[libvirt PATCH v3 00/32] introduce external snapshot delete support
by Pavel Hrdina
This implements virDomainSnapshotDelete API to support external
snapshots. The support doesn't include flags
VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN and
VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN_ONLY as it would add more complexity
and IMHO these flags should not existed at all.
Gitlab repo with the patches:
https://gitlab.com/phrdina/libvirt/-/commits/snapshot-delete-external
Changes in v3:
- added new patch to store snapshotDelete in status XML
- fixed aborting jobs when daemon is restarted only when snapshot
delete was previously stared
Changes in v2:
- qemuBlockCommit properly unrefs job by calling qemuBlockJobStartupFinalize
- added comment to various functions
- renamed some functions as suggested in review of v1 patches
- improved error messages
- introduced virStorageSourceChainLookupBySource()
- use virStorageSourceIsBacking()
- properly cleanup qemuSnapshotDeleteExternalData
- don't allow deleting snapshot if there is another block job
Pavel Hrdina (32):
libvirt: introduce VIR_DOMAIN_JOB_OPERATION_SNAPSHOT_DELETE
qemu_block: extract block commit code to separate function
qemu_block: move qemuDomainBlockPivot out of qemu_driver
qemu_block: add async domain job support to qemuBlockCommit
qemu_block: add async domain job support to qemuBlockPivot
qemu_monitor: introduce qemuMonitorJobFinalize
qemu_monitor_json: allow configuring autofinalize for block commit
qemu_block: allow configuring autofinalize for block commit
qemu_block: introduce qemuBlockFinalize
qemu_block: change qemuBlockCommit to return job pointer
qemu_blockjob: process QEMU_MONITOR_JOB_STATUS_PENDING signal
storage_source: introduce virStorageSourceChainLookupBySource
qemu_snapshot: refactor qemuSnapshotDelete
qemu_snapshot: introduce qemuSnapshotDeleteSingle
qemu_snapshot: introduce qemuSnapshotDeleteChildren
qemu_snapshot: rework snapshot children deletion
qemu_snapshot: move snapshot discard out of qemu_domain.c
qemu_snapshot: move snapshot metadata reparent code
qemu_snapshot: introduce qemuSnapshotDiscardMetadata
qemu_snapshot: introduce qemuSnapshotDeleteValidate function
qemu_snapshot: refactor validation of snapshot delete
qemu_snapshot: error out when deleting internal snapshot on non-active
disk
qemu_snapshot: convert snapshot delete to async domain job
qemu_snapshot: prepare data for external snapshot deletion
qemu_snapshot: implement deletion of external snapshot
qemu_snapshot: update metadata when deleting snapshots
qemu_snapshot: when deleting snapshot invalidate parent snapshot
qemu_domain: store snapshotDelete in qemuDomainJobPrivate
qemu_process: abort snapshot delete when daemon starts
qemu_snapshot: enable deletion of external snapshots
api: document support for external snapshot deletion
NEWS: document support for external snapshot deletion
NEWS.rst | 6 +
include/libvirt/libvirt-domain.h | 1 +
src/conf/snapshot_conf.c | 8 +
src/conf/snapshot_conf.h | 1 +
src/libvirt-domain-snapshot.c | 7 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_backup.c | 1 +
src/qemu/qemu_block.c | 364 +++++++++++
src/qemu/qemu_block.h | 22 +
src/qemu/qemu_blockjob.c | 21 +-
src/qemu/qemu_blockjob.h | 1 +
src/qemu/qemu_domain.c | 118 +---
src/qemu/qemu_domain.h | 11 +-
src/qemu/qemu_driver.c | 292 +--------
src/qemu/qemu_monitor.c | 21 +-
src/qemu/qemu_monitor.h | 8 +-
src/qemu/qemu_monitor_json.c | 26 +-
src/qemu/qemu_monitor_json.h | 8 +-
src/qemu/qemu_process.c | 37 ++
src/qemu/qemu_snapshot.c | 981 +++++++++++++++++++++++++++---
src/qemu/qemu_snapshot.h | 4 +
src/storage_file/storage_source.c | 40 ++
src/storage_file/storage_source.h | 6 +
tests/qemumonitorjsontest.c | 4 +-
tools/virsh-domain.c | 1 +
25 files changed, 1514 insertions(+), 476 deletions(-)
--
2.39.0
1 year, 10 months
[PATCH] cpu_map: Add -noMPX models for x86 Icelake Server
by Lena Voytek
Intel has removed MPX capabilities from 10nm Icelake CPUs[1], which is
reflected by the new models through the line marking mpx as removed.
The original Icelake Server models have been left alone to avoid regressions.
This adds:
-Icelake-Server-noMPX
-Icelake-Server-noTSX-noMPX
References:
[1] Memory Protection Extensions support removal
https://www.intel.com/content/www/us/en/support/articles/000059823/proces...
