[PATCH] NEWS: Document my contributions for the upcoming release
by Michal Privoznik
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
NEWS.rst | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 21df0e1602..1a8abb56f4 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -105,6 +105,11 @@ v7.5.0 (2021-07-01)
Since it's impossible to fix it without running into further regressions
the documentation was improved to document the intricacies.
+ * vmx: Parse vm.genid and support super wide SCSI bus
+
+ The genid attribute is now reported for VMX guests. Libvirt can now
+ properly process super wide SCSI bus (64 units).
+
* **Bug fixes**
* qemu: Fixed validation of disk ``iothread`` configuration
@@ -113,6 +118,18 @@ v7.5.0 (2021-07-01)
it caused bogus errors when address wasn't allocated when hotplugging a
disk. The check is now removed as it wasn't actually necessary at all.
+ * qemu: Open chardev logfile on behalf of QEMU
+
+ Guests with a logfile configured for their chardevs are now able to start
+ when even no virtlogd is configured.
+
+ * virhostmem: Handle numactl-less build in hugepages allocation/reporting
+
+ Some architectures don't have notion of NUMA (e.g. s390x) but do support
+ hugepages. Libvirt silently ignored requests to allocate/report hugepage
+ pool when built without numactl. This is now fixed and the pool can be
+ allocated/reported on properly.
+
v7.4.0 (2021-06-01)
===================
--
2.31.1
3 years, 2 months
[libvirt PATCH 00/11] Automatic mutex management
by Tim Wiederhake
libvirt currently manages mutexes manually. Manual mutex management suffers
from the same drawbacks as manual memory management, and at least one
lock-unlock mismatch exists currently in the code base, see
https://listman.redhat.com/archives/libvir-list/2021-August/msg00125.html.
This series lays the ground work for automatic mutex management in libvirt.
Later series will continue to replace calls to virMutex{Lock,Unlock} and
virObject{Lock,Unlock}.
Patches 1 - 3 deal with a bug in clang (see patch 1 for explanation),
patches 4 - 6 introduce a new type, virLockGuard, that handles the automatic
mutex management, and patches 7-11 demonstrate the application of this
new type.
Patches that eliminate the majority of calls to virMutex{Lock,Unlock} are
on stand-by, as well as patches that provide virLockGuard support for
virObject and will be send once this series is accepted.
Regards,
Tim
Tim Wiederhake (11):
glibcompat: Add wrapper for g_auto*
VIR_XPATH_NODE_AUTORESTORE: Add semicolon
virxml: Simplify VIR_XPATH_NODE_AUTORESTORE
internal: Add CONCAT macro
virthread: Introduce virLockGuard
virthread: Introduce WITH_VIR_MUTEX_LOCK_GUARD
virChrdevFDStreamCloseCb: Use virLockGuard
virChrdevFree: Use virLockGuard
virChrdevOpen: Use virLockGuard
networkBridgeNameValidate: Use virLockGuard
networkBridgeNameValidate: Cleanup
src/conf/backup_conf.c | 2 +-
src/conf/checkpoint_conf.c | 2 +-
src/conf/cpu_conf.c | 2 +-
src/conf/domain_conf.c | 140 ++++++++++++++---------------
src/conf/interface_conf.c | 8 +-
src/conf/netdev_vlan_conf.c | 2 +-
src/conf/network_conf.c | 14 +--
src/conf/networkcommon_conf.c | 2 +-
src/conf/node_device_conf.c | 42 ++++-----
src/conf/numa_conf.c | 6 +-
src/conf/snapshot_conf.c | 2 +-
src/conf/storage_adapter_conf.c | 2 +-
src/conf/storage_conf.c | 4 +-
src/conf/storage_encryption_conf.c | 4 +-
src/conf/storage_source_conf.c | 2 +-
src/conf/virchrdev.c | 26 ++----
src/conf/virsavecookie.c | 2 +-
src/cpu/cpu_map.c | 4 +-
src/cpu/cpu_x86.c | 2 +-
src/internal.h | 3 +
src/libvirt_private.syms | 3 +
src/lxc/lxc_domain.c | 2 +-
src/network/bridge_driver.c | 11 +--
src/qemu/qemu_capabilities.c | 2 +-
src/qemu/qemu_domain.c | 8 +-
src/qemu/qemu_domainjob.c | 2 +-
src/qemu/qemu_migration_cookie.c | 8 +-
src/util/glibcompat.h | 20 +++++
src/util/virthread.c | 26 ++++++
src/util/virthread.h | 30 +++++++
src/util/virxml.h | 6 +-
31 files changed, 228 insertions(+), 161 deletions(-)
--
2.31.1
3 years, 2 months
[libvirt PATCH] src: fix generation of default resource partition
by Pavel Hrdina
Now that resource structure can have appid as well we need to adapt code
that creates default resource partition if not provided by user.
