[PATCH] Set stubDriverName from hostdev driver model attribute during pci device setup
by Laine Stump
commit v9.10.0-129-g8b93d78c83 (first appearing in libvirt-10.0.0) was
supposed to allow forcing a PCI hostdev to be bound to a particular
driver by adding <driver model='blah'/> to the XML for the
device. Unfortunately, a single line was missed during the final
changes to the patch prior to pushing, and the result was that the
driver model could be set to *anything* and it would be accepted but
just ignored.
This patch adds the missing line, which will set the stubDriverName
field of …
[View More]the virPCIDevice object from the hostdev object as the
virPCIDevice is being created. This ends up being used by
virPCIDeviceBindToStub() as the driver that it binds the device to.
Fixes: 8b93d78c8325f1fba5db98848350f3db43f5e7d5
Signed-off-by: Laine Stump <laine(a)redhat.com>
---
src/hypervisor/virhostdev.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/hypervisor/virhostdev.c b/src/hypervisor/virhostdev.c
index 40f8a4bc2c..53327f4f4d 100644
--- a/src/hypervisor/virhostdev.c
+++ b/src/hypervisor/virhostdev.c
@@ -242,6 +242,8 @@ virHostdevGetPCIHostDevice(const virDomainHostdevDef *hostdev,
return -1;
virPCIDeviceSetManaged(actual, hostdev->managed);
+ virPCIDeviceSetStubDriverName(actual, pcisrc->driver.model);
+
if (pcisrc->driver.name == VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO) {
virPCIDeviceSetStubDriverType(actual, VIR_PCI_STUB_DRIVER_VFIO);
--
2.43.0
[View Less]
1 year, 1 month
[PATCH 0/2] Introduce mshv Hypervisor type.
by Praveen K Paladugu
These patches introduce 'mshv' hypervisor type and check for the hypervisor
device on host while starting ch guests.
Praveen K Paladugu (2):
conf: Introduce mshv hypervisor type
ch: Check for hypervisor while starting guests
src/ch/ch_conf.c | 2 ++
src/ch/ch_driver.c | 7 +++++++
src/ch/ch_process.c | 34 ++++++++++++++++++++++++++++++++++
src/conf/domain_conf.c | 1 +
src/conf/domain_conf.h | 1 +
src/qemu/qemu_command.c | 1 +
6 files changed, 46 insertions(+)
--
2.43.0
1 year, 1 month
[PATCH 0/4] Protect secret values stored on disk with TPM
by Michal Privoznik
Secret values are stored effectively in plaintext on a disk and we rely
on file perms to secure them. But with systemd-cred we can use system's
TPM chip and encrypt them.
Such secrets won't be transferable to another system by simply copying
files stored on disk, but: a) that's not recommended way anyway, b)
one can argue secrets shouldn't be migrated anyway.
Future work consists of encrypting secret values even when stored in
memory, as it's now possible to obtain secrets by dumping memory …
[View More]of
virsecretd. Though, to dump a memory admin rights are required at which
point users can just read values stored on disk (which is not true for
ephemeral secrets).
Michal Prívozník (4):
virsecret: Introduce APIs to talk to systemd-cred
conf: Introduce @tpm attribute to <secret/>
virsecretobj: Encrypt/decrypt secrets using TPM
NEWS: Document new virSecret TPM feature
NEWS.rst | 6 +
docs/formatsecret.rst | 8 +-
src/conf/schemas/secret.rng | 5 +
src/conf/secret_conf.c | 17 +++
src/conf/secret_conf.h | 2 +
src/conf/virsecretobj.c | 32 ++++-
src/libvirt_private.syms | 3 +
src/secret/secret_driver.c | 7 +
src/util/virsecret.c | 170 +++++++++++++++++++++++
src/util/virsecret.h | 10 ++
tests/secretxml2xmlin/usage-tpm-vtpm.xml | 7 +
tests/secretxml2xmltest.c | 1 +
12 files changed, 263 insertions(+), 5 deletions(-)
create mode 100644 tests/secretxml2xmlin/usage-tpm-vtpm.xml
--
2.43.0
[View Less]
1 year, 1 month
[PATCH 0/2] docs: domain: Fixes
by Peter Krempa
Peter Krempa (2):
docs: domain: Fix broken rST clauses
docs: domain: Fix iothread to virtqueue mapping example
docs/formatdomain.rst | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
--
2.43.0
1 year, 1 month
[PATCH 0/2] Add locking option for disk
by Hiroki Narukawa
There is a case that Linux has a bug and unlocking does not work properly like this:
https://lore.kernel.org/lkml/20230608084609.14245-1-zhangjiachen.jaycee@b...
Especiall in the situation that live migration source node has this kind of bug, destination must not locking, or otherwise VM stops when live migration runs.
There commits add workaround for this kind of problems.
Could you take a look?
Especially following is points I could not make sure:
In the first commit, I wrote explanation …
[View More]on file section in the document, but placed parser and formatter in virDomainStorageSourceParse and virDomainStorageSourceParse because locking can be common if added to other backends. Is it good to place here, or is there some better location to place?
