January 2024 - Devel - Libvirt List Archives

[PATCH 0/2] tests: Add capabilities for QEMU 8.2.0 on aarch64

by Andrea Bolognani

Edited for brevity. Full version: $ git fetch https://gitlab.com/abologna/libvirt.git qemu-caps Andrea Bolognani (2): tests: Don't use features with vexpress machine tests: Add capabilities for QEMU 8.2.0 on aarch64 .../qemu_8.2.0-virt.aarch64.xml | 227 + tests/domaincapsdata/qemu_8.2.0.aarch64.xml | 227 + .../caps_8.2.0_aarch64.replies | 36411 ++++++++++++++++ .../caps_8.2.0_aarch64.xml | 549 + ...ch64-aavmf-virtio-mmio.aarch64-latest.args | 5 +- ...arch64-cpu-passthrough.aarch64-latest.args | 3 +- ...fault-cpu-kvm-virt-4.2.aarch64-latest.args | 3 +- ...fault-cpu-tcg-virt-4.2.aarch64-latest.args | 3 +- .../aarch64-features-sve.aarch64-latest.args | 3 +- ...rch64-gic-default-both.aarch64-latest.args | 3 +- ...aarch64-gic-default-v2.aarch64-latest.args | 3 +- ...aarch64-gic-default-v3.aarch64-latest.args | 3 +- .../aarch64-gic-default.aarch64-latest.args | 3 +- .../aarch64-gic-host.aarch64-latest.args | 3 +- .../aarch64-gic-none-both.aarch64-latest.args | 3 +- .../aarch64-gic-none-tcg.aarch64-latest.args | 3 +- .../aarch64-gic-none-v2.aarch64-latest.args | 3 +- .../aarch64-gic-none-v3.aarch64-latest.args | 3 +- .../aarch64-gic-none.aarch64-latest.args | 3 +- .../aarch64-gic-v2.aarch64-latest.args | 3 +- .../aarch64-gic-v3.aarch64-latest.args | 3 +- .../aarch64-kvm-32-on-64.aarch64-latest.args | 4 +- .../aarch64-pci-serial.aarch64-latest.args | 3 +- .../aarch64-tpm.aarch64-latest.args | 3 +- ...arch64-traditional-pci.aarch64-latest.args | 3 +- ...aarch64-usb-controller.aarch64-latest.args | 3 +- .../aarch64-video-default.aarch64-latest.args | 3 +- ...4-video-virtio-gpu-pci.aarch64-latest.args | 5 +- ...rch64-virt-default-nic.aarch64-latest.args | 5 +- .../aarch64-virt-graphics.aarch64-latest.args | 4 +- .../aarch64-virt-headless.aarch64-latest.args | 4 +- ...rch64-virt-virtio-MMIO.aarch64.latest.args | 5 +- .../aarch64-virt-virtio.aarch64-latest.args | 5 +- ...h64-virtio-pci-default.aarch64-latest.args | 5 +- ...o-pci-manual-addresses.aarch64-latest.args | 7 +- .../arm-vexpressa9-basic.aarch64-latest.args | 2 +- .../qemuxml2argvdata/arm-vexpressa9-basic.xml | 5 - .../arm-vexpressa9-nodevs.xml | 5 - .../arm-vexpressa9-virtio.aarch64-latest.args | 2 +- .../arm-vexpressa9-virtio.xml | 5 - .../arm-virt-virtio.aarch64-latest.args | 4 +- .../balloon-mmio-deflate.aarch64-latest.args | 3 +- .../clock-timer-armvtimer.aarch64-latest.args | 3 +- ...ult-video-type-aarch64.aarch64-latest.args | 3 +- .../disk-arm-virtio-sd.aarch64-latest.args | 1 - ...mware-auto-efi-aarch64.aarch64-latest.args | 2 +- ...efi-abi-update-aarch64.aarch64-latest.args | 2 +- ...-loader-raw-abi-update.aarch64-latest.args | 2 +- ...-efi-format-loader-raw.aarch64-latest.args | 2 +- ...i-aarch64-legacy-paths.aarch64-latest.args | 2 +- ...anual-efi-acpi-aarch64.aarch64-latest.args | 2 +- ...ual-efi-noacpi-aarch64.aarch64-latest.args | 3 +- ...l-noefi-noacpi-aarch64.aarch64-latest.args | 3 +- .../iommu-smmuv3.aarch64-latest.args | 3 +- ...ch-virt-console-native.aarch64-latest.args | 3 +- ...ch-virt-console-virtio.aarch64-latest.args | 3 +- ...-serial+console-native.aarch64-latest.args | 3 +- ...ach-virt-serial-compat.aarch64-latest.args | 3 +- ...ach-virt-serial-native.aarch64-latest.args | 3 +- .../mach-virt-serial-pci.aarch64-latest.args | 3 +- .../mach-virt-serial-usb.aarch64-latest.args | 3 +- ...e-expander-bus-aarch64.aarch64-latest.args | 3 +- .../pvpanic-pci-aarch64.aarch64-latest.args | 2 +- ...pci-no-address-aarch64.aarch64-latest.args | 2 +- .../virtio-iommu-aarch64.aarch64-latest.args | 2 +- 65 files changed, 37483 insertions(+), 127 deletions(-) create mode 100644 tests/domaincapsdata/qemu_8.2.0-virt.aarch64.xml create mode 100644 tests/domaincapsdata/qemu_8.2.0.aarch64.xml create mode 100644 tests/qemucapabilitiesdata/caps_8.2.0_aarch64.replies create mode 100644 tests/qemucapabilitiesdata/caps_8.2.0_aarch64.xml -- 2.43.0

