[PATCH 00/10] virDomainDriverAutoShutdown: Fix 3 bugs related to auto shutdown of VMs
by Peter Krempa
Following bugs are addressed:
- ordering of systemd units, which cause the VMs to be killed prior to
auto-shutdown finishing
- transient VMs are attempted to be managesaved
- restore of state is applied to VMs which the auto shutdown code
didn't act on otherwise
Peter Krempa (10):
virSystemdCreateMachine: Document @maxthreds
cgroup: Unexport 'virDomainCgroupInitCgroup'
qemu: conf: Store 'autoShutdown' config in
virDomainDriverAutoShutdownConfig
hypervisor: domain: Extract logic for auto shutdown to
virDomainDriverAutoShutdownActive
virSystemdCreateMachine: Add flag to invert machined unit dependencies
cgroup: Plumb the 'daemonDomainShutdown' parameter of
'virSystemdCreateMachine' to drivers
qemu: Fix auto-shutdown of qemu VMs by the qemu driver
hypervisor: Split out individual steps out of
virDomainDriverAutoShutdown
virDomainDriverAutoShutdownDoSave: Don't attempt to save transient VMs
virDomainDriverAutoShutdown: Refactor selection logic for VMs
src/ch/ch_process.c | 2 +
src/hypervisor/domain_cgroup.c | 6 +-
src/hypervisor/domain_cgroup.h | 11 +-
src/hypervisor/domain_driver.c | 390 +++++++++++++++++++--------------
src/hypervisor/domain_driver.h | 1 +
src/libvirt_private.syms | 2 +-
src/lxc/lxc_cgroup.c | 1 +
src/qemu/qemu.conf.in | 15 +-
src/qemu/qemu_cgroup.c | 7 +
src/qemu/qemu_conf.c | 30 +--
src/qemu/qemu_conf.h | 7 +-
src/qemu/qemu_driver.c | 12 +-
src/util/vircgroup.c | 7 +-
src/util/vircgroup.h | 1 +
src/util/virsystemd.c | 28 ++-
src/util/virsystemd.h | 3 +-
tests/virsystemdtest.c | 15 +-
17 files changed, 322 insertions(+), 216 deletions(-)
--
2.49.0
2 weeks, 4 days
[PATCH 0/7] qemu-10.1 test data and dropped machine type cleanups
by Peter Krempa
Peter Krempa (7):
qemuxmlconftest: x86_64: Drop explicit use of '2.10' machine type
qemuxmlconftest: x86_64: Drop explicit use of '2.12' machine type
qemuxmlconftest: x86_64: Drop explicit use of '2.5' machine type
qemuxmlconftest: x86_64: Drop explicit use of '2.9' machine type
qemuxmlconftest: x86_64: Bump 'firmware*' test cases to
'pc-i440fx-10.0'
qemuxmlconftest: x86_64: Bump 'firmware*' test cases to 'pc-q35-10.0'
qemucapabilitiestest: Add dump for the qemu-10.1 development cycle on
x86_64
.../domaincapsdata/qemu_10.1.0-q35.x86_64.xml | 1722 +
.../domaincapsdata/qemu_10.1.0-tcg.x86_64.xml | 1827 +
tests/domaincapsdata/qemu_10.1.0.x86_64.xml | 1722 +
.../caps_10.1.0_x86_64.replies | 46736 ++++++++++++++++
.../caps_10.1.0_x86_64.xml | 4574 ++
...host-model-fallback-tcg.x86_64-latest.args | 2 +-
...st-model-nofallback-tcg.x86_64-latest.args | 2 +-
.../cpu-host-model-tcg.x86_64-latest.args | 2 +-
.../firmware-auto-bios-not-stateless.xml | 2 +-
.../firmware-auto-bios-nvram.xml | 2 +-
...are-auto-bios-stateless.x86_64-latest.args | 2 +-
...ware-auto-bios-stateless.x86_64-latest.xml | 2 +-
.../firmware-auto-bios-stateless.xml | 2 +-
.../firmware-auto-bios.x86_64-latest.args | 2 +-
.../firmware-auto-bios.x86_64-latest.xml | 2 +-
tests/qemuxmlconfdata/firmware-auto-bios.xml | 2 +-
...ware-auto-efi-enrolled-keys-no-secboot.xml | 2 +-
...-auto-efi-enrolled-keys.x86_64-latest.args | 2 +-
...e-auto-efi-enrolled-keys.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-enrolled-keys.xml | 2 +-
...loader-qcow2-nvram-path.x86_64-latest.args | 2 +-
...-loader-qcow2-nvram-path.x86_64-latest.xml | 2 +-
...uto-efi-format-loader-qcow2-nvram-path.xml | 2 +-
...efi-format-loader-qcow2.x86_64-latest.args | 2 +-
...-efi-format-loader-qcow2.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-format-loader-qcow2.xml | 2 +-
...uto-efi-format-mismatch.x86_64-latest.args | 2 +-
...auto-efi-format-mismatch.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-format-mismatch.xml | 2 +-
...nvram-qcow2-network-nbd.x86_64-latest.args | 2 +-
...-nvram-qcow2-network-nbd.x86_64-latest.xml | 2 +-
...uto-efi-format-nvram-qcow2-network-nbd.xml | 2 +-
...format-nvram-qcow2-path.x86_64-latest.args | 2 +-
...-format-nvram-qcow2-path.x86_64-latest.xml | 2 +-
...mware-auto-efi-format-nvram-qcow2-path.xml | 2 +-
...-efi-format-nvram-qcow2.x86_64-latest.args | 2 +-
...o-efi-format-nvram-qcow2.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-format-nvram-qcow2.xml | 2 +-
...uto-efi-loader-insecure.x86_64-latest.args | 2 +-
...auto-efi-loader-insecure.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-loader-insecure.xml | 2 +-