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1978064
https://gitlab.com/libvirt/libvirt/-/issues/304
Signed-off-by: Lena Voytek <lena.voytek(a)canonical.com>
---
src/cpu_map/index.xml | 2 +
src/cpu_map/x86_Icelake-Server-noMPX.xml | 93 +++++++++++++++++++
.../x86_Icelake-Server-noTSX-noMPX.xml | 91 ++++++++++++++++++
3 files changed, 186 insertions(+)
create mode 100644 src/cpu_map/x86_Icelake-Server-noMPX.xml
create mode 100644 src/cpu_map/x86_Icelake-Server-noTSX-noMPX.xml
diff --git a/src/cpu_map/index.xml b/src/cpu_map/index.xml
index 351c2ae4fa..62c3d44a5c 100644
--- a/src/cpu_map/index.xml
+++ b/src/cpu_map/index.xml
@@ -54,6 +54,8 @@
<include filename='x86_Icelake-Client-noTSX.xml'/>
<include filename='x86_Icelake-Server.xml'/>
<include filename='x86_Icelake-Server-noTSX.xml'/>
+ <include filename='x86_Icelake-Server-noMPX.xml'/>
+ <include filename='x86_Icelake-Server-noTSX-noMPX.xml'/>
<include filename='x86_Cooperlake.xml'/>
<include filename='x86_Snowridge.xml'/>
diff --git a/src/cpu_map/x86_Icelake-Server-noMPX.xml b/src/cpu_map/x86_Icelake-Server-noMPX.xml
new file mode 100644
index 0000000000..feaf21f91f
--- /dev/null
+++ b/src/cpu_map/x86_Icelake-Server-noMPX.xml
@@ -0,0 +1,93 @@
+<cpus>
+ <model name='Icelake-Server-noMPX'>
+ <decode host='on' guest='on'/>
+ <signature family='6' model='106'/> <!-- 0606A5 -->
+ <vendor name='Intel'/>
+ <feature name='3dnowprefetch'/>
+ <feature name='abm'/>
+ <feature name='adx'/>
+ <feature name='aes'/>
+ <feature name='apic'/>
+ <feature name='arat'/>
+ <feature name='avx'/>
+ <feature name='avx2'/>
+ <feature name='avx512-vpopcntdq'/>
+ <feature name='avx512bitalg'/>
+ <feature name='avx512bw'/>
+ <feature name='avx512cd'/>
+ <feature name='avx512dq'/>
+ <feature name='avx512f'/>
+ <feature name='avx512vbmi'/>
+ <feature name='avx512vbmi2'/>
+ <feature name='avx512vl'/>
+ <feature name='avx512vnni'/>
+ <feature name='bmi1'/>
+ <feature name='bmi2'/>
+ <feature name='clflush'/>
+ <feature name='clflushopt'/>
+ <feature name='clwb'/>
+ <feature name='cmov'/>
+ <feature name='cx16'/>
+ <feature name='cx8'/>
+ <feature name='de'/>
+ <feature name='erms'/>
+ <feature name='f16c'/>
+ <feature name='fma'/>
+ <feature name='fpu'/>
+ <feature name='fsgsbase'/>
+ <feature name='fxsr'/>
+ <feature name='gfni'/>
+ <feature name='hle'/>
+ <feature name='intel-pt' removed='yes'/>
+ <feature name='invpcid'/>
+ <feature name='la57'/>
+ <feature name='lahf_lm'/>
+ <feature name='lm'/>
+ <feature name='mca'/>
+ <feature name='mce'/>
+ <feature name='mmx'/>
+ <feature name='movbe'/>
+ <feature name='mpx' removed='yes'/>
+ <feature name='msr'/>
+ <feature name='mtrr'/>
+ <feature name='nx'/>
+ <feature name='pae'/>
+ <feature name='pat'/>
+ <feature name='pcid'/>
+ <feature name='pclmuldq'/>
+ <feature name='pdpe1gb'/>
+ <feature name='pge'/>
+ <feature name='pku'/>
+ <feature name='pni'/>
+ <feature name='popcnt'/>
+ <feature name='pse'/>
+ <feature name='pse36'/>
+ <feature name='rdrand'/>
+ <feature name='rdseed'/>
+ <feature name='rdtscp'/>
+ <feature name='rtm'/>
+ <feature name='sep'/>
+ <feature name='smap'/>
+ <feature name='smep'/>
+ <feature name='spec-ctrl'/>
+ <feature name='ssbd'/>
+ <feature name='sse'/>
+ <feature name='sse2'/>
+ <feature name='sse4.1'/>
+ <feature name='sse4.2'/>
+ <feature name='ssse3'/>
+ <feature name='syscall'/>
+ <feature name='tsc'/>
+ <feature name='tsc-deadline'/>
+ <feature name='umip'/>
+ <feature name='vaes'/>
+ <feature name='vme'/>
+ <feature name='vpclmulqdq'/>
+ <feature name='wbnoinvd'/>
+ <feature name='x2apic'/>
+ <feature name='xgetbv1'/>