1 year, 2 months

3
7
0 / 0

[PATCH 0/2] Deprecate the shix machine and the TC58128 flash device

by Samuel Tardieu

The shix machine was a research project started around 2003 at Télécom Paris. Preliminary support in QEMU was added in 2005 back when the QEMU architecture was less structured than it is now. Unfortunately, the support for the shix machine and its peripherals, such as the TC58128 16MiB flash device, has never been maintained as the research project used the real machine. This project stopped around 2010 and to the best of my knowledge and after consulting with the original author Alexis Polti, I propose to deprecate it in QEMU as well as the TC58128 flash device which does not implement the QOM model and still contains debug fprintf statements. Samuel Tardieu (2): target/sh4: Deprecate the shix machine hw/block: Deprecate the TC58128 block device docs/about/deprecated.rst | 5 +++++ hw/block/tc58128.c | 1 + hw/sh4/shix.c | 1 + 3 files changed, 7 insertions(+) -- 2.42.0

1 year, 2 months

4
7
0 / 0

[ PATCH vf-token 0/8] Introduce vf-token when using userspace PF

by Vivek Kashyap

The VFIO PCI ABI has been extended to require userspace PF driver to set a VF token to a known value. The VF drivers are then required to provide this token to access the VF device. The vf-token is set by the PF driver before VF drivers can access the device. The kernel provides no means to retrieve the token in use; but there is no specification describing the distribution or level of confidentiality of the token. Qemu has been extended to require the vf-token when vf device is used. An important point to note is that the vf-token is required only when both the PF and VF are used in userspace. This patch series adds support to provide the vf-token (uuid format) in the domain XML and to generate the qemu commandline including the vf-token. To support vf-token the new element will be used as follows: <hostdev mode='subsystem' type='pci' managed='yes'> <driver name='vfio'/> <source> <address domain='0x0000' bus='0x0' slot='0x00' function='0x1'> <vf-token uuid='00112233-4455-6677-8899-aabbccddeeff'/> </address> </source> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/> </hostdev> The generated commandline will include the following: -device {"driver":"vfio-pci","host":"0000:00:0.1", "vf-token":"00112233-4455-6677-8899-aabbccddeeff", "id":"hostdev0","bus":"pci.0","addr":"0x1"} Changes since initial RFC based on review comments received: 1. Added documentation 2. Added test cases and ran successful test suite after each patch commit 3. fixed spaces, coding sytle, and uuid string format 4. Used S:vftoken in virJSONValueObjectAdd instead of a conditional Vivek Kashyap (8): Define the vf-token extension for PCI device Introduce the vf-token qemu capability This patch introduces the PCI address extension flag for vf-token This patch introduces new XML parser/formatter functions for parsing the vf-token Introduce a validation function for vf-token support in qemu and generate vf-token device attribute in qemu command line Provide information about the vf-token flag Add tests for the vf-token flag to the qemuxml2argv and qemuxml2xml test suites Update news about vf-token NEWS.rst | 8 +++ docs/formatdomain.rst | 3 ++ src/conf/device_conf.c | 49 ++++++++++++++++--- src/conf/domain_addr.h | 1 + src/conf/domain_conf.c | 8 +++ src/conf/schemas/basictypes.rng | 7 +++ src/libvirt_private.syms | 1 + src/qemu/qemu_capabilities.c | 3 ++ src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_command.c | 8 +++ src/qemu/qemu_domain_address.c | 3 ++ src/qemu/qemu_validate.c | 20 ++++++++ src/util/virpci.c | 7 +++ src/util/virpci.h | 10 ++++ .../qemucapabilitiesdata/caps_8.1.0_s390x.xml | 1 + .../caps_8.1.0_x86_64.xml | 1 + .../caps_8.2.0_x86_64.xml | 1 + .../hostdev-vfio-vf-token.x86_64-latest.args | 34 +++++++++++++ .../hostdev-vfio-vf-token.xml | 22 +++++++++ tests/qemuxml2argvtest.c | 1 + .../hostdev-vfio-vf-token.x86_64-latest.xml | 40 +++++++++++++++ tests/qemuxml2xmltest.c | 1 + 22 files changed, 223 insertions(+), 7 deletions(-) create mode 100644 tests/qemuxml2argvdata/hostdev-vfio-vf-token.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/hostdev-vfio-vf-token.xml create mode 100644 tests/qemuxml2xmloutdata/hostdev-vfio-vf-token.x86_64-latest.xml -- 2.33.8

1 year, 2 months

3
19
0 / 0

[libvirt PATCH 0/6] qemu: Enable postcopy-preempt migration capability

by Jiri Denemark

This is technically a v2 of my recent "Introduce VIR_MIGRATE_POSTCOPY_PREEMPT flag", but the two series share exactly two lines of code (those defining a new QEMU_MIGRATION_CAP_POSTCOPY_PREEMPT enum item) so I'm just sending it as a separate series. More details about this feature can be found in patch 5/6. Jiri Denemark (6): qemu: Document qemuMigrationParamsFlagMapItem fields qemu: Use C99 initializers for qemuMigrationParamsFlagMap qemu: Rename remoteCaps parameter in qemuMigrationParamsCheck qemu: Add support for optional migration capabilities qemu: Enable postcopy-preempt migration capability NEWS: Mention postcopy-preempt migration capability NEWS.rst | 8 ++ src/qemu/qemu_migration.c | 19 +++-- src/qemu/qemu_migration_params.c | 127 ++++++++++++++++++++++--------- src/qemu/qemu_migration_params.h | 4 +- 4 files changed, 115 insertions(+), 43 deletions(-) -- 2.43.0

