[PATCH 0/2] Deprecate the shix machine and the TC58128 flash device
by Samuel Tardieu
The shix machine was a research project started around 2003 at
Télécom Paris. Preliminary support in QEMU was added in 2005
back when the QEMU architecture was less structured than it is
now. Unfortunately, the support for the shix machine and its
peripherals, such as the TC58128 16MiB flash device, has never
been maintained as the research project used the real machine.
This project stopped around 2010 and to the best of my knowledge
and after consulting with the original author Alexis Polti,
I propose to deprecate it in QEMU as well as the TC58128
flash device which does not implement the QOM model and still
contains debug fprintf statements.
Samuel Tardieu (2):
target/sh4: Deprecate the shix machine
hw/block: Deprecate the TC58128 block device
docs/about/deprecated.rst | 5 +++++
hw/block/tc58128.c | 1 +
hw/sh4/shix.c | 1 +
3 files changed, 7 insertions(+)
--
2.42.0
10 months, 2 weeks
[ PATCH vf-token 0/8] Introduce vf-token when using userspace PF
by Vivek Kashyap
The VFIO PCI ABI has been extended to require userspace PF driver to set
a VF token to a known value. The VF drivers are then required to provide
this token to access the VF device. The vf-token is set by the PF driver
before VF drivers can access the device. The kernel provides no means to
retrieve the token in use; but there is no specification describing the
distribution or level of confidentiality of the token. Qemu has been
extended to require the vf-token when vf device is used. An important
point to note is that the vf-token is required only when both the PF and
VF are used in userspace.
This patch series adds support to provide the vf-token (uuid format) in the
domain XML and to generate the qemu commandline including the vf-token.
To support vf-token the new element will be used as follows:
<hostdev mode='subsystem' type='pci' managed='yes'>
<driver name='vfio'/>
<source>
<address domain='0x0000' bus='0x0' slot='0x00' function='0x1'>
<vf-token uuid='00112233-4455-6677-8899-aabbccddeeff'/>
</address>
</source>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</hostdev>
The generated commandline will include the following:
-device {"driver":"vfio-pci","host":"0000:00:0.1",
"vf-token":"00112233-4455-6677-8899-aabbccddeeff",
"id":"hostdev0","bus":"pci.0","addr":"0x1"}
Changes since initial RFC based on review comments received:
1. Added documentation
2. Added test cases and ran successful test suite after each patch commit
3. fixed spaces, coding sytle, and uuid string format
4. Used S:vftoken in virJSONValueObjectAdd instead of a conditional
Vivek Kashyap (8):
Define the vf-token extension for PCI device
Introduce the vf-token qemu capability
This patch introduces the PCI address extension flag for vf-token
This patch introduces new XML parser/formatter functions for parsing
the vf-token
Introduce a validation function for vf-token support in qemu and
generate vf-token device attribute in qemu command line
Provide information about the vf-token flag
Add tests for the vf-token flag to the qemuxml2argv and qemuxml2xml
test suites
Update news about vf-token
NEWS.rst | 8 +++
docs/formatdomain.rst | 3 ++
src/conf/device_conf.c | 49 ++++++++++++++++---
src/conf/domain_addr.h | 1 +
src/conf/domain_conf.c | 8 +++
src/conf/schemas/basictypes.rng | 7 +++
src/libvirt_private.syms | 1 +
src/qemu/qemu_capabilities.c | 3 ++
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_command.c | 8 +++
src/qemu/qemu_domain_address.c | 3 ++
src/qemu/qemu_validate.c | 20 ++++++++
src/util/virpci.c | 7 +++
src/util/virpci.h | 10 ++++
.../qemucapabilitiesdata/caps_8.1.0_s390x.xml | 1 +
.../caps_8.1.0_x86_64.xml | 1 +
.../caps_8.2.0_x86_64.xml | 1 +
.../hostdev-vfio-vf-token.x86_64-latest.args | 34 +++++++++++++
.../hostdev-vfio-vf-token.xml | 22 +++++++++
tests/qemuxml2argvtest.c | 1 +
.../hostdev-vfio-vf-token.x86_64-latest.xml | 40 +++++++++++++++
tests/qemuxml2xmltest.c | 1 +
22 files changed, 223 insertions(+), 7 deletions(-)
create mode 100644 tests/qemuxml2argvdata/hostdev-vfio-vf-token.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/hostdev-vfio-vf-token.xml
create mode 100644 tests/qemuxml2xmloutdata/hostdev-vfio-vf-token.x86_64-latest.xml
--
2.33.8
10 months, 2 weeks
[libvirt PATCH 0/6] qemu: Enable postcopy-preempt migration capability
by Jiri Denemark
This is technically a v2 of my recent "Introduce
VIR_MIGRATE_POSTCOPY_PREEMPT flag", but the two series share exactly two
lines of code (those defining a new QEMU_MIGRATION_CAP_POSTCOPY_PREEMPT
enum item) so I'm just sending it as a separate series.
More details about this feature can be found in patch 5/6.
