Release of libvirt-10.0.0
by Jiri Denemark
The 10.0.0 release of both libvirt and libvirt-python is tagged and
signed tarballs and source RPMs are available at
https://download.libvirt.org/
https://download.libvirt.org/python/
Thanks everybody who helped with this release by sending patches,
reviewing, testing, or providing feedback. Your work is greatly
appreciated.
* New features
* qemu: Enable ``postcopy-preempt`` migration capability
Post-copy migrations are now started with ``postcopy-preempt``
capability enabled as long as it is supported by both sides of migration.
This should enable faster migration of memory pages that the destination
tries to read before they are migrated from the source.
* qemu: Add support for mapping iothreads to virtqueues of ``virtio-blk`` devices
QEMU added the possibility to map multiple ``iothreads`` to a single
``virtio-blk`` device and map them even to specific virtqueues. Libvirt
adds a ``<iothreads>`` subelement of the ``<disk> <driver>`` element that
users can use to configure the mapping.
* qemu: Allow automatic resize of block-device-backed disk to full size of the device
The new flag ``VIR_DOMAIN_BLOCK_RESIZE_CAPACITY`` for
``virDomainBlockResize`` allows resizing a block-device backed ``raw`` disk
of a VM without the need to specify the full size of the block device.
* qemu: automatic selection/binding of VFIO variant drivers
When a device is assigned to a guest using VFIO with ``<hostdev
managed='yes'>``, libvirt will now search the running kernel's
modules.alias file for the most specific match to that device for
a VFIO driver, and bind that driver to the device rather than
vfio-pci. A specific driver can also be forced, using the
``<driver model='plugh'/>`` attribute.
* qemu: add runtime configuration option for nbdkit
Since the new nbdkit support requires a recent selinux policy that is not
widely available yet, it is now possible to build libvirt with nbdkit
support for remote disks but disabled at runtime. This behavior is
controlled via the storage_use_nbdkit option of the qemu driver
configuration file. The option will default to being disabled, but this may
change in a future release and can be customized with the
nbdkit_config_default build option.
* Improvements
* qemu: Improve migration XML use when persisting VM on destination
When migrating a VM with a custom migration XML, use it as a base for
persisting it on the destination as users could have changed non-ABI
breaking facts which would prevent subsequent start if the old XML were used.
* qemu: Simplify non-shared storage migration to ``raw`` block devices
The phase of copying storage during migration without shared storage
requires that both the source and destination image are identical in size.
This may not be possible if the destination is backed by a block device
and the source image size is not a multiple of the block device block size.
Libvirt aleviates this by automatically adding a ``<slice>`` to match the
size of the source image rather than failing the migration.
* test driver: Support for hotplug/hotunplug of PCI devices
The test driver now supports basic hotplug and hotunplug of PCI devices.
* Bug fixes
* qemu: Various migration bug fixes and debuggability improvement
This release fixes multiple bugs in virsh and libvirt in handling of
migration arguments and XMLs and modifies error reporting for better
debugging.
* conf: Restore setting default bus for input devices
Because of a regression, starting from 9.3.0 libvirt did not autofill bus
for input devices. With this release the regression was identified and
fixed.
* qemu: Relax check for memory device coldplug
Because of a check that was too aggressive, a virtio-mem memory device
could not be cold plugged. This is now fixed.
* qemu: Be less aggressive when dropping channel source paths
Another regression is resolved, (introduced in 9.7.0) when libvirt was too
aggressive when dropping parsed paths for <channel/> sources
* qemuDomainChangeNet: Reflect trustGuestRxFilters change
On device-update, when a user requested change of trustGuestRxFilters for a
domain's <interface/> libvirt did nothing. It did not throw an error nor
did it reflect the change. Starting with this release, the change is
reflected.
Enjoy.
Jirka
1 year, 2 months
[PATCH] NEWS: mention nbdkit config option
by Jonathon Jongsma
Signed-off-by: Jonathon Jongsma <jjongsma(a)redhat.com>
---
NEWS.rst | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index af3c4906df..8088097ad6 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -37,6 +37,16 @@ v10.0.0 (unreleased)
``virDomainBlockResize`` allows resizing a block-device backed ``raw`` disk
of a VM without the need to specify the full size of the block device.