1 year, 2 months

2
12
0 / 0

[libvirt PATCH 0/3] Introduce VIR_MIGRATE_POSTCOPY_PREEMPT flag

by Jiri Denemark

See 1/3 for details. https://issues.redhat.com/browse/RHEL-7100 Jiri Denemark (3): Introduce VIR_MIGRATE_POSTCOPY_PREEMPT flag virsh migrate: Add --postcopy-preempt option qemu_migration: Implement VIR_MIGRATE_POSTCOPY_PREEMPT docs/manpages/virsh.rst | 9 ++++++--- include/libvirt/libvirt-domain.h | 8 ++++++++ src/qemu/qemu_migration.c | 21 ++++++++++++++++++--- src/qemu/qemu_migration.h | 1 + src/qemu/qemu_migration_params.c | 6 ++++++ src/qemu/qemu_migration_params.h | 1 + tools/virsh-domain.c | 6 ++++++ 7 files changed, 46 insertions(+), 6 deletions(-) -- 2.43.0

1 year, 2 months

3
7
0 / 0

[PATCH v3 00/13] Support for VFIO variant drivers, Part 2

by Laine Stump

This is "V3 of Part 2". "V2 of Part 2": is here: https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/EV... Part 1 (which simply made it possible to use virsh nodedev-detach to bind a device to a manually-specified variant driver, and at guest runtime allowed libvirt to ignore the fact that the driver found to the device was something other than exactly "vfio-pci") was here: https://listman.redhat.com/archives/libvir-list/2023-August/241338.html and pushed upstream as of commit v9.6.0-153-g24beaffec3 Part 2 adds two new pieces of functionality: 1) It is possible to manually specify a VFIO variant driver (or force the generic vfio-pci driver) for a device in the domain XML with, e.g.: <driver name='mlx5_vfio_pci'/> (for the former) or: <driver name='vfio-pci'/> (for the latter). 2) By default libvirt will now find the "best match" VFIO or VFIO variant driver by comparing the device's modalias file contents (in sysfs) with vfio drivers found in the running kernel's modules.alias file. This means that "virsh nodedev-detach" of a host device will bind it to its appropriate VFIO variant driver (if one is available), and also if a <hostdev> decice in a domain config has "managed='yes'", libvirt will bind it to a variant driver if possible (in order to force binding to the basic vfio-pci driver instead, you just need to add the <driver> element mentioned above). Differences from V2 to V3: * I attempted to simplify my explanation of the confusion with module name vs. driver name that I had in the commit log of patch 1. * I think I've addressed all of the minor issues pointed out by Peter in his reviews V2 (joining unnecessarily split lines, failing when a modalias file can't be found (rather than "kind of" ignoring it), and other minor fixes. * The main difference between V2 and V3 is that I've relented on the issue of re-using the existing <driver name='blah'/> attribute (due to potential backwrd compatibility problems we might encounter), and am instead adding a new attribute <driver model='blah'/>. This means that both the driver name and the new driver model attribute names don't make as much sense, but that's what fancy GUI frontends are for -hiding the borderline-confusing names! * One change suggested by Peter that I enthusiastically agree with, but haven't implemented in V3 is to cache the few relevant lines of modules.alias rather than rereading the entire file each time. I do agree with him, but have run out of steam (and time) to implement it now - I do promise a followup with this functionality "soon". Patches 2-9 and 11 were already ACKed by Peter in V2 (several of them conditionally based on some minor fixes that I have made). This leaves only patches 1, 10, 12, and 13 that require an ACK (V2 had 15 patches, but I removed two of them). Laine Stump (13): util: properly deal with VFIO module name vs. driver name schema: consolidate RNG for all hostdev <driver> elements conf: move/rename hostdev PCI driver type enum to device_conf.h conf: normalize hostdev <driver> parsing to simplify adding new attr conf: put hostdev PCI backend into a struct conf: use virDeviceHostdevPCIDriverInfo in network and networkport objects conf: split out hostdev <driver> parse/format to their own functions conf: use new common parser/formatter for hostdev driver in network XML conf: replace virHostdevIsVFIODevice with virHostdevIsPCIDevice xen: explicitly set hostdev driver.name at runtime, not in postparse tests: remove explicit <driver name='vfio'/> from hostdev test cases conf: support manually specifying VFIO variant driver in <hostdev> XML qemu: automatically bind to a vfio variant driver, if available docs/formatdomain.rst | 