+ <feature name='xsave'/>
+ <feature name='xsavec'/>
+ <feature name='xsaveopt'/>
+ </model>
+</cpus>
diff --git a/src/cpu_map/x86_Icelake-Server-noTSX-noMPX.xml b/src/cpu_map/x86_Icelake-Server-noTSX-noMPX.xml
new file mode 100644
index 0000000000..e55da83ddf
--- /dev/null
+++ b/src/cpu_map/x86_Icelake-Server-noTSX-noMPX.xml
@@ -0,0 +1,91 @@
+<cpus>
+ <model name='Icelake-Server-noTSX-noMPX'>
+ <decode host='on' guest='off'/>
+ <signature family='6' model='106'/> <!-- 0606A5 -->
+ <vendor name='Intel'/>
+ <feature name='3dnowprefetch'/>
+ <feature name='abm'/>
+ <feature name='adx'/>
+ <feature name='aes'/>
+ <feature name='apic'/>
+ <feature name='arat'/>
+ <feature name='avx'/>
+ <feature name='avx2'/>
+ <feature name='avx512-vpopcntdq'/>
+ <feature name='avx512bitalg'/>
+ <feature name='avx512bw'/>
+ <feature name='avx512cd'/>
+ <feature name='avx512dq'/>
+ <feature name='avx512f'/>
+ <feature name='avx512vbmi'/>
+ <feature name='avx512vbmi2'/>
+ <feature name='avx512vl'/>
+ <feature name='avx512vnni'/>
+ <feature name='bmi1'/>
+ <feature name='bmi2'/>
+ <feature name='clflush'/>
+ <feature name='clflushopt'/>
+ <feature name='clwb'/>
+ <feature name='cmov'/>
+ <feature name='cx16'/>
+ <feature name='cx8'/>
+ <feature name='de'/>
+ <feature name='erms'/>
+ <feature name='f16c'/>
+ <feature name='fma'/>
+ <feature name='fpu'/>
+ <feature name='fsgsbase'/>
+ <feature name='fxsr'/>
+ <feature name='gfni'/>
+ <feature name='intel-pt' removed='yes'/>
+ <feature name='invpcid'/>
+ <feature name='la57'/>
+ <feature name='lahf_lm'/>
+ <feature name='lm'/>
+ <feature name='mca'/>
+ <feature name='mce'/>
+ <feature name='mmx'/>
+ <feature name='movbe'/>
+ <feature name='mpx' removed='yes'/>
+ <feature name='msr'/>
+ <feature name='mtrr'/>
+ <feature name='nx'/>
+ <feature name='pae'/>
+ <feature name='pat'/>
+ <feature name='pcid'/>
+ <feature name='pclmuldq'/>
+ <feature name='pdpe1gb'/>
+ <feature name='pge'/>
+ <feature name='pku'/>
+ <feature name='pni'/>
+ <feature name='popcnt'/>
+ <feature name='pse'/>
+ <feature name='pse36'/>
+ <feature name='rdrand'/>
+ <feature name='rdseed'/>
+ <feature name='rdtscp'/>
+ <feature name='sep'/>
+ <feature name='smap'/>
+ <feature name='smep'/>
+ <feature name='spec-ctrl'/>
+ <feature name='ssbd'/>
+ <feature name='sse'/>
+ <feature name='sse2'/>
+ <feature name='sse4.1'/>
+ <feature name='sse4.2'/>
+ <feature name='ssse3'/>
+ <feature name='syscall'/>
+ <feature name='tsc'/>
+ <feature name='tsc-deadline'/>
+ <feature name='umip'/>
+ <feature name='vaes'/>
+ <feature name='vme'/>
+ <feature name='vpclmulqdq'/>
+ <feature name='wbnoinvd'/>
+ <feature name='x2apic'/>
+ <feature name='xgetbv1'/>
+ <feature name='xsave'/>
+ <feature name='xsavec'/>
+ <feature name='xsaveopt'/>
+ </model>
+</cpus>
--
2.34.1
1 year, 10 months
[PATCH 0/2] define g_autoptr for virNWFilterDef and virNWFilterRuleDef
by Jiang Jiacheng
Define and use g_autoptr() for virNWFilterDef and virNWFilterRuleDef,
and remove unnecessary label.
Jiang Jiacheng (2):
conf: define g_autoptr for virNWFilterDef and virNWFilterRuleDef
src/tests: use g_autoptr for virNWFilterDef and virNWFilterRuleDef
src/conf/nwfilter_conf.c | 44 ++++++++++++++--------------------
src/conf/nwfilter_conf.h | 2 ++
src/conf/virnwfilterobj.c | 19 +++++++--------
src/nwfilter/nwfilter_driver.c | 7 +++---
tests/nwfilterxml2xmltest.c | 22 +++++++----------
5 files changed, 39 insertions(+), 55 deletions(-)
--
2.33.0
1 year, 10 months
[PATCH V2 0/9] use g_autofree
by Jiang Jiacheng
Use g_autofree more often and remove unnecessary cleanup/error
labels.