Jiri Denemark (6):
qemu: Document qemuMigrationParamsFlagMapItem fields
qemu: Use C99 initializers for qemuMigrationParamsFlagMap
qemu: Rename remoteCaps parameter in qemuMigrationParamsCheck
qemu: Add support for optional migration capabilities
qemu: Enable postcopy-preempt migration capability
NEWS: Mention postcopy-preempt migration capability
NEWS.rst | 8 ++
src/qemu/qemu_migration.c | 19 +++--
src/qemu/qemu_migration_params.c | 127 ++++++++++++++++++++++---------
src/qemu/qemu_migration_params.h | 4 +-
4 files changed, 115 insertions(+), 43 deletions(-)
--
2.43.0
10 months, 2 weeks
[libvirt PATCH 0/3] Introduce VIR_MIGRATE_POSTCOPY_PREEMPT flag
by Jiri Denemark
See 1/3 for details.
https://issues.redhat.com/browse/RHEL-7100
Jiri Denemark (3):
Introduce VIR_MIGRATE_POSTCOPY_PREEMPT flag
virsh migrate: Add --postcopy-preempt option
qemu_migration: Implement VIR_MIGRATE_POSTCOPY_PREEMPT
docs/manpages/virsh.rst | 9 ++++++---
include/libvirt/libvirt-domain.h | 8 ++++++++
src/qemu/qemu_migration.c | 21 ++++++++++++++++++---
src/qemu/qemu_migration.h | 1 +
src/qemu/qemu_migration_params.c | 6 ++++++
src/qemu/qemu_migration_params.h | 1 +
tools/virsh-domain.c | 6 ++++++
7 files changed, 46 insertions(+), 6 deletions(-)
--
2.43.0
10 months, 2 weeks
[PATCH v3 00/13] Support for VFIO variant drivers, Part 2
by Laine Stump
This is "V3 of Part 2".
"V2 of Part 2": is here:
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/EV...
Part 1 (which simply made it possible to use virsh nodedev-detach to
bind a device to a manually-specified variant driver, and at guest
runtime allowed libvirt to ignore the fact that the driver found to
the device was something other than exactly "vfio-pci") was here:
https://listman.redhat.com/archives/libvir-list/2023-August/241338.html
and pushed upstream as of commit v9.6.0-153-g24beaffec3
Part 2 adds two new pieces of functionality:
1) It is possible to manually specify a VFIO variant driver (or force
the generic vfio-pci driver) for a device in the domain XML with,
e.g.:
<driver name='mlx5_vfio_pci'/>
(for the former) or:
<driver name='vfio-pci'/>
(for the latter).
2) By default libvirt will now find the "best match" VFIO or VFIO
variant driver by comparing the device's modalias file contents (in
sysfs) with vfio drivers found in the running kernel's
modules.alias file. This means that "virsh nodedev-detach" of a
host device will bind it to its appropriate VFIO variant driver (if
one is available), and also if a <hostdev> decice in a domain
config has "managed='yes'", libvirt will bind it to a variant
driver if possible (in order to force binding to the basic vfio-pci
driver instead, you just need to add the <driver> element mentioned
above).
Differences from V2 to V3:
* I attempted to simplify my explanation of the confusion with module
name vs. driver name that I had in the commit log of patch 1.
* I think I've addressed all of the minor issues pointed out by Peter
in his reviews V2 (joining unnecessarily split lines, failing when a
modalias file can't be found (rather than "kind of" ignoring it),
and other minor fixes.
* The main difference between V2 and V3 is that I've relented on the
issue of re-using the existing <driver name='blah'/> attribute (due
to potential backwrd compatibility problems we might encounter), and
am instead adding a new attribute <driver model='blah'/>. This means
that both the driver name and the new driver model attribute names
don't make as much sense, but that's what fancy GUI frontends are
for -hiding the borderline-confusing names!
* One change suggested by Peter that I enthusiastically agree with,
but haven't implemented in V3 is to cache the few relevant lines of
modules.alias rather than rereading the entire file each time. I do
agree with him, but have run out of steam (and time) to implement it
now - I do promise a followup with this functionality "soon".
Patches 2-9 and 11 were already ACKed by Peter in V2 (several of them
conditionally based on some minor fixes that I have made). This leaves
only patches 1, 10, 12, and 13 that require an ACK (V2 had 15 patches,
but I removed two of them).