55 ++- docs/formatnetwork.rst | 22 +- docs/formatnetworkport.rst | 1 - docs/pci-addresses.rst | 1 - src/conf/device_conf.c | 59 +++ src/conf/device_conf.h | 27 ++ src/conf/domain_capabilities.c | 2 +- src/conf/domain_capabilities.h | 2 +- src/conf/domain_conf.c | 98 +---- src/conf/domain_conf.h | 18 +- src/conf/network_conf.c | 42 +- src/conf/network_conf.h | 17 +- src/conf/schemas/basictypes.rng | 20 + src/conf/schemas/domaincommon.rng | 173 ++++---- src/conf/schemas/network.rng | 10 +- src/conf/schemas/networkport.rng | 10 +- src/conf/virconftypes.h | 2 + src/conf/virnetworkportdef.c | 22 +- src/conf/virnetworkportdef.h | 4 +- src/hypervisor/virhostdev.c | 16 +- src/hypervisor/virhostdev.h | 2 - src/libvirt_private.syms | 8 +- src/libxl/libxl_capabilities.c | 3 +- src/libxl/libxl_domain.c | 73 +++- src/libxl/libxl_driver.c | 25 +- src/network/bridge_driver.c | 3 +- src/qemu/qemu_capabilities.c | 4 +- src/qemu/qemu_command.c | 16 +- src/qemu/qemu_domain.c | 28 +- src/qemu/qemu_hostdev.c | 2 +- src/qemu/qemu_hotplug.c | 2 +- src/qemu/qemu_validate.c | 6 +- src/security/security_apparmor.c | 2 +- src/security/security_dac.c | 4 +- src/security/security_selinux.c | 4 +- src/security/virt-aa-helper.c | 7 +- src/test/test_driver.c | 18 +- src/util/virpci.c | 410 ++++++++++++++++-- src/util/virpci.h | 2 + tests/domaincapstest.c | 4 +- tests/libxlxml2domconfigdata/moredevs-hvm.xml | 1 - tests/networkxml2xmlin/hostdev-pf-old.xml | 8 + tests/networkxml2xmlin/hostdev-pf.xml | 1 - tests/networkxml2xmlout/hostdev-pf-old.xml | 8 + tests/networkxml2xmlout/hostdev-pf.xml | 1 - tests/networkxml2xmltest.c | 6 + .../qemuhotplug-hostdev-pci.xml | 1 - .../qemumemlock-pc-hardlimit+hostdev.xml | 1 - ...emumemlock-pc-hardlimit+locked+hostdev.xml | 1 - .../qemumemlock-pc-hostdev-nvme.xml | 1 - .../qemumemlock-pc-hostdev.xml | 1 - .../qemumemlock-pc-locked+hostdev.xml | 1 - .../qemumemlock-pseries-hardlimit+hostdev.xml | 1 - ...mlock-pseries-hardlimit+locked+hostdev.xml | 1 - .../qemumemlock-pseries-hostdev.xml | 1 - .../qemumemlock-pseries-locked+hostdev.xml | 1 - tests/qemustatusxml2xmldata/modern-in.xml | 1 - .../hostdev-pci-address-unassigned.xml | 4 - .../hostdev-pci-multifunction.xml | 7 - .../hostdev-vfio-multidomain.xml | 1 - .../hostdev-vfio-zpci-autogenerate-fids.xml | 2 - .../hostdev-vfio-zpci-autogenerate-uids.xml | 2 - .../hostdev-vfio-zpci-autogenerate.xml | 1 - .../hostdev-vfio-zpci-boundaries.xml | 2 - .../hostdev-vfio-zpci-ccw-memballoon.xml | 1 - .../hostdev-vfio-zpci-duplicate.xml | 2 - ...ostdev-vfio-zpci-invalid-uid-valid-fid.xml | 1 - .../hostdev-vfio-zpci-multidomain-many.xml | 8 - .../hostdev-vfio-zpci-set-zero.xml | 1 - .../hostdev-vfio-zpci-uid-set-zero.xml | 1 - .../hostdev-vfio-zpci-wrong-arch.xml | 1 - tests/qemuxml2argvdata/hostdev-vfio-zpci.xml | 1 - .../hostdev-vfio.x86_64-latest.args | 5 +- tests/qemuxml2argvdata/hostdev-vfio.xml | 19 +- .../net-hostdev-vfio-multidomain.xml | 1 - tests/qemuxml2argvdata/net-hostdev-vfio.xml | 1 - tests/qemuxml2argvdata/pseries-hostdevs-1.xml | 3 - tests/qemuxml2argvdata/pseries-hostdevs-2.xml | 2 - tests/qemuxml2argvdata/pseries-hostdevs-3.xml | 2 - ...v-pci-address-unassigned.x86_64-latest.xml | 4 - ...ostdev-pci-multifunction.x86_64-latest.xml | 7 - ...dev-vfio-old-driver-name.x86_64-latest.xml | 46 ++ ...io-zpci-autogenerate-fids.s390x-latest.xml | 2 - ...io-zpci-autogenerate-uids.s390x-latest.xml | 2 - ...ev-vfio-zpci-autogenerate.s390x-latest.xml | 1 - ...tdev-vfio-zpci-boundaries.s390x-latest.xml | 2 - ...-vfio-zpci-ccw-memballoon.s390x-latest.xml | 1 - ...fio-zpci-multidomain-many.s390x-latest.xml | 8 - .../hostdev-vfio-zpci.s390x-latest.xml | 1 - .../hostdev-vfio.x86_64-latest.xml | 24 +- .../net-hostdev-vfio.x86_64-latest.xml | 1 - .../pseries-hostdevs-1.ppc64-latest.xml | 3 - .../pseries-hostdevs-2.ppc64-latest.xml | 2 - .../pseries-hostdevs-3.ppc64-latest.xml | 2 - tests/virhostdevtest.c | 2 +- .../plug-hostdev-pci-unmanaged.xml | 1 - .../plug-hostdev-pci.xml | 1 - tests/virpcimock.c | 9 + tests/xlconfigdata/test-fullvirt-pci.xml | 2 - tests/xmconfigdata/test-pci-dev-syntax.xml | 2 - tests/xmconfigdata/test-pci-devs.xml | 2 - tools/virsh-completer-nodedev.c | 4 +- 102 files changed, 927 insertions(+), 530 deletions(-) create mode 100644 tests/networkxml2xmlin/hostdev-pf-old.xml create mode 100644 tests/networkxml2xmlout/hostdev-pf-old.xml create mode 100644 tests/qemuxml2xmloutdata/hostdev-vfio-old-driver-name.x86_64-latest.xml -- 2.43.0