...-loader-path-nonstandard.x86_64-latest.xml | 2 +-
...mware-auto-efi-loader-path-nonstandard.xml | 2 +-
...re-auto-efi-loader-path.x86_64-latest.args | 2 +-
...are-auto-efi-loader-path.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-loader-path.xml | 2 +-
...oader-secure.x86_64-latest.abi-update.args | 2 +-
...loader-secure.x86_64-latest.abi-update.xml | 2 +-
...-auto-efi-loader-secure.x86_64-latest.args | 2 +-
...e-auto-efi-loader-secure.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-loader-secure.xml | 2 +-
...to-efi-no-enrolled-keys.x86_64-latest.args | 2 +-
...uto-efi-no-enrolled-keys.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-no-enrolled-keys.xml | 2 +-
...are-auto-efi-no-secboot.x86_64-latest.args | 2 +-
...ware-auto-efi-no-secboot.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-no-secboot.xml | 2 +-
...are-auto-efi-nvram-file.x86_64-latest.args | 2 +-
...ware-auto-efi-nvram-file.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-nvram-file.xml | 2 +-
...efi-nvram-network-iscsi.x86_64-latest.args | 2 +-
...-efi-nvram-network-iscsi.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-nvram-network-iscsi.xml | 2 +-
...o-efi-nvram-network-nbd.x86_64-latest.args | 2 +-
...to-efi-nvram-network-nbd.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-nvram-network-nbd.xml | 2 +-
...are-auto-efi-nvram-path.x86_64-latest.args | 2 +-
...ware-auto-efi-nvram-path.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-nvram-path.xml | 2 +-
...ram-template-nonstandard.x86_64-latest.xml | 2 +-
...re-auto-efi-nvram-template-nonstandard.xml | 2 +-
...auto-efi-nvram-template.x86_64-latest.args | 2 +-
...-auto-efi-nvram-template.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-nvram-template.xml | 2 +-
...mware-auto-efi-rw-pflash.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-rw-pflash.xml | 2 +-
.../firmware-auto-efi-rw.x86_64-latest.xml | 2 +-
.../qemuxmlconfdata/firmware-auto-efi-rw.xml | 2 +-
...rmware-auto-efi-secboot.x86_64-latest.args | 2 +-
...irmware-auto-efi-secboot.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-secboot.xml | 2 +-
...rmware-auto-efi-smm-off.x86_64-latest.args | 2 +-
...irmware-auto-efi-smm-off.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-smm-off.xml | 2 +-
...ware-auto-efi-stateless.x86_64-latest.args | 2 +-
...mware-auto-efi-stateless.x86_64-latest.xml | 2 +-
.../firmware-auto-efi-stateless.xml | 2 +-
...are-auto-efi.x86_64-latest.abi-update.args | 2 +-
...ware-auto-efi.x86_64-latest.abi-update.xml | 2 +-
.../firmware-auto-efi.x86_64-latest.args | 2 +-
.../firmware-auto-efi.x86_64-latest.xml | 2 +-
tests/qemuxmlconfdata/firmware-auto-efi.xml | 2 +-
.../firmware-manual-bios-not-stateless.xml | 2 +-
...e-manual-bios-stateless.x86_64-latest.args | 2 +-
...re-manual-bios-stateless.x86_64-latest.xml | 2 +-
.../firmware-manual-bios-stateless.xml | 2 +-
.../firmware-manual-bios.x86_64-latest.args | 2 +-
.../firmware-manual-bios.x86_64-latest.xml | 2 +-
.../qemuxmlconfdata/firmware-manual-bios.xml | 2 +-
...are-manual-efi-acpi-q35.x86_64-latest.args | 2 +-
...ware-manual-efi-acpi-q35.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-acpi-q35.xml | 2 +-
...are-manual-efi-features.x86_64-latest.args | 2 +-
...ware-manual-efi-features.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-features.xml | 2 +-
.../firmware-manual-efi-loader-no-path.xml | 2 +-
...loader-path-nonstandard.x86_64-latest.args | 2 +-
...-loader-path-nonstandard.x86_64-latest.xml | 2 +-
...are-manual-efi-loader-path-nonstandard.xml | 2 +-
...anual-efi-loader-secure.x86_64-latest.args | 2 +-
...manual-efi-loader-secure.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-loader-secure.xml | 2 +-
...olled-keys-legacy-paths.x86_64-latest.args | 2 +-
...rolled-keys-legacy-paths.x86_64-latest.xml | 2 +-
...nual-efi-no-enrolled-keys-legacy-paths.xml | 2 +-
...al-efi-no-enrolled-keys.x86_64-latest.args | 2 +-
...ual-efi-no-enrolled-keys.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-no-enrolled-keys.xml | 2 +-
...no-secboot-legacy-paths.x86_64-latest.args | 2 +-
...-no-secboot-legacy-paths.x86_64-latest.xml | 2 +-
...are-manual-efi-no-secboot-legacy-paths.xml | 2 +-
...e-manual-efi-no-secboot.x86_64-latest.args | 2 +-
...re-manual-efi-no-secboot.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-no-secboot.xml | 2 +-
.../firmware-manual-efi-noacpi-q35.xml | 2 +-