Laine Stump (13):
util: properly deal with VFIO module name vs. driver name
schema: consolidate RNG for all hostdev <driver> elements
conf: move/rename hostdev PCI driver type enum to device_conf.h
conf: normalize hostdev <driver> parsing to simplify adding new attr
conf: put hostdev PCI backend into a struct
conf: use virDeviceHostdevPCIDriverInfo in network and networkport
objects
conf: split out hostdev <driver> parse/format to their own functions
conf: use new common parser/formatter for hostdev driver in network
XML
conf: replace virHostdevIsVFIODevice with virHostdevIsPCIDevice
xen: explicitly set hostdev driver.name at runtime, not in postparse
tests: remove explicit <driver name='vfio'/> from hostdev test cases
conf: support manually specifying VFIO variant driver in <hostdev> XML
qemu: automatically bind to a vfio variant driver, if available
docs/formatdomain.rst | 55 ++-
docs/formatnetwork.rst | 22 +-
docs/formatnetworkport.rst | 1 -
docs/pci-addresses.rst | 1 -
src/conf/device_conf.c | 59 +++
src/conf/device_conf.h | 27 ++
src/conf/domain_capabilities.c | 2 +-
src/conf/domain_capabilities.h | 2 +-
src/conf/domain_conf.c | 98 +----
src/conf/domain_conf.h | 18 +-
src/conf/network_conf.c | 42 +-
src/conf/network_conf.h | 17 +-
src/conf/schemas/basictypes.rng | 20 +
src/conf/schemas/domaincommon.rng | 173 ++++----
src/conf/schemas/network.rng | 10 +-
src/conf/schemas/networkport.rng | 10 +-
src/conf/virconftypes.h | 2 +
src/conf/virnetworkportdef.c | 22 +-
src/conf/virnetworkportdef.h | 4 +-
src/hypervisor/virhostdev.c | 16 +-
src/hypervisor/virhostdev.h | 2 -
src/libvirt_private.syms | 8 +-
src/libxl/libxl_capabilities.c | 3 +-
src/libxl/libxl_domain.c | 73 +++-
src/libxl/libxl_driver.c | 25 +-
src/network/bridge_driver.c | 3 +-
src/qemu/qemu_capabilities.c | 4 +-
src/qemu/qemu_command.c | 16 +-
src/qemu/qemu_domain.c | 28 +-
src/qemu/qemu_hostdev.c | 2 +-
src/qemu/qemu_hotplug.c | 2 +-
src/qemu/qemu_validate.c | 6 +-
src/security/security_apparmor.c | 2 +-
src/security/security_dac.c | 4 +-
src/security/security_selinux.c | 4 +-
src/security/virt-aa-helper.c | 7 +-
src/test/test_driver.c | 18 +-
src/util/virpci.c | 410 ++++++++++++++++--
src/util/virpci.h | 2 +
tests/domaincapstest.c | 4 +-
tests/libxlxml2domconfigdata/moredevs-hvm.xml | 1 -
tests/networkxml2xmlin/hostdev-pf-old.xml | 8 +
tests/networkxml2xmlin/hostdev-pf.xml | 1 -
tests/networkxml2xmlout/hostdev-pf-old.xml | 8 +
tests/networkxml2xmlout/hostdev-pf.xml | 1 -
tests/networkxml2xmltest.c | 6 +
.../qemuhotplug-hostdev-pci.xml | 1 -
.../qemumemlock-pc-hardlimit+hostdev.xml | 1 -
...emumemlock-pc-hardlimit+locked+hostdev.xml | 1 -
.../qemumemlock-pc-hostdev-nvme.xml | 1 -
.../qemumemlock-pc-hostdev.xml | 1 -
.../qemumemlock-pc-locked+hostdev.xml | 1 -
.../qemumemlock-pseries-hardlimit+hostdev.xml | 1 -
...mlock-pseries-hardlimit+locked+hostdev.xml | 1 -
.../qemumemlock-pseries-hostdev.xml | 1 -
.../qemumemlock-pseries-locked+hostdev.xml | 1 -
tests/qemustatusxml2xmldata/modern-in.xml | 1 -
.../hostdev-pci-address-unassigned.xml | 4 -
.../hostdev-pci-multifunction.xml | 7 -
.../hostdev-vfio-multidomain.xml | 1 -
.../hostdev-vfio-zpci-autogenerate-fids.xml | 2 -
.../hostdev-vfio-zpci-autogenerate-uids.xml | 2 -
.../hostdev-vfio-zpci-autogenerate.xml | 1 -
.../hostdev-vfio-zpci-boundaries.xml | 2 -
.../hostdev-vfio-zpci-ccw-memballoon.xml | 1 -
.../hostdev-vfio-zpci-duplicate.xml | 2 -
...ostdev-vfio-zpci-invalid-uid-valid-fid.xml | 1 -
.../hostdev-vfio-zpci-multidomain-many.xml | 8 -
.../hostdev-vfio-zpci-set-zero.xml | 1 -
.../hostdev-vfio-zpci-uid-set-zero.xml | 1 -
.../hostdev-vfio-zpci-wrong-arch.xml | 1 -
tests/qemuxml2argvdata/hostdev-vfio-zpci.xml | 1 -
.../hostdev-vfio.x86_64-latest.args | 5 +-
tests/qemuxml2argvdata/hostdev-vfio.xml | 19 +-
.../net-hostdev-vfio-multidomain.xml | 1 -
