[PATCH] rpc: Require dtrace sources to be generated first
by Michal Privoznik
The virt_socket_lib is built from virnetsocket.c (among others).
But this file includes virprobe.h which includes libvirt_probes.h
which is a generated file. But this dependency is not recorded in
meson which may lead to a failed build.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
I don't know if this is the right fix or we need to go with
declare_dependency(), or even something else. But this fixes the build
for me.
src/rpc/meson.build | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/rpc/meson.build b/src/rpc/meson.build
index 7fde92e6cf..36a2809adf 100644
--- a/src/rpc/meson.build
+++ b/src/rpc/meson.build
@@ -9,6 +9,7 @@ socket_sources = [
virt_socket_lib = static_library(
'virt_socket',
[
+ dtrace_gen_headers,
socket_sources,
],
dependencies: [
--
2.32.0
3 years, 3 months
[PATCH v2] Add VM info to improve error log message for qemu monitor
by Rohit Kumar
This patch is to determine the VM which had IO or socket hangup error.
Accessing directly vm->def->name inside qemuMonitorIO() or qemuMonitorSend()
might leads to illegal access as we are out of 'vm' context and vm->def might
not exist. Adding a field "domainName" inside mon object to access vm name
and initialising it when creating mon object.
Signed-off-by: Rohit Kumar <rohit.kumar3(a)nutanix.com>
---
diff to v1:
- Adding a field domainName inside _qemuMonitor struct for accessing vm name
instead of directly accessing mon->vm->def->name.
- Link to v1: https://listman.redhat.com/archives/libvir-list/2021-December/msg00217.html
- Talked with peter on RFC and he suggested me to add a field inside
monitor struct to get VM name.
src/qemu/qemu_monitor.c | 47 +++++++++++++++++++++++++----------------
1 file changed, 29 insertions(+), 18 deletions(-)
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index dda6ae9796..c3a0227795 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -80,6 +80,7 @@ struct _qemuMonitor {
GSource *watch;
virDomainObj *vm;
+ char *domainName;
qemuMonitorCallbacks *cb;
void *callbackOpaque;
@@ -243,6 +244,7 @@ qemuMonitorDispose(void *obj)
virCondDestroy(&mon->notify);
g_free(mon->buffer);
g_free(mon->balloonpath);
+ g_free(mon->domainName);
}
@@ -530,13 +532,18 @@ qemuMonitorIO(GSocket *socket G_GNUC_UNUSED,
qemuMonitor *mon = opaque;
bool error = false;
bool hangup = false;
+ virDomainObj *vm = NULL;
+ char *vmName = NULL;
virObjectRef(mon);
+ vm = mon->vm;
+ vmName = mon->domainName;
+
/* lock access to the monitor and protect fd */
virObjectLock(mon);
#if DEBUG_IO
- VIR_DEBUG("Monitor %p I/O on socket %p cond %d", mon, socket, cond);
+ VIR_DEBUG("Monitor %p I/O on socket %p cond %d vm=%p name=%s", mon, socket, cond, vm, NULLSTR(vmName));
#endif
if (mon->fd == -1 || !mon->watch) {
virObjectUnlock(mon);
@@ -583,8 +590,8 @@ qemuMonitorIO(GSocket *socket G_GNUC_UNUSED,
if (!error && !mon->goteof &&
cond & G_IO_ERR) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("Invalid file descriptor while waiting for monitor"));
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("%s: Invalid file descriptor while waiting for monitor"), NULLSTR(vmName));
mon->goteof = true;
}
}
@@ -609,13 +616,14 @@ qemuMonitorIO(GSocket *socket G_GNUC_UNUSED,
virResetLastError();
} else {
if (virGetLastErrorCode() == VIR_ERR_OK && !mon->goteof)
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("Error while processing monitor IO"));