...e-manual-efi-nvram-file.x86_64-latest.args | 2 +-
...re-manual-efi-nvram-file.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-nvram-file.xml | 2 +-
...efi-nvram-network-iscsi.x86_64-latest.args | 2 +-
...-efi-nvram-network-iscsi.x86_64-latest.xml | 2 +-
...irmware-manual-efi-nvram-network-iscsi.xml | 2 +-
...l-efi-nvram-network-nbd.x86_64-latest.args | 2 +-
...al-efi-nvram-network-nbd.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-nvram-network-nbd.xml | 2 +-
.../firmware-manual-efi-nvram-stateless.xml | 2 +-
...am-template-nonstandard.x86_64-latest.args | 2 +-
...ram-template-nonstandard.x86_64-latest.xml | 2 +-
...-manual-efi-nvram-template-nonstandard.xml | 2 +-
...re-manual-efi-nvram-template-stateless.xml | 2 +-
...nual-efi-nvram-template.x86_64-latest.args | 2 +-
...anual-efi-nvram-template.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-nvram-template.xml | 2 +-
...-manual-efi-rw-implicit.x86_64-latest.args | 2 +-
...e-manual-efi-rw-implicit.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-rw-implicit.xml | 2 +-
...ual-efi-rw-legacy-paths.x86_64-latest.args | 2 +-
...nual-efi-rw-legacy-paths.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-rw-legacy-paths.xml | 2 +-
...ual-efi-rw-modern-paths.x86_64-latest.args | 2 +-
...nual-efi-rw-modern-paths.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-rw-modern-paths.xml | 2 +-
.../firmware-manual-efi-rw.x86_64-latest.args | 2 +-
.../firmware-manual-efi-rw.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-rw.xml | 2 +-
...fi-secboot-legacy-paths.x86_64-latest.args | 2 +-
...efi-secboot-legacy-paths.x86_64-latest.xml | 2 +-
...rmware-manual-efi-secboot-legacy-paths.xml | 2 +-
...ware-manual-efi-secboot.x86_64-latest.args | 2 +-
...mware-manual-efi-secboot.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-secboot.xml | 2 +-
...re-manual-efi-stateless.x86_64-latest.args | 2 +-
...are-manual-efi-stateless.x86_64-latest.xml | 2 +-
.../firmware-manual-efi-stateless.xml | 2 +-
.../firmware-manual-efi.x86_64-latest.args | 2 +-
.../firmware-manual-efi.x86_64-latest.xml | 2 +-
tests/qemuxmlconfdata/firmware-manual-efi.xml | 2 +-
...e-manual-noefi-acpi-q35.x86_64-latest.args | 2 +-
...re-manual-noefi-acpi-q35.x86_64-latest.xml | 2 +-
.../firmware-manual-noefi-acpi-q35.xml | 2 +-
...manual-noefi-noacpi-q35.x86_64-latest.args | 2 +-
...-manual-noefi-noacpi-q35.x86_64-latest.xml | 2 +-
.../firmware-manual-noefi-noacpi-q35.xml | 2 +-
...pi-root-hotplug-disable.x86_64-latest.args | 2 +-
.../pc-i440fx-acpi-root-hotplug-disable.xml | 2 +-
...cpi-root-hotplug-enable.x86_64-latest.args | 2 +-
.../pc-i440fx-acpi-root-hotplug-enable.xml | 2 +-
...pm-emulator-crb-profile.x86_64-latest.args | 2 +-
.../tpm-emulator-crb-profile.xml | 2 +-
.../tpm-emulator-tpm2-enc.x86_64-latest.args | 2 +-
.../qemuxmlconfdata/tpm-emulator-tpm2-enc.xml | 2 +-
...pm-emulator-tpm2-pstate.x86_64-latest.args | 2 +-
.../tpm-emulator-tpm2-pstate.xml | 2 +-
.../tpm-emulator-tpm2.x86_64-latest.args | 2 +-
tests/qemuxmlconfdata/tpm-emulator-tpm2.xml | 2 +-
.../tpm-emulator.x86_64-latest.args | 2 +-
tests/qemuxmlconfdata/tpm-emulator.xml | 2 +-
.../tpm-external.x86_64-latest.args | 2 +-
tests/qemuxmlconfdata/tpm-external.xml | 2 +-
.../tpm-passthrough-crb.x86_64-latest.args | 2 +-
tests/qemuxmlconfdata/tpm-passthrough-crb.xml | 2 +-
.../tpm-passthrough.x86_64-latest.args | 2 +-
tests/qemuxmlconfdata/tpm-passthrough.xml | 2 +-
.../tseg-explicit-size.x86_64-latest.args | 2 +-
.../tseg-explicit-size.x86_64-latest.xml | 2 +-
tests/qemuxmlconfdata/tseg-explicit-size.xml | 2 +-
.../vhost-vsock-auto.x86_64-latest.args | 2 +-
.../vhost-vsock-auto.x86_64-latest.xml | 2 +-
tests/qemuxmlconfdata/vhost-vsock-auto.xml | 2 +-
198 files changed, 56774 insertions(+), 193 deletions(-)
create mode 100644 tests/domaincapsdata/qemu_10.1.0-q35.x86_64.xml
create mode 100644 tests/domaincapsdata/qemu_10.1.0-tcg.x86_64.xml
create mode 100644 tests/domaincapsdata/qemu_10.1.0.x86_64.xml
create mode 100644 tests/qemucapabilitiesdata/caps_10.1.0_x86_64.replies
create mode 100644 tests/qemucapabilitiesdata/caps_10.1.0_x86_64.xml
--
2.49.0
2 weeks, 4 days
[PATCH v2] nwfilter: Remove 'qemu-announce-self' example
by Peter Krempa
From: Peter Krempa <pkrempa(a)redhat.com>
The example allows packets sent by qemu after migration with broken
protocol ID. The proper self announce is handled via
'qemu-announce-self-rarp'.
