote-tracking branch 'remotes/kraxel/tags/audio-20200526-pull-reque= st' into staging (2020-05-26 10:59:01 +0100) are available in the Git repository at: https://gitlab.com/philmd/qemu.git tags/mips-hw-next-20200526 for you to fetch changes up to 97d8974620053db5754af808583de70380f73a10: MAINTAINERS: Change Aleksandar Rikalo's email address (2020-05-26 13:21:12 = +0200) ---------------------------------------------------------------- MIPS hardware updates - MAINTAINERS updated to welcome Huacai Chen and Jiaxun Yang, and update Aleksandar Rikalo's email address, - Trivial improvements in the Bonito64 North Bridge and the Fuloong 2e machine, - MIPS Machines names unified without 'mips_' prefix. CI: https://travis-ci.org/github/philmd/qemu/builds/691247975 ---------------------------------------------------------------- Aleksandar Markovic (3): hw/mips: Rename malta/mipssim/r4k/jazz files hw/mips/malta: Add some logging for bad register offset cases MAINTAINERS: Change Aleksandar Rikalo's email address Huacai Chen (1): MAINTAINERS: Add Huacai Chen as fuloong2e co-maintainer Philippe Mathieu-Daud=C3=A9 (10): hw/pci-host: Use CONFIG_PCI_BONITO to select the Bonito North Bridge hw/pci-host/bonito: Fix DPRINTF() format strings hw/pci-host/bonito: Map peripheral using physical address hw/pci-host/bonito: Map all the Bonito64 I/O range hw/pci-host/bonito: Map the different PCI ranges more detailed hw/pci-host/bonito: Better describe the I/O CS regions hw/pci-host/bonito: Set the Config register reset value with FIELD_DP32 hw/mips/fuloong2e: Move code and update a comment hw/mips/fuloong2e: Fix typo in Fuloong machine name hw/mips/mips_int: De-duplicate KVM interrupt delivery docs/system/deprecated.rst | 5 ++ docs/system/target-mips.rst | 2 +- default-configs/mips64el-softmmu.mak | 2 +- hw/isa/vt82c686.c | 2 +- hw/mips/{mips_fulong2e.c =3D> fuloong2e.c} | 48 ++++++------- hw/mips/{mips_jazz.c =3D> jazz.c} | 0 hw/mips/{mips_malta.c =3D> malta.c} | 14 ++-- hw/mips/mips_int.c | 11 +-- hw/mips/{mips_mipssim.c =3D> mipssim.c} | 0 hw/mips/{mips_r4k.c =3D> r4k.c} | 0 hw/pci-host/bonito.c | 87 +++++++++++++++++++----- tests/qtest/endianness-test.c | 2 +- .mailmap | 3 +- MAINTAINERS | 26 +++---- hw/mips/Kconfig | 3 +- hw/mips/Makefile.objs | 10 +-- hw/pci-host/Kconfig | 5 ++ hw/pci-host/Makefile.objs | 2 +- 18 files changed, 142 insertions(+), 80 deletions(-) rename hw/mips/{mips_fulong2e.c =3D> fuloong2e.c} (91%) rename hw/mips/{mips_jazz.c =3D> jazz.c} (100%) rename hw/mips/{mips_malta.c =3D> malta.c} (99%) rename hw/mips/{mips_mipssim.c =3D> mipssim.c} (100%) rename hw/mips/{mips_r4k.c =3D> r4k.c} (100%) --=20 2.21.3