tests/qemuxml2argvdata/net-hostdev-vfio.xml | 1 -
tests/qemuxml2argvdata/pseries-hostdevs-1.xml | 3 -
tests/qemuxml2argvdata/pseries-hostdevs-2.xml | 2 -
tests/qemuxml2argvdata/pseries-hostdevs-3.xml | 2 -
...v-pci-address-unassigned.x86_64-latest.xml | 4 -
...ostdev-pci-multifunction.x86_64-latest.xml | 7 -
...dev-vfio-old-driver-name.x86_64-latest.xml | 46 ++
...io-zpci-autogenerate-fids.s390x-latest.xml | 2 -
...io-zpci-autogenerate-uids.s390x-latest.xml | 2 -
...ev-vfio-zpci-autogenerate.s390x-latest.xml | 1 -
...tdev-vfio-zpci-boundaries.s390x-latest.xml | 2 -
...-vfio-zpci-ccw-memballoon.s390x-latest.xml | 1 -
...fio-zpci-multidomain-many.s390x-latest.xml | 8 -
.../hostdev-vfio-zpci.s390x-latest.xml | 1 -
.../hostdev-vfio.x86_64-latest.xml | 24 +-
.../net-hostdev-vfio.x86_64-latest.xml | 1 -
.../pseries-hostdevs-1.ppc64-latest.xml | 3 -
.../pseries-hostdevs-2.ppc64-latest.xml | 2 -
.../pseries-hostdevs-3.ppc64-latest.xml | 2 -
tests/virhostdevtest.c | 2 +-
.../plug-hostdev-pci-unmanaged.xml | 1 -
.../plug-hostdev-pci.xml | 1 -
tests/virpcimock.c | 9 +
tests/xlconfigdata/test-fullvirt-pci.xml | 2 -
tests/xmconfigdata/test-pci-dev-syntax.xml | 2 -
tests/xmconfigdata/test-pci-devs.xml | 2 -
tools/virsh-completer-nodedev.c | 4 +-
102 files changed, 927 insertions(+), 530 deletions(-)
create mode 100644 tests/networkxml2xmlin/hostdev-pf-old.xml
create mode 100644 tests/networkxml2xmlout/hostdev-pf-old.xml
create mode 100644 tests/qemuxml2xmloutdata/hostdev-vfio-old-driver-name.x86_64-latest.xml
--
2.43.0
10 months, 3 weeks
[PATCH 0/6] qemu: Update capabilities and add support for assigning multiple iothreads to a virtio-blk device
by Peter Krempa
See 4/6 for docs, 6/6 for examples
Peter Krempa (6):
qemucapabilitiesdata: Add data for the qemu-9.0 development cycle
util: xml: Return GPtrArray from virXMLNodeGetSubelement
qemu: capabilities: Introduce QEMU_CAPS_VIRTIO_BLK_IOTHREAD_MAPPING
conf: Add possibility to configure multiple iothreads per disk
qemu: Implement support for configuring iothread to virtqueue mapping
for disks
tests: Add xml->argv and xml->xml tests for the new iothread mapping
feature
docs/formatdomain.rst | 23 +-
src/conf/domain_conf.c | 116 +-
src/conf/domain_conf.h | 14 +
src/conf/domain_validate.c | 8 +
src/conf/network_conf.c | 33 +-
src/conf/nwfilter_conf.c | 20 +-
src/conf/schemas/domaincommon.rng | 47 +-
src/hypervisor/domain_driver.c | 15 +-
src/qemu/qemu_capabilities.c | 2 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_command.c | 45 +
src/qemu/qemu_validate.c | 117 +-
src/util/virxml.c | 21 +-
src/util/virxml.h | 5 +-
.../domaincapsdata/qemu_9.0.0-q35.x86_64.xml | 289 +
.../domaincapsdata/qemu_9.0.0-tcg.x86_64.xml | 288 +
tests/domaincapsdata/qemu_9.0.0.x86_64.xml | 289 +
.../caps_9.0.0_x86_64.replies | 42923 ++++++++++++++++
.../caps_9.0.0_x86_64.xml | 3760 ++
.../iothreads-disk.x86_64-latest.args | 13 +-
tests/qemuxml2argvdata/iothreads-disk.xml | 25 +-
.../iothreads-disk.x86_64-latest.xml | 26 +-
22 files changed, 47986 insertions(+), 94 deletions(-)
create mode 100644 tests/domaincapsdata/qemu_9.0.0-q35.x86_64.xml
create mode 100644 tests/domaincapsdata/qemu_9.0.0-tcg.x86_64.xml
create mode 100644 tests/domaincapsdata/qemu_9.0.0.x86_64.xml
create mode 100644 tests/qemucapabilitiesdata/caps_9.0.0_x86_64.replies
create mode 100644 tests/qemucapabilitiesdata/caps_9.0.0_x86_64.xml
--
2.43.0
10 months, 3 weeks
[PATCH 0/2] tests: Ensure test files are newline-terminated
by Andrea Bolognani
Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/1128046264
Andrea Bolognani (2):
tests: Drop some unused qemunbdkit data files
tests: Ensure test files are newline-terminated
...69d019_36ea_4111_8f0a_8c9a70e21366-create.json | 2 +-
...69d019_36ea_4111_8f0a_8c9a70e21366-define.json | 2 +-
...441d39_495e_4243_ad9f_beb3f14c23d9-create.json | 2 +-