The qemu bug was addressed by f8778a7785d530515b0db39 (released as
v0.13.0). As we no longer support such old qemus, and allowing broken
packets makes no sense. Remove the rule and make it into an alias of
'qemu-announce-self-rarp' to preserve compatibility. Adjust the existing
examples to use only the proper rule.t
Closes: https://gitlab.com/libvirt/libvirt/-/issues/792
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
v2:
- keep the old rule as alias
- update comment to say that it's no longer needed
docs/firewall.rst | 1 -
docs/formatnwfilter.rst | 2 +-
src/nwfilter/xml/clean-traffic-gateway.xml | 2 +-
src/nwfilter/xml/clean-traffic.xml | 2 +-
src/nwfilter/xml/qemu-announce-self-rarp.xml | 2 ++
src/nwfilter/xml/qemu-announce-self.xml | 14 ++++----------
6 files changed, 9 insertions(+), 14 deletions(-)
diff --git a/docs/firewall.rst b/docs/firewall.rst
index 26474d3317..81114d2c95 100644
--- a/docs/firewall.rst
+++ b/docs/firewall.rst
@@ -285,7 +285,6 @@ useful rules:
fb57c546-76dc-a372-513f-e8179011b48a no-mac-spoofing
dba10ea7-446d-76de-346f-335bd99c1d05 no-other-l2-traffic
f5c78134-9da4-0c60-a9f0-fb37bc21ac1f no-other-rarp-traffic
- 7637e405-4ccf-42ac-5b41-14f8d03d8cf3 qemu-announce-self
9aed52e7-f0f3-343e-fe5c-7dcb27b594e5 qemu-announce-self-rarp
Most of these are just building blocks. The interesting one here is
diff --git a/docs/formatnwfilter.rst b/docs/formatnwfilter.rst
index 13e9a791af..e50497aaf8 100644
--- a/docs/formatnwfilter.rst
+++ b/docs/formatnwfilter.rst
@@ -438,7 +438,7 @@ several other filters.
<filterref filter='allow-incoming-ipv4'/>
<filterref filter='no-arp-spoofing'/>
<filterref filter='no-other-l2-traffic'/>
- <filterref filter='qemu-announce-self'/>
+ <filterref filter='qemu-announce-self-rarp'/>
</filter>
To reference another filter, the XML node ``filterref`` needs to be provided
diff --git a/src/nwfilter/xml/clean-traffic-gateway.xml b/src/nwfilter/xml/clean-traffic-gateway.xml
index b8c204041a..1768a67697 100644
--- a/src/nwfilter/xml/clean-traffic-gateway.xml
+++ b/src/nwfilter/xml/clean-traffic-gateway.xml
@@ -30,5 +30,5 @@
<filterref filter='no-other-l2-traffic'/>
<!-- allow qemu to send a self-announce upon migration end -->
- <filterref filter='qemu-announce-self'/>
+ <filterref filter='qemu-announce-self-rarp'/>
</filter>
diff --git a/src/nwfilter/xml/clean-traffic.xml b/src/nwfilter/xml/clean-traffic.xml
index b8cde9c560..b0530da70a 100644
--- a/src/nwfilter/xml/clean-traffic.xml
+++ b/src/nwfilter/xml/clean-traffic.xml
@@ -25,6 +25,6 @@
<filterref filter='no-other-l2-traffic'/>
<!-- allow qemu to send a self-announce upon migration end -->
- <filterref filter='qemu-announce-self'/>
+ <filterref filter='qemu-announce-self-rarp'/>
</filter>
diff --git a/src/nwfilter/xml/qemu-announce-self-rarp.xml b/src/nwfilter/xml/qemu-announce-self-rarp.xml
index b7a848ad0f..db7b650320 100644
--- a/src/nwfilter/xml/qemu-announce-self-rarp.xml
+++ b/src/nwfilter/xml/qemu-announce-self-rarp.xml
@@ -11,4 +11,6 @@
arpsrcmacaddr='$MAC' arpdstmacaddr='$MAC'
arpsrcipaddr='0.0.0.0' arpdstipaddr='0.0.0.0'/>
</rule>
+
+ <filterref filter='no-other-rarp-traffic'/>
</filter>
diff --git a/src/nwfilter/xml/qemu-announce-self.xml b/src/nwfilter/xml/qemu-announce-self.xml
index 352db500de..73b77804cf 100644
--- a/src/nwfilter/xml/qemu-announce-self.xml
+++ b/src/nwfilter/xml/qemu-announce-self.xml
@@ -1,13 +1,7 @@
<filter name='qemu-announce-self' chain='root'>
- <!-- as of 4/26/2010 qemu sends out a bogus packet with
- wrong rarp protocol ID -->
- <!-- accept what is being sent now -->
- <rule action='accept' direction='out'>
- <mac protocolid='0x835'/>
- </rule>
-
- <!-- accept if it was changed to rarp -->
+ <!-- This rule originally allowed protocol '0x835' which qemu originally used.