1 year, 2 months

2
25
0 / 0

[PATCH 0/6] qemu: Update capabilities and add support for assigning multiple iothreads to a virtio-blk device

by Peter Krempa

See 4/6 for docs, 6/6 for examples Peter Krempa (6): qemucapabilitiesdata: Add data for the qemu-9.0 development cycle util: xml: Return GPtrArray from virXMLNodeGetSubelement qemu: capabilities: Introduce QEMU_CAPS_VIRTIO_BLK_IOTHREAD_MAPPING conf: Add possibility to configure multiple iothreads per disk qemu: Implement support for configuring iothread to virtqueue mapping for disks tests: Add xml->argv and xml->xml tests for the new iothread mapping feature docs/formatdomain.rst | 23 +- src/conf/domain_conf.c | 116 +- src/conf/domain_conf.h | 14 + src/conf/domain_validate.c | 8 + src/conf/network_conf.c | 33 +- src/conf/nwfilter_conf.c | 20 +- src/conf/schemas/domaincommon.rng | 47 +- src/hypervisor/domain_driver.c | 15 +- src/qemu/qemu_capabilities.c | 2 + src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_command.c | 45 + src/qemu/qemu_validate.c | 117 +- src/util/virxml.c | 21 +- src/util/virxml.h | 5 +- .../domaincapsdata/qemu_9.0.0-q35.x86_64.xml | 289 + .../domaincapsdata/qemu_9.0.0-tcg.x86_64.xml | 288 + tests/domaincapsdata/qemu_9.0.0.x86_64.xml | 289 + .../caps_9.0.0_x86_64.replies | 42923 ++++++++++++++++ .../caps_9.0.0_x86_64.xml | 3760 ++ .../iothreads-disk.x86_64-latest.args | 13 +- tests/qemuxml2argvdata/iothreads-disk.xml | 25 +- .../iothreads-disk.x86_64-latest.xml | 26 +- 22 files changed, 47986 insertions(+), 94 deletions(-) create mode 100644 tests/domaincapsdata/qemu_9.0.0-q35.x86_64.xml create mode 100644 tests/domaincapsdata/qemu_9.0.0-tcg.x86_64.xml create mode 100644 tests/domaincapsdata/qemu_9.0.0.x86_64.xml create mode 100644 tests/qemucapabilitiesdata/caps_9.0.0_x86_64.replies create mode 100644 tests/qemucapabilitiesdata/caps_9.0.0_x86_64.xml -- 2.43.0

1 year, 2 months

2
8
0 / 0

[PATCH 0/2] tests: Ensure test files are newline-terminated

by Andrea Bolognani

Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/1128046264 Andrea Bolognani (2): tests: Drop some unused qemunbdkit data files tests: Ensure test files are newline-terminated ...69d019_36ea_4111_8f0a_8c9a70e21366-create.json | 2 +- ...69d019_36ea_4111_8f0a_8c9a70e21366-define.json | 2 +- ...441d39_495e_4243_ad9f_beb3f14c23d9-create.json | 2 +- ...441d39_495e_4243_ad9f_beb3f14c23d9-define.json | 2 +- ...dc4916_1ca8_49ac_b176_871d16c13076-create.json | 2 +- ...dc4916_1ca8_49ac_b176_871d16c13076-define.json | 2 +- .../disk-cdrom-network.args.disk1.pipe.778 | 2 +- .../disk-cdrom-network.args.disk2.pipe.780 | 2 +- .../disk-network-http.args.disk2.pipe.778 | 2 +- .../disk-network-http.args.disk3.pipe.780 | 2 +- ...source-curl-nbdkit-backing.args.disk0.pipe.778 | 2 +- .../disk-network-source-curl.args.disk0.pipe.778 | 2 +- .../disk-network-source-curl.args.disk1.pipe.780 | 2 +- .../disk-network-source-curl.args.disk1.pipe.782 | 2 +- .../disk-network-source-curl.args.disk2.pipe.782 | 1 - .../disk-network-source-curl.args.disk2.pipe.784 | 2 +- .../disk-network-ssh-password.args.disk0.pipe.778 | 2 +- tests/qemunbdkitdata/disk-network-ssh.args.disk1 | 8 -------- .../disk-network-ssh.args.disk1.pipe.778 | 1 - tests/qemunbdkitdata/disk-network-ssh.args.disk2 | 9 --------- tests/testutils.c | 15 ++++++--------- .../linux-ppc64-deconf-cpus.signature | 2 +- .../linux-ppc64-subcores1.signature | 2 +- .../linux-ppc64-subcores2.signature | 2 +- .../linux-ppc64-subcores3.signature | 2 +- .../linux-s390x-with-frequency.signature | 2 +- 26 files changed, 27 insertions(+), 49 deletions(-) delete mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.782 delete mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1 delete mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1.pipe.778 delete mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk2 -- 2.43.0