...441d39_495e_4243_ad9f_beb3f14c23d9-define.json | 2 +-
...dc4916_1ca8_49ac_b176_871d16c13076-create.json | 2 +-
...dc4916_1ca8_49ac_b176_871d16c13076-define.json | 2 +-
.../disk-cdrom-network.args.disk1.pipe.778 | 2 +-
.../disk-cdrom-network.args.disk2.pipe.780 | 2 +-
.../disk-network-http.args.disk2.pipe.778 | 2 +-
.../disk-network-http.args.disk3.pipe.780 | 2 +-
...source-curl-nbdkit-backing.args.disk0.pipe.778 | 2 +-
.../disk-network-source-curl.args.disk0.pipe.778 | 2 +-
.../disk-network-source-curl.args.disk1.pipe.780 | 2 +-
.../disk-network-source-curl.args.disk1.pipe.782 | 2 +-
.../disk-network-source-curl.args.disk2.pipe.782 | 1 -
.../disk-network-source-curl.args.disk2.pipe.784 | 2 +-
.../disk-network-ssh-password.args.disk0.pipe.778 | 2 +-
tests/qemunbdkitdata/disk-network-ssh.args.disk1 | 8 --------
.../disk-network-ssh.args.disk1.pipe.778 | 1 -
tests/qemunbdkitdata/disk-network-ssh.args.disk2 | 9 ---------
tests/testutils.c | 15 ++++++---------
.../linux-ppc64-deconf-cpus.signature | 2 +-
.../linux-ppc64-subcores1.signature | 2 +-
.../linux-ppc64-subcores2.signature | 2 +-
.../linux-ppc64-subcores3.signature | 2 +-
.../linux-s390x-with-frequency.signature | 2 +-
26 files changed, 27 insertions(+), 49 deletions(-)
delete mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.782
delete mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1
delete mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1.pipe.778
delete mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk2
--
2.43.0
10 months, 3 weeks
[PATCH v4] qemu: add runtime config option for nbdkit
by Jonathon Jongsma
Currently when we build with nbdkit support, libvirt will always try to
use nbdkit to access remote disk sources when it is available. But
without an up-to-date selinux policy allowing this, it will fail.
because the required selinux policies are not yet widely available, we
have disabled nbdkit support on rpm builds for all distributions before
Fedora 40.
Unfortunately, this makes it more difficult to test nbdkit support.
After someone updates to the necessary selinux policies, they would also
need to rebuild libvirt to enable nbdkit support. By introducing a
configure option (nbdkit_config_default), we can build packages with
nbdkit support but have it disabled by default.
Signed-off-by: Jonathon Jongsma <jjongsma(a)redhat.com>
Suggested-by: Andrea Bolognani <abologna(a)redhat.com>
---
changes in v4
- squashed in Andrea's suggested changes
- updated error message
- Changed one instance of WITH_NDBKIT to WITH_NBDKIT :)
- tested
libvirt.spec.in | 18 ++++++++++++++----
meson.build | 10 ++++++++++
meson_options.txt | 3 ++-
src/qemu/libvirtd_qemu.aug | 3 +++
src/qemu/meson.build | 2 ++
src/qemu/qemu.conf.in | 11 +++++++++++
src/qemu/qemu_conf.c | 24 ++++++++++++++++++++++++
src/qemu/qemu_conf.h | 2 ++
src/qemu/qemu_domain.c | 3 +++
src/qemu/test_libvirtd_qemu.aug.in | 1 +
tests/qemuxml2argvtest.c | 15 +++++++++------
11 files changed, 81 insertions(+), 11 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 1d0ec5073d..2f2d713732 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -96,6 +96,7 @@
%define with_sanlock 0
%define with_numad 0
%define with_nbdkit 0
+%define with_nbdkit_config_default 0
%define with_firewalld_zone 0
%define with_netcf 0
%define with_libssh2 0
@@ -174,15 +175,17 @@
%endif
%endif
-# We should only enable nbdkit support if the OS ships a SELinux policy that
-# allows libvirt to launch it. Right now that's not the case anywhere, but
-# things should be fine by the time Fedora 40 is released.
+# We want to build with nbdkit support, but should only enable nbdkit by
+# default if the OS ships a SELinux policy that allows libvirt to launch it.
+# Right now that's not the case anywhere, but things should be fine by the time
+# Fedora 40 is released.