4 years, 5 months

2
15
0 / 0

[PATCH v2] security: don't fail if built without attr support

by Christian Ehrhardt

If built without attr support removing any image will trigger qemuBlockRemoveImageMetadata (the one that emits the warning) -> qemuSecurityMoveImageMetadata -> virSecurityManagerMoveImageMetadata -> virSecurityDACMoveImageMetadata -> virSecurityDACMoveImageMetadataHelper -> virProcessRunInFork (spawns subprocess) -> virSecurityMoveRememberedLabel In there due to !HAVE_LIBATTR virFileGetXAttrQuiet will return ENOSYS and from there the chain will error out. That is wrong and looks like: libvirtd[6320]: internal error: child reported (status=125): libvirtd[6320]: Unable to remove disk metadata on vm testguest from /var/lib/uvtool/libvirt/images/testguest.qcow (disk target vda) This change makes virSecurityDACMoveImageMetadataHelper and virSecuritySELinuxMoveImageMetadataHelper accept that error code gracefully and in that sense it is an extension of: 5214b2f1a3f "security: Don't skip label restore on file systems lacking XATTRs" which does the same for other call chains into the virFile*XAttr functions. Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com> Reviewed-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/security/security_dac.c | 6 ++++++ src/security/security_selinux.c | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index bdc2d7edf3..7b95a6f86d 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1117,6 +1117,12 @@ virSecurityDACMoveImageMetadataHelper(pid_t pid G_GNUC_UNUSED, ret = virSecurityMoveRememberedLabel(SECURITY_DAC_NAME, data->src, data->dst); virSecurityManagerMetadataUnlock(data->mgr, &state); + + if (ret == -2) { + /* Libvirt built without XATTRS */ + ret = 0; + } + return ret; } diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 9a929debe1..7bb7c2b7b1 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1975,6 +1975,12 @@ virSecuritySELinuxMoveImageMetadataHelper(pid_t pid G_GNUC_UNUSED, ret = virSecurityMoveRememberedLabel(SECURITY_SELINUX_NAME, data->src, data->dst); virSecurityManagerMetadataUnlock(data->mgr, &state); + + if (ret == -2) { + /* Libvirt built without XATTRS */ + ret = 0; + } + return ret; } -- 2.26.0

4 years, 5 months

1
1
0 / 0

[PATCH 00/14] hw/mips: patch queue for 2020-05-26

by Philippe Mathieu-Daudé

Hi, This is the current state of my hw/mips/next tree. - MAINTAINERS updated to welcome Huacai Chen and Jiaxun Yang, and update Aleksandar Rikalo's email address, - Trivial improvements in the Bonito64 North Bridge and the Fuloong 2e machine, - MIPS Machines names unified without 'mips_' prefix. The following patches need review: - #6 "hw/pci-host/bonito: Map the different PCI ranges more detailled" - #10 "hw/mips/fuloong2e: Fix typo in Fuloong machine name" Aleksandar Markovic (3): hw/mips: Rename malta/mipssim/r4k/jazz files hw/mips/malta: Add some logging for bad register offset cases MAINTAINERS: Change Aleksandar Rikalo's email address Huacai Chen (1): MAINTAINERS: Add Huacai Chen as fuloong2e co-maintainer Philippe Mathieu-Daudé (10): hw/pci-host: Use CONFIG_PCI_BONITO to select the Bonito North Bridge hw/pci-host/bonito: Fix DPRINTF() format strings hw/pci-host/bonito: Map peripheral using physical address hw/pci-host/bonito: Map all the Bonito64 I/O range hw/pci-host/bonito: Map the different PCI ranges more detailled hw/pci-host/bonito: Better describe the I/O CS regions hw/pci-host/bonito: Set the Config register reset value with FIELD_DP32 hw/mips/fuloong2e: Move code and update a comment hw/mips/fuloong2e: Fix typo in Fuloong machine name hw/mips/mips_int: De-duplicate KVM interrupt delivery docs/system/deprecated.rst | 5 ++ docs/system/target-mips.rst | 2 +- default-configs/mips64el-softmmu.mak | 2 +- hw/isa/vt82c686.c | 2 +- hw/mips/{mips_fulong2e.c => fuloong2e.c} | 48 ++++++------- hw/mips/{mips_jazz.c => jazz.c} | 0 hw/mips/{mips_malta.c => malta.c} | 14 ++-- hw/mips/mips_int.c | 11 +-- hw/mips/{mips_mipssim.c => mipssim.c} | 0 hw/mips/{mips_r4k.c => r4k.c} | 0 hw/pci-host/bonito.c | 87 +++++++++++++++++++----- tests/qtest/endianness-test.c | 2 +- .mailmap | 3 +- MAINTAINERS | 26 +++---- hw/mips/Kconfig | 3 +- hw/mips/Makefile.objs | 10 +-- hw/pci-host/Kconfig | 5 ++ hw/pci-host/Makefile.objs | 2 +- 18 files changed, 142 insertions(+), 80 deletions(-) rename hw/mips/{mips_fulong2e.c => fuloong2e.c} (91%) rename hw/mips/{mips_jazz.c => jazz.c} (100%) rename hw/mips/{mips_malta.c => malta.c} (99%) rename hw/mips/{mips_mipssim.c => mipssim.c} (100%) rename hw/mips/{mips_r4k.c => r4k.c} (100%) -- 2.21.3