Otherwise starting a VM with appid defined would fail with following
error:
error: unsupported configuration: Resource partition '(null)' must start with '/'
Fixes: 38b5f4faabccf681439d99e5394954c6ef7a5a40
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/lxc/lxc_process.c | 10 ++++------
src/qemu/qemu_cgroup.c | 12 ++++--------
2 files changed, 8 insertions(+), 14 deletions(-)
diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index cfa009f14e..d262128a50 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -1258,13 +1258,11 @@ int virLXCProcessStart(virConnectPtr conn,
return -1;
}
- if (!vm->def->resource) {
- virDomainResourceDef *res = g_new0(virDomainResourceDef, 1);
+ if (!vm->def->resource)
+ vm->def->resource = g_new0(virDomainResourceDef, 1);
- res->partition = g_strdup("/machine");
-
- vm->def->resource = res;
- }
+ if (!vm->def->resource->partition)
+ vm->def->resource->partition = g_strdup("/machine");
logfile = g_strdup_printf("%s/%s.log", cfg->logDir, vm->def->name);
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index 42dba1750d..6d4a82b3cd 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -949,15 +949,11 @@ qemuInitCgroup(virDomainObj *vm,
virCgroupFree(priv->cgroup);
priv->cgroup = NULL;
- if (!vm->def->resource) {
- virDomainResourceDef *res;
+ if (!vm->def->resource)
+ vm->def->resource = g_new0(virDomainResourceDef, 1);
- res = g_new0(virDomainResourceDef, 1);
-
- res->partition = g_strdup("/machine");
-
- vm->def->resource = res;
- }
+ if (!vm->def->resource->partition)
+ vm->def->resource->partition = g_strdup("/machine");
if (!g_path_is_absolute(vm->def->resource->partition)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--
2.31.1
3 years, 2 months
[libvirt PATCH 00/13] selinux: introduce sVirt policy and build
by Daniel P. Berrangé
This is an extension of
https://listman.redhat.com/archives/libvir-list/2021-July/msg00167.html
The original patches from that series are unchanged apart from the
commit message, and tweak to the min fedora version in the RPM.
I then include various refactors/cleanups.
On Fedora 34 I notice the following:
../src/security/selinux/virt.te:579: Warning: fs_rw_anon_inodefs_files(virtd_t) has been deprecated. All calls can be safely removed.
../src/security/selinux/virt.te:580: Warning: fs_list_inotifyfs(virtd_t) has been deprecated. All calls can be safely removed.
../src/security/selinux/virt.te:985: Warning: fs_rw_anon_inodefs_files(virt_domain) has been deprecated. All calls can be safely removed.
../src/security/selinux/virt.te:1520: Warning: fs_list_inotifyfs(svirt_sandbox_domain) has been deprecated. All calls can be safely removed.
assuming those warnings are correct, we can delete a few things
from the policy, but that's not done here.
