June 2022 - Devel - libvirt List Archives

[libvirt PATCH 0/6] Use virURIFree less (glib chronicles)
by Ján Tomko 22 Jun '22

22 Jun '22

Ján Tomko (6): Use g_auto for virURI almost everywhere tests: remove pointless label in testURIParse vz: refactor testURIParse vmx: use g_autofree in virVMXParseSerial qemu: remove cleanup label from qemuMigrationSrcGraphicsRelocate libxl: remove cleanup label from libxlDomainMigrationSrcPerform src/esx/esx_driver.c | 3 +-- src/libxl/libxl_migration.c | 17 ++++++----------- src/qemu/qemu_migration.c | 30 ++++++++++++------------------ src/vmx/vmx.c | 13 ++++--------- src/vz/vz_driver.c | 3 +-- src/vz/vz_sdk.c | 31 +++++++++++-------------------- tests/viruritest.c | 14 +++++--------- 7 files changed, 40 insertions(+), 71 deletions(-) -- 2.34.1

2 8

[PATCH] libxl: Fix domain startup failure error reporting
by Cole Robinson 21 Jun '22

21 Jun '22

When domain startup fails, domain cleanup calls libxlNetworkUnwindDevices, which calls virGetConnectNetwork, which is a top level API entry point, which resets the initial saved error, leading to clients seeing: error: An error occurred, but the cause is unknown This preserves the error from before virGetConnectNetwork is called. Signed-off-by: Cole Robinson <crobinso(a)redhat.com> --- src/libxl/libxl_domain.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c index 17b347de4e..bda110e9e6 100644 --- a/src/libxl/libxl_domain.c +++ b/src/libxl/libxl_domain.c @@ -830,12 +830,17 @@ libxlNetworkUnwindDevices(virDomainDef *def) /* cleanup actual device */ virDomainNetRemoveHostdev(def, net); if (net->type == VIR_DOMAIN_NET_TYPE_NETWORK) { - g_autoptr(virConnect) conn = virGetConnectNetwork(); + g_autoptr(virConnect) conn = NULL; + virErrorPtr save_err; + + virErrorPreserveLast(&save_err); + conn = virGetConnectNetwork(); if (conn) virDomainNetReleaseActualDevice(conn, def, net); else VIR_WARN("Unable to release network device '%s'", NULLSTR(net->ifname)); + virErrorRestore(&save_err); } } } -- 2.36.1

2 2

[PATCH 0/4] qemu: Fix tpm-tis for armv7l and riscv
by Cole Robinson 21 Jun '22

21 Jun '22

This fixes tpm-tis usage for armv7l and riscv arches, and then switches qemu tpm validation to use domcaps as the source of truth Cole Robinson (4): qemu: validate: Drop tpm-tis arch validation qemu: command: Use correct tpm device for all non-x86 tests: mock swtpm initialization for all qemu tests qemu: validate: use domcaps for tpm validation src/qemu/qemu_command.c | 2 +- src/qemu/qemu_validate.c | 77 +++++++++------------------------------- tests/domaincapstest.c | 7 ---- tests/testutilsqemu.c | 8 +++++ 4 files changed, 26 insertions(+), 68 deletions(-) -- 2.36.1

2 8

[libvirt PATCH 0/2] tools: add integrated support for XPath in virsh
by Daniel P. Berrangé 17 Jun '22

17 Jun '22

See commit 2 for the example usage Daniel P. Berrangé (2): tools: add helper method for printing an XML document tools: add '--xpath EXPRESSION --wrap' args to all dumpxml commands docs/manpages/virsh.rst | 138 ++++++++++++++++++++++++++++++++++----- tools/virsh-backup.c | 17 ++++- tools/virsh-checkpoint.c | 17 ++++- tools/virsh-domain.c | 55 +++++++++++++--- tools/virsh-interface.c | 22 +++++-- tools/virsh-network.c | 47 +++++++++---- tools/virsh-nodedev.c | 17 ++++- tools/virsh-nwfilter.c | 51 ++++++++++----- tools/virsh-pool.c | 27 +++++--- tools/virsh-secret.c | 18 ++++- tools/virsh-snapshot.c | 17 ++++- tools/virsh-util.c | 59 +++++++++++++++++ tools/virsh-util.h | 7 ++ tools/virsh-volume.c | 28 +++++--- 14 files changed, 436 insertions(+), 84 deletions(-) -- 2.36.1