+ As this bug in qemu was fixed and libvirt no longer supports such old qemu
+ versions this now is just a shim refering to 'qemu-announce-self-rarp' to
+ preserve compatibility if someone used this rule directly -->
<filterref filter='qemu-announce-self-rarp'/>
- <filterref filter='no-other-rarp-traffic'/>
-
</filter>
--
2.49.0
2 weeks, 4 days
[PATCH] nwfilter: Remove 'qemu-announce-self' example
by Peter Krempa
From: Peter Krempa <pkrempa(a)redhat.com>
The example allows packets sent by qemu after migration with broken
protocol ID. The proper self announce is handled via
'qemu-announce-self-rarp'.
The qemu bug was addressed by f8778a7785d530515b0db39 (released as
v0.13.0). As we no longer support such old qemus, and allowing broken
packets makes no sense remove the filter, and adjust the existing ones
to refer to the proper name.
Closes: https://gitlab.com/libvirt/libvirt/-/issues/792
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
docs/firewall.rst | 1 -
docs/formatnwfilter.rst | 2 +-
src/nwfilter/xml/clean-traffic-gateway.xml | 2 +-
src/nwfilter/xml/clean-traffic.xml | 2 +-
src/nwfilter/xml/meson.build | 1 -
src/nwfilter/xml/qemu-announce-self-rarp.xml | 2 ++
src/nwfilter/xml/qemu-announce-self.xml | 13 -------------
7 files changed, 5 insertions(+), 18 deletions(-)
delete mode 100644 src/nwfilter/xml/qemu-announce-self.xml
diff --git a/docs/firewall.rst b/docs/firewall.rst
index 26474d3317..81114d2c95 100644
--- a/docs/firewall.rst
+++ b/docs/firewall.rst
@@ -285,7 +285,6 @@ useful rules:
fb57c546-76dc-a372-513f-e8179011b48a no-mac-spoofing
dba10ea7-446d-76de-346f-335bd99c1d05 no-other-l2-traffic
f5c78134-9da4-0c60-a9f0-fb37bc21ac1f no-other-rarp-traffic
- 7637e405-4ccf-42ac-5b41-14f8d03d8cf3 qemu-announce-self
9aed52e7-f0f3-343e-fe5c-7dcb27b594e5 qemu-announce-self-rarp
Most of these are just building blocks. The interesting one here is
diff --git a/docs/formatnwfilter.rst b/docs/formatnwfilter.rst
index 13e9a791af..e50497aaf8 100644
--- a/docs/formatnwfilter.rst
+++ b/docs/formatnwfilter.rst
@@ -438,7 +438,7 @@ several other filters.
