February 2024 - Devel - libvirt List Archives

[PATCH v2 00/17] qemu: Improve handling of architecture-specific defaults
by Andrea Bolognani 19 Feb '24

19 Feb '24

Changes from [v1]: * several patches have been pushed; * of the remaining changes, only the ones related to SCSI and USB controllers have been retained. I still intend to pursue the rest, but those two are where the real nasty stuff happens, so I'm focusing on them only for now; * improve the handling of USB controllers on s390x; * make all the code dealing with the legacy USB controller obsolete and get rid of it; * use out arguments to return models, making the new helpers fall in line with the usual libvirt API conventions. [v1] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/G53M… Andrea Bolognani (17): tests: Add controller-scsi-default-unavailable qemu: Rename qemuDomainDefaultSCSIControllerModel() qemu: Move error reporting out of qemuDomainDefaultSCSIControllerModel() qemu: Improve qemuDomainDefaultSCSIControllerModel() qemu: Clean up qemuDomainDefaultSCSIControllerModel() qemu: Use virtio-scsi by default on RISC-V tests: Add usb-legacy-multiple tests: Add usb-legacy-device qemu: Always default to no USB controller on s390x qemu: Only use legacy USB controller if actually needed qemu: Validate USB controllers earlier qemu: Improve error message for USB controller validation qemu: Drop all code dealing with the legacy USB controller qemu: Add qemuDomainDefaultUSBControllerModel() qemu: Extend qemuDomainDefaultUSBControllerModel() qemu: Clean up qemuDomainDefaultUSBControllerModel() qemu: Use qemu-xhci by default on RISC-V src/qemu/qemu_command.c | 145 +-------- src/qemu/qemu_domain.c | 300 +++++++++++++----- src/qemu/qemu_domain.h | 6 +- src/qemu/qemu_hotplug.c | 21 +- src/qemu/qemu_validate.c | 69 +++- .../qemuhotplug-base-ccw-live+ccw-virtio.xml | 5 +- ...with-2-ccw-virtio+ccw-virtio-1-reverse.xml | 5 +- ...otplug-base-ccw-live-with-2-ccw-virtio.xml | 5 +- ...-with-ccw-virtio+ccw-virtio-2-explicit.xml | 5 +- ...-ccw-live-with-ccw-virtio+ccw-virtio-2.xml | 5 +- ...uhotplug-base-ccw-live-with-ccw-virtio.xml | 5 +- .../qemuhotplug-base-ccw-live.xml | 5 +- .../arm-vexpressa9-basic.aarch64-latest.args | 1 - .../arm-vexpressa9-nodevs.aarch64-latest.args | 1 - .../arm-vexpressa9-virtio.aarch64-latest.args | 1 - ...scsi-default-unavailable.x86_64-latest.err | 1 + .../controller-scsi-default-unavailable.xml | 15 + .../disk-arm-virtio-sd.aarch64-latest.args | 1 - ...ault-models.riscv64-latest.abi-update.args | 12 +- ...fault-models.riscv64-latest.abi-update.xml | 25 +- ...64-virt-default-models.riscv64-latest.args | 12 +- ...v64-virt-default-models.riscv64-latest.xml | 25 +- .../s390-usb-address.s390x-latest.xml | 6 +- .../sparc-minimal.sparc-latest.args | 1 - ...ault-unavailable-i440fx.x86_64-latest.args | 33 -- ...fault-unavailable-i440fx.x86_64-latest.err | 1 + ...fault-unavailable-i440fx.x86_64-latest.xml | 31 -- ...-default-unavailable-q35.x86_64-latest.err | 2 +- ...-default-unavailable-q35.x86_64-latest.xml | 33 -- ...ntroller-implicit-isapc.x86_64-latest.args | 1 - ...ler-nec-xhci-unavailable.x86_64-latest.xml | 33 -- .../usb-legacy-device.x86_64-latest.err | 1 + tests/qemuxmlconfdata/usb-legacy-device.xml | 15 + .../usb-legacy-multiple.x86_64-latest.err | 1 + tests/qemuxmlconfdata/usb-legacy-multiple.xml | 15 + tests/qemuxmlconftest.c | 28 +- 36 files changed, 418 insertions(+), 453 deletions(-) create mode 100644 tests/qemuxmlconfdata/controller-scsi-default-unavailable.x86_64-latest.err create mode 100644 tests/qemuxmlconfdata/controller-scsi-default-unavailable.xml delete mode 100644 tests/qemuxmlconfdata/usb-controller-default-unavailable-i440fx.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/usb-controller-default-unavailable-i440fx.x86_64-latest.err delete mode 100644 tests/qemuxmlconfdata/usb-controller-default-unavailable-i440fx.x86_64-latest.xml delete mode 100644 tests/qemuxmlconfdata/usb-controller-default-unavailable-q35.x86_64-latest.xml delete mode 100644 tests/qemuxmlconfdata/usb-controller-nec-xhci-unavailable.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/usb-legacy-device.x86_64-latest.err create mode 100644 tests/qemuxmlconfdata/usb-legacy-device.xml create mode 100644 tests/qemuxmlconfdata/usb-legacy-multiple.x86_64-latest.err create mode 100644 tests/qemuxmlconfdata/usb-legacy-multiple.xml -- 2.43.0