#
# TODO: add RHEL 9 once a minor release that contains the necessary SELinux
# bits exists (we only support the most recent minor release)
%if %{with_qemu}
+ %define with_nbdkit 0%{!?_without_nbdkit:1}
%if 0%{?fedora} >= 40
- %define with_nbdkit 0%{!?_without_nbdkit:1}
+ %define with_nbdkit_config_default 0%{!?_without_nbdkit_config_default:1}
%endif
%endif
@@ -1207,6 +1210,12 @@ exit 1
%define arg_nbdkit -Dnbdkit=disabled
%endif
+%if %{with_nbdkit_config_default}
+ %define arg_nbdkit_config_default -Dnbdkit_config_default=enabled
+%else
+ %define arg_nbdkit_config_default -Dnbdkit_config_default=disabled
+%endif
+
%if %{with_fuse}
%define arg_fuse -Dfuse=enabled
%else
@@ -1322,6 +1331,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/libvirt.spec)
%{?arg_sanlock} \
-Dlibpcap=enabled \
%{?arg_nbdkit} \
+ %{?arg_nbdkit_config_default} \
-Dlibnl=enabled \
-Daudit=enabled \
-Ddtrace=enabled \
diff --git a/meson.build b/meson.build
index 4d96b32e58..1e5e1d7954 100644
--- a/meson.build
+++ b/meson.build
@@ -1009,6 +1009,16 @@ if not conf.has('WITH_NBDKIT')
libnbd_dep = dependency('', required: false)
endif
+# default value for storage_use_nbdkit config option.
+# For now 'auto' just maps to disabled, but in the future it may depend on
+# which security drivers are enabled
+use_nbdkit_default = get_option('nbdkit_config_default').enabled()
+
+if use_nbdkit_default and not conf.has('WITH_NBDKIT')
+ error('nbdkit_config_default requires nbdkit to be enabled')
+endif
+conf.set10('USE_NBDKIT_DEFAULT', use_nbdkit_default)
+
libnl_version = '3.0'
if not get_option('libnl').disabled() and host_machine.system() == 'linux'
libnl_dep = dependency('libnl-3.0', version: '>=' + libnl_version, required: get_option('libnl'))
diff --git a/meson_options.txt b/meson_options.txt
index a0928102bf..182e28b3d1 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -104,7 +104,8 @@ option('loader_nvram', type: 'string', value: '', description: 'Pass list of pai
option('login_shell', type: 'feature', value: 'auto', description: 'build virt-login-shell')
option('nss', type: 'feature', value: 'auto', description: 'enable Name Service Switch plugin for resolving guest IP addresses')
option('numad', type: 'feature', value: 'auto', description: 'use numad to manage CPU placement dynamically')
-option('nbdkit', type: 'feature', value: 'auto', description: 'use nbdkit to access network disks')
+option('nbdkit', type: 'feature', value: 'auto', description: 'Build nbdkit storage backend')
+option('nbdkit_config_default', type: 'feature', value: 'auto', description: 'Whether to use nbdkit storage backend for network disks by default (configurable)')
option('pm_utils', type: 'feature', value: 'auto', description: 'use pm-utils for power management')
option('sysctl_config', type: 'feature', value: 'auto', description: 'Whether to install sysctl configs')
option('tls_priority', type: 'string', value: 'NORMAL', description: 'set the default TLS session priority string')
diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
index ed097ea3d9..43485b43fb 100644
--- a/src/qemu/libvirtd_qemu.aug
+++ b/src/qemu/libvirtd_qemu.aug
@@ -147,6 +147,8 @@ module Libvirtd_qemu =
let capability_filters_entry = str_array_entry "capability_filters"
+ let storage_entry = bool_entry "storage_use_nbdkit"
+
(* Each entry in the config is one of the following ... *)
let entry = default_tls_entry
| vnc_entry
@@ -170,6 +172,7 @@ module Libvirtd_qemu =
| nbd_entry
| swtpm_entry
| capability_filters_entry
+ | storage_entry
| obsolete_entry
let comment = [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \t\n][^\n]*)?/ . del /\n/ "\n" ]
diff --git a/src/qemu/meson.build b/src/qemu/meson.build
index 2279fef2ca..4c3e1dee78 100644
--- a/src/qemu/meson.build
+++ b/src/qemu/meson.build
@@ -137,6 +137,7 @@ if conf.has('WITH_QEMU')
qemu_user_group_conf = configuration_data({
'QEMU_USER': qemu_user,
'QEMU_GROUP': qemu_group,
+ 'USE_NBDKIT_DEFAULT': use_nbdkit_default.to_int(),
})
qemu_conf = configure_file(
input: 'qemu.conf.in',
@@ -147,6 +148,7 @@ if conf.has('WITH_QEMU')
qemu_user_group_hack_conf = configuration_data({
'QEMU_USER': qemu_user,
'QEMU_GROUP': qemu_group,
+ 'USE_NBDKIT_DEFAULT': use_nbdkit_default.to_int(),
# This hack is necessary because the output file is going to be
# used as input for another configure_file() call later, which
# will take care of substituting @CONFIG@ with useful data
diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in
index 6897e0f760..34025a02ef 100644
--- a/src/qemu/qemu.conf.in
+++ b/src/qemu/qemu.conf.in
@@ -974,3 +974,14 @@
# "full" - both QEMU and its helper processes are placed into separate
# scheduling group
#sched_core = "none"
+
+# Using nbdkit to access remote disk sources
+#
+# If this is set then libvirt will use nbdkit to access remote disk sources
+# when available. nbdkit will export an NBD share to QEMU rather than having
+# QEMU attempt to access the remote server directly.