<filterref filter='allow-incoming-ipv4'/>
<filterref filter='no-arp-spoofing'/>
<filterref filter='no-other-l2-traffic'/>
- <filterref filter='qemu-announce-self'/>
+ <filterref filter='qemu-announce-self-rarp'/>
</filter>
To reference another filter, the XML node ``filterref`` needs to be provided
diff --git a/src/nwfilter/xml/clean-traffic-gateway.xml b/src/nwfilter/xml/clean-traffic-gateway.xml
index b8c204041a..1768a67697 100644
--- a/src/nwfilter/xml/clean-traffic-gateway.xml
+++ b/src/nwfilter/xml/clean-traffic-gateway.xml
@@ -30,5 +30,5 @@
<filterref filter='no-other-l2-traffic'/>
<!-- allow qemu to send a self-announce upon migration end -->
- <filterref filter='qemu-announce-self'/>
+ <filterref filter='qemu-announce-self-rarp'/>
</filter>
diff --git a/src/nwfilter/xml/clean-traffic.xml b/src/nwfilter/xml/clean-traffic.xml
index b8cde9c560..b0530da70a 100644
--- a/src/nwfilter/xml/clean-traffic.xml
+++ b/src/nwfilter/xml/clean-traffic.xml
@@ -25,6 +25,6 @@
<filterref filter='no-other-l2-traffic'/>
<!-- allow qemu to send a self-announce upon migration end -->
- <filterref filter='qemu-announce-self'/>
+ <filterref filter='qemu-announce-self-rarp'/>
</filter>
diff --git a/src/nwfilter/xml/meson.build b/src/nwfilter/xml/meson.build
index 0d96c54ebe..de3f205a7c 100644
--- a/src/nwfilter/xml/meson.build
+++ b/src/nwfilter/xml/meson.build
@@ -22,7 +22,6 @@ nwfilter_xml_files = [
'no-other-l2-traffic.xml',
'no-other-rarp-traffic.xml',
'qemu-announce-self-rarp.xml',
- 'qemu-announce-self.xml',
]
install_data(nwfilter_xml_files, install_dir: sysconfdir / 'libvirt' / 'nwfilter')
diff --git a/src/nwfilter/xml/qemu-announce-self-rarp.xml b/src/nwfilter/xml/qemu-announce-self-rarp.xml
index b7a848ad0f..db7b650320 100644
--- a/src/nwfilter/xml/qemu-announce-self-rarp.xml
+++ b/src/nwfilter/xml/qemu-announce-self-rarp.xml
@@ -11,4 +11,6 @@
arpsrcmacaddr='$MAC' arpdstmacaddr='$MAC'
arpsrcipaddr='0.0.0.0' arpdstipaddr='0.0.0.0'/>
</rule>
+
+ <filterref filter='no-other-rarp-traffic'/>
</filter>
diff --git a/src/nwfilter/xml/qemu-announce-self.xml b/src/nwfilter/xml/qemu-announce-self.xml
deleted file mode 100644
index 352db500de..0000000000
--- a/src/nwfilter/xml/qemu-announce-self.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-<filter name='qemu-announce-self' chain='root'>
- <!-- as of 4/26/2010 qemu sends out a bogus packet with
- wrong rarp protocol ID -->
- <!-- accept what is being sent now -->
- <rule action='accept' direction='out'>
- <mac protocolid='0x835'/>
- </rule>
-
- <!-- accept if it was changed to rarp -->
- <filterref filter='qemu-announce-self-rarp'/>
- <filterref filter='no-other-rarp-traffic'/>
-
-</filter>
--
2.49.0
2 weeks, 4 days
[libvirt PATCH] qemu: prefer memfd if we have to format system memory
by Ján Tomko
From: Ján Tomko <jtomko(a)redhat.com>
For any vhost-user device to work, the memory needs to be marked as
shared.
What we recommend to users (e.g. in the virtiofs quide [0]) is:
<memoryBacking>
<source type='memfd'/>
<access mode='shared'/>
</memoryBacking>
Technically, only the access mode is needed:
<memoryBacking>
<access mode='shared'/>
</memoryBacking>
But this results in libvirt assuming the file backend.
Switch this case to use memfd which should offer better performance,
and less disk usage, at the cost of eating unswappable RAM.
[0] https://libvirt.org/kbase/virtiofs.html
Signed-off-by: Ján Tomko <jtomko(a)redhat.com>
---
src/qemu/qemu_command.c | 9 +++++++--
tests/qemuxmlconfdata/disk-vhostvdpa.x86_64-latest.args | 2 +-
.../net-vhostuser-multiq.x86_64-latest.args | 2 +-
.../net-vhostuser-passt.x86_64-latest.args | 2 +-
tests/qemuxmlconfdata/net-vhostuser.x86_64-latest.args | 2 +-
.../schema-reorder-domain-subelements.x86_64-latest.args | 2 +-
.../qemuxmlconfdata/vhost-user-fs-ccw.s390x-latest.args | 2 +-
7 files changed, 13 insertions(+), 8 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 7658cc4d39..ca9d4d6609 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -3417,8 +3417,13 @@ qemuBuildMemoryBackendProps(virJSONValue **backendProps,
if (!priv->memPrealloc)
prealloc = true;
- } else if (!nvdimmPath &&
- def->mem.source == VIR_DOMAIN_MEMORY_SOURCE_MEMFD) {
+ } else if ((!nvdimmPath &&
+ def->mem.source == VIR_DOMAIN_MEMORY_SOURCE_MEMFD) ||
+ (systemMemory &&
+ memAccess &&
+ !useHugepage &&
+ def->mem.source == VIR_DOMAIN_MEMORY_SOURCE_NONE &&
+ virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_MEMORY_MEMFD))) {
backendType = "memory-backend-memfd";
if (useHugepage &&
diff --git a/tests/qemuxmlconfdata/disk-vhostvdpa.x86_64-latest.args b/tests/qemuxmlconfdata/disk-vhostvdpa.x86_64-latest.args
index 93d2ef0d98..04732df68a 100644
--- a/tests/qemuxmlconfdata/disk-vhostvdpa.x86_64-latest.args
+++ b/tests/qemuxmlconfdata/disk-vhostvdpa.x86_64-latest.args
@@ -14,7 +14,7 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-accel tcg \