4 43

[PATCH 0/3] syntax-check: Sync with gnulib, some tweaks
by Andrea Bolognani 19 Feb '24

19 Feb '24

One might see patch 3/3 and think hey, it would actually be nice if developers were getting warned that some checks haven't been executed because a tool is missing! And I completely agree. However, since meson needs to see an exit code of 77 to mark a test as skipped, and make return codes are in the range 0-2, making that happen would require taking the cppi/flake8/black checks out of the current scaffolding and wrap them in some other way. I have no intention to shave that specific yak today O:-) Andrea Bolognani (3): all: Don't use 'grep -q' syntax-check: Sync with gnulib syntax-check: Drop 'syntax-check' target build-aux/syntax-check.mk | 33 ++++++++------------------------- libvirt.spec.in | 2 +- tests/virsh-uriprecedence | 2 +- tests/virt-aa-helper-test | 2 +- 4 files changed, 11 insertions(+), 28 deletions(-) -- 2.43.0

3 5

[PATCH] Set stubDriverName from hostdev driver model attribute during pci device setup
by Laine Stump 19 Feb '24

19 Feb '24

commit v9.10.0-129-g8b93d78c83 (first appearing in libvirt-10.0.0) was supposed to allow forcing a PCI hostdev to be bound to a particular driver by adding <driver model='blah'/> to the XML for the device. Unfortunately, a single line was missed during the final changes to the patch prior to pushing, and the result was that the driver model could be set to *anything* and it would be accepted but just ignored. This patch adds the missing line, which will set the stubDriverName field of the virPCIDevice object from the hostdev object as the virPCIDevice is being created. This ends up being used by virPCIDeviceBindToStub() as the driver that it binds the device to. Fixes: 8b93d78c8325f1fba5db98848350f3db43f5e7d5 Signed-off-by: Laine Stump <laine(a)redhat.com> --- src/hypervisor/virhostdev.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/hypervisor/virhostdev.c b/src/hypervisor/virhostdev.c index 40f8a4bc2c..53327f4f4d 100644 --- a/src/hypervisor/virhostdev.c +++ b/src/hypervisor/virhostdev.c @@ -242,6 +242,8 @@ virHostdevGetPCIHostDevice(const virDomainHostdevDef *hostdev, return -1; virPCIDeviceSetManaged(actual, hostdev->managed); + virPCIDeviceSetStubDriverName(actual, pcisrc->driver.model); + if (pcisrc->driver.name == VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO) { virPCIDeviceSetStubDriverType(actual, VIR_PCI_STUB_DRIVER_VFIO); -- 2.43.0

2 1

[PATCH 0/2] Introduce mshv Hypervisor type.
by Praveen K Paladugu 17 Feb '24

17 Feb '24

These patches introduce 'mshv' hypervisor type and check for the hypervisor device on host while starting ch guests. Praveen K Paladugu (2): conf: Introduce mshv hypervisor type ch: Check for hypervisor while starting guests src/ch/ch_conf.c | 2 ++ src/ch/ch_driver.c | 7 +++++++ src/ch/ch_process.c | 34 ++++++++++++++++++++++++++++++++++ src/conf/domain_conf.c | 1 + src/conf/domain_conf.h | 1 + src/qemu/qemu_command.c | 1 + 6 files changed, 46 insertions(+) -- 2.43.0

3 11

[PATCH 0/4] Protect secret values stored on disk with TPM
by Michal Privoznik 16 Feb '24