Daniel P. Berrangé (10):
selinux: remove redundant use of 'set_variable' function
selinux: move selinux policy build helper to scripts directory
selinux: don't hardcode paths to selinux tools
selinux: don't hardcode policy include files directory
rpm: move logic for setting selinux policy variables
rpm: rename selinux variables to improve clarity
selinux: introduce meson option for selinux policy install
selinux: remove duplicate sources list for policy
scripts: use variables for cli args in selinux helper
scripts: factor repeated path joins from selinux helper
Nikola Knazekova (1):
security: add SELinux policy for virt
Vit Mojzis (2):
selinux: introduce build, install, packaging for selinux policy
Install selinux-policy-devel in test environment
ci/containers/centos-8.Dockerfile | 1 +
ci/containers/centos-stream-8.Dockerfile | 1 +
ci/containers/fedora-33.Dockerfile | 1 +
ci/containers/fedora-34.Dockerfile | 1 +
.../fedora-rawhide-cross-mingw32.Dockerfile | 1 +
.../fedora-rawhide-cross-mingw64.Dockerfile | 1 +
ci/containers/fedora-rawhide.Dockerfile | 1 +
libvirt.spec.in | 100 +
meson.build | 1 +
meson_options.txt | 2 +
scripts/meson.build | 1 +
scripts/selinux-compile-policy.py | 156 ++
src/security/meson.build | 2 +
src/security/selinux/mcs/meson.build | 17 +
src/security/selinux/meson.build | 45 +
src/security/selinux/mls/meson.build | 17 +
src/security/selinux/virt.fc | 111 +
src/security/selinux/virt.if | 1984 ++++++++++++++++
src/security/selinux/virt.te | 2078 +++++++++++++++++
19 files changed, 4521 insertions(+)
create mode 100755 scripts/selinux-compile-policy.py
create mode 100644 src/security/selinux/mcs/meson.build
create mode 100644 src/security/selinux/meson.build
create mode 100644 src/security/selinux/mls/meson.build
create mode 100644 src/security/selinux/virt.fc
create mode 100644 src/security/selinux/virt.if
create mode 100644 src/security/selinux/virt.te
--
2.31.1
3 years, 2 months
[RFC 0/7] introduce support for live appid updates
by Pavel Hrdina
I'm posting this as an RFC mainly because I'm not sure how to model
the new API. This patches introduce a new naive API that will change
only the APPID and nothing else.
Currently there are no other known features related to Fibre Channel
resources so this non-extendable API will be sufficient, however the
appid lives in <resource> element in the XML where we currently have
root cgroup partition. Even though changing the partition will not be
supported and we don't know about anything else that could be placed
here it doesn't mean it will not happen in the future. In that case
we would have to add new API as well.
So I'm wondering if we should create a more generic API that would take
typed parameters as arguments:
int virDomainSetResource(virDomainPtr domain,
virTypedParameterPtr params,
int nparams,
unsigned int flags)
Any ideas?
Pavel Hrdina (7):
conf: extract appid validation to virDomainDefResourceAppidValidate
cgroup: extract setting fibre channel appid into virCgroupSetFCAppid
virCgroupSetFCAppid: properly handle when appid is NULL
src: introduce virDomainSetFibreChannelAppid API
remote: add RPC support for the virDomainSetFibreChannelAppid API
qemu: implement virDomainSetFibreChannelAppid API
tools: introduce virsh setappid command
docs/manpages/virsh.rst | 14 ++++++
include/libvirt/libvirt-domain.h | 4 ++
src/conf/domain_validate.c | 42 ++++++++++--------
src/conf/domain_validate.h | 2 +
src/driver-hypervisor.h | 6 +++
src/libvirt-domain.c | 44 +++++++++++++++++++
src/libvirt_private.syms | 2 +
src/libvirt_public.syms | 1 +
src/qemu/qemu_cgroup.c | 17 +-------
src/qemu/qemu_driver.c | 75 ++++++++++++++++++++++++++++++++
src/remote/remote_driver.c | 1 +