diff to v1:
* use g_autofree for uuid in 'virNWFilterDefParseXML'
* remove unused rc in security_apparmor.c
Jiang Jiacheng (9):
conf: use g_autofree and remove unnecessary label
interface: use g_autofree and remove unnecessary label
locking: use g_autofree and remove unnecessary label
remote: use g_autofree and remove unnecessary label
rpc: use g_autofree and remove unnecessary label
security: use g_autofree and remove unnecessary label
util: use g_autofree and remove unnecessary label
vmware: use g_autofree and remove unnecessary label
vz: use g_autofree and remove unnecessary label
src/conf/domain_audit.c | 121 ++++++++-----------------
src/conf/node_device_util.c | 49 ++++------
src/conf/nwfilter_conf.c | 55 ++++-------
src/conf/virnetworkobj.c | 85 ++++++-----------
src/conf/virnetworkportdef.c | 12 +--
src/conf/virnwfilterbindingobj.c | 22 ++---
src/conf/virnwfilterobj.c | 19 +---
src/conf/virstorageobj.c | 23 ++---
src/interface/interface_backend_udev.c | 22 ++---
src/locking/lock_driver_lockd.c | 36 +++-----
src/locking/lock_driver_sanlock.c | 46 ++++------
src/remote/remote_driver.c | 22 ++---
src/rpc/virnetclientprogram.c | 6 +-
src/rpc/virnettlscontext.c | 16 +---
src/security/security_apparmor.c | 94 +++++++------------
src/util/virconf.c | 27 ++----
src/vmware/vmware_conf.c | 28 ++----
src/vz/vz_utils.c | 18 ++--
18 files changed, 239 insertions(+), 462 deletions(-)
--
2.33.0
1 year, 10 months
[PATCH] security_selinux: Set and restore /dev/sgx_* labels
by Michal Privoznik
For SGX type of memory, QEMU needs to open and talk to
/dev/sgx_vepc and /dev/sgx_provision files. But we do not set nor
restore SELinux labels on these files when starting a guest.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/security/security_dac.c | 3 ---
src/security/security_manager.h | 4 ++++
src/security/security_selinux.c | 24 ++++++++++++++++++++++--
3 files changed, 26 insertions(+), 5 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 917fcf76a3..abfc07218e 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -47,9 +47,6 @@
VIR_LOG_INIT("security.security_dac");
#define SECURITY_DAC_NAME "dac"
-#define DEV_SEV "/dev/sev"
-#define DEV_SGX_VEPC "/dev/sgx_vepc"
-#define DEV_SGX_PROVISION "/dev/sgx_provision"
typedef struct _virSecurityDACData virSecurityDACData;
struct _virSecurityDACData {
diff --git a/src/security/security_manager.h b/src/security/security_manager.h
index 60597ffc0a..4afdcc167b 100644
--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
@@ -23,6 +23,10 @@
#include "domain_conf.h"
#include "vircommand.h"
+#define DEV_SEV "/dev/sev"
+#define DEV_SGX_VEPC "/dev/sgx_vepc"
+#define DEV_SGX_PROVISION "/dev/sgx_provision"
+
typedef struct _virSecurityManager virSecurityManager;
typedef enum {
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 93cc12407a..c4832e1bfc 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1577,10 +1577,21 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManager *mgr,
return -1;
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
+ if (!seclabel || !seclabel->relabel)
+ return 0;
+
+ if (virSecuritySELinuxSetFilecon(mgr, DEV_SGX_VEPC,
+ seclabel->imagelabel, true) < 0 ||
+ virSecuritySELinuxSetFilecon(mgr, DEV_SGX_PROVISION,
+ seclabel->imagelabel, true) < 0)
+ return -1;
+ break;
+
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
- case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
@@ -1607,9 +1618,18 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManager *mgr,
ret = virSecuritySELinuxRestoreFileLabel(mgr, mem->nvdimmPath, true);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
+ if (!seclabel || !seclabel->relabel)
+ return 0;
+
+ ret = virSecuritySELinuxRestoreFileLabel(mgr, DEV_SGX_VEPC, true);
+ if (virSecuritySELinuxRestoreFileLabel(mgr, DEV_SGX_PROVISION, true) < 0)
+ ret = -1;
+ break;
+
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
- case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
ret = 0;
--
2.38.2
1 year, 10 months
[PATCH 0/7] Support crypto device
by zhenwei pi
Hi,
This series supports crypto device, also add support for QEMU.
The basic xml schema looks like:
<crypto model='virtio' type='qemu'>
<backend model='builtin' queues='1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/>
</crypto>
<crypto model='virtio' type='qemu'>
<backend model='lkcf'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x0b' function='0x0'/>
</crypto>
Each patch has been tested by 'ninja -C build test', and launch a QEMU
with crypto devices, it works fine.