16 Feb '24

Secret values are stored effectively in plaintext on a disk and we rely on file perms to secure them. But with systemd-cred we can use system's TPM chip and encrypt them. Such secrets won't be transferable to another system by simply copying files stored on disk, but: a) that's not recommended way anyway, b) one can argue secrets shouldn't be migrated anyway. Future work consists of encrypting secret values even when stored in memory, as it's now possible to obtain secrets by dumping memory of virsecretd. Though, to dump a memory admin rights are required at which point users can just read values stored on disk (which is not true for ephemeral secrets). Michal Prívozník (4): virsecret: Introduce APIs to talk to systemd-cred conf: Introduce @tpm attribute to <secret/> virsecretobj: Encrypt/decrypt secrets using TPM NEWS: Document new virSecret TPM feature NEWS.rst | 6 + docs/formatsecret.rst | 8 +- src/conf/schemas/secret.rng | 5 + src/conf/secret_conf.c | 17 +++ src/conf/secret_conf.h | 2 + src/conf/virsecretobj.c | 32 ++++- src/libvirt_private.syms | 3 + src/secret/secret_driver.c | 7 + src/util/virsecret.c | 170 +++++++++++++++++++++++ src/util/virsecret.h | 10 ++ tests/secretxml2xmlin/usage-tpm-vtpm.xml | 7 + tests/secretxml2xmltest.c | 1 + 12 files changed, 263 insertions(+), 5 deletions(-) create mode 100644 tests/secretxml2xmlin/usage-tpm-vtpm.xml -- 2.43.0

3 8

[PATCH 0/2] docs: domain: Fixes
by Peter Krempa 16 Feb '24

16 Feb '24

Peter Krempa (2): docs: domain: Fix broken rST clauses docs: domain: Fix iothread to virtqueue mapping example docs/formatdomain.rst | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) -- 2.43.0

3 4

[PATCH 0/2] Add locking option for disk
by Hiroki Narukawa 16 Feb '24

16 Feb '24

There is a case that Linux has a bug and unlocking does not work properly like this: https://lore.kernel.org/lkml/20230608084609.14245-1-zhangjiachen.jaycee@byt… Especiall in the situation that live migration source node has this kind of bug, destination must not locking, or otherwise VM stops when live migration runs. There commits add workaround for this kind of problems. Could you take a look? Especially following is points I could not make sure: In the first commit, I wrote explanation on file section in the document, but placed parser and formatter in virDomainStorageSourceParse and virDomainStorageSourceParse because locking can be common if added to other backends. Is it good to place here, or is there some better location to place? Hiroki Narukawa (2): conf: add locking option to disk source qemu_block: add locking option docs/formatdomain.rst | 5 ++++ src/conf/domain_conf.c | 8 +++++++ src/conf/schemas/domaincommon.rng | 5 ++++ src/conf/storage_source_conf.h | 3 +++ src/qemu/qemu_block.c | 7 ++++++ tests/qemublocktest.c | 1 + ...le-raw-aio_native-locking-off-srconly.json | 10 ++++++++ .../file-raw-aio_native-locking-off.json | 23 +++++++++++++++++++ .../file-raw-aio_native-locking-off.xml | 12 ++++++++++ 9 files changed, 74 insertions(+) create mode 100644 tests/qemublocktestdata/xml2json/file-raw-aio_native-locking-off-srconly.json create mode 100644 tests/qemublocktestdata/xml2json/file-raw-aio_native-locking-off.json create mode 100644 tests/qemublocktestdata/xml2json/file-raw-aio_native-locking-off.xml -- 2.25.1

