[PATCH] NEWS: Document virtio-pmem model
by Michal Privoznik
A few commits ago I've implemented virtio-pmem memory model.
Mention it in the news file.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
NEWS.rst | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 64e6847673..7a2d6649b4 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,11 @@ v7.1.0 (unreleased)
* **New features**
+ * Introduce virtio-pmem ``<memory/>`` model
+
+ The virtio-pmem is a virtio variant of NVDIMM and just like NVDIMM
+ virtio-pmem also allows accessing host pages bypassing guest page cache.
+
* **Improvements**
* **Bug fixes**
--
2.26.2
3 years, 10 months
[PATCH v2 00/10] hyperv: implement defining/undefining domains
by Matt Coleman
This series starts by fixing a some dangerous behavior due to ambiguous
VM names, since Hyper-V allows multiple VMs to be defined with the same
name. That meant that `virsh dumpxml` could return XML for the wrong
domain. Additionally, when I implemented `undefine`, it would just
select one of the domains with the given name.
The majority of the series implements defining and undefining domains,
as well as attaching storage devices to domains.
Networking functionality will be in the next patch series.
Changes since v1:
* no longer checks domain state when undefining
- avoids a race condition
* does not implement domainCreateXML
- Hyper-V doesn't support transient VMs
* validates the SCSI controller model and address type
* validates the disk address type
* does not update NEWS.rst
- I have more patches after this set.
- Once they're all in, I'll add an entry to the 7.1 section.
Here's a GitLab MR, if you'd prefer to review the changes there:
https://gitlab.com/iammattcoleman/libvirt/-/merge_requests/14
Matt Coleman (10):
hyperv: ambiguous VM names will throw an error
hyperv: implement domainUndefine and domainUndefineFlags
hyperv: implement domainDefineXML
hyperv: add hypervMsvmVSMSAddResourceSettings
hyperv: create SCSI controllers when defining domains
hyperv: attach virtual disks when defining domains
hyperv: attach physical disks when defining domains
hyperv: attach virtual optical disks when defining domains
hyperv: attach floppy disks when defining domains
hyperv: implement domainAttachDevice and domainAttachDeviceFlags
include/libvirt/virterror.h | 1 +
src/hyperv/hyperv_driver.c | 855 ++++++++++++++++++++++++++++++++
src/hyperv/hyperv_wmi.c | 52 ++
src/hyperv/hyperv_wmi.h | 5 +
src/hyperv/hyperv_wmi_classes.h | 1 +
src/util/virerror.c | 6 +-
6 files changed, 918 insertions(+), 2 deletions(-)
--
2.27.0
3 years, 10 months
[PATCH] apparmor: let image label setting loop over backing files
by Christian Ehrhardt
When adding a rule for an image file and that image file has a chain
of backing files then we need to add a rule for each of those files.
To get that iterate over the backing file chain the same way as
dac/selinux already do and add a label for each.