zhenwei pi (7):
docs: introduce crypto device
conf: support crypto device
domain_capabilities: define capabilities for crypto
qemu_capabilities: support crypto
qemu: alias: support crypto device
qemu: command: support crypto device
NEWS: Document 'crypto' device
NEWS.rst | 3 +
docs/formatdomain.rst | 21 ++
src/conf/domain_capabilities.c | 15 ++
src/conf/domain_capabilities.h | 12 ++
src/conf/domain_conf.c | 191 ++++++++++++++++++
src/conf/domain_conf.h | 40 ++++
src/conf/domain_postparse.c | 1 +
src/conf/domain_validate.c | 18 ++
src/conf/schemas/domaincaps.rng | 10 +
src/conf/virconftypes.h | 2 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_alias.c | 23 +++
src/qemu/qemu_capabilities.c | 32 +++
src/qemu/qemu_capabilities.h | 8 +
src/qemu/qemu_command.c | 109 ++++++++++
src/qemu/qemu_domain.c | 3 +
src/qemu/qemu_domain_address.c | 26 +++
src/qemu/qemu_driver.c | 5 +
src/qemu/qemu_hotplug.c | 3 +
src/qemu/qemu_validate.c | 22 ++
.../domaincapsdata/qemu_4.2.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_4.2.0-tcg.x86_64.xml | 11 +
.../qemu_4.2.0-virt.aarch64.xml | 11 +
tests/domaincapsdata/qemu_4.2.0.aarch64.xml | 11 +
tests/domaincapsdata/qemu_4.2.0.ppc64.xml | 11 +
tests/domaincapsdata/qemu_4.2.0.s390x.xml | 11 +
tests/domaincapsdata/qemu_4.2.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_5.0.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_5.0.0-tcg.x86_64.xml | 11 +
.../qemu_5.0.0-virt.aarch64.xml | 11 +
tests/domaincapsdata/qemu_5.0.0.aarch64.xml | 11 +
tests/domaincapsdata/qemu_5.0.0.ppc64.xml | 11 +
tests/domaincapsdata/qemu_5.0.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_5.1.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_5.1.0-tcg.x86_64.xml | 11 +
tests/domaincapsdata/qemu_5.1.0.sparc.xml | 9 +
tests/domaincapsdata/qemu_5.1.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_5.2.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_5.2.0-tcg.x86_64.xml | 11 +
.../qemu_5.2.0-virt.aarch64.xml | 11 +
tests/domaincapsdata/qemu_5.2.0.aarch64.xml | 11 +
tests/domaincapsdata/qemu_5.2.0.ppc64.xml | 11 +
tests/domaincapsdata/qemu_5.2.0.s390x.xml | 11 +
tests/domaincapsdata/qemu_5.2.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_6.0.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_6.0.0-tcg.x86_64.xml | 11 +
.../qemu_6.0.0-virt.aarch64.xml | 11 +
tests/domaincapsdata/qemu_6.0.0.aarch64.xml | 11 +
tests/domaincapsdata/qemu_6.0.0.s390x.xml | 11 +
tests/domaincapsdata/qemu_6.0.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_6.1.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_6.1.0-tcg.x86_64.xml | 11 +
tests/domaincapsdata/qemu_6.1.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_6.2.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_6.2.0-tcg.x86_64.xml | 11 +
.../qemu_6.2.0-virt.aarch64.xml | 11 +
tests/domaincapsdata/qemu_6.2.0.aarch64.xml | 11 +
tests/domaincapsdata/qemu_6.2.0.ppc64.xml | 11 +
tests/domaincapsdata/qemu_6.2.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_7.0.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_7.0.0-tcg.x86_64.xml | 11 +
.../qemu_7.0.0-virt.aarch64.xml | 11 +
tests/domaincapsdata/qemu_7.0.0.aarch64.xml | 11 +
tests/domaincapsdata/qemu_7.0.0.ppc64.xml | 11 +
tests/domaincapsdata/qemu_7.0.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_7.1.0-q35.x86_64.xml | 11 +
.../domaincapsdata/qemu_7.1.0-tcg.x86_64.xml | 11 +
tests/domaincapsdata/qemu_7.1.0.ppc64.xml | 11 +
tests/domaincapsdata/qemu_7.1.0.x86_64.xml | 11 +
.../domaincapsdata/qemu_7.2.0-q35.x86_64.xml | 12 ++
.../domaincapsdata/qemu_7.2.0-tcg.x86_64.xml | 12 ++
tests/domaincapsdata/qemu_7.2.0.x86_64.xml | 12 ++
.../caps_4.2.0.aarch64.xml | 2 +
.../qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 2 +
.../qemucapabilitiesdata/caps_4.2.0.s390x.xml | 2 +
.../caps_4.2.0.x86_64.xml | 2 +
.../caps_5.0.0.aarch64.xml | 2 +
.../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 2 +
.../caps_5.0.0.riscv64.xml | 2 +
.../caps_5.0.0.x86_64.xml | 2 +
.../qemucapabilitiesdata/caps_5.1.0.sparc.xml | 1 +
.../caps_5.1.0.x86_64.xml | 2 +
.../caps_5.2.0.aarch64.xml | 2 +
.../qemucapabilitiesdata/caps_5.2.0.ppc64.xml | 2 +
.../caps_5.2.0.riscv64.xml | 2 +
.../qemucapabilitiesdata/caps_5.2.0.s390x.xml | 2 +
.../caps_5.2.0.x86_64.xml | 2 +
.../caps_6.0.0.aarch64.xml | 2 +
.../qemucapabilitiesdata/caps_6.0.0.s390x.xml | 2 +
.../caps_6.0.0.x86_64.xml | 2 +
.../caps_6.1.0.x86_64.xml | 2 +
.../caps_6.2.0.aarch64.xml | 2 +
.../qemucapabilitiesdata/caps_6.2.0.ppc64.xml | 2 +
.../caps_6.2.0.x86_64.xml | 2 +
.../caps_7.0.0.aarch64.xml | 2 +
.../qemucapabilitiesdata/caps_7.0.0.ppc64.xml | 2 +
.../caps_7.0.0.x86_64.xml | 2 +
.../qemucapabilitiesdata/caps_7.1.0.ppc64.xml | 2 +
.../caps_7.1.0.x86_64.xml | 2 +
.../caps_7.2.0.x86_64.xml | 3 +
100 files changed, 1174 insertions(+)
--
2.34.1
1 year, 10 months
[libvirt PATCH 0/4] qemu: Fix post-copy recovery after dest domain gets paused
by Jiri Denemark
See 3/4 for details.