2 6

[PATCH v2 00/11] nodedev state and update
by Boris Fiuczynski 16 Feb '24

16 Feb '24

The series add a dual state to the mdev node devices as these objects can be active and defined at the same time. These two states can become different. To be able to also introspect the persisted and transient nodedevs filtering is added. To be able to also dump the XML of an inactive state while the node device is active a new option is added. The last three patches add the capability to update a mdev node device. This can be done on the persisted configuration, on the active configuration or on both. To support this v1.3.0 of mdevctl is required. Changes since v1: * replaced spec file requirement for v1.3.0 of mdevctl by a dynamic support check and an unsupported message if not available. * removed persisted precheck in virsh * renamed persisted and persist into persistent * addressed all other review comments made on v1 * added NEWS Boris Fiuczynski (11): virmdev: prepare type and attributes for dual state node_device: refactor mdev attributes handling node_device: remove unnecessary checks in virNodeDeviceDefFormat nodedev: add an active config to mdev tools: add option inactive to nodedev-dumpxml nodedev: add persisted and transient filter on list tools: add switches persisted and transient to nodedev-list virsh: doc fix on nodedev-list api: add virNodeDeviceUpdate() nodedev: Implement virNodeDeviceUpdateXML virsh: add nodedev-update NEWS.rst | 7 + docs/manpages/virsh.rst | 36 +- include/libvirt/libvirt-nodedev.h | 31 ++ libvirt.spec.in | 1 + src/access/viraccessperm.c | 1 + src/access/viraccessperm.h | 6 + src/conf/node_device_conf.c | 76 +-- src/conf/node_device_conf.h | 14 +- src/conf/virnodedeviceobj.c | 50 ++ src/conf/virnodedeviceobj.h | 3 + src/driver-nodedev.h | 6 + src/libvirt-nodedev.c | 47 +- src/libvirt_private.syms | 1 + src/libvirt_public.syms | 5 + src/node_device/node_device_driver.c | 459 +++++++++++++++--- src/node_device/node_device_driver.h | 17 +- src/node_device/node_device_udev.c | 5 +- src/remote/remote_driver.c | 1 + src/remote/remote_protocol.x | 17 +- src/remote_protocol-structs | 6 + src/test/test_driver.c | 6 +- src/util/virmdev.h | 6 + ...60c_c60c_c60c_c60c_c60cc60cc60c_update.xml | 16 + tests/nodedevmdevctldata/mdevctl-modify.argv | 25 + tests/nodedevmdevctldata/mdevctl-modify.json | 1 + tests/nodedevmdevctltest.c | 94 +++- ...v_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml | 14 + ...d_b7f0_4fea_b468_f1da537d301b_inactive.xml | 1 + ...v_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml | 10 + ...c_c60c_c60c_c60c_c60cc60cc60c_inactive.xml | 9 + ...9_36ea_4111_8f0a_8c9a70e21366_inactive.xml | 1 + ...9_495e_4243_ad9f_beb3f14c23d9_inactive.xml | 1 + ...4_f554_4dc1_809d_b2a01e8e48ad_inactive.xml | 8 + ...6_1ca8_49ac_b176_871d16c13076_inactive.xml | 1 + tests/nodedevxml2xmltest.c | 59 ++- tools/virsh-nodedev.c | 132 ++++- 36 files changed, 1030 insertions(+), 143 deletions(-) create mode 100644 tests/nodedevmdevctldata/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c_update.xml create mode 100644 tests/nodedevmdevctldata/mdevctl-modify.argv create mode 100644 tests/nodedevmdevctldata/mdevctl-modify.json create mode 100644 tests/nodedevschemadata/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml create mode 120000 tests/nodedevxml2xmlout/mdev_3627463d_b7f0_4fea_b468_f1da537d301b_inactive.xml create mode 100644 tests/nodedevxml2xmlout/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml create mode 100644 tests/nodedevxml2xmlout/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c_inactive.xml create mode 120000 tests/nodedevxml2xmlout/mdev_d069d019_36ea_4111_8f0a_8c9a70e21366_inactive.xml create mode 120000 tests/nodedevxml2xmlout/mdev_d2441d39_495e_4243_ad9f_beb3f14c23d9_inactive.xml create mode 100644 tests/nodedevxml2xmlout/mdev_ee0b88c4_f554_4dc1_809d_b2a01e8e48ad_inactive.xml create mode 120000 tests/nodedevxml2xmlout/mdev_fedc4916_1ca8_49ac_b176_871d16c13076_inactive.xml -- 2.42.0

2 21

[PATCH 0/3] meson: Drop userfaultfd_sysctl option
by Andrea Bolognani 15 Feb '24

15 Feb '24

Recently introduced as part of [1]. We can skip the meson part for this one, and deal with everything in the spec file only. Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/1176890275 [1] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/DKS4… Andrea Bolognani (3): rpm: Always enable sysctl_config rpm: Always enable userfaultfd_sysctl meson: Drop userfaultfd_sysctl option libvirt.spec.in | 13 +++++-------- meson.build | 7 ------- meson_options.txt | 1 - src/qemu/meson.build | 2 +- 4 files changed, 6 insertions(+), 17 deletions(-) -- 2.43.0

2 6

[PUSHED PATCH] spec: Explicitly disable userfaultfd_sysctl for mingw
by Jiri Denemark 14 Feb '24

14 Feb '24

The %meson* macros pass --auto-features=enabled to enable all "auto" features, which means we have to explicitly disable them. Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- Notes: Pushed as a build breaker. libvirt.spec.in | 1 + 1 file changed, 1 insertion(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index c5ba4b632f..49ce717e1b 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -1452,6 +1452,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/libvirt.spec) -Dstorage_vstorage=disabled \ -Dstorage_zfs=disabled \ -Dsysctl_config=disabled \ + -Duserfaultfd_sysctl=disabled \ -Dtests=disabled \ -Dudev=disabled \ -Dwireshark_dissector=disabled \ -- 2.43.0

4 3