4 years, 5 months

3
29
0 / 0

[PATCH v2.1 0/3] Support network interface downscript

by Chen Hanxiao

QEMU has the ability to run a script when a NIC is brought up and down. Libvirt only enables use of the up script at this time. This series add support for postscript when NIC is down/detached. Chen Hanxiao (3): interface: introduce downscript downscript: add support for booting and hotplug interface news: add description about downscript docs/formatdomain.html.in | 6 ++- docs/news.xml | 10 +++++ docs/schemas/domaincommon.rng | 8 ++++ src/conf/domain_conf.c | 9 ++++ src/conf/domain_conf.h | 1 + src/qemu/qemu_extdevice.c | 4 ++ src/qemu/qemu_hotplug.c | 3 ++ tests/qemuxml2argvdata/downscript.xml | 60 +++++++++++++++++++++++++ tests/qemuxml2xmloutdata/downscript.xml | 60 +++++++++++++++++++++++++ tests/qemuxml2xmltest.c | 1 + 10 files changed, 161 insertions(+), 1 deletion(-) create mode 100644 tests/qemuxml2argvdata/downscript.xml create mode 100644 tests/qemuxml2xmloutdata/downscript.xml -- 2.23.0

4 years, 6 months

2
6
0 / 0

[PATCH 0/8] qemu: Use memory-backend-* for regular guest memory

by Michal Privoznik

DISCLAIMER: These patches depend on a yet not merged QEMU patch: https://lists.nongnu.org/archive/html/qemu-devel/2020-05/msg07255.html This is another round of patches that are adapting Libvirt to new QEMU command line so that they can deprecate the old one. See 8/8 for explanation. Michal Prívozník (8): qemuBuildMemoryBackendProps: Move @prealloc setting to backend agnostic part qemuBuildMemoryBackendProps: Respect //memoryBacking/allocation/@mode=immediate qemuBuildMemoryBackendProps: Prealloc mem for memfd backend qemuBuildMemoryBackendProps: Fix const correctness qemu: Introduce QEMU_CAPS_MACHINE_MEMORY_BACKEND qemu: Track default-ram-id machine attribute qemucapabilitiestest: Update 5.1.0 data qemu: Use memory-backend-* for regular guest memory src/qemu/qemu_capabilities.c | 42 ++- src/qemu/qemu_capabilities.h | 6 + src/qemu/qemu_capspriv.h | 3 +- src/qemu/qemu_command.c | 98 ++++-- src/qemu/qemu_command.h | 4 +- src/qemu/qemu_monitor.c | 1 + src/qemu/qemu_monitor.h | 1 + src/qemu/qemu_monitor_json.c | 11 + .../caps_5.0.0.aarch64.xml | 1 + .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + .../caps_5.0.0.riscv64.xml | 1 + .../caps_5.0.0.x86_64.xml | 1 + .../caps_5.1.0.x86_64.replies | 280 ++++++++++++------ .../caps_5.1.0.x86_64.xml | 181 +++++------ .../blkdeviotune-group-num.x86_64-latest.args | 3 +- ...blkdeviotune-max-length.x86_64-latest.args | 3 +- .../blkdeviotune-max.x86_64-latest.args | 3 +- .../channel-unix-guestfwd.x86_64-latest.args | 3 +- .../console-virtio-unix.x86_64-latest.args | 3 +- .../controller-virtio-scsi.x86_64-latest.args | 3 +- ...