src/remote/remote_protocol.x | 14 +++++-
src/remote_protocol-structs | 6 +++
src/util/vircgroup.c | 24 ++++++++++
src/util/vircgroup.h | 3 ++
tools/virsh-domain.c | 65 +++++++++++++++++++++++++++
16 files changed, 286 insertions(+), 34 deletions(-)
--
2.31.1
3 years, 2 months
[libvirt PATCH 00/11] Attempt to rewrite group-qemu-caps.py in Python
by Ján Tomko
Disclaimer: I don't really know Python
Ján Tomko (11):
scripts: group-qemu-caps: read file separately in load_caps_flags
scripts: group-qemu-caps: store paths in helper variables
scripts: group-qemu-caps: remove cryptic bool from load_caps_flags
scripts: group-qemu-caps: remove unnecessary regexes
scripts: group-qemu-caps: split lines in regroup_caps
scripts: group-qemu-caps: introduce load_file
scripts: group-qemu-caps: introduce find_markers
scripts: group-qemu-caps: introduce check_wrapping
scripts: group-qemu-caps: only pass relevant lines to regroup_caps
scripts: group-qemu-caps: reorder arguments
scripts: group-qemu-caps: remove Errs variable
scripts/group-qemu-caps.py | 172 +++++++++++++++++++------------------
1 file changed, 90 insertions(+), 82 deletions(-)
--
2.31.1
3 years, 2 months
[libvirt PATCH] tests: Fix typos
by Tim Wiederhake
Signed-off-by: Tim Wiederhake <twiederh(a)redhat.com>
---
tests/qemuxml2argvtest.c | 2 +-
tests/testutilsqemu.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 0cc4e8a73b..aa2afd878b 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2093,7 +2093,7 @@ mymain(void)
DO_TEST_CAPS_VER("cpu-host-model", "6.0.0");
DO_TEST_CAPS_VER("cpu-host-model", "6.1.0");
- /* For this specific test we accept the increased likelyhood of changes
+ /* For this specific test we accept the increased likelihood of changes
* if qemu updates the CPU model */
DO_TEST_CAPS_LATEST("cpu-host-model");
diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
index ea9a283297..164d601613 100644
--- a/tests/testutilsqemu.c
+++ b/tests/testutilsqemu.c
@@ -750,7 +750,7 @@ testQemuInfoInitArgs(struct testQemuInfo *info)
info->args.newargs = false;
if (info->args.invalidarg) {
- fprintf(stderr, "Invalid agument encountered by 'testQemuInfoSetArgs'\n");
+ fprintf(stderr, "Invalid argument encountered by 'testQemuInfoSetArgs'\n");
return -1;
}
--
2.31.1
3 years, 2 months
[PATCH 0/4] Appease Clang
by Michal Privoznik
With its recent update Clang-13.0.1-rc1 started to report spurious
warnings. Basically it is concerned about our use of g_auto*:
g_autofree char *var = NULL;
var = func();
It fails to see that @var is there to automatically free retval of
func(). I've reported the bug here:
https://bugs.llvm.org/show_bug.cgi?id=36627
But there are few places where we can change the code and appease Clang.
The rest, where our code is correct - I'm "fixing" those places in patch
4/4 which exists only to show that after the problematic pattern is
broken the build passes again:
https://gitlab.com/MichalPrivoznik/libvirt/-/jobs/1532513684
Michal Prívozník (4):
virpci: Avoid Clang false positive
test: Drop unused @cfg from qemu*test
virscsi: Drop @tmp from virSCSIDeviceListDel
DO NOT MERGE
src/rpc/virnetclient.c | 9 ++++++---
src/util/viridentity.c | 3 ++-
src/util/virpci.c | 4 ++--
src/util/virscsi.c | 3 +--
tests/qemumigrationcookiexmltest.c | 2 --
tests/qemustatusxml2xmltest.c | 2 --
6 files changed, 11 insertions(+), 12 deletions(-)
--
2.31.1
3 years, 2 months
[PATCH] qemu: snapshot: Translate 'volume' disks before attempting offline snapshot manipulation
by Peter Krempa
When the VM is inactive the 'virStorageSource' struct doesn't have the
necessary data pointing to the actual storage. This is a problem for
inactive snapshot operations on VMs which use disk type='volume'.