+ * qemu: add runtime configuration option for nbdkit
+
+ Since the new nbdkit support requires a recent selinux policy that is not
+ widely available yet, it is now possible to build libvirt with nbdkit
+ support for remote disks but disabled at runtime. This behavior is
+ controlled via the storage_use_nbdkit option of the qemu driver
+ configuration file. The option will default to being disabled, but this may
+ change in a future release and can be customized with the
+ nbdkit_config_default build option.
+
* **Improvements**
* qemu: Improve migration XML use when persisting VM on destination
--
2.43.0
1 year, 2 months
[v3 0/4] Support for dirty-limit live migration
by Hyman Huang
v3:
- adjust the parameter check location for suggested by Michal
- mark the VIR_MIGRATE_DIRTY_LIMIT flag since 10.0.0
- rebase on master
Thanks Michal for the comments.
Please review,
Yong.
v1:
The dirty-limit functionality for live migration was
introduced since qemu>=8.1.
In the live migration scenario, it implements the force
convergence using the dirty-limit approach, which results
in better reliable read performance.
A straightforward dirty-limit capability for live migration
is added by this patchset. Users might not care about other
dirty-limit arguments like "x-vcpu-dirty-limit-period"
or "vcpu-dirty-limit," thus do not expose them to Libvirt
and Keep the default configurations and values in place.
For more details about dirty-limit, please see the following
reference:
https://lore.kernel.org/qemu-
devel/169024923116.19090.10825599068950039132-0(a)git.sr.ht/
Hyman Huang (4):
Add VIR_MIGRATE_DIRTY_LIMIT flag
qemu_migration: Implement VIR_MIGRATE_DIRTY_LIMIT flag
virsh: Add support for VIR_MIGRATE_DIRTY_LIMIT flag
NEWS: document support for dirty-limit live migration
NEWS.rst | 8 ++++++++
docs/manpages/virsh.rst | 10 +++++++++-
include/libvirt/libvirt-domain.h | 5 +++++
src/libvirt-domain.c | 8 ++++++++
src/qemu/qemu_migration.c | 8 ++++++++
src/qemu/qemu_migration.h | 1 +
src/qemu/qemu_migration_params.c | 6 ++++++
src/qemu/qemu_migration_params.h | 1 +
tools/virsh-domain.c | 6 ++++++
9 files changed, 52 insertions(+), 1 deletion(-)
--
2.39.1
1 year, 2 months
[PATCH] NEWS: Document my contributions for upcoming release
by Michal Privoznik
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
NEWS.rst | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index af3c4906df..e8cc89a2ee 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -55,6 +55,10 @@ v10.0.0 (unreleased)
Libvirt aleviates this by automatically adding a ``<slice>`` to match the
size of the source image rather than failing the migration.
+ * test driver: Support for hotplug/hotunplug of PCI devices
+
+ The test driver now supports basic hotplug and hotunplug of PCI devices.
+
* **Bug fixes**
* qemu: Various migration bug fixes and debuggability improvement
@@ -63,6 +67,29 @@ v10.0.0 (unreleased)
migration arguments and XMLs and modifies error reporting for better
debugging.
+ * conf: Restore setting default bus for input devices
+
+ Because of a regression, starting from 9.3.0 libvirt did not autofill bus
+ for input devices. With this release the regression was identified and
+ fixed.
+
+ * qemu: Relax check for memory device coldplug
+
+ Because of too aggressive check, a virtio-mem memory device could not be
+ cold plugged. This now fixed.
+
+ * qemu: Be less aggressive when dropping channel source paths
+
+ Another regression is resolved, (introduced in 9.7.0) when libvirt was too
+ aggressive when dropping parsed paths for <channel/> sources
+
+ * qemuDomainChangeNet: Reflect trustGuestRxFilters change
+
+ On device-update, when user requests change of trustGuestRxFilters for a
+ domain's <interface/> libvirt did nothing. Neither it thrown an error nor
+ did it reflect the change. Starting with this release, the change is
+ reflected.
+
v9.10.0 (2023-12-01)
====================
--
2.41.0
1 year, 2 months
[PATCH 0/2] ci: Fix upstream QEMU integration job
by Andrea Bolognani
Or at least, hopefully it does!
This is completely untested, as validating changes to the integration
tests is difficult/annoying. The job's currently broken anyway, so
it's not like these changes could possibly make things worse :)
Andrea Bolognani (2):
ci: Fix .integration_tests_upstream_qemu
ci: Do more as part of .qemu-build-template
ci/integration-template.yml | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--
2.43.0
1 year, 2 months
[PATCH rfcv3 00/11] LIBVIRT: X86: TDX support
by Zhenzhong Duan
Hi,
This series brings libvirt the x86 TDX support.