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("%s: Error while processing monitor IO"), NULLSTR(vmName));
virCopyLastError(&mon->lastError);
virResetLastError();
}
- VIR_DEBUG("Error on monitor %s", NULLSTR(mon->lastError.message));
+ VIR_DEBUG("Error on monitor %s mon=%p vm=%p name=%s",
+ NULLSTR(mon->lastError.message), mon, vm, NULLSTR(vmName));
/* If IO process resulted in an error & we have a message,
* then wakeup that waiter */
if (mon->msg && !mon->msg->finished) {
@@ -631,22 +639,22 @@ qemuMonitorIO(GSocket *socket G_GNUC_UNUSED,
* will try to acquire the virDomainObj *mutex next */
if (mon->goteof) {
qemuMonitorEofNotifyCallback eofNotify = mon->cb->eofNotify;
- virDomainObj *vm = mon->vm;
/* Make sure anyone waiting wakes up now */
virCondSignal(&mon->notify);
virObjectUnlock(mon);
- VIR_DEBUG("Triggering EOF callback");
+ VIR_DEBUG("Triggering EOF callback mon=%p vm=%p name=%s",
+ mon, vm, NULLSTR(vmName));
(eofNotify)(mon, vm, mon->callbackOpaque);
virObjectUnref(mon);
} else if (error) {
qemuMonitorErrorNotifyCallback errorNotify = mon->cb->errorNotify;
- virDomainObj *vm = mon->vm;
/* Make sure anyone waiting wakes up now */
virCondSignal(&mon->notify);
virObjectUnlock(mon);
- VIR_DEBUG("Triggering error callback");
+ VIR_DEBUG("Triggering error callback mon=%p vm=%p name=%s",
+ mon, vm, NULLSTR(vmName));
(errorNotify)(mon, vm, mon->callbackOpaque);
virObjectUnref(mon);
} else {
@@ -694,6 +702,7 @@ qemuMonitorOpenInternal(virDomainObj *vm,
mon->fd = fd;
mon->context = g_main_context_ref(context);
mon->vm = virObjectRef(vm);
+ mon->domainName = g_strdup(vm->def->name);
mon->waitGreeting = true;
mon->cb = cb;
mon->callbackOpaque = opaque;
@@ -932,17 +941,19 @@ qemuMonitorSend(qemuMonitor *mon,
qemuMonitorMessage *msg)
{
int ret = -1;
+ virDomainObj *vm = mon->vm;
+ char *vmName = mon->domainName;
/* Check whether qemu quit unexpectedly */
if (mon->lastError.code != VIR_ERR_OK) {
- VIR_DEBUG("Attempt to send command while error is set %s",
- NULLSTR(mon->lastError.message));
+ VIR_DEBUG("Attempt to send command while error is set %s mon=%p vm=%p name=%s",
+ NULLSTR(mon->lastError.message), mon, vm, NULLSTR(vmName));
virSetError(&mon->lastError);
return -1;
}
if (mon->goteof) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("End of file from qemu monitor"));
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("%s: End of file from qemu monitor"), NULLSTR(vmName));
return -1;
}
@@ -955,15 +966,15 @@ qemuMonitorSend(qemuMonitor *mon,
while (!mon->msg->finished) {
if (virCondWait(&mon->notify, &mon->parent.lock) < 0) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("Unable to wait on monitor condition"));
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("%s: Unable to wait on monitor condition"), NULLSTR(vmName));
goto cleanup;
}
}
if (mon->lastError.code != VIR_ERR_OK) {
- VIR_DEBUG("Send command resulted in error %s",
- NULLSTR(mon->lastError.message));
+ VIR_DEBUG("Send command resulted in error %s mon=%p vm=%p name=%s",
+ NULLSTR(mon->lastError.message), mon, vm, NULLSTR(vmName));
virSetError(&mon->lastError);
goto cleanup;
}
--
2.25.1
3 years, 3 months
[PATCH v2 0/3] Rework <tpm/> formatting
by Michal Privoznik
v2 of:
https://listman.redhat.com/archives/libvir-list/2022-January/msg00047.html
diff to v1:
- Pushed 1/4 from the original series, because it was acked and
independent of the rest.