-Icelake-Server-pconfig.x86_64-latest.args | 3 +- .../cpu-translation.x86_64-latest.args | 3 +- .../disk-aio-io_uring.x86_64-latest.args | 3 +- .../disk-aio.x86_64-latest.args | 3 +- ...-backing-chains-noindex.x86_64-latest.args | 3 +- .../disk-cache.x86_64-latest.args | 4 +- .../disk-cdrom-bus-other.x86_64-latest.args | 3 +- ...m-empty-network-invalid.x86_64-latest.args | 3 +- .../disk-cdrom-network.x86_64-latest.args | 3 +- .../disk-cdrom-tray.x86_64-latest.args | 3 +- .../disk-cdrom.x86_64-latest.args | 3 +- .../disk-copy_on_read.x86_64-latest.args | 3 +- .../disk-detect-zeroes.x86_64-latest.args | 3 +- .../disk-discard.x86_64-latest.args | 3 +- .../disk-error-policy.x86_64-latest.args | 3 +- .../disk-floppy-q35-2_11.x86_64-latest.args | 4 +- .../disk-floppy-q35-2_9.x86_64-latest.args | 4 +- .../disk-floppy.x86_64-latest.args | 3 +- .../disk-network-gluster.x86_64-latest.args | 3 +- .../disk-network-http.x86_64-latest.args | 3 +- .../disk-network-iscsi.x86_64-latest.args | 3 +- .../disk-network-nbd.x86_64-latest.args | 3 +- .../disk-network-rbd.x86_64-latest.args | 3 +- .../disk-network-sheepdog.x86_64-latest.args | 3 +- ...isk-network-source-auth.x86_64-latest.args | 3 +- .../disk-network-tlsx509.x86_64-latest.args | 3 +- .../disk-nvme.x86_64-latest.args | 3 +- .../disk-readonly-disk.x86_64-latest.args | 3 +- .../disk-scsi-device-auto.x86_64-latest.args | 3 +- .../disk-scsi.x86_64-latest.args | 3 +- .../disk-shared.x86_64-latest.args | 3 +- .../disk-slices.x86_64-latest.args | 3 +- ...irtio-scsi-reservations.x86_64-latest.args | 3 +- .../eoi-disabled.x86_64-latest.args | 3 +- .../eoi-enabled.x86_64-latest.args | 3 +- .../floppy-drive-fat.x86_64-latest.args | 3 +- .../qemuxml2argvdata/fs9p.x86_64-latest.args | 3 +- .../genid-auto.x86_64-latest.args | 3 +- .../qemuxml2argvdata/genid.x86_64-latest.args | 3 +- ...egl-headless-rendernode.x86_64-latest.args | 3 +- .../graphics-egl-headless.x86_64-latest.args | 3 +- ...pice-gl-auto-rendernode.x86_64-latest.args | 3 +- ...graphics-vnc-tls-secret.x86_64-latest.args | 3 +- .../graphics-vnc-tls.x86_64-latest.args | 3 +- ...tdev-mdev-display-ramfb.x86_64-latest.args | 3 +- ...play-spice-egl-headless.x86_64-latest.args | 3 +- ...ev-display-spice-opengl.x86_64-latest.args | 3 +- ...isplay-vnc-egl-headless.x86_64-latest.args | 3 +- ...ostdev-mdev-display-vnc.x86_64-latest.args | 3 +- .../qemuxml2argvdata/hugepages-memaccess.args | 30 +- .../hugepages-memaccess2.args | 12 +- .../hugepages-numa-nodeset-part.args | 5 +- .../hugepages-numa-nodeset.args | 20 +- .../hugepages-nvdimm.x86_64-latest.args | 15 +- tests/qemuxml2argvdata/hugepages-shared.args | 24 +- .../hyperv-off.x86_64-latest.args | 3 +- .../hyperv-panic.x86_64-latest.args | 3 +- .../hyperv-stimer-direct.x86_64-latest.args | 3 +- .../hyperv.x86_64-latest.args | 3 +- ...ntel-iommu-caching-mode.x86_64-latest.args | 4 +- ...ntel-iommu-device-iotlb.x86_64-latest.args | 4 +- .../intel-iommu-eim.x86_64-latest.args | 4 +- .../intel-iommu.x86_64-latest.args | 3 +- ...threads-virtio-scsi-pci.x86_64-latest.args | 3 +- .../kvmclock+eoi-disabled.x86_64-latest.args | 3 +- ...luks-disks-source-qcow2.x86_64-latest.args | 4 +- ...memory-default-hugepage.x86_64-latest.args | 8 +- .../memfd-memory-numa.x86_64-latest.args | 8 +- .../memory-hotplug-dimm-addr.args | 6 +- .../qemuxml2argvdata/memory-hotplug-dimm.args | 6 +- ...y-hotplug-nvdimm-access.x86_64-latest.args | 8 +- ...ry-hotplug-nvdimm-align.x86_64-latest.args | 8 +- ...ry-hotplug-nvdimm-label.x86_64-latest.args | 8 +- ...ory-hotplug-nvdimm-pmem.x86_64-latest.args | 8 +- ...ory-hotplug-nvdimm-ppc64.ppc64-latest.args | 2 +- ...hotplug-nvdimm-readonly.x86_64-latest.args | 8 +- .../memory-hotplug-nvdimm.x86_64-latest.args | 6 +- .../mlock-off.x86_64-latest.args | 3 +- .../mlock-on.x86_64-latest.args | 3 +- .../net-vhostuser.x86_64-latest.args | 3 +- .../os-firmware-bios.x86_64-latest.args | 4 +- ...os-firmware-efi-secboot.x86_64-latest.args | 4 +- .../os-firmware-efi.x86_64-latest.args | 4 +- .../qemuxml2argvdata/pages-dimm-discard.args | 4 +- .../parallel-unix-chardev.x86_64-latest.args | 3 +- ...cie-root-port-nohotplug.x86_64-latest.args | 3 +- .../pv-spinlock-disabled.x86_64-latest.args | 3 +- .../pv-spinlock-enabled.x86_64-latest.args | 3 +- .../qemu-ns.x86_64-latest.args | 3 +- .../serial-unix-chardev.x86_64-latest.args | 3 +- ...rtcard-passthrough-unix.x86_64-latest.args | 3 +- .../tpm-emulator-tpm2-enc.x86_64-latest.args | 4 +- .../tpm-emulator-tpm2.x86_64-latest.args | 4 +- .../tpm-emulator.x86_64-latest.args | 4 +- .../tpm-passthrough-crb.x86_64-latest.args | 4 +- .../tpm-passthrough.x86_64-latest.args | 4 +- .../tseg-explicit-size.x86_64-latest.args | 4 +- .../usb-redir-unix.x86_64-latest.args | 3 +- tests/qemuxml2argvdata/user-aliases.args | 16 +- ...vhost-user-fs-fd-memory.x86_64-latest.args | 4 +- ...vhost-user-fs-hugepages.x86_64-latest.args | 10 +- ...host-user-gpu-secondary.x86_64-latest.args | 3 +- .../vhost-user-vga.x86_64-latest.args | 3 +- .../vhost-vsock-auto.x86_64-latest.args | 4 +- .../vhost-vsock.x86_64-latest.args | 3 +- ...eo-bochs-display-device.x86_64-latest.args | 3 +- ...video-qxl-device-vram64.x86_64-latest.args | 3 +- ...o-qxl-sec-device-vram64.x86_64-latest.args | 3 +- ...eo-ramfb-display-device.x86_64-latest.args | 3 +- .../virtio-9p-multidevs.x86_64-latest.args | 3 +- ...virtio-non-transitional.x86_64-latest.args | 3 +- ...-options-controller-ats.x86_64-latest.args | 3 +- ...ptions-controller-iommu.x86_64-latest.args | 3 +- ...tions-controller-packed.x86_64-latest.args | 3 +- ...virtio-options-disk-ats.x86_64-latest.args | 3 +- ...rtio-options-disk-iommu.x86_64-latest.args | 3 +- ...tio-options-disk-packed.x86_64-latest.args | 3 +- .../virtio-options-fs-ats.x86_64-latest.args | 3 +- ...virtio-options-fs-iommu.x86_64-latest.args | 3 +- ...irtio-options-fs-packed.x86_64-latest.args | 3 +- ...irtio-options-input-ats.x86_64-latest.args | 3 +- ...tio-options-input-iommu.x86_64-latest.args | 3 +- ...io-options-input-packed.x86_64-latest.args | 3 +- ...-options-memballoon-ats.x86_64-latest.args | 3 +- ...ptions-memballoon-iommu.x86_64-latest.args | 3 +- ...tions-memballoon-packed.x86_64-latest.args | 3 +- .../virtio-options-net-ats.x86_64-latest.args | 3 +- ...irtio-options-net-iommu.x86_64-latest.args | 3 +- ...rtio-options-net-packed.x86_64-latest.args | 3 +- .../virtio-options-rng-ats.x86_64-latest.args | 3 +- ...irtio-options-rng-iommu.x86_64-latest.args | 3 +- ...rtio-options-rng-packed.x86_64-latest.args | 3 +- ...irtio-options-video-ats.x86_64-latest.args | 3 +- ...tio-options-video-iommu.x86_64-latest.args | 3 +- ...io-options-video-packed.x86_64-latest.args | 3 +- .../virtio-options.x86_64-latest.args | 3 +- .../virtio-rng-builtin.x86_64-latest.args | 3 +- .../virtio-rng-egd-unix.x86_64-latest.args | 3 +- .../virtio-transitional.x86_64-latest.args | 3 +- ...-default-cpu-kvm-pc-4.2.x86_64-latest.args | 4 +- ...default-cpu-kvm-q35-4.2.x86_64-latest.args | 4 +- ...-default-cpu-tcg-pc-4.2.x86_64-latest.args | 4 +- ...default-cpu-tcg-q35-4.2.x86_64-latest.args | 4 +- .../x86_64-pc-graphics.x86_64-latest.args | 3 +- .../x86_64-pc-headless.x86_64-latest.args | 3 +- .../x86_64-q35-graphics.x86_64-latest.args | 3 +- .../x86_64-q35-headless.x86_64-latest.args | 3 +- tests/testutilsqemu.c | 15 +- 168 files changed, 843 insertions(+), 436 deletions(-) -- 2.26.2