1 year, 2 months

2
3
0 / 0

[PATCH v4] qemu: add runtime config option for nbdkit

by Jonathon Jongsma

Currently when we build with nbdkit support, libvirt will always try to use nbdkit to access remote disk sources when it is available. But without an up-to-date selinux policy allowing this, it will fail. because the required selinux policies are not yet widely available, we have disabled nbdkit support on rpm builds for all distributions before Fedora 40. Unfortunately, this makes it more difficult to test nbdkit support. After someone updates to the necessary selinux policies, they would also need to rebuild libvirt to enable nbdkit support. By introducing a configure option (nbdkit_config_default), we can build packages with nbdkit support but have it disabled by default. Signed-off-by: Jonathon Jongsma <jjongsma(a)redhat.com> Suggested-by: Andrea Bolognani <abologna(a)redhat.com> --- changes in v4 - squashed in Andrea's suggested changes - updated error message - Changed one instance of WITH_NDBKIT to WITH_NBDKIT :) - tested libvirt.spec.in | 18 ++++++++++++++---- meson.build | 10 ++++++++++ meson_options.txt | 3 ++- src/qemu/libvirtd_qemu.aug | 3 +++ src/qemu/meson.build | 2 ++ src/qemu/qemu.conf.in | 11 +++++++++++ src/qemu/qemu_conf.c | 24 ++++++++++++++++++++++++ src/qemu/qemu_conf.h | 2 ++ src/qemu/qemu_domain.c | 3 +++ src/qemu/test_libvirtd_qemu.aug.in | 1 + tests/qemuxml2argvtest.c | 15 +++++++++------ 11 files changed, 81 insertions(+), 11 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 1d0ec5073d..2f2d713732 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -96,6 +96,7 @@ %define with_sanlock 0 %define with_numad 0 %define with_nbdkit 0 +%define with_nbdkit_config_default 0 %define with_firewalld_zone 0 %define with_netcf 0 %define with_libssh2 0 @@ -174,15 +175,17 @@ %endif %endif -# We should only enable nbdkit support if the OS ships a SELinux policy that -# allows libvirt to launch it. Right now that's not the case anywhere, but -# things should be fine by the time Fedora 40 is released. +# We want to build with nbdkit support, but should only enable nbdkit by +# default if the OS ships a SELinux policy that allows libvirt to launch it. +# Right now that's not the case anywhere, but things should be fine by the time +# Fedora 40 is released. # # TODO: add RHEL 9 once a minor release that contains the necessary SELinux # bits exists (we only support the most recent minor release) %if %{with_qemu} + %define with_nbdkit 0%{!?_without_nbdkit:1} %if 0%{?fedora} >= 40 - %define with_nbdkit 0%{!?_without_nbdkit:1} + %define with_nbdkit_config_default 0%{!?_without_nbdkit_config_default:1} %endif %endif @@ -1207,6 +1210,12 @@ exit 1 %define arg_nbdkit -Dnbdkit=disabled %endif +%if %{with_nbdkit_config_default} + %define arg_nbdkit_config_default -Dnbdkit_config_default=enabled +%else + %define arg_nbdkit_config_default -Dnbdkit_config_default=disabled +%endif + %if %{with_fuse} %define arg_fuse -Dfuse=enabled %else @@ -1322,6 +1331,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/libvirt.spec) %{?arg_sanlock} \ -Dlibpcap=enabled \ %{?arg_nbdkit} \ + %{?arg_nbdkit_config_default} \ -Dlibnl=enabled \ -Daudit=enabled \ -Ddtrace=enabled \ diff --git a/meson.build b/meson.build index 4d96b32e58..1e5e1d7954 100644 --- a/meson.build +++ b/meson.build @@ -1009,6 +1009,16 @@ if not conf.has('WITH_NBDKIT') libnbd_dep = dependency('', required: false) endif +# default value for storage_use_nbdkit config option. +# For now 'auto' just maps to disabled, but in the future it may depend on +# which security drivers are enabled +use_nbdkit_default = get_option('nbdkit_config_default').enabled() + +if use_nbdkit_default and not conf.has('WITH_NBDKIT') + error('nbdkit_config_default requires nbdkit to be enabled') +endif +conf.set10('USE_NBDKIT_DEFAULT', use_nbdkit_default) + libnl_version = '3.0' if not get_option('libnl').disabled() and host_machine.system() == 'linux' libnl_dep = dependency('libnl-3.0', version: '>=' + libnl_version, required: get_option('libnl')) diff --git a/meson_options.txt b/meson_options.txt index a0928102bf..182e28b3d1 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -104,7 +104,8 @@ option('loader_nvram', type: 'string', value: '', description: 'Pass list of pai option('login_shell', type: 'feature', value: 'auto', description: 'build virt-login-shell') option('nss', type: 'feature', value: 'auto', description: 'enable Name Service Switch plugin for resolving guest IP addresses') option('numad', type: 'feature', value: 'auto', description: 'use numad to manage CPU placement dynamically') -option('nbdkit', type: 'feature', value: 'auto', description: 'use nbdkit to access network disks') +option('nbdkit', type: 'feature', value: 'auto', description: 'Build nbdkit storage backend') +option('nbdkit_config_default', type: 'feature', value: 'auto', description: 'Whether to use nbdkit storage backend for network disks by default (configurable)') option('pm_utils', type: 'feature', value: 'auto', description: 'use pm-utils for power management') option('sysctl_config', type: 'feature', value: 'auto', description: 'Whether to install sysctl configs') option('tls_priority', type: 'string', value: 'NORMAL', description: 'set the default TLS session priority string') diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug index ed097ea3d9..43485b43fb 100644 --- a/src/qemu/libvirtd_qemu.aug +++ b/src/qemu/libvirtd_qemu.aug @@ -147,6 +147,8 @@ module Libvirtd_qemu = let capability_filters_entry = str_array_entry "capability_filters" + let storage_entry = bool_entry "storage_use_nbdkit" + (* Each entry in the config is one of the following ... *) let entry = default_tls_entry | vnc_entry @@ -170,6 +172,7 @@ module Libvirtd_qemu = | nbd_entry | swtpm_entry | capability_filters_entry + | storage_entry | obsolete_entry let comment = [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \t\n][^\n]*)?