* What's TDX?
TDX stands for Trust Domain Extensions which isolates VMs from
the virtual-machine manager (VMM)/hypervisor and any other software on
the platform.
To support TDX, multiple software components, not only KVM but also QEMU,
guest Linux and virtual bios, need to be updated. For more details, please
check link[1], there are TDX spec links and public repository link at github
for each software component.
This patchset is another software component to extend libvirt to support TDX,
with which one can start a VM from high level rather than running qemu directly.
* Misc
As QEMU use a software emulated way to reset guest which isn't supported by TDX
guest for security reason. We add a new way to emulate the reset for TDX guest,
called "hard reboot". We achieve this by killing old qemu and start a new one.
Complete code can be found at [1], matching qemu code can be found at [2].
There are some new properties for tdx-guest object, i.e. `mrconfigid`, `mrowner`,
`mrownerconfig` and `debug` which aren't in matching qemu[2] yet. I keep them
intentionally as they will be implemented in qemu as extention series of [2].
* Test
start/stop/reboot with virsh
stop/reboot trigger in guest
stop with on_poweroff=destroy/restart
reboot with on_reboot=destroy/restart
* Patch organization
- patch 1-3: Support query of TDX capabilities.
- patch 4-6: Add TDX type to launchsecurity framework.
- patch 7-11: Add hard reboot support to TDX guest
[1] https://github.com/intel/libvirt-tdx/commits/tdx_for_upstream_rfcv3
[2] https://github.com/intel/qemu-tdx/tree/tdx-qemu-upstream-v3
Thanks
Zhenzhong
Changelog:
rfcv3:
- Change to generate qemu cmdline with -bios
- drop firmware auto match as -bios is used
- add a hard reboot method to reboot TDX guest
rfcv2:
- give up using qmp cmd and check TDX directly on host for TDX capabilities.
- use launchsecurity framework to support TDX
- use <os>.<loader> for general loader
- add auto firmware match feature for TDX
A example TDVF fimware description file 70-edk2-x86_64-tdx.json:
{
"description": "UEFI firmware for x86_64, supporting Intel TDX",
"interface-types": [
"uefi"
],
"mapping": {
"device": "generic",
"filename": "/usr/share/OVMF/OVMF_CODE-tdx.fd"
},
"targets": [
{
"architecture": "x86_64",
"machines": [
"pc-q35-*"
]
}
],
"features": [
"intel-tdx",
"verbose-dynamic"
],
"tags": [
]
}
rfcv2:
https://www.mail-archive.com/libvir-list@redhat.com/msg219378.html
Chenyi Qiang (3):
qemu: add hard reboot in QEMU driver
qemu: make hard reboot as the TDX default reboot mode
virsh: add new option "timekeep" to keep virsh console alive
Zhenzhong Duan (8):
qemu: Check if INTEL Trust Domain Extention support is enabled
qemu: Add TDX capability
conf: expose TDX feature in domain capabilities
conf: add tdx as launch security type
qemu: Add command line and validation for TDX type
qemu: force special parameters enabled for TDX guest
qemu: Extend hard reboot in Qemu driver
conf: Add support to keep same domid for hard reboot
docs/formatdomaincaps.rst | 1 +
include/libvirt/libvirt-domain.h | 2 +
src/conf/domain_capabilities.c | 1 +
src/conf/domain_capabilities.h | 1 +
src/conf/domain_conf.c | 50 ++++++++++++++++
src/conf/domain_conf.h | 11 ++++
src/conf/schemas/domaincaps.rng | 9 +++
src/conf/schemas/domaincommon.rng | 34 +++++++++++
src/conf/virconftypes.h | 2 +
src/qemu/qemu_capabilities.c | 38 +++++++++++-
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_command.c | 29 +++++++++
src/qemu/qemu_domain.c | 18 ++++++
src/qemu/qemu_domain.h | 4 ++
src/qemu/qemu_driver.c | 85 ++++++++++++++++++++------
src/qemu/qemu_firmware.c | 1 +
src/qemu/qemu_monitor.c | 19 +++++-
src/qemu/qemu_monitor.h | 2 +-
src/qemu/qemu_monitor_json.c | 6 +-
src/qemu/qemu_namespace.c | 1 +
src/qemu/qemu_process.c | 99 ++++++++++++++++++++++++++++++-
src/qemu/qemu_validate.c | 18 ++++++
tools/virsh-console.c | 3 +
tools/virsh-domain.c | 64 +++++++++++++++-----
tools/virsh.h | 1 +
25 files changed, 463 insertions(+), 37 deletions(-)
--
2.34.1
1 year, 2 months
Entering freeze for libvirt-10.0.0
by Jiri Denemark
I have just tagged v10.0.0-rc1 in the repository and pushed signed
tarballs and source RPMs to https://download.libvirt.org/
Please give the release candidate some testing and in case you find a
serious issue which should have a fix in the upcoming release, feel
free to reply to this thread to make sure the issue is more visible.