- Swapped two patches to make the test suite pass after each single
patch.
- Renamed variable in 1/3 (3/4 in the original series) per Peter's
suggestion.
Michal Prívozník (3):
conf: Rework <tpm/> formatting
qemuxml2xmloutdata: Turn tpm-*.xml files into symlinks
conf: Make virDomainTPMDefFormat() return void
src/conf/domain_conf.c | 65 ++++++++-----------
.../tpm-emulator-tpm2-enc.xml | 12 +++-
.../tpm-emulator-tpm2-pstate.xml | 12 +++-
tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 13 +++-
tests/qemuxml2argvdata/tpm-emulator.xml | 12 +++-
.../qemuxml2argvdata/tpm-passthrough-crb.xml | 12 +++-
tests/qemuxml2argvdata/tpm-passthrough.xml | 12 +++-
.../tpm-emulator-tpm2-enc.x86_64-latest.xml | 41 +-----------
...tpm-emulator-tpm2-pstate.x86_64-latest.xml | 39 +----------
.../tpm-emulator-tpm2.x86_64-latest.xml | 44 +------------
.../tpm-emulator.x86_64-latest.xml | 39 +----------
.../tpm-passthrough-crb.x86_64-latest.xml | 41 +-----------
.../tpm-passthrough.x86_64-latest.xml | 41 +-----------
13 files changed, 94 insertions(+), 289 deletions(-)
mode change 100644 => 120000 tests/qemuxml2xmloutdata/tpm-emulator-tpm2-enc.x86_64-latest.xml
mode change 100644 => 120000 tests/qemuxml2xmloutdata/tpm-emulator-tpm2-pstate.x86_64-latest.xml
mode change 100644 => 120000 tests/qemuxml2xmloutdata/tpm-emulator-tpm2.x86_64-latest.xml
mode change 100644 => 120000 tests/qemuxml2xmloutdata/tpm-emulator.x86_64-latest.xml
mode change 100644 => 120000 tests/qemuxml2xmloutdata/tpm-passthrough-crb.x86_64-latest.xml
mode change 100644 => 120000 tests/qemuxml2xmloutdata/tpm-passthrough.x86_64-latest.xml
--
2.34.1
3 years, 3 months
[PATCH] conf: Extend TPM ABI stability check for <active_pcr_banks/>
by Michal Privoznik
Changing <active_pcr_banks/> means changing the guest ABI and as
such must be prevented on both restoring from a file or
migration.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2035888
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/conf/domain_conf.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 716c6d2240..bba662bf4c 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -21994,6 +21994,20 @@ virDomainTPMDefCheckABIStability(virDomainTPMDef *src,
return false;
}
+ switch (src->type) {
+ case VIR_DOMAIN_TPM_TYPE_EMULATOR:
+ if (src->data.emulator.activePcrBanks != dst->data.emulator.activePcrBanks) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("Target active PCR banks doesn't match source"));
+ return false;
+ }
+ break;
+
+ case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
+ case VIR_DOMAIN_TPM_TYPE_LAST:
+ break;
+ }
+
return virDomainDeviceInfoCheckABIStability(&src->info, &dst->info);
}
--
2.34.1
3 years, 3 months
[PATCH] ci: Refresh configuration
by Andrea Bolognani
Notable changes:
* drop libdbus and radvd;
* add codespell.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
Pushed under the CI refresh rule.
Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/440555431
Full patch: https://gitlab.com/libvirt/libvirt/-/commit/d004171806f1364c8a0112e02329f...
ci/cirrus/freebsd-12.vars | 2 +-
ci/cirrus/freebsd-13.vars | 2 +-
ci/cirrus/freebsd-current.vars | 2 +-
ci/cirrus/macos-11.vars | 2 +-
ci/containers/centos-8.Dockerfile | 4 +---
ci/containers/centos-stream-8.Dockerfile | 4 +---
ci/containers/debian-10-cross-aarch64.Dockerfile | 3 +--
ci/containers/debian-10-cross-armv6l.Dockerfile | 3 +--
ci/containers/debian-10-cross-armv7l.Dockerfile | 3 +--
ci/containers/debian-10-cross-i686.Dockerfile | 3 +--
ci/containers/debian-10-cross-mips.Dockerfile | 3 +--
ci/containers/debian-10-cross-mips64el.Dockerfile | 3 +--
ci/containers/debian-10-cross-mipsel.Dockerfile | 3 +--
ci/containers/debian-10-cross-ppc64le.Dockerfile | 3 +--
ci/containers/debian-10-cross-s390x.Dockerfile | 3 +--
ci/containers/debian-10.Dockerfile | 3 +--
ci/containers/debian-11-cross-aarch64.Dockerfile | 6 ++----
ci/containers/debian-11-cross-armv6l.Dockerfile | 6 ++----
ci/containers/debian-11-cross-armv7l.Dockerfile | 6 ++----
ci/containers/debian-11-cross-i686.Dockerfile | 6 ++----
ci/containers/debian-11-cross-mips64el.Dockerfile | 6 ++----
ci/containers/debian-11-cross-mipsel.Dockerfile | 6 ++----
ci/containers/debian-11-cross-ppc64le.Dockerfile | 6 ++----
ci/containers/debian-11-cross-s390x.Dockerfile | 6 ++----
ci/containers/debian-11.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-aarch64.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-armv6l.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-armv7l.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-i686.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-mips64el.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-mipsel.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-ppc64le.Dockerfile | 6 ++----
ci/containers/debian-sid-cross-s390x.Dockerfile | 6 ++----
ci/containers/debian-sid.Dockerfile | 6 ++----
ci/containers/fedora-34.Dockerfile | 8 +++-----
ci/containers/fedora-35-cross-mingw32.Dockerfile | 6 ++----
ci/containers/fedora-35-cross-mingw64.Dockerfile | 6 ++----
ci/containers/fedora-35.Dockerfile | 8 +++-----
ci/containers/fedora-rawhide-cross-mingw32.Dockerfile | 6 ++----
ci/containers/fedora-rawhide-cross-mingw64.Dockerfile | 6 ++----
ci/containers/fedora-rawhide.Dockerfile | 8 +++-----
ci/containers/opensuse-leap-152.Dockerfile | 3 +--
ci/containers/opensuse-tumbleweed.Dockerfile | 3 +--
ci/containers/ubuntu-1804.Dockerfile | 6 ++----
ci/containers/ubuntu-2004.Dockerfile | 6 ++----
45 files changed, 75 insertions(+), 145 deletions(-)
diff --git a/ci/cirrus/freebsd-13.vars b/ci/cirrus/freebsd-13.vars
index 4845d8d461..480a403361 100644
--- a/ci/cirrus/freebsd-13.vars
+++ b/ci/cirrus/freebsd-13.vars
@@ -11,6 +11,6 @@ MAKE='/usr/local/bin/gmake'
NINJA='/usr/local/bin/ninja'
PACKAGING_COMMAND='pkg'
PIP3='/usr/local/bin/pip-3.8'
-PKGS='augeas bash-completion ca_root_nss ccache cppi curl cyrus-sasl dbus diffutils diskscrub dnsmasq fusefs-libs gettext git glib gmake gnugrep gnutls gsed libpcap libpciaccess libssh libssh2 libxml2 libxslt meson ninja perl5 pkgconf polkit py38-docutils py38-flake8 python3 qemu radvd readline yajl'
+PKGS='augeas bash-completion ca_root_nss ccache codespell cppi curl cyrus-sasl diffutils diskscrub dnsmasq fusefs-libs gettext git glib gmake gnugrep gnutls gsed libpcap libpciaccess libssh libssh2 libxml2 libxslt meson ninja perl5 pkgconf polkit py38-docutils py38-flake8 python3 qemu readline yajl'
PYPI_PKGS=''
PYTHON='/usr/local/bin/python3'
diff --git a/ci/containers/debian-11.Dockerfile b/ci/containers/debian-11.Dockerfile
index e26b89d1d9..ce66568fb5 100644
--- a/ci/containers/debian-11.Dockerfile
+++ b/ci/containers/debian-11.Dockerfile
@@ -17,6 +17,7 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
ca-certificates \
ccache \
clang \
+ codespell \
cpp \
diffutils \
dnsmasq-base \
@@ -39,7 +40,6 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
libc6-dev \
libcap-ng-dev \
libcurl4-gnutls-dev \
- libdbus-1-dev \
libdevmapper-dev \
libfuse-dev \
libglib2.0-dev \
@@ -81,14 +81,12 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
python3 \
python3-docutils \
qemu-utils \
- radvd \
scrub \
sed \
systemtap-sdt-dev \
wireshark-dev \
xfslibs-dev \
- xsltproc \
- zfs-fuse && \
+ xsltproc && \
eatmydata apt-get autoremove -y && \
eatmydata apt-get autoclean -y && \
sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen && \
[... a lot more like this ...]