/ . del /\n/ "\n" ] diff --git a/src/qemu/meson.build b/src/qemu/meson.build index 2279fef2ca..4c3e1dee78 100644 --- a/src/qemu/meson.build +++ b/src/qemu/meson.build @@ -137,6 +137,7 @@ if conf.has('WITH_QEMU') qemu_user_group_conf = configuration_data({ 'QEMU_USER': qemu_user, 'QEMU_GROUP': qemu_group, + 'USE_NBDKIT_DEFAULT': use_nbdkit_default.to_int(), }) qemu_conf = configure_file( input: 'qemu.conf.in', @@ -147,6 +148,7 @@ if conf.has('WITH_QEMU') qemu_user_group_hack_conf = configuration_data({ 'QEMU_USER': qemu_user, 'QEMU_GROUP': qemu_group, + 'USE_NBDKIT_DEFAULT': use_nbdkit_default.to_int(), # This hack is necessary because the output file is going to be # used as input for another configure_file() call later, which # will take care of substituting @CONFIG@ with useful data diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in index 6897e0f760..34025a02ef 100644 --- a/src/qemu/qemu.conf.in +++ b/src/qemu/qemu.conf.in @@ -974,3 +974,14 @@ # "full" - both QEMU and its helper processes are placed into separate # scheduling group #sched_core = "none" + +# Using nbdkit to access remote disk sources +# +# If this is set then libvirt will use nbdkit to access remote disk sources +# when available. nbdkit will export an NBD share to QEMU rather than having +# QEMU attempt to access the remote server directly. +# +# Possible values are 0 or 1. Default value is @USE_NBDKIT_DEFAULT@. Please +# note that the default might change in future releases. +# +#storage_use_nbdkit = @USE_NBDKIT_DEFAULT@ diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 513b5ebb1e..53eec9c43a 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -285,6 +285,7 @@ virQEMUDriverConfig *virQEMUDriverConfigNew(bool privileged, return NULL; cfg->deprecationBehavior = g_strdup("none"); + cfg->storageUseNbdkit = USE_NBDKIT_DEFAULT; return g_steal_pointer(&cfg); } @@ -1065,6 +1066,26 @@ virQEMUDriverConfigLoadCapsFiltersEntry(virQEMUDriverConfig *cfg, } +static int +virQEMUDriverConfigLoadStorageEntry(virQEMUDriverConfig *cfg, + virConf *conf) +{ + if (virConfGetValueBool(conf, "storage_use_nbdkit", &cfg->storageUseNbdkit) < 0) + return -1; + +#if !WITH_NBDKIT + if (cfg->storageUseNbdkit) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + "%s", + _("configuration option 'storage_use_nbdkit' was specified, but nbdkit is not supported by this libvirt")); + return -1; + } +#endif /* WITH_NBDKIT */ + + return 0; +} + + int virQEMUDriverConfigLoadFile(virQEMUDriverConfig *cfg, const char *filename, bool privileged) @@ -1136,6 +1157,9 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfig *cfg, if (virQEMUDriverConfigLoadCapsFiltersEntry(cfg, conf) < 0) return -1; + if (virQEMUDriverConfigLoadStorageEntry(cfg, conf) < 0) + return -1; + return 0; } diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index 1a3ba3a0fb..36049b4bfa 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -230,6 +230,8 @@ struct _virQEMUDriverConfig { char *deprecationBehavior; + bool storageUseNbdkit; + virQEMUSchedCore schedCore; }; diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 734d63f8a4..e16ba1c225 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -10296,6 +10296,9 @@ qemuDomainPrepareStorageSourceNbdkit(virStorageSource *src, { g_autoptr(qemuNbdkitCaps) nbdkit = NULL; + if (!cfg->storageUseNbdkit) + return false; + if (virStorageSourceGetActualType(src) != VIR_STORAGE_TYPE_NETWORK) return false; diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in index c730df40b0..e4cfde6cc7 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -117,3 +117,4 @@ module Test_libvirtd_qemu = } { "deprecation_behavior" = "none" } { "sched_core" = "none" } +{ "storage_use_nbdkit" = "@USE_NBDKIT_DEFAULT@" } diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index b2ea2191dc..74d20b9132 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1125,7 +1125,6 @@ mymain(void) DO_TEST_CAPS_LATEST("disk-cdrom-empty-network-invalid"); DO_TEST_CAPS_LATEST("disk-cdrom-bus-other"); DO_TEST_CAPS_LATEST("disk-cdrom-network"); - DO_TEST_CAPS_LATEST_NBDKIT("disk-cdrom-network-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL); DO_TEST_CAPS_LATEST("disk-cdrom-tray"); DO_TEST_CAPS_LATEST("disk-floppy"); DO_TEST_CAPS_LATEST("disk-floppy-q35"); @@ -1171,8 +1170,6 @@ mymain(void) DO_TEST_CAPS_VER("disk-network-sheepdog", "6.0.0"); DO_TEST_CAPS_LATEST("disk-network-source-auth"); DO_TEST_CAPS_LATEST("disk-network-source-curl"); - DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL); - DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit-backing", QEMU_NBDKIT_CAPS_PLUGIN_CURL); DO_TEST_CAPS_LATEST("disk-network-nfs"); driver.config->vxhsTLS = 1; driver.config->nbdTLSx509secretUUID = g_strdup("6fd3f62d-9fe7-4a4e-a869-7acd6376d8ea"); @@ -1183,13 +1180,10 @@ mymain(void) DO_TEST_CAPS_LATEST("disk-network-tlsx509-nbd-hostname"); DO_TEST_CAPS_VER("disk-network-tlsx509-vxhs", "5.0.0"); DO_TEST_CAPS_LATEST("disk-network-http"); - DO_TEST_CAPS_LATEST_NBDKIT("disk-network-http-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL); VIR_FREE(driver.config->nbdTLSx509secretUUID); VIR_FREE(driver.config->vxhsTLSx509secretUUID); driver.config->vxhsTLS = 0; DO_TEST_CAPS_LATEST("disk-network-ssh"); - DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_SSH); - DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-password", QEMU_NBDKIT_CAPS_PLUGIN_SSH); DO_TEST_CAPS_LATEST("disk-no-boot"); DO_TEST_CAPS_LATEST("disk-nvme"); DO_TEST_CAPS_VER("disk-vhostuser-numa", "4.2.0"); @@ -1259,6 +1253,15 @@ mymain(void) DO_TEST_CAPS_LATEST("disk-geometry"); DO_TEST_CAPS_LATEST("disk-blockio"); + driver.config->storageUseNbdkit = 1; + DO_TEST_CAPS_LATEST_NBDKIT("disk-cdrom-network-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL); + DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL); + DO_TEST_CAPS_LATEST_NBDKIT("disk-network-source-curl-nbdkit-backing", QEMU_NBDKIT_CAPS_PLUGIN_CURL); + DO_TEST_CAPS_LATEST_NBDKIT("disk-network-http-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_CURL); + DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-nbdkit", QEMU_NBDKIT_CAPS_PLUGIN_SSH); + DO_TEST_CAPS_LATEST_NBDKIT("disk-network-ssh-password", QEMU_NBDKIT_CAPS_PLUGIN_SSH); + driver.config->storageUseNbdkit = 0; + DO_TEST_CAPS_VER("disk-virtio-scsi-reservations", "5.2.0"); DO_TEST_CAPS_LATEST("disk-virtio-scsi-reservations"); -- 2.43.0