Fixes: https://gitlab.com/libvirt/libvirt/-/issues/118
Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com>
---
src/security/security_apparmor.c | 39 ++++++++++++++++++++++----------
1 file changed, 27 insertions(+), 12 deletions(-)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 29f0956d22..1f309c0c9f 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -756,22 +756,13 @@ AppArmorRestoreInputLabel(virSecurityManagerPtr mgr,
/* Called when hotplugging */
static int
-AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
- virDomainDefPtr def,
- virStorageSourcePtr src,
- virSecurityDomainImageLabelFlags flags G_GNUC_UNUSED)
+AppArmorSetSecurityImageLabelInternal(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virStorageSourcePtr src)
{
- virSecurityLabelDefPtr secdef;
g_autofree char *vfioGroupDev = NULL;
const char *path;
- secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_APPARMOR_NAME);
- if (!secdef || !secdef->relabel)
- return 0;
-
- if (!secdef->imagelabel)
- return 0;
-
if (src->type == VIR_STORAGE_TYPE_NVME) {
const virStorageSourceNVMeDef *nvme = src->nvme;
@@ -797,6 +788,30 @@ AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
return reload_profile(mgr, def, path, true);
}
+static int
+AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virStorageSourcePtr src,
+ virSecurityDomainImageLabelFlags flags G_GNUC_UNUSED)
+{
+ virSecurityLabelDefPtr secdef;
+ virStorageSourcePtr n;
+
+ secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_APPARMOR_NAME);
+ if (!secdef || !secdef->relabel)
+ return 0;
+
+ if (!secdef->imagelabel)
+ return 0;
+
+ for (n = src; virStorageSourceIsBacking(n); n = n->backingStore) {
+ if (AppArmorSetSecurityImageLabelInternal(mgr, def, n) < 0)
+ return -1;
+ }
+
+ return 0;
+}
+
static int
AppArmorSecurityVerify(virSecurityManagerPtr mgr G_GNUC_UNUSED,
virDomainDefPtr def)
--
2.30.0
3 years, 10 months
[libvirt][PATCH v3 0/3] introduce 'restrictive' mode in numatune
by Luyao Zhong
Before this patch set, numatune only has three memory modes:
static, interleave and prefered. These memory policies are
ultimately set by mbind() system call.
Memory policy could be 'hard coded' into the kernel, but none of
above policies fit our requirment under this case. mbind() support
default memory policy, but it requires a NULL nodemask. So obviously
setting allowed memory nodes is cgroups' mission under this case.
So we introduce a new option for mode in numatune named 'restrictive'.
<numatune>
<memory mode="restrictive" nodeset="1-4,^3"/>
<memnode cellid="0" mode="restrictive" nodeset="1"/>
<memnode cellid="2" mode="restrictive" nodeset="2"/>
</numatune>
The config above means we only use cgroups to restrict the allowed
memory nodes and not setting any specific memory policies explicitly.
RFC discussion:
https://www.redhat.com/archives/libvir-list/2020-November/msg01256.html
Regards,
Luyao
Luyao Zhong (3):
docs: add docs for 'restrictive' option for mode in numatune
schema: add 'restrictive' config option for mode in numatune
qemu: add parser and formatter for 'restrictive' mode in numatune
docs/formatdomain.rst | 7 +++-
docs/schemas/domaincommon.rng | 2 +