2 5

[PATCH] po/LINGUAS: Fix sorting
by Peter Krempa 17 Jun '22

17 Jun '22

Fixes breakage of 'sc_linguas_sorting'. Fixes: c886a40cfcbceb2efa57930b64f758d3e263d759 Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- Pushed as a build fix. Whether that syntax check is a sensible use of CPU cycles is for another discussion. po/LINGUAS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/po/LINGUAS b/po/LINGUAS index 33418f7705..490a76b5d4 100644 --- a/po/LINGUAS +++ b/po/LINGUAS @@ -17,6 +17,7 @@ hu id it ja +ka kn ko mk @@ -42,4 +43,3 @@ uk vi zh_CN zh_TW -ka -- 2.36.1

3 3

Some questions regarding firmware handling in the qemu driver
by Jim Fehlig 16 Jun '22

16 Jun '22

Hi All, I received a bug report (private, sorry) about inability to "deploy uefi virtual machine with secureboot enabled on aarch64 kvm host". Indeed the qemu driver has some checks that would prohibit using secure boot with aarch64 virt machines, e.g. https://gitlab.com/libvirt/libvirt/-/blob/master/src/qemu/qemu_validate.c#L… However it appears qemu does not restrict booting a firmware with keys enrolled and secure boot enabled. E.g. qemu-system-aarch64 -m 4096 -cpu host -accel kvm -smp 4 -M virt -drive if=pflash,format=raw,readonly=on,file=/usr/share/qemu/aavmf-aarch64-opensuse-code.bin -drive if=pflash,format=raw,file=/vm_images/jim/images/test/test-vars-store.bin ... seems to work fine and within the guest I see db keys loaded by kernel [ 4.782777] integrity: Loading X.509 certificate: UEFI:db [ 4.789494] integrity: Loaded X.509 cert 'Build time autogenerated kernel key: 44e3470bd0c5eb190e3292dfc42db061521184ee' [ 4.789548] integrity: Loading X.509 certificate: UEFI:db [ 4.789701] integrity: Loaded X.509 cert 'openSUSE Secure Boot Signkey: 0332fa9cbf0d88bf21924b0de82a09a54d5defc8' [ 4.789710] integrity: Loading X.509 certificate: UEFI:db [ 4.789841] integrity: Loaded X.509 cert 'SUSE Linux Enterprise Secure Boot Signkey: 3fb077b6cebc6ff2522e1c148c57c777c788e3e7' Can we consider easing the secure boot restrictions in qemuValidateDomainDefBoot? Experimenting with the behavior on x86 raised other questions: libvirt requires the firmware to support SMM to enable secure boot. But is SMM a strict requirement for secure boot? IIUC, lack of SMM makes the securely booted stack less secure since it is easier to tamper with it, but it does not prevent securely booting the components. When selecting firmwares manually and marking the loader secure, VM creation fails unless SMM is explicitly set in <features>. E.g. the following will fail with "unsupported configuration: Secure boot requires SMM feature enabled" <os> <type arch="x86_64" machine="q35">hvm</type> <loader readonly="yes" secure="yes" type="pflash">/usr/share/qemu/ovmf-x86_64-smm-code.bin</loader> <nvram template="/usr/share/qemu/ovmf-x86_64-smm-vars.bin"/> <boot dev="hd"/> </os> even though the descriptor file for /usr/share/qemu/ovmf-x86_64-smm-code.bin advertises secure-boot and requires-smm. Is this just a case of trying to mix old style explicit firmware selection vs firmware auto-select? I.e., if selecting the firmware explicitly, the onus is on the user to also specify any related and required config? Regards, Jim

5 12

[PATCH] storage: zfs: split pool and volume names properly
by Fabian Lesniak 16 Jun '22