Jiri Denemark (4):
conf: Drop virDomainJobOperation parameter from virDomainObjIsPostcopy
conf: Add job parameter to virDomainObjIsFailedPostcopy
qemu: Remember failed post-copy migration in job
virDomainObjGetState: Promote VIR_DOMAIN_PAUSED_POSTCOPY_FAILED
src/conf/domain_conf.c | 41 +++++++++++++++-------------
src/conf/domain_conf.h | 5 ++--
src/conf/virdomainjob.c | 1 +
src/conf/virdomainjob.h | 1 +
src/qemu/qemu_domainjob.c | 9 +++++++
src/qemu/qemu_driver.c | 4 +--
src/qemu/qemu_migration.c | 56 ++++++++++++++++++++++++---------------
src/qemu/qemu_process.c | 23 +++++++++++++---
8 files changed, 92 insertions(+), 48 deletions(-)
--
2.39.0
1 year, 10 months
[PATCH 00/36] Add support for passing FDs to access disk images
by Peter Krempa
First part of the series refactors close callbacks to allow having more
of them and then implements new API virDomainFDAssociate and plumbs it
to pass to qemu.
Peter Krempa (36):
datatypes: Simplify error path of 'virGetDomain'
datatypes: Clean up whitespace in definition of struct _virConnect
conf: virdomainobjlist: Convert header to contemporary style
conf: virdomainobjlist: Introduce 'virDomainObjListCollectAll'
conf: virdomainobjlist: Remove return value from
virDomainObjListCollect
conf: domain: Add helper infrastructure for new connection close
callbacks
virclosecallbacks: Add new close callbacks APIs
lxc: Use new connection close callbacks API
bhyve: Use new connection close callbacks API
qemu: Use new connection close callbacks API
qemuMigrationSrcIsAllowed: Remove unused 'driver' argument
qemuMigrationSrcBeginResumePhase: Remove unused 'driver' argument
virclosecallbacks: Remove old close callbacks code
gendispatch: Add 'G_GNUC_WARN_UNUSED_RESULT' to output of 'aclheader'
remote_driver: Return 'virLockGuard' from 'remoteDriverLock'
remote_driver: Refactor few functions as example of auto-locking
virStorageSourceIsSameLocation: Use switch statement for individual
storage types
qemuxml2argvtest: Add seclabels in <backingStore> to
disk-backing-chains-(no)index
qemuxml2xmltest: Remove 'disk-backing-chain' case and output files
lib: Introduce virDomainFDAssociate API
virsh: Introduce 'dom-fd-associate' for invoking
virDomainFDAssociate()
conf: storage_source: Introduce type for storing FDs associated for
storage
qemu: Implement qemuDomainFDAssociate
qemuxml2argvtest: Add support for populating 'fds' in private data
conf: Add 'fdgroup' attribute for 'file' disks
qemu: domain: Introduce qemuDomainStartupCleanup
conf: storage_source: Introduce virStorageSourceIsFD
qemu: Prepare data for FD-passed disk image sources
qemu: block: Add support for passing FDs of disk images
secuirity: DAC: Don't relabel FD-passed virStorageSource images
security: selinux: Handle security labelling of FD-passed images
qemu: Prepare storage backing chain traversal code for FD passed
images
qemu: driver: Don't allow certain operations with FD-passed disks
qemu: cgroup: Don't setup cgroups for FD-passed images
qemu: Enable support for FD passed disk sources
qemuxml2*test: Enable testing of disks with 'fdgroup'
docs/formatdomain.rst | 8 +
docs/manpages/virsh.rst | 22 +
include/libvirt/libvirt-domain.h | 22 +
po/POTFILES | 1 -