Hiroki Narukawa (2):
conf: add locking option to disk source
qemu_block: add locking option
docs/formatdomain.rst | 5 ++++
src/conf/domain_conf.c | 8 +++++++
src/conf/schemas/domaincommon.rng | 5 ++++
src/conf/storage_source_conf.h | 3 +++
src/qemu/qemu_block.c | 7 ++++++
tests/qemublocktest.c | 1 +
...le-raw-aio_native-locking-off-srconly.json | 10 ++++++++
.../file-raw-aio_native-locking-off.json | 23 +++++++++++++++++++
.../file-raw-aio_native-locking-off.xml | 12 ++++++++++
9 files changed, 74 insertions(+)
create mode 100644 tests/qemublocktestdata/xml2json/file-raw-aio_native-locking-off-srconly.json
create mode 100644 tests/qemublocktestdata/xml2json/file-raw-aio_native-locking-off.json
create mode 100644 tests/qemublocktestdata/xml2json/file-raw-aio_native-locking-off.xml
--
2.25.1
[View Less]
1 year, 1 month
[PATCH v2 00/11] nodedev state and update
by Boris Fiuczynski
The series add a dual state to the mdev node devices as these objects
can be active and defined at the same time. These two states can
become different. To be able to also introspect the persisted and
transient nodedevs filtering is added. To be able to also dump the XML
of an inactive state while the node device is active a new option is
added.
The last three patches add the capability to update a mdev node device.
This can be done on the persisted configuration, on the active
configuration …
[View More]or on both. To support this v1.3.0 of mdevctl is required.
Changes since v1:
* replaced spec file requirement for v1.3.0 of mdevctl by a dynamic
support check and an unsupported message if not available.
* removed persisted precheck in virsh
* renamed persisted and persist into persistent
* addressed all other review comments made on v1
* added NEWS
Boris Fiuczynski (11):
virmdev: prepare type and attributes for dual state
node_device: refactor mdev attributes handling
node_device: remove unnecessary checks in virNodeDeviceDefFormat
nodedev: add an active config to mdev
tools: add option inactive to nodedev-dumpxml
nodedev: add persisted and transient filter on list
tools: add switches persisted and transient to nodedev-list
virsh: doc fix on nodedev-list
api: add virNodeDeviceUpdate()
nodedev: Implement virNodeDeviceUpdateXML
virsh: add nodedev-update
NEWS.rst | 7 +
docs/manpages/virsh.rst | 36 +-
include/libvirt/libvirt-nodedev.h | 31 ++
libvirt.spec.in | 1 +
src/access/viraccessperm.c | 1 +
src/access/viraccessperm.h | 6 +
src/conf/node_device_conf.c | 76 +--
src/conf/node_device_conf.h | 14 +-
src/conf/virnodedeviceobj.c | 50 ++
src/conf/virnodedeviceobj.h | 3 +
src/driver-nodedev.h | 6 +
src/libvirt-nodedev.c | 47 +-
src/libvirt_private.syms | 1 +
src/libvirt_public.syms | 5 +
src/node_device/node_device_driver.c | 459 +++++++++++++++---
src/node_device/node_device_driver.h | 17 +-
src/node_device/node_device_udev.c | 5 +-
src/remote/remote_driver.c | 1 +
src/remote/remote_protocol.x | 17 +-
src/remote_protocol-structs | 6 +
src/test/test_driver.c | 6 +-
src/util/virmdev.h | 6 +
...60c_c60c_c60c_c60c_c60cc60cc60c_update.xml | 16 +
tests/nodedevmdevctldata/mdevctl-modify.argv | 25 +
tests/nodedevmdevctldata/mdevctl-modify.json | 1 +
tests/nodedevmdevctltest.c | 94 +++-
...v_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml | 14 +
...d_b7f0_4fea_b468_f1da537d301b_inactive.xml | 1 +
...v_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml | 10 +
...c_c60c_c60c_c60c_c60cc60cc60c_inactive.xml | 9 +
...9_36ea_4111_8f0a_8c9a70e21366_inactive.xml | 1 +
...9_495e_4243_ad9f_beb3f14c23d9_inactive.xml | 1 +
...4_f554_4dc1_809d_b2a01e8e48ad_inactive.xml | 8 +
...6_1ca8_49ac_b176_871d16c13076_inactive.xml | 1 +
tests/nodedevxml2xmltest.c | 59 ++-
tools/virsh-nodedev.c | 132 ++++-
36 files changed, 1030 insertions(+), 143 deletions(-)
create mode 100644 tests/nodedevmdevctldata/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c_update.xml
create mode 100644 tests/nodedevmdevctldata/mdevctl-modify.argv
create mode 100644 tests/nodedevmdevctldata/mdevctl-modify.json
create mode 100644 tests/nodedevschemadata/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml
create mode 120000 tests/nodedevxml2xmlout/mdev_3627463d_b7f0_4fea_b468_f1da537d301b_inactive.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_c60cc60c_c60c_c60c_c60c_c60cc60cc60c_inactive.xml
create mode 120000 tests/nodedevxml2xmlout/mdev_d069d019_36ea_4111_8f0a_8c9a70e21366_inactive.xml
create mode 120000 tests/nodedevxml2xmlout/mdev_d2441d39_495e_4243_ad9f_beb3f14c23d9_inactive.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_ee0b88c4_f554_4dc1_809d_b2a01e8e48ad_inactive.xml
create mode 120000 tests/nodedevxml2xmlout/mdev_fedc4916_1ca8_49ac_b176_871d16c13076_inactive.xml
--
2.42.0
[View Less]
1 year, 1 month
[PUSHED PATCH] spec: Explicitly disable userfaultfd_sysctl for mingw
by Jiri Denemark
The %meson* macros pass --auto-features=enabled to enable all "auto"
features, which means we have to explicitly disable them.
Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com>
---
Notes:
Pushed as a build breaker.
libvirt.spec.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index c5ba4b632f..49ce717e1b 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1452,6 +1452,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/…
[View More]libvirt.spec)
-Dstorage_vstorage=disabled \
-Dstorage_zfs=disabled \
-Dsysctl_config=disabled \
+ -Duserfaultfd_sysctl=disabled \
-Dtests=disabled \
-Dudev=disabled \
-Dwireshark_dissector=disabled \
--
2.43.0
[View Less]
1 year, 1 month
[PATCH] virsh: completer for --type of commands find-storage-pool-sources and find-storage-pool-sources-as
by Adam Julis
Signed-off-by: Adam Julis <ajulis(a)redhat.com>
---
tools/virsh-completer-pool.c | 11 +++++++++++
tools/virsh-completer-pool.h | 5 +++++
tools/virsh-pool.c | 2 ++
3 files changed, 18 insertions(+)
diff --git a/tools/virsh-completer-pool.c b/tools/virsh-completer-pool.c
index 0600394411..1081e5c10c 100644
--- a/tools/virsh-completer-pool.c
+++ b/tools/virsh-completer-pool.c
@@ -66,6 +66,17 @@ virshStoragePoolNameCompleter(vshControl *ctl,
}
+char **
+…
[View More]virshStoragePoolTypeCompleter(vshControl *ctl G_GNUC_UNUSED,
+ const vshCmd *cmd G_GNUC_UNUSED,
+ unsigned int flags)
+{
+ virCheckFlags(0, NULL);
+
+ return virshEnumComplete(VIR_STORAGE_POOL_LAST, virStoragePoolTypeToString);
+}
+
+
char **
virshPoolEventNameCompleter(vshControl *ctl G_GNUC_UNUSED,
const vshCmd *cmd G_GNUC_UNUSED,
diff --git a/tools/virsh-completer-pool.h b/tools/virsh-completer-pool.h
index 059b6ba9e0..5a051d2aeb 100644
--- a/tools/virsh-completer-pool.h
+++ b/tools/virsh-completer-pool.h
@@ -32,6 +32,11 @@ virshPoolEventNameCompleter(vshControl *ctl,
const vshCmd *cmd,
unsigned int flags);
+char **
+virshStoragePoolTypeCompleter(vshControl *ctl,
+ const vshCmd *cmd,
+ unsigned int completerflags);
+
char **
virshPoolTypeCompleter(vshControl *ctl,
const vshCmd *cmd,
diff --git a/tools/virsh-pool.c b/tools/virsh-pool.c
index 36f00cf643..db5cb6306c 100644
--- a/tools/virsh-pool.c
+++ b/tools/virsh-pool.c
@@ -1414,6 +1414,7 @@ static const vshCmdOptDef opts_find_storage_pool_sources_as[] = {
{.name = "type",
.type = VSH_OT_DATA,
.flags = VSH_OFLAG_REQ,
+ .completer = virshStoragePoolTypeCompleter,
.help = N_("type of storage pool sources to find")
},
{.name = "host",
@@ -1501,6 +1502,7 @@ static const vshCmdOptDef opts_find_storage_pool_sources[] = {
{.name = "type",
.type = VSH_OT_DATA,
.flags = VSH_OFLAG_REQ,
+ .completer = virshStoragePoolTypeCompleter,
.help = N_("type of storage pool sources to discover")
},
{.name = "srcSpec",
--
2.43.0
[View Less]
1 year, 1 month
[libvirt PATCH v2 0/3] qemu: Add support for /dev/userfaultfd
by Jiri Denemark
Jiri Denemark (3):
qemu: Add support for /dev/userfaultfd
build: Add userfaultfd_sysctl build option
spec: Disable with_userfaultfd_sysctl on Fedora and RHEL-9
libvirt.spec.in | 16 +++++++++++
meson.build | 8 ++++++
meson_options.txt | 1 +
src/qemu/meson.build | 2 +-
src/qemu/qemu.conf.in | 3 +-
src/qemu/qemu_cgroup.c | 1 +
src/qemu/qemu_process.c | 38 +++++++++++++++++…
[View More]++++++++
src/qemu/qemu_security.c | 45 ++++++++++++++++++++++++++++++
src/qemu/qemu_security.h | 5 ++++
src/qemu/test_libvirtd_qemu.aug.in | 1 +
10 files changed, 118 insertions(+), 2 deletions(-)
--
2.43.0
[View Less]
1 year, 1 month