include/libvirt/libvirt-domain.h | 1 +
src/conf/numa_conf.c | 9 +++++
src/qemu/qemu_command.c | 6 ++-
src/qemu/qemu_process.c | 27 +++++++++++++
src/util/virnuma.c | 3 ++
.../numatune-memnode-invalid-mode.err | 1 +
.../numatune-memnode-invalid-mode.xml | 33 +++++++++++++++
...emnode-restrictive-mode.x86_64-latest.args | 40 +++++++++++++++++++
.../numatune-memnode-restrictive-mode.xml | 33 +++++++++++++++
tests/qemuxml2argvtest.c | 2 +
...memnode-restrictive-mode.x86_64-latest.xml | 40 +++++++++++++++++++
tests/qemuxml2xmltest.c | 1 +
14 files changed, 202 insertions(+), 3 deletions(-)
create mode 100644 tests/qemuxml2argvdata/numatune-memnode-invalid-mode.err
create mode 100644 tests/qemuxml2argvdata/numatune-memnode-invalid-mode.xml
create mode 100644 tests/qemuxml2argvdata/numatune-memnode-restrictive-mode.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/numatune-memnode-restrictive-mode.xml
create mode 100644 tests/qemuxml2xmloutdata/numatune-memnode-restrictive-mode.x86_64-latest.xml
--
2.25.4
3 years, 10 months
[libvirt PATCH v2 0/3] Refresh Dockerfiles
by Erik Skultety
Erik Skultety (3):
ci: Refresh Dockerfiles
ci: Add openSUSE Leap 15.2
ci: Drop openSUSE Leap 15.1
.gitlab-ci.yml | 14 +++++++-------
ci/containers/ci-centos-7.Dockerfile | 4 ++--
ci/containers/ci-centos-8.Dockerfile | 2 +-
ci/containers/ci-centos-stream.Dockerfile | 9 +++++----
.../ci-debian-10-cross-aarch64.Dockerfile | 2 +-
ci/containers/ci-debian-10-cross-armv6l.Dockerfile | 2 +-
ci/containers/ci-debian-10-cross-armv7l.Dockerfile | 2 +-
ci/containers/ci-debian-10-cross-i686.Dockerfile | 2 +-
ci/containers/ci-debian-10-cross-mips.Dockerfile | 4 ++--
.../ci-debian-10-cross-mips64el.Dockerfile | 2 +-
ci/containers/ci-debian-10-cross-mipsel.Dockerfile | 2 +-
.../ci-debian-10-cross-ppc64le.Dockerfile | 2 +-
ci/containers/ci-debian-10-cross-s390x.Dockerfile | 4 ++--
ci/containers/ci-debian-10.Dockerfile | 2 +-
.../ci-debian-sid-cross-aarch64.Dockerfile | 2 +-
.../ci-debian-sid-cross-armv6l.Dockerfile | 2 +-
.../ci-debian-sid-cross-armv7l.Dockerfile | 2 +-
ci/containers/ci-debian-sid-cross-i686.Dockerfile | 2 +-
.../ci-debian-sid-cross-mips64el.Dockerfile | 2 +-
.../ci-debian-sid-cross-mipsel.Dockerfile | 2 +-
.../ci-debian-sid-cross-ppc64le.Dockerfile | 2 +-
ci/containers/ci-debian-sid-cross-s390x.Dockerfile | 4 ++--
ci/containers/ci-debian-sid.Dockerfile | 2 +-
ci/containers/ci-fedora-32.Dockerfile | 2 +-
ci/containers/ci-fedora-33.Dockerfile | 2 +-
.../ci-fedora-rawhide-cross-mingw32.Dockerfile | 2 +-
.../ci-fedora-rawhide-cross-mingw64.Dockerfile | 2 +-
ci/containers/ci-fedora-rawhide.Dockerfile | 2 +-
...e-151.Dockerfile =3D> ci-opensuse-152.Dockerfile} | 10 +++++-----
ci/containers/ci-ubuntu-1804.Dockerfile | 2 +-
ci/containers/ci-ubuntu-2004.Dockerfile | 2 +-
31 files changed, 49 insertions(+), 48 deletions(-)
rename ci/containers/{ci-opensuse-151.Dockerfile =3D> ci-opensuse-152.Docker=
file} (91%)
--=20
2.29.2
3 years, 10 months
[libvirt PATCH 0/2] Refresh Dockerfiles
by Erik Skultety
Note that openSUSE Leap 15.1 container hasn't been removed yet as it reaches
EOL on January 31, 2021, we'll build on both.