If you have not done so yet, please update NEWS.rst to document any
significant change you made since the last release.
Thanks,
Jirka
1 year, 2 months
[PATCH 0/3] ci: Fixes for integration jobs
by Andrea Bolognani
Andrea Bolognani (3):
ci: Fix upstream-qemu job definitions
ci: Move upstream-qemu job to Fedora 39
ci: Add notes for integration jobs
ci/integration.yml | 58 +++++++++++++++++++++++++++++++---------------
1 file changed, 39 insertions(+), 19 deletions(-)
--
2.43.0
1 year, 2 months
[PATCH] NEWS: Mention migration fixes and iothread mapping
by Peter Krempa
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
NEWS.rst | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 9e538a8f57..af3c4906df 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -24,10 +24,45 @@ v10.0.0 (unreleased)
This should enable faster migration of memory pages that the destination
tries to read before they are migrated from the source.
+ * qemu: Add support for mapping iothreads to virtqueues of ``virtio-blk`` devices
+
+ QEMU added the possibility to map multiple ``iothreads`` to a single
+ ``virtio-blk`` device and map them even to specific virtqueues. Libvirt
+ adds a ``<iothreads>`` subelement of the ``<disk> <driver>`` element that
+ users can use to configure the mapping.
+
+ * qemu: Allow automatic resize of block-device-backed disk to full size of the device
+
+ The new flag ``VIR_DOMAIN_BLOCK_RESIZE_CAPACITY`` for
+ ``virDomainBlockResize`` allows resizing a block-device backed ``raw`` disk
+ of a VM without the need to specify the full size of the block device.
+
* **Improvements**
+ * qemu: Improve migration XML use when persisting VM on destination
+
+ When migrating a VM with a custom migration XML, use it as a base for
+ persisting it on the destination as users could have changed non-ABI
+ breaking facts which would prevent subsequent start if the old XML were used.
+
+ * qemu: Simplify non-shared storage migration to ``raw`` block devices
+
+ The phase of copying storage during migration without shared storage
+ requires that both the source and destination image are identical in size.
+ This may not be possible if the destination is backed by a block device
+ and the source image size is not a multiple of the block device block size.
+
+ Libvirt aleviates this by automatically adding a ``<slice>`` to match the
+ size of the source image rather than failing the migration.
+
* **Bug fixes**
+ * qemu: Various migration bug fixes and debuggability improvement
+
+ This release fixes multiple bugs in virsh and libvirt in handling of
+ migration arguments and XMLs and modifies error reporting for better
+ debugging.
+
v9.10.0 (2023-12-01)
====================
--
2.43.0
1 year, 2 months
[PATCH] conf: domain_conf: cleanup def in case of errors
by Shaleen Bathla
Just like in rest of the function virDomainFSDefParseXML,
use goto error so that def will be cleaned up in error cases.
Signed-off-by: Shaleen Bathla <shaleen.bathla(a)oracle.com>
---
src/conf/domain_conf.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index be57a1981e7d..5d55d2acdace 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8866,23 +8866,23 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
goto error;
if ((n = virXPathNodeSet("./idmap/uid", ctxt, &uid_nodes)) < 0)
- return NULL;
+ goto error;
if (n) {
def->idmap.uidmap = virDomainIdmapDefParseXML(ctxt, uid_nodes, n);
if (!def->idmap.uidmap)
- return NULL;
+ goto error;
def->idmap.nuidmap = n;
}
if ((n = virXPathNodeSet("./idmap/gid", ctxt, &gid_nodes)) < 0)
- return NULL;
+ goto error;
if (n) {
def->idmap.gidmap = virDomainIdmapDefParseXML(ctxt, gid_nodes, n);
if (!def->idmap.gidmap)
- return NULL;
+ goto error;
def->idmap.ngidmap = n;
}
--
2.39.3
1 year, 2 months