Add the translation steps for reversion and deletion of snapshots.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1977155
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/202
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_domain.c | 6 ++++++
src/qemu/qemu_snapshot.c | 7 +++++++
2 files changed, 13 insertions(+)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 50a921c80d..962343cb2d 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7088,6 +7088,7 @@ qemuDomainSnapshotDiscard(virQEMUDriver *driver,
if (!metadata_only) {
if (!virDomainObjIsActive(vm)) {
+ size_t i;
/* Ignore any skipped disks */
/* Prefer action on the disks in use at the time the snapshot was
@@ -7098,6 +7099,11 @@ qemuDomainSnapshotDiscard(virQEMUDriver *driver,
if (!def)
def = vm->def;
+ for (i = 0; i < def->ndisks; i++) {
+ if (virDomainDiskTranslateSourcePool(def->disks[i]) < 0)
+ return -1;
+ }
+
if (qemuDomainSnapshotForEachQcow2(driver, def, snap, "-d", true) < 0)
return -1;
} else {
diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c
index 4e74ddd7f8..fa1f9ce973 100644
--- a/src/qemu/qemu_snapshot.c
+++ b/src/qemu/qemu_snapshot.c
@@ -1813,6 +1813,8 @@ qemuSnapshotRevertInactive(virQEMUDriver *driver,
virDomainObj *vm,
virDomainMomentObj *snap)
{
+ size_t i;
+
/* Prefer action on the disks in use at the time the snapshot was
* created; but fall back to current definition if dealing with a
* snapshot created prior to libvirt 0.9.5. */
@@ -1821,6 +1823,11 @@ qemuSnapshotRevertInactive(virQEMUDriver *driver,
if (!def)
def = vm->def;
+ for (i = 0; i < def->ndisks; i++) {
+ if (virDomainDiskTranslateSourcePool(def->disks[i]) < 0)
+ return -1;
+ }
+
/* Try all disks, but report failure if we skipped any. */
if (qemuDomainSnapshotForEachQcow2(driver, def, snap, "-a", true) != 0)
return -1;
--
2.31.1
3 years, 2 months
[PATCH 1/5] conf: Introduce SGX EPC element into device memory xml
by Haibin Huang
From: Lin Yang <lin.a.yang(a)intel.com>
<devices>
...
<memory model='sgx-epc'>
<target>
<size unit='KiB'>512</size>
</target>
</memory>
...
</devices>
---
docs/schemas/domaincommon.rng | 1 +
src/conf/domain_conf.c | 5 +++++
src/conf/domain_conf.h | 1 +
src/conf/domain_validate.c | 1 +
src/qemu/qemu_alias.c | 3 +++
src/qemu/qemu_command.c | 1 +
src/qemu/qemu_domain.c | 1 +
src/qemu/qemu_domain_address.c | 4 ++++
src/qemu/qemu_process.c | 2 ++
src/qemu/qemu_validate.c | 8 ++++++++
src/security/security_apparmor.c | 1 +
src/security/security_dac.c | 2 ++
src/security/security_selinux.c | 2 ++
13 files changed, 32 insertions(+)
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 11fa24f398..a03cb4b388 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -6595,6 +6595,7 @@
<value>dimm</value>
<value>nvdimm</value>
<value>virtio-pmem</value>
+ <value>sgx-epc</value>
</choice>
</attribute>
<optional>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 10effdce69..6b0c847037 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1392,6 +1392,7 @@ VIR_ENUM_IMPL(virDomainMemoryModel,
"dimm",
"nvdimm",
"virtio-pmem",
+ "sgx-epc",
);
VIR_ENUM_IMPL(virDomainShmemModel,
@@ -5494,6 +5495,7 @@ virDomainMemoryDefPostParse(virDomainMemoryDef *mem,
break;
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -14682,6 +14684,7 @@ virDomainMemorySourceDefParseXML(xmlNodePtr node,
def->nvdimmPath = virXPathString("string(./path)", ctxt);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -16513,6 +16516,7 @@ virDomainMemoryFindByDefInternal(virDomainDef *def,
continue;
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -25806,6 +25810,7 @@ virDomainMemorySourceDefFormat(virBuffer *buf,
virBufferEscapeString(&childBuf, "<path>%s</path>\n", def->nvdimmPath);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index c7e6df7981..095e80cf18 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2472,6 +2472,7 @@ typedef enum {
VIR_DOMAIN_MEMORY_MODEL_DIMM, /* dimm hotpluggable memory device */
VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */
VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM, /* virtio-pmem memory device */
+ VIR_DOMAIN_MEMORY_MODEL_SGX_EPC, /* SGX enclave page cache */
VIR_DOMAIN_MEMORY_MODEL_LAST