+#
+# Possible values are 0 or 1. Default value is @USE_NBDKIT_DEFAULT@. Please
+# note that the default might change in future releases.
+#
+#storage_use_nbdkit = @USE_NBDKIT_DEFAULT@
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 513b5ebb1e..53eec9c43a 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -285,6 +285,7 @@ virQEMUDriverConfig *virQEMUDriverConfigNew(bool privileged,
return NULL;
cfg->deprecationBehavior = g_strdup("none");
+ cfg->storageUseNbdkit = USE_NBDKIT_DEFAULT;
return g_steal_pointer(&cfg);
}
@@ -1065,6 +1066,26 @@ virQEMUDriverConfigLoadCapsFiltersEntry(virQEMUDriverConfig *cfg,
}
+static int
+virQEMUDriverConfigLoadStorageEntry(virQEMUDriverConfig *cfg,
+ virConf *conf)
+{
+ if (virConfGetValueBool(conf, "storage_use_nbdkit", &cfg->storageUseNbdkit) < 0)
+ return -1;
+
+#if !WITH_NBDKIT
+ if (cfg->storageUseNbdkit) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ "%s",
+ _("configuration option 'storage_use_nbdkit' was specified, but nbdkit is not supported by this libvirt"));
+ return -1;
+ }
+#endif /* WITH_NBDKIT */
+
+ return 0;
+}
+
+
int virQEMUDriverConfigLoadFile(virQEMUDriverConfig *cfg,
const char *filename,
bool privileged)
@@ -1136,6 +1157,9 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfig *cfg,
if (virQEMUDriverConfigLoadCapsFiltersEntry(cfg, conf) < 0)
return -1;
+ if (virQEMUDriverConfigLoadStorageEntry(cfg, conf) < 0)
+ return -1;
+
return 0;
}
diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
index 1a3ba3a0fb..36049b4bfa 100644
--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -230,6 +230,8 @@ struct _virQEMUDriverConfig {
char *deprecationBehavior;
+ bool storageUseNbdkit;
+
virQEMUSchedCore schedCore;
};
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 734d63f8a4..e16ba1c225 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -10296,6 +10296,9 @@ qemuDomainPrepareStorageSourceNbdkit(virStorageSource *src,
{
g_autoptr(qemuNbdkitCaps) nbdkit = NULL;
+ if (!cfg->storageUseNbdkit)
+ return false;
+
if (virStorageSourceGetActualType(src) != VIR_STORAGE_TYPE_NETWORK)
return false;
diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in
index c730df40b0..e4cfde6cc7 100644
--- a/src/qemu/test_libvirtd_qemu.aug.in
+++ b/src/qemu/test_libvirtd_qemu.aug.in
@@ -117,3 +117,4 @@ module Test_libvirtd_qemu =
}
{ "deprecation_behavior" = "none" }
{ "sched_core" = "none" }
+{ "storage_use_nbdkit" = "@USE_NBDKIT_DEFAULT@" }
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index b2ea2191dc..74d20b9132 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1125,7 +1125,6 @@ mymain(void)
DO_TEST_CAPS_LATEST("disk-cdrom-empty-network-invalid");
DO_TEST_CAPS_LATEST("disk-cdrom-bus-other");
DO_TEST_CAPS_LATEST("disk-cdrom-network");
- DO_TEST_CAPS_LATEST_NBDKIT("disk-cdrom-network-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
DO_TEST_CAPS_LATEST("disk-cdrom-tray");
DO_TEST_CAPS_LATEST("disk-floppy");
DO_TEST_CAPS_LATEST("disk-floppy-q35");
@@ -1171,8 +1170,6 @@ mymain(void)
DO_TEST_CAPS_VER("disk-network-sheepdog", "6.0.0");
DO_TEST_CAPS_LATEST("disk-network-source-auth");
DO_TEST_CAPS_LATEST("disk-network-source-curl");
- DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
- DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit-backing", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
DO_TEST_CAPS_LATEST("disk-network-nfs");
driver.config->vxhsTLS = 1;
driver.config->nbdTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea");
@@ -1183,13 +1180,10 @@ mymain(void)
DO_TEST_CAPS_LATEST("disk-network-tlsx509-nbd-hostname");
DO_TEST_CAPS_VER("disk-network-tlsx509-vxhs", "5.0.0");
DO_TEST_CAPS_LATEST("disk-network-http");
- DO_TEST_CAPS_LATEST_NBDKIT("disk-network-http-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
VIR_FREE(driver.config->nbdTLSx509secretUUID);
VIR_FREE(driver.config->vxhsTLSx509secretUUID);
driver.config->vxhsTLS = 0;
DO_TEST_CAPS_LATEST("disk-network-ssh");
- DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_SSH);
- DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-password", QEMU_NBDKIT_CAPS_PLUGIN_SSH);
DO_TEST_CAPS_LATEST("disk-no-boot");
DO_TEST_CAPS_LATEST("disk-nvme");
DO_TEST_CAPS_VER("disk-vhostuser-numa", "4.2.0");
@@ -1259,6 +1253,15 @@ mymain(void)
DO_TEST_CAPS_LATEST("disk-geometry");
DO_TEST_CAPS_LATEST("disk-blockio");
+ driver.config->storageUseNbdkit = 1;
+ DO_TEST_CAPS_LATEST_NBDKIT("disk-cdrom-network-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit-backing", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST_CAPS_LATEST_NBDKIT("disk-network-http-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL);
+ DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_SSH);
+ DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-password", QEMU_NBDKIT_CAPS_PLUGIN_SSH);
+ driver.config->storageUseNbdkit = 0;
+
DO_TEST_CAPS_VER("disk-virtio-scsi-reservations", "5.2.0");
DO_TEST_CAPS_LATEST("disk-virtio-scsi-reservations");
--
2.43.0
10 months, 3 weeks
[PATCH] libvirt.spec: Fix nbdkit selection logic on mingw and old rhel
by Peter Krempa
rhel-8 lacks 'pidfd_open()' support and thus nbdkit can't be enabled
there.