Erik Skultety (2):
ci: Refresh Dockerfiles
ci: Add openSUSE Leap 15.2
.gitlab-ci.yml | 17 ++-
ci/containers/ci-centos-7.Dockerfile | 4 +-
ci/containers/ci-centos-8.Dockerfile | 2 +-
ci/containers/ci-centos-stream.Dockerfile | 9 +-
.../ci-debian-10-cross-aarch64.Dockerfile | 2 +-
.../ci-debian-10-cross-armv6l.Dockerfile | 2 +-
.../ci-debian-10-cross-armv7l.Dockerfile | 2 +-
.../ci-debian-10-cross-i686.Dockerfile | 2 +-
.../ci-debian-10-cross-mips.Dockerfile | 4 +-
.../ci-debian-10-cross-mips64el.Dockerfile | 2 +-
.../ci-debian-10-cross-mipsel.Dockerfile | 2 +-
.../ci-debian-10-cross-ppc64le.Dockerfile | 2 +-
.../ci-debian-10-cross-s390x.Dockerfile | 4 +-
ci/containers/ci-debian-10.Dockerfile | 2 +-
.../ci-debian-sid-cross-aarch64.Dockerfile | 2 +-
.../ci-debian-sid-cross-armv6l.Dockerfile | 2 +-
.../ci-debian-sid-cross-armv7l.Dockerfile | 2 +-
.../ci-debian-sid-cross-i686.Dockerfile | 2 +-
.../ci-debian-sid-cross-mips64el.Dockerfile | 2 +-
.../ci-debian-sid-cross-mipsel.Dockerfile | 2 +-
.../ci-debian-sid-cross-ppc64le.Dockerfile | 2 +-
.../ci-debian-sid-cross-s390x.Dockerfile | 4 +-
ci/containers/ci-debian-sid.Dockerfile | 2 +-
ci/containers/ci-fedora-32.Dockerfile | 2 +-
ci/containers/ci-fedora-33.Dockerfile | 2 +-
...ci-fedora-rawhide-cross-mingw32.Dockerfile | 2 +-
...ci-fedora-rawhide-cross-mingw64.Dockerfile | 2 +-
ci/containers/ci-fedora-rawhide.Dockerfile | 2 +-
ci/containers/ci-opensuse-152.Dockerfile | 100 ++++++++++++++++++
ci/containers/ci-ubuntu-1804.Dockerfile | 2 +-
ci/containers/ci-ubuntu-2004.Dockerfile | 2 +-
31 files changed, 152 insertions(+), 38 deletions(-)
create mode 100644 ci/containers/ci-opensuse-152.Dockerfile
--
2.29.2
3 years, 10 months
[PATCH v2] meson: build vstorage only on linux
by Nikolay Shirokovskiy
This should fix CI error:
../dist-unpack/libvirt-7.1.0/src/storage/storage_backend_vstorage.c:10:10: fatal error: 'mntent.h' file not found
#include <mntent.h>
^~~~~~~~~~
on freebsd and mac.
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com>
---
meson.build | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/meson.build b/meson.build
index e3e7ff7..d8a63ba 100644
--- a/meson.build
+++ b/meson.build
@@ -1957,8 +1957,19 @@ if conf.has('WITH_LIBVIRTD')
endif
if not get_option('storage_vstorage').disabled()
- use_storage = true
- conf.set('WITH_STORAGE_VSTORAGE', 1)
+ vstorage_enable = true
+ if host_machine.system() != 'linux'
+ if get_option('storage_fs').enabled()
+ error('Vstorage is supported only on Linux')
+ else
+ vstorage_enable = false
+ endif
+ endif
+
+ if vstorage_enable
+ use_storage = true
+ conf.set('WITH_STORAGE_VSTORAGE', 1)
+ endif
endif
if not get_option('storage_zfs').disabled()
--
1.8.3.1
3 years, 10 months
[PATCH] meson: don't build vstorage where mntent.h is not present
by Nikolay Shirokovskiy
This should fix CI error:
../dist-unpack/libvirt-7.1.0/src/storage/storage_backend_vstorage.c:10:10: fatal error: 'mntent.h' file not found
#include <mntent.h>
^~~~~~~~~~
on freebsd and mac.