-cpu qemu64 \
-m size=219136k \
--object '{"qom-type":"memory-backend-file","id":"pc.ram","mem-path":"/var/lib/libvirt/qemu/ram/-1-QEMUGuest1/pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
+-object '{"qom-type":"memory-backend-memfd","id":"pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
-overcommit mem-lock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
diff --git a/tests/qemuxmlconfdata/net-vhostuser-multiq.x86_64-latest.args b/tests/qemuxmlconfdata/net-vhostuser-multiq.x86_64-latest.args
index 4ea3d4eebd..ac5c8b7652 100644
--- a/tests/qemuxmlconfdata/net-vhostuser-multiq.x86_64-latest.args
+++ b/tests/qemuxmlconfdata/net-vhostuser-multiq.x86_64-latest.args
@@ -14,7 +14,7 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-accel tcg \
-cpu qemu64 \
-m size=219136k \
--object '{"qom-type":"memory-backend-file","id":"pc.ram","mem-path":"/var/lib/libvirt/qemu/ram/-1-QEMUGuest1/pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
+-object '{"qom-type":"memory-backend-memfd","id":"pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
-overcommit mem-lock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
diff --git a/tests/qemuxmlconfdata/net-vhostuser-passt.x86_64-latest.args b/tests/qemuxmlconfdata/net-vhostuser-passt.x86_64-latest.args
index afbbe188cf..ee395deffe 100644
--- a/tests/qemuxmlconfdata/net-vhostuser-passt.x86_64-latest.args
+++ b/tests/qemuxmlconfdata/net-vhostuser-passt.x86_64-latest.args
@@ -14,7 +14,7 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-accel tcg \
-cpu qemu64 \
-m size=219136k \
--object '{"qom-type":"memory-backend-file","id":"pc.ram","mem-path":"/var/lib/libvirt/qemu/ram/-1-QEMUGuest1/pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
+-object '{"qom-type":"memory-backend-memfd","id":"pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
-overcommit mem-lock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
diff --git a/tests/qemuxmlconfdata/net-vhostuser.x86_64-latest.args b/tests/qemuxmlconfdata/net-vhostuser.x86_64-latest.args
index f5925c77fe..74454d3d24 100644
--- a/tests/qemuxmlconfdata/net-vhostuser.x86_64-latest.args
+++ b/tests/qemuxmlconfdata/net-vhostuser.x86_64-latest.args
@@ -14,7 +14,7 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-accel tcg \
-cpu qemu64 \
-m size=219136k \
--object '{"qom-type":"memory-backend-file","id":"pc.ram","mem-path":"/var/lib/libvirt/qemu/ram/-1-QEMUGuest1/pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
+-object '{"qom-type":"memory-backend-memfd","id":"pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
-overcommit mem-lock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
diff --git a/tests/qemuxmlconfdata/schema-reorder-domain-subelements.x86_64-latest.args b/tests/qemuxmlconfdata/schema-reorder-domain-subelements.x86_64-latest.args
index 76df9c30b0..5fb594df87 100644
--- a/tests/qemuxmlconfdata/schema-reorder-domain-subelements.x86_64-latest.args
+++ b/tests/qemuxmlconfdata/schema-reorder-domain-subelements.x86_64-latest.args
@@ -14,7 +14,7 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-passtvhostuu/.config \
-accel kvm \
-cpu qemu64 \
-m size=16777216k \
--object '{"qom-type":"memory-backend-file","id":"pc.ram","mem-path":"/var/lib/libvirt/qemu/ram/-1-passtvhostuu/pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":17179869184}' \
+-object '{"qom-type":"memory-backend-memfd","id":"pc.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":17179869184}' \
-overcommit mem-lock=off \
-smp 16,sockets=16,cores=1,threads=1 \
-uuid d79698e0-46b2-4459-87ee-7c762990dd6e \
diff --git a/tests/qemuxmlconfdata/vhost-user-fs-ccw.s390x-latest.args b/tests/qemuxmlconfdata/vhost-user-fs-ccw.s390x-latest.args
index 72ca38c305..eed9af8bb1 100644
--- a/tests/qemuxmlconfdata/vhost-user-fs-ccw.s390x-latest.args
+++ b/tests/qemuxmlconfdata/vhost-user-fs-ccw.s390x-latest.args
@@ -14,7 +14,7 @@ XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
-accel tcg \
-cpu qemu \
-m size=219136k \
--object '{"qom-type":"memory-backend-file","id":"s390.ram","mem-path":"/var/lib/libvirt/qemu/ram/-1-QEMUGuest1/s390.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
+-object '{"qom-type":"memory-backend-memfd","id":"s390.ram","share":true,"x-use-canonical-path-for-ramblock-id":false,"size":224395264}' \
-overcommit mem-lock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
--
2.50.0
2 weeks, 4 days
[PATCH 0/3] qemu: Improve handling of architecture-specific defaults (SCSI)
by Andrea Bolognani
I was working on this last year, then sort of lost track. Jim's
recent patch[1] caused me to remember about this work and look into
picking it up again.
This is only half of the original series, which itself was reduced in
scope compared to the first revision. I'll try to get around to
everything, but addressing one area at the time is most likely to
succeed.