mingw builds explicitly disable nbdkit support, but use
'--auto-features=enabled' thus omitting setting of
'nbdkit_config_default' results in meson thinking we want to enable it:
../meson.build:1018:2: ERROR: Problem encountered: nbdkit_config_default requires nbdkit to be enabled
Disable it explicitly. The meson logic might need to be fixed eventually
when switching it on by default.
Fixes: 9eabf14afbd429af1be195723fdeab5ccdd0b2cd
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
libvirt.spec.in | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 2f2d713732..8413e3c19a 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -179,13 +179,19 @@
# default if the OS ships a SELinux policy that allows libvirt to launch it.
# Right now that's not the case anywhere, but things should be fine by the time
# Fedora 40 is released.
-#
-# TODO: add RHEL 9 once a minor release that contains the necessary SELinux
-# bits exists (we only support the most recent minor release)
%if %{with_qemu}
- %define with_nbdkit 0%{!?_without_nbdkit:1}
- %if 0%{?fedora} >= 40
- %define with_nbdkit_config_default 0%{!?_without_nbdkit_config_default:1}
+ # rhel-8 lacks pidfd_open
+ %if 0%{?fedora} || 0%{?rhel} >= 9
+ %define with_nbdkit 0%{!?_without_nbdkit:1}
+
+ # setting 'with_nbdkit_config_default' must be done only when compiling
+ # in nbdkit support
+ #
+ # TODO: add RHEL 9 once a minor release that contains the necessary SELinux
+ # bits exists (we only support the most recent minor release)
+ %if 0%{?fedora} >= 40
+ %define with_nbdkit_config_default 0%{!?_without_nbdkit_config_default:1}
+ %endif
%endif
%endif
@@ -1397,6 +1403,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/libvirt.spec)
-Dhost_validate=disabled \
-Dlibiscsi=disabled \
-Dnbdkit=disabled \
+ -Dnbdkit_config_default=disabled \
-Dlibnl=disabled \
-Dlibpcap=disabled \
-Dlibssh2=disabled \
--
2.43.0
10 months, 3 weeks
[PATCH 0/7] Code cleanup 2
by Artem Chernyshev
Several functions was modified to become invariant. Change
their type to void and remove unnecessary checks of their
return values.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Artem Chernyshev (7):
cpu: : virCPUx86DataAddItem() to void
rpc: virnetserver: virNetServerAddService() to void
lxc: virLXCControllerAddConsole() to void
conf: virDomainNetUpdate() to void
virprocess: virProcessGetNamespaces() to void
node_device: udevTranslatePCIIds() to void
node_device: udevGetStringSysfsAttr() to void
src/conf/domain_conf.c | 3 +-
src/conf/domain_conf.h | 2 +-
src/cpu/cpu_x86.c | 179 +++++++++++------------------
src/cpu/cpu_x86.h | 4 +-
src/libvirt-lxc.c | 5 +-
src/libxl/libxl_capabilities.c | 13 +--
src/lxc/lxc_controller.c | 9 +-
src/lxc/lxc_driver.c | 6 +-
src/node_device/node_device_udev.c | 69 ++++-------
src/qemu/qemu_capabilities.c | 3 +-
src/qemu/qemu_driver.c | 3 +-
src/qemu/qemu_monitor_json.c | 7 +-
src/qemu/qemu_process.c | 3 +-
src/rpc/virnetserver.c | 25 +---
src/rpc/virnetserver.h | 2 +-
src/util/virprocess.c | 4 +-
src/util/virprocess.h | 2 +-
tests/virnetdaemontest.c | 6 +-
18 files changed, 118 insertions(+), 227 deletions(-)
--
2.43.0
10 months, 3 weeks