src/bhyve/bhyve_domain.c | 15 +-
src/bhyve/bhyve_driver.c | 6 +-
src/bhyve/bhyve_process.c | 9 +-
src/bhyve/bhyve_utils.h | 2 -
src/conf/domain_conf.c | 15 +
src/conf/domain_conf.h | 26 +
src/conf/domain_postparse.c | 9 +
src/conf/schemas/domaincommon.rng | 3 +
src/conf/storage_source_conf.c | 80 ++-
src/conf/storage_source_conf.h | 27 ++
src/conf/virdomainobjlist.c | 39 +-
src/conf/virdomainobjlist.h | 160 +++---
src/datatypes.c | 14 +-
src/datatypes.h | 5 +-
src/driver-hypervisor.h | 8 +
src/hypervisor/virclosecallbacks.c | 454 ++++++++++--------
src/hypervisor/virclosecallbacks.h | 37 +-
src/libvirt-domain.c | 82 ++++
src/libvirt_private.syms | 14 +-
src/libvirt_public.syms | 5 +
src/lxc/lxc_conf.c | 15 +-
src/lxc/lxc_conf.h | 3 -
src/lxc/lxc_driver.c | 8 +-
src/lxc/lxc_process.c | 8 +-
src/qemu/qemu_block.c | 31 +-
src/qemu/qemu_cgroup.c | 4 +-
src/qemu/qemu_command.c | 22 +
src/qemu/qemu_conf.c | 17 +-
src/qemu/qemu_conf.h | 3 -
src/qemu/qemu_domain.c | 129 ++++-
src/qemu/qemu_domain.h | 11 +-
src/qemu/qemu_driver.c | 108 ++++-
src/qemu/qemu_hotplug.c | 1 +
src/qemu/qemu_migration.c | 54 +--
src/qemu/qemu_migration.h | 3 +-
src/qemu/qemu_process.c | 37 +-
src/qemu/qemu_process.h | 11 +-
src/qemu/qemu_snapshot.c | 4 +-
src/remote/remote_daemon_dispatch.c | 40 ++
src/remote/remote_driver.c | 70 ++-
src/remote/remote_protocol.x | 14 +-
src/remote_protocol-structs | 6 +
src/rpc/gendispatch.pl | 2 +-
src/security/security_dac.c | 16 +-
src/security/security_selinux.c | 32 +-
src/security/virt-aa-helper.c | 3 +-
src/storage_file/storage_source.c | 14 +
src/test/test_driver.c | 4 +-
src/vz/vz_driver.c | 7 +-
.../disk-backing-chains-index.xml | 6 +-
.../disk-backing-chains-noindex.xml | 6 +-
.../qemuxml2argvdata/disk-backing-chains.xml | 98 ----
.../disk-source-fd.x86_64-latest.args | 49 ++
tests/qemuxml2argvdata/disk-source-fd.xml | 40 ++
tests/qemuxml2argvtest.c | 9 +
.../disk-backing-chains-active.xml | 110 -----
.../disk-backing-chains-inactive.xml | 110 -----
.../disk-backing-chains-index-active.xml | 6 +-
.../disk-backing-chains-index-inactive.xml | 6 +-
.../disk-backing-chains-noindex.xml | 6 +-
.../disk-source-fd.x86_64-latest.xml | 52 ++
tests/qemuxml2xmltest.c | 3 +-
tests/testutilsqemu.c | 33 ++
tests/testutilsqemu.h | 2 +
tools/virsh-domain.c | 83 ++++
69 files changed, 1512 insertions(+), 847 deletions(-)
delete mode 100644 tests/qemuxml2argvdata/disk-backing-chains.xml
create mode 100644 tests/qemuxml2argvdata/disk-source-fd.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-source-fd.xml
delete mode 100644 tests/qemuxml2xmloutdata/disk-backing-chains-active.xml
delete mode 100644 tests/qemuxml2xmloutdata/disk-backing-chains-inactive.xml
create mode 100644 tests/qemuxml2xmloutdata/disk-source-fd.x86_64-latest.xml
--
2.38.1
1 year, 10 months
[libvirt PATCH v2 00/31] introduce external snapshot delete support
by Pavel Hrdina
This implements virDomainSnapshotDelete API to support external
snapshots. The support doesn't include flags
VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN and
VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN_ONLY as it would add more complexity
and IMHO these flags should not existed at all.