1 year, 2 months

3
8
0 / 0

[PATCH] libvirt.spec: Fix nbdkit selection logic on mingw and old rhel

by Peter Krempa

rhel-8 lacks 'pidfd_open()' support and thus nbdkit can't be enabled there. mingw builds explicitly disable nbdkit support, but use '--auto-features=enabled' thus omitting setting of 'nbdkit_config_default' results in meson thinking we want to enable it: ../meson.build:1018:2: ERROR: Problem encountered: nbdkit_config_default requires nbdkit to be enabled Disable it explicitly. The meson logic might need to be fixed eventually when switching it on by default. Fixes: 9eabf14afbd429af1be195723fdeab5ccdd0b2cd Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- libvirt.spec.in | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 2f2d713732..8413e3c19a 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -179,13 +179,19 @@ # default if the OS ships a SELinux policy that allows libvirt to launch it. # Right now that's not the case anywhere, but things should be fine by the time # Fedora 40 is released. -# -# TODO: add RHEL 9 once a minor release that contains the necessary SELinux -# bits exists (we only support the most recent minor release) %if %{with_qemu} - %define with_nbdkit 0%{!?_without_nbdkit:1} - %if 0%{?fedora} >= 40 - %define with_nbdkit_config_default 0%{!?_without_nbdkit_config_default:1} + # rhel-8 lacks pidfd_open + %if 0%{?fedora} || 0%{?rhel} >= 9 + %define with_nbdkit 0%{!?_without_nbdkit:1} + + # setting 'with_nbdkit_config_default' must be done only when compiling + # in nbdkit support + # + # TODO: add RHEL 9 once a minor release that contains the necessary SELinux + # bits exists (we only support the most recent minor release) + %if 0%{?fedora} >= 40 + %define with_nbdkit_config_default 0%{!?_without_nbdkit_config_default:1} + %endif %endif %endif @@ -1397,6 +1403,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/libvirt.spec) -Dhost_validate=disabled \ -Dlibiscsi=disabled \ -Dnbdkit=disabled \ + -Dnbdkit_config_default=disabled \ -Dlibnl=disabled \ -Dlibpcap=disabled \ -Dlibssh2=disabled \ -- 2.43.0

1 year, 2 months

2
1
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Devel January 2024