16 Jun '22

Before, the volume name was determined as the last token after any / character. This does not work with zvols below the top level of the pool: /dev/zvols/pool/images/vm1 is truncated to /dev/zvols/pool/vm1. This patch removes the pool name only, so when using the pool "pool", the volume path "images/vm1" is used. --- src/storage/storage_backend_zfs.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/storage/storage_backend_zfs.c b/src/storage/storage_backend_zfs.c index 2a5d74357d..397ea7f386 100644 --- a/src/storage/storage_backend_zfs.c +++ b/src/storage/storage_backend_zfs.c @@ -104,7 +104,7 @@ virStorageBackendZFSParseVol(virStoragePoolObj *pool, virStorageVolDef *volume = NULL; virStoragePoolDef *def = virStoragePoolObjGetDef(pool); g_auto(GStrv) tokens = NULL; - char *tmp; + char *pool_name = def->source.name; if (!(tokens = g_strsplit(volume_string, "\t", 0))) return -1; @@ -113,8 +113,9 @@ virStorageBackendZFSParseVol(virStoragePoolObj *pool, goto cleanup; vol_name = tokens[0]; - if ((tmp = strrchr(vol_name, '/'))) - vol_name = tmp + 1; + if (strlen(vol_name) > strlen(pool_name) && + STRPREFIX(vol_name, pool_name)) + vol_name += strlen(pool_name) + 1; if (vol == NULL) volume = virStorageVolDefFindByName(pool, vol_name); -- 2.36.1

2 1

[PATCH] qemu: Fix alignment in qemuFirmwareMappingFlashFormat()
by Andrea Bolognani 16 Jun '22

16 Jun '22

Signed-off-by: Andrea Bolognani <abologna(a)redhat.com> --- Pushed as trivial. src/qemu/qemu_firmware.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 1dd5c09636..c8f462bfcf 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -751,7 +751,7 @@ qemuFirmwareMappingFlashFormat(virJSONValue *mapping, return -1; if (virJSONValueObjectAppend(mapping, - "nvram-template", + "nvram-template", &nvram_template) < 0) return -1; } -- 2.35.3

1 0

[PATCH 0/6] Improve setting of logging with 'virt-admin' when daemon uses auto-shutdown
by Peter Krempa 16 Jun '22

16 Jun '22

Allow setting of the timeout so that users can bypass it when they are setting runtime-logging. Update the docs to mention the caveat and suggest the bypass. Peter Krempa (6): virnetdaemon: Extract autoShutdownTimer operations from virNetDaemonRun virNetDaemonAutoShutdown: Allow live update of shutdown timeout scripts: apibuild: Improve error when API is missing from symbol file admin: Introduce virAdmConnectSetDaemonTimeout virt-admin: Introduce 'daemon-timeout' kbase: debuglogs: Add a note about auto-shutdown of daemons docs/kbase/debuglogs.rst | 20 +++++ docs/manpages/virt-admin.rst | 12 +++ include/libvirt/libvirt-admin.h | 4 + scripts/apibuild.py | 2 + src/admin/admin_protocol.x | 12 ++- src/admin/admin_server_dispatch.c | 12 +++ src/admin/libvirt-admin.c | 34 ++++++++ src/admin/libvirt_admin_public.syms | 5 ++ src/admin_protocol-structs | 5 ++ src/locking/lock_daemon.c | 5 +- src/logging/log_daemon.c | 5 +- src/remote/remote_daemon.c | 4 +- src/rpc/virnetdaemon.c | 127 ++++++++++++++++++---------- src/rpc/virnetdaemon.h | 4 +- tools/virt-admin.c | 45 ++++++++++ 15 files changed, 240 insertions(+), 56 deletions(-) -- 2.36.1

2 8

Plans for the next release
by Jiri Denemark 16 Jun '22

16 Jun '22

We are getting close to the next release of libvirt. To aim for the release on Jul 01 I suggest entering the freeze on Monday Jun 27 and tagging RC2 on Wednesday Jun 29. I hope this works for everyone. Jirka

1 0