--
2.31.1
3 years, 3 months
[PATCH] qemu: monitor: Remove disabled debug infrastructure
by Peter Krempa
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_monitor.c | 44 -----------------------------------------
1 file changed, 44 deletions(-)
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index dda6ae9796..32e4ff1191 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -56,9 +56,6 @@
VIR_LOG_INIT("qemu.qemu_monitor");
-#define DEBUG_IO 0
-#define DEBUG_RAW_IO 0
-
/* We read from QEMU until seeing a \r\n pair to indicate a
* completed reply or event. To avoid memory denial-of-service
* though, we must have a size limit on amount of data we
@@ -210,25 +207,6 @@ VIR_ENUM_IMPL(qemuMonitorMemoryFailureAction,
"ignore", "inject",
"fatal", "reset");
-#if DEBUG_RAW_IO
-static char *
-qemuMonitorEscapeNonPrintable(const char *text)
-{
- size_t i;
- g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
- for (i = 0; text[i] != '\0'; i++) {
- if (g_ascii_isprint(text[i]) ||
- text[i] == '\n' ||
- (text[i] == '\r' && text[i + 1] == '\n'))
- virBufferAddChar(&buf, text[i]);
- else
- virBufferAsprintf(&buf, "0x%02x", text[i]);
- }
- return virBufferContentAndReset(&buf);
-}
-#endif
-
-
static void
qemuMonitorDispose(void *obj)
{
@@ -329,17 +307,6 @@ qemuMonitorIOProcess(qemuMonitor *mon)
if (mon->msg && mon->msg->txOffset == mon->msg->txLength)
msg = mon->msg;
-#if DEBUG_IO
-# if DEBUG_RAW_IO
- char *str1 = qemuMonitorEscapeNonPrintable(msg ? msg->txBuffer : "");
- char *str2 = qemuMonitorEscapeNonPrintable(mon->buffer);
- VIR_ERROR(_("Process %d %p %p [[[[%s]]][[[%s]]]"), (int)mon->bufferOffset, mon->msg, msg, str1, str2);
- VIR_FREE(str1);
- VIR_FREE(str2);
-# else
- VIR_DEBUG("Process %d", (int)mon->bufferOffset);
-# endif
-#endif
PROBE_QUIET(QEMU_MONITOR_IO_PROCESS, "mon=%p buf=%s len=%zu",
mon, mon->buffer, mon->bufferOffset);
@@ -360,10 +327,6 @@ qemuMonitorIOProcess(qemuMonitor *mon)
VIR_FREE(mon->buffer);
mon->bufferOffset = mon->bufferLength = 0;
}
-#if DEBUG_IO
- VIR_DEBUG("Process done %d used %d", (int)mon->bufferOffset, len);
-#endif
-
/* As the monitor mutex was unlocked in qemuMonitorJSONIOProcess()
* while dealing with qemu event, mon->msg could be changed which
* means the above 'msg' may be invalid, thus we use 'mon->msg' here */
@@ -505,10 +468,6 @@ qemuMonitorIORead(qemuMonitor *mon)
mon->buffer[mon->bufferOffset] = '\0';
}
-#if DEBUG_IO
- VIR_DEBUG("Now read %d bytes of data", (int)mon->bufferOffset);
-#endif
-
return ret;
}
@@ -535,9 +494,6 @@ qemuMonitorIO(GSocket *socket G_GNUC_UNUSED,
/* lock access to the monitor and protect fd */
virObjectLock(mon);
-#if DEBUG_IO
- VIR_DEBUG("Monitor %p I/O on socket %p cond %d", mon, socket, cond);
-#endif
if (mon->fd == -1 || !mon->watch) {
virObjectUnlock(mon);
virObjectUnref(mon);
--
2.31.1
3 years, 3 months
CDROM hotplug not supported even with usb bus
by Tianren Zhang
Hi,
I am using libvirt-4.5.0 + qemu-kvm-ev-2.12.0 and I have a question about