} virDomainMemoryModel;
diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index 60f7ccdddd..ab0be2649f 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -1977,6 +1977,7 @@ virDomainMemoryDefValidate(const virDomainMemoryDef *mem,
}
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
break;
case VIR_DOMAIN_MEMORY_MODEL_NONE:
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index ed47fa335a..5990fc5f87 100644
--- a/src/qemu/qemu_alias.c
+++ b/src/qemu/qemu_alias.c
@@ -522,6 +522,9 @@ qemuAssignDeviceMemoryAlias(virDomainDef *def,
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
prefix = "virtiopmem";
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ prefix = "epc";
+ break;
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
default:
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 2756f46b51..24572d03d7 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -3317,6 +3317,7 @@ qemuBuildMemoryDeviceStr(const virDomainDef *def,
device = "virtio-pmem-pci";
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
default:
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 9baa4b5d90..8e151d1fd5 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -9042,6 +9042,7 @@ qemuDomainDefValidateMemoryHotplugDevice(const virDomainMemoryDef *mem,
needsNuma = false;
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
return -1;
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index 392368bd38..c8d93f5413 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -1015,6 +1015,7 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDef *dev,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
return 0;
}
@@ -3037,6 +3038,7 @@ qemuDomainAssignMemoryDeviceSlot(virQEMUDriver *driver,
return qemuDomainEnsurePCIAddress(vm, &dev, driver);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -3062,6 +3064,7 @@ qemuDomainReleaseMemoryDeviceSlot(virDomainObj *vm,
qemuDomainReleaseDeviceAddress(vm, &mem->info);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -3095,6 +3098,7 @@ qemuDomainAssignMemorySlots(virDomainDef *def)
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
/* handled in qemuDomainAssignPCIAddresses() */
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 77da9992f4..d2cccfc586 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3802,6 +3802,7 @@ qemuProcessDomainMemoryDefNeedHugepagesPath(const virDomainMemoryDef *mem,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
/* None of these can be backed by hugepages. */
return false;
@@ -3875,6 +3876,7 @@ qemuProcessNeedMemoryBackingPath(virDomainDef *def,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
/* Backed by user provided path. Not stored in memory
* backing dir anyway. */
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index e5c4e3af26..545af727f7 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4929,6 +4929,14 @@ qemuValidateDomainDeviceDefMemory(virDomainMemoryDef *mem,
}
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("sgx epc isn't supported by this QEMU binary"));
+ return -1;
+ }
+ break;
+
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 84363015dc..46fbadb97a 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -693,6 +693,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr,
return reload_profile(mgr, def, mem->nvdimmPath, true);
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 04b9ecf028..64b6fabb7d 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1849,6 +1849,7 @@ virSecurityDACRestoreMemoryLabel(virSecurityManager *mgr,
break;
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
ret = 0;
@@ -2033,6 +2034,7 @@ virSecurityDACSetMemoryLabel(virSecurityManager *mgr,
break;
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
ret = 0;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 0e5ea0366d..0034ad4495 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1582,6 +1582,7 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManager *mgr,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
@@ -1609,6 +1610,7 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManager *mgr,
break;
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
ret = 0;
--
2.17.1
3 years, 2 months