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com>
---
meson.build | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/meson.build b/meson.build
index e3e7ff7..a6b6169 100644
--- a/meson.build
+++ b/meson.build
@@ -1957,8 +1957,20 @@ if conf.has('WITH_LIBVIRTD')
endif
if not get_option('storage_vstorage').disabled()
- use_storage = true
- conf.set('WITH_STORAGE_VSTORAGE', 1)
+ vstorage_enable = true
+
+ if not cc.has_header('mntent.h')
+ if get_option('storage_fs').enabled()
+ error('<mntent.h> is required for the FS storage driver')
+ else
+ vstorage_enable = false
+ endif
+ endif
+
+ if vstorage_enable
+ use_storage = true
+ conf.set('WITH_STORAGE_VSTORAGE', 1)
+ endif
endif
if not get_option('storage_zfs').disabled()
--
1.8.3.1
3 years, 10 months
[libvirt PATCH v2] meson: Fix build with -Dtest_coverage=true
by Jiri Denemark
As can be seen in commit 8a62a1592ae00eab4eb153c02661e56b9d8d9032 (from
autoconf era), the coverage flags have to be used also when linking
objects. However, this was not reflected when we switched to meson.
Without this patch linking fails with undefined references to various
__gcov_* symbols.
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
tests/meson.build | 8 ++++----
tools/nss/meson.build | 2 ++
tools/wireshark/src/meson.build | 3 +++
3 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/tests/meson.build b/tests/meson.build
index f1d91ca50d..23255dd62a 100644
--- a/tests/meson.build
+++ b/tests/meson.build
@@ -26,7 +26,10 @@ tests_dep = declare_dependency(
top_inc_dir,
util_inc_dir,
],
- link_args: libvirt_export_dynamic,
+ link_args: (
+ libvirt_export_dynamic
+ + coverage_flags
+ ),
)
tests_env = [
@@ -228,9 +231,6 @@ executable(
dependencies: [
tests_dep,
],
- link_args: [
- coverage_flags,
- ],
)
diff --git a/tools/nss/meson.build b/tools/nss/meson.build
index cf3eec9b24..198936f3d4 100644
--- a/tools/nss/meson.build
+++ b/tools/nss/meson.build
@@ -66,6 +66,7 @@ nss_libvirt_lib = shared_module(
link_args: [
nss_libvirt_syms,
libvirt_export_dynamic,
+ coverage_flags,
],
link_whole: [
nss_libvirt_impl,
@@ -81,6 +82,7 @@ nss_libvirt_guest_lib = shared_library(
link_args: [
nss_libvirt_guest_syms,
libvirt_export_dynamic,
+ coverage_flags,
],
link_whole: [
nss_libvirt_guest_impl,
diff --git a/tools/wireshark/src/meson.build b/tools/wireshark/src/meson.build
index 49ccc9bb86..9b452dc5ca 100644
--- a/tools/wireshark/src/meson.build
+++ b/tools/wireshark/src/meson.build
@@ -12,6 +12,9 @@ shared_library(
xdr_dep,
tools_dep,
],
+ link_args: [
+ coverage_flags
+ ],
install: true,
install_dir: wireshark_plugindir,
)
--
2.30.0
3 years, 10 months
[libvirt PATCH] docs: Clarify use of virtio-scsi model for SCSI controllers
by Andrea Bolognani
The current formulation can lead people to believe SCSI
controllers only allow the virtio-scsi model, but really the
only difference is that you have to use model='virtio-scsi'
where you would use model='virtio' for another device.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
docs/formatdomain.rst | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index dd197d8f6a..af540391db 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -3428,8 +3428,10 @@ machine types, accept the following ``model`` values:
While the information outlined above applies to most virtio devices, there are a
few exceptions:
-- for SCSI controllers, ``virtio-scsi`` must be used instead of ``virtio`` for
- backwards compatibility reasons;
+- for SCSI controllers, there is no ``virtio`` model available due to
+ historical reasons: use ``virtio-scsi`` instead, which behaves the same as
+ ``virtio`` does for other devices. Both ``virtio-transitional`` and
+ ``virtio-non-transitional`` work with SCSI controllers;
- some devices, such as GPUs and input devices (keyboard, tablet and mouse),
are only defined in the virtio 1.0 spec and as such don't have a transitional
variant: the only accepted model is ``virtio``, which will result in a
--
2.26.2
3 years, 10 months