Of course this will no longer apply cleanly once Jim's patch has been
pushed. The conflict will be trivial to solve though.
Changes from [v2]:
* several patches have been pushed;
* address review comments.
Changes from [v1]:
* several patches have been pushed;
* of the remaining changes, only the ones related to SCSI and USB
controllers have been retained. I still intend to pursue the
rest, but those two are where the real nasty stuff happens, so
I'm focusing on them only for now;
* improve the handling of USB controllers on s390x;
* make all the code dealing with the legacy USB controller obsolete
and get rid of it;
* use out arguments to return models, making the new helpers fall
in line with the usual libvirt API conventions.
[1] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/B4...
[v2] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/FZ...
[v1] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/G5...
Andrea Bolognani (3):
qemu: Improve qemuDomainDefaultSCSIControllerModel()
qemu: Clean up qemuDomainDefaultSCSIControllerModel()
qemu: Use virtio-scsi by default on RISC-V
src/qemu/qemu_domain.c | 48 +++++++++++++------
src/qemu/qemu_domain.h | 5 +-
src/qemu/qemu_hotplug.c | 16 ++++---
src/qemu/qemu_postparse.c | 11 +++--
...ault-models.riscv64-latest.abi-update.args | 5 +-
...fault-models.riscv64-latest.abi-update.xml | 11 +++--
...64-virt-default-models.riscv64-latest.args | 5 +-
...v64-virt-default-models.riscv64-latest.xml | 11 +++--
8 files changed, 73 insertions(+), 39 deletions(-)
--
2.50.0
3 weeks
[PATCH v1] aspeed: Deprecate the ast2700a0-evb machine
by Jamin Lin
The ast2700a0-evb machine represents the first revision of the AST2700 and
serves as the initial engineering sample rather than a production version.
A newer revision, A1, is now supported, and the ast2700a1-evb should replace
the older A0 version.
Signed-off-by: Jamin Lin <jamin_lin(a)aspeedtech.com>
---
docs/about/deprecated.rst | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index 42037131de..5a3ed71a64 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -315,6 +315,14 @@ deprecated; use the new name ``dtb-randomness`` instead. The new name
better reflects the way this property affects all random data within
the device tree blob, not just the ``kaslr-seed`` node.
+Arm ``ast2700a0-evb`` machine (since 10.1)
+''''''''''''''''''''''''''''''''''''''''''
+
+The ``ast2700a0-evb`` machine represents the first revision of the AST2700
+and serves as the initial engineering sample rather than a production version.
+A newer revision, A1, is now supported, and the ``ast2700a1-evb`` should
+replace the older A0 version.
+
Mips ``mipssim`` machine (since 10.0)
'''''''''''''''''''''''''''''''''''''
--
2.43.0
3 weeks, 1 day
[PATCH] virdevmapper: Always use device name for finding targets
by bhavin192@purelymail.com
From: Bhavin Gandhi <bhavin192(a)geeksocket.in>
DM_TABLE_DEPS expects a device name in dm_ioctl.name. In one of the
cases, full path of the device was getting returned causing the ioctl
call to fail with `ENXIO (No such device or address)`.
Also rename the function and variable names to better reflect that we
are dealing with DM device names and not paths.
This got introduced in 22494556542c676d1b9e7f1c1f2ea13ac17e1e3e
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/790
Signed-off-by: Bhavin Gandhi <bhavin192(a)geeksocket.in>
---
src/util/virdevmapper.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/util/virdevmapper.c b/src/util/virdevmapper.c
index d0eae671ab..42c86d89cf 100644
--- a/src/util/virdevmapper.c
+++ b/src/util/virdevmapper.c
@@ -164,7 +164,7 @@ virDMOpen(void)
static char *
-virDMSanitizepath(const char *path)
+virDMGetDeviceName(const char *path)
{
g_autofree char *dmDirPath = NULL;
struct dirent *ent = NULL;
@@ -205,7 +205,7 @@ virDMSanitizepath(const char *path)
if (stat(tmp, &sb[1]) == 0 &&
sb[0].st_rdev == sb[1].st_rdev) {
- return g_steal_pointer(&tmp);
+ return g_strdup(ent->d_name);
}
}
@@ -219,7 +219,7 @@ virDevMapperGetTargetsImpl(int controlFD,
GSList **devPaths,
unsigned int ttl)
{
- g_autofree char *sanitizedPath = NULL;
+ g_autofree char *deviceName = NULL;
g_autofree char *buf = NULL;
struct dm_ioctl dm = { 0 };
struct dm_target_deps *deps = NULL;
@@ -233,10 +233,10 @@ virDevMapperGetTargetsImpl(int controlFD,
if (!virIsDevMapperDevice(path))
return 0;
- if (!(sanitizedPath = virDMSanitizepath(path)))
+ if (!(deviceName = virDMGetDeviceName(path)))
return 0;
- if (virStrcpy(dm.name, sanitizedPath, DM_NAME_LEN) < 0) {
+ if (virStrcpy(dm.name, deviceName, DM_NAME_LEN) < 0) {
virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
_("Resolved device mapper name too long"));
return -1;
--
2.49.0
3 weeks, 2 days