Gitlab repo with the patches:
https://gitlab.com/phrdina/libvirt/-/commits/snapshot-delete-external
Changes in v2:
- qemuBlockCommit properly unrefs job by calling qemuBlockJobStartupFinalize
- added comment to various functions
- renamed some functions as suggested in review of v1 patches
- improved error messages
- introduced virStorageSourceChainLookupBySource()
- use virStorageSourceIsBacking()
- properly cleanup qemuSnapshotDeleteExternalData
- don't allow deleting snapshot if there is another block job
Pavel Hrdina (31):
libvirt: introduce VIR_DOMAIN_JOB_OPERATION_SNAPSHOT_DELETE
qemu_block: extract block commit code to separate function
qemu_block: move qemuDomainBlockPivot out of qemu_driver
qemu_block: add async domain job support to qemuBlockCommit
qemu_block: add async domain job support to qemuBlockPivot
qemu_monitor: introduce qemuMonitorJobFinalize
qemu_monitor_json: allow configuring autofinalize for block commit
qemu_block: allow configuring autofinalize for block commit
qemu_block: introduce qemuBlockFinalize
qemu_block: change qemuBlockCommit to return job pointer
qemu_blockjob: process QEMU_MONITOR_JOB_STATUS_PENDING signal
storage_source: introduce virStorageSourceChainLookupBySource
qemu_snapshot: refactor qemuSnapshotDelete
qemu_snapshot: introduce qemuSnapshotDeleteSingle
qemu_snapshot: introduce qemuSnapshotDeleteChildren
qemu_snapshot: rework snapshot children deletion
qemu_snapshot: move snapshot discard out of qemu_domain.c
qemu_snapshot: move snapshot metadata reparent code
qemu_snapshot: introduce qemuSnapshotDiscardMetadata
qemu_snapshot: introduce qemuSnapshotDeleteValidate function
qemu_snapshot: refactor validation of snapshot delete
qemu_snapshot: error out when deleting internal snapshot on non-active
disk
qemu_snapshot: convert snapshot delete to async domain job
qemu_snapshot: prepare data for external snapshot deletion
qemu_snapshot: implement deletion of external snapshot
qemu_snapshot: update metadata when deleting snapshots
qemu_snapshot: when deleting snapshot invalidate parent snapshot
qemu_process: abort snapshot delete when daemon starts
qemu_snapshot: enable deletion of external snapshots
api: document support for external snapshot deletion
NEWS: document support for external snapshot deletion
NEWS.rst | 6 +
include/libvirt/libvirt-domain.h | 1 +
src/conf/snapshot_conf.c | 8 +
src/conf/snapshot_conf.h | 1 +
src/libvirt-domain-snapshot.c | 7 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_backup.c | 1 +
src/qemu/qemu_block.c | 364 +++++++++++
src/qemu/qemu_block.h | 22 +
src/qemu/qemu_blockjob.c | 21 +-
src/qemu/qemu_blockjob.h | 1 +
src/qemu/qemu_domain.c | 95 +--
src/qemu/qemu_domain.h | 9 -
src/qemu/qemu_driver.c | 292 +--------
src/qemu/qemu_monitor.c | 21 +-
src/qemu/qemu_monitor.h | 8 +-
src/qemu/qemu_monitor_json.c | 26 +-
src/qemu/qemu_monitor_json.h | 8 +-
src/qemu/qemu_process.c | 32 +
src/qemu/qemu_snapshot.c | 973 +++++++++++++++++++++++++++---
src/qemu/qemu_snapshot.h | 4 +
src/storage_file/storage_source.c | 39 ++
src/storage_file/storage_source.h | 6 +
tests/qemumonitorjsontest.c | 4 +-
tools/virsh-domain.c | 1 +
25 files changed, 1475 insertions(+), 476 deletions(-)
--
2.39.0
1 year, 10 months
[PATCH 1/1] nwfilter: use time_t for timeout for consistency
by Shaleen Bathla
Coverity scan reports:
"A time_t value is stored in an integer with too few bits to accommodate
it. The expression timeout is cast to unsigned int"
We are already casting and storing time_t timeout variable into unsigned int.
We can use time_t for timeout and cast it to unsigned long (should be big enough)
instead of unsigned int in sscanf, g_strdup_printf as required.
Signed-off-by: Shaleen Bathla <shaleen.bathla(a)oracle.com>
---
src/nwfilter/nwfilter_dhcpsnoop.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcpsnoop.c
index a10a14cfc16d..62586be35dfb 100644
--- a/src/nwfilter/nwfilter_dhcpsnoop.c
+++ b/src/nwfilter/nwfilter_dhcpsnoop.c
@@ -146,7 +146,7 @@ struct _virNWFilterSnoopIPLease {
virSocketAddr ipAddress;
virSocketAddr ipServer;
virNWFilterSnoopReq * snoopReq;
- unsigned int timeout;
+ time_t timeout;
/* timer list */
virNWFilterSnoopIPLease *prev;
virNWFilterSnoopIPLease *next;
@@ -1580,7 +1580,7 @@ virNWFilterSnoopLeaseFileWrite(int lfd, const char *ifkey,
return -1;
/* time intf ip dhcpserver */
- lbuf = g_strdup_printf("%u %s %s %s\n", ipl->timeout, ifkey, ipstr, dhcpstr);
+ lbuf = g_strdup_printf("%lu %s %s %s\n", ipl->timeout, ifkey, ipstr, dhcpstr);
len = strlen(lbuf);
if (safewrite(lfd, lbuf, len) != len) {
@@ -1739,7 +1739,7 @@ virNWFilterSnoopLeaseFileLoad(void)
}
ln++;
/* key len 54 = "VMUUID"+'-'+"MAC" */
- if (sscanf(line, "%u %54s %15s %15s", &ipl.timeout,
+ if (sscanf(line, "%lu %54s %15s %15s", &ipl.timeout,
ifkey, ipstr, srvstr) < 4) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("virNWFilterSnoopLeaseFileLoad lease file "
--
2.31.1
1 year, 10 months