4 years, 6 months

1
8
0 / 0

[libvirt PATCH] cpu_map: Distribute x86_Cooperlake.xml

by Jiri Denemark

Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- I will push this as a build breaker once https://gitlab.com/jirkade/libvirt/pipelines/149651008 pipeline succeeds. src/cpu_map/Makefile.inc.am | 1 + 1 file changed, 1 insertion(+) diff --git a/src/cpu_map/Makefile.inc.am b/src/cpu_map/Makefile.inc.am index 5d9190e27d..62403d2ed0 100644 --- a/src/cpu_map/Makefile.inc.am +++ b/src/cpu_map/Makefile.inc.am @@ -29,6 +29,7 @@ cpumap_DATA = \ cpu_map/x86_Cascadelake-Server.xml \ cpu_map/x86_Cascadelake-Server-noTSX.xml \ cpu_map/x86_Conroe.xml \ + cpu_map/x86_Cooperlake.xml \ cpu_map/x86_core2duo.xml \ cpu_map/x86_coreduo.xml \ cpu_map/x86_cpu64-rhel5.xml \ -- 2.26.2

4 years, 6 months

2
1
0 / 0

[PATCH] Don't require secdrivers to implement .domainMoveImageMetadata

by Michal Privoznik

The AppArmor secdriver does not use labels to grant access to resources. Therefore, it doesn't use XATTRs and hence it lacks implementation of .domainMoveImageMetadata callback. This leads to a harmless but needless error message appearing in the logs: virSecurityManagerMoveImageMetadata:476 : this function is not supported by the connection driver: virSecurityManagerMoveImageMetadata Closes: https://gitlab.com/libvirt/libvirt/-/issues/25 Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/security/security_manager.c | 3 +-- src/security/security_nop.c | 10 ---------- 2 files changed, 1 insertion(+), 12 deletions(-) diff --git a/src/security/security_manager.c b/src/security/security_manager.c index 2dea294784..b1237d63b6 100644 --- a/src/security/security_manager.c +++ b/src/security/security_manager.c @@ -473,8 +473,7 @@ virSecurityManagerMoveImageMetadata(virSecurityManagerPtr mgr, return ret; } - virReportUnsupportedError(); - return -1; + return 0; } diff --git a/src/security/security_nop.c b/src/security/security_nop.c index c1856eb421..d5f715b916 100644 --- a/src/security/security_nop.c +++ b/src/security/security_nop.c @@ -225,15 +225,6 @@ virSecurityDomainSetImageLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED, return 0; } -static int -virSecurityDomainMoveImageMetadataNop(virSecurityManagerPtr mgr G_GNUC_UNUSED, - pid_t pid G_GNUC_UNUSED, - virStorageSourcePtr src G_GNUC_UNUSED, - virStorageSourcePtr dst G_GNUC_UNUSED) -{ - return 0; -} - static int virSecurityDomainSetMemoryLabelNop(virSecurityManagerPtr mgr G_GNUC_UNUSED, virDomainDefPtr def G_GNUC_UNUSED, @@ -290,7 +281,6 @@ virSecurityDriver virSecurityDriverNop = { .domainSetSecurityImageLabel = virSecurityDomainSetImageLabelNop, .domainRestoreSecurityImageLabel = virSecurityDomainRestoreImageLabelNop, - .domainMoveImageMetadata = virSecurityDomainMoveImageMetadataNop, .domainSetSecurityMemoryLabel = virSecurityDomainSetMemoryLabelNop, .domainRestoreSecurityMemoryLabel = virSecurityDomainRestoreMemoryLabelNop, -- 2.26.2

4 years, 6 months

3
8
0 / 0

[PATCH] security: don't fail if built without attr support

by Christian Ehrhardt

If built without attr support removing any image will trigger qemuBlockRemoveImageMetadata (the one that emits the warning) -> qemuSecurityMoveImageMetadata -> virSecurityManagerMoveImageMetadata -> virSecurityDACMoveImageMetadata -> virSecurityDACMoveImageMetadataHelper -> virProcessRunInFork (spawns subprocess) -> virSecurityMoveRememberedLabel In there due to !HAVE_LIBATTR virFileGetXAttrQuiet will return ENOSYS and from there the chain will error out. That is wrong and looks like: libvirtd[6320]: internal error: child reported (status=125): libvirtd[6320]: Unable to remove disk metadata on vm testguest from /var/lib/uvtool/libvirt/images/testguest.qcow (disk target vda) This change makes virSecurityDACMoveImageMetadataHelper accept that error code gracefully and in that sense it is an extension of: 5214b2f1a3f "security: Don't skip label restore on file systems lacking XATTRs" which does the same for other call chains into the virFile*XAttr functions. Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com> --- src/security/security_dac.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index bdc2d7edf3..7b95a6f86d 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1117,6 +1117,12 @@ virSecurityDACMoveImageMetadataHelper(pid_t pid G_GNUC_UNUSED, ret = virSecurityMoveRememberedLabel(SECURITY_DAC_NAME, data->src, data->dst); virSecurityManagerMetadataUnlock(data->mgr, &state); + + if (ret == -2) { + /* Libvirt built without XATTRS */ + ret = 0; + } + return ret; } -- 2.26.0

4 years, 6 months

2
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Devel May 2020