the cdrom function of libvirt. When I tried to attach a CD ROM, it rejected
the operation showing "cdrom/floppy device hotplug isn't supported". I
understand that it should be rejected when the IDE bus is used, but the
hotplug with USB bus is totally feasible, as it's also supported in qemu,
in this case, should it be allowed for hotplug?
I have not tried the newest version of libvirt yet, but looking at the
upstream source code it seems that there is no change regarding this issue.
Thank you,
Tianren Zhang
3 years, 3 months
[PATCH] virnettlscontext: Generate longer DH keys
by Michal Privoznik
Currently, we generate 2048 bits long DH keys. This may look
enough, but it's not very future proof. When system crypto policy
is tightened only 3072 or longer keys are valid. From
CRYPTO-POLICIES(7):
FUTURE
A conservative security policy that is believed to withstand
any near-term future attacks. ...
• DH params size: >= 3072
• RSA keys size: >= 3072
This policy corresponds to GNUTLS_SEC_PARAM_HIGH parameters.
Therefore, pass that to gnutls_sec_param_to_pk_bits() to get
longer key.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
Technically, this is a v2 of:
https://listman.redhat.com/archives/libvir-list/2021-December/msg00827.html
and was already reviewed. I'm sending it here because I've split the
original patch into two. The first one, which switches to
gnutls_sec_param_to_pk_bits() usage is merged. The second one (this one)
which lengthens the key is not.
src/rpc/virnettlscontext.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
index 55da485f96..f0b1e8f9c1 100644
--- a/src/rpc/virnettlscontext.c
+++ b/src/rpc/virnettlscontext.c
@@ -718,7 +718,7 @@ static virNetTLSContext *virNetTLSContextNew(const char *cacert,
if (isServer) {
unsigned int bits = 0;
- bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_MEDIUM);
+ bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_HIGH);
if (bits == 0) {
virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
_("Unable to get key length for diffie-hellman parameters"));
--
2.34.1
3 years, 3 months
[libvirt PATCH] spec: Drop BuildRequires on ZFS
by Andrea Bolognani
We're no longer performing build time detection.
Fixes: 506c3a39d6e645c8414c278ceaba97935f90cb95
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
libvirt.spec.in | 6 ------
1 file changed, 6 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 7bd74da2c9..9e24ba92ff 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -320,12 +320,6 @@ BuildRequires: glusterfs-devel >= 3.4.1
%if %{with_storage_sheepdog}
BuildRequires: sheepdog
%endif
-%if %{with_storage_zfs}
-# Support any conforming implementation of zfs. On stock Fedora
-# this is zfs-fuse, but could be zfsonlinux upstream RPMs
-BuildRequires: /sbin/zfs
-BuildRequires: /sbin/zpool
-%endif
%if %{with_numactl}
# For QEMU/LXC numa info
BuildRequires: numactl-devel
--
2.31.1
3 years, 3 months
