[libvirt] [PATCH v3 0/2] Couple of storage driver improvements
by Michal Privoznik
v3 of:
https://www.redhat.com/archives/libvir-list/2019-March/msg00326.html
diff to v2:
- Patches acked in v2 are pushed now,
- Patch 1/2 is a resurrection of patch 1/6 from v1. As Pavel found out
we can't use writesame(), so let's simplify write() at least.
- Patch 2/2 now checks for VSTORAGE too.
Michal Prívozník (2):
storage_backend_iscsi_direct: Simplify vol zeroing
storageVolWipePattern: Don't take shortcut to refreshPool()
src/storage/storage_backend_iscsi_direct.c | 26 ++++++++++++----------
src/storage/storage_driver.c | 15 ++++++++-----
2 files changed, 24 insertions(+), 17 deletions(-)
--
2.19.2
5 years, 9 months
[libvirt] [PATCH] vz: build fix for virdomainsnapshotobjlist.h
by Nikolay Shirokovskiy
Commit [1] moved snapshot list functions declaration into
its own file but missed a fix for vz driver.
[1] 9b75154c : snapshot: Break out virDomainSnapshotObjList into its own file
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy(a)virtuozzo.com>
---
Pushed as trivial/build fix.
src/vz/vz_utils.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/vz/vz_utils.h b/src/vz/vz_utils.h
index 758ab6f..fb289ed 100644
--- a/src/vz/vz_utils.h
+++ b/src/vz/vz_utils.h
@@ -28,6 +28,7 @@
# include "driver.h"
# include "conf/domain_conf.h"
# include "conf/snapshot_conf.h"
+# include "conf/virdomainsnapshotobjlist.h"
# include "conf/virdomainobjlist.h"
# include "conf/domain_event.h"
# include "virthread.h"
--
1.8.3.1
5 years, 9 months
[libvirt] [PATCH v2 0/6] lxc: Add suport to network indexes for LXC 3.X.
by Julio Faracco
This series implement support for network syntax settings for LXC 3.X.
Now, indexes are part of the settings to define network interfaces. Each
interface has its own index. The old style uses 'type' tag to
differentiate each interface.
Old:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = virbr0
New:
lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.link = virbr0
v1-v2: Error condition was causing segfault due to wrong index access.
Julio Faracco (6):
lxc: Rebase lxcNetworkParseData struct to support indexes.
lxc: Rebase lxcNetworkParseData pointers to use new structures.
lxc: Introduce lxcNetworkGetParseDataLegacy() method.
lxc: Introduce lxcNetworkGetParseData() for 'lxc.net.' entry.
tests: Change network settings of V3 testcase set.
tests: Introduce random network settings to test indexes.
src/lxc/lxc_native.c | 192 ++++++++++++------
.../lxcconf2xml-ethernet-v3.config | 16 +-
.../lxcconf2xml-fstab-v3.config | 10 +-
.../lxcconf2xml-macvlannetwork-v3.config | 10 +-
.../lxcconf2xml-miscnetwork-v3.config | 38 ++--
.../lxcconf2xml-nonenetwork-v3.config | 2 +-
.../lxcconf2xml-physnetwork-v3.config | 14 +-
.../lxcconf2xml-randomnetwork-v3.config | 21 ++
.../lxcconf2xml-randomnetwork.xml | 45 ++++
.../lxcconf2xml-simple-v3.config | 18 +-
.../lxcconf2xmldata/lxcconf2xml-simple.config | 18 +-
.../lxcconf2xml-vlannetwork-v3.config | 10 +-
tests/lxcconf2xmltest.c | 1 +
13 files changed, 268 insertions(+), 127 deletions(-)
create mode 100644 tests/lxcconf2xmldata/lxcconf2xml-randomnetwork-v3.config
create mode 100644 tests/lxcconf2xmldata/lxcconf2xml-randomnetwork.xml
--
2.19.1
5 years, 9 months
[libvirt] [PATCH v3 0/2] Add function for XML yes|no string handling
by Shotaro Gotanda
Changes since v2:
- adjust the code to the coding guideline
Shotaro Gotanda (2):
util: add virStringParseYesNo()
conf: Use virStringParseYesNo()
src/conf/domain_conf.c | 30 +++++-------------------------
src/conf/secret_conf.c | 12 ++----------
src/util/virstring.c | 21 +++++++++++++++++++++
src/util/virstring.h | 3 +++
4 files changed, 31 insertions(+), 35 deletions(-)
--
2.19.1
5 years, 9 months
[libvirt] ANNOUNCE: Oz 0.17.0 release
by Chris Lalancette
All,
I'm pleased to announce release 0.17.0 of Oz. Oz is a program for
doing automated installation of guest operating systems with limited
input from the user. Release 0.17.0 switches Oz to be python3 only,
since Python 2 support is ending soon. There are also some minor fixes
in here, along with the addition of support for some new OSs.
A tarball and zipfile of this release is available on the Github
releases page: https://github.com/clalancette/oz/releases . Packages for
Fedora-30 and Rawhide will be built in Koji and will eventually make
their way to stable. Instructions on how to get and use Oz are
available at http://github.com/clalancette/oz/wiki .
If you have questions or comments about Oz, please feel free to contact
me at clalancette at gmail.com, or open up an issue on the github page:
http://github.com/clalancette/oz/issues .
Thanks to everyone who contributed to this release through bug reports,
patches, and suggestions for improvement.
Chris Lalancette
5 years, 9 months
[libvirt] [PATCH v2 0/8] Couple of storage driver improvements
by Michal Privoznik
v2 of:
https://www.redhat.com/archives/libvir-list/2019-March/msg00001.html
diff to v1:
- use WRITESAME instead of WRITE in 2/8
- Patches 1/8 and 3/8 are new. I've noticed we are overwriting an error
when something goes wrong while volume wiping.
Michal Prívozník (8):
iscsi_direct: Make virStorageBackendISCSIDirectGetLun report error
properly
storage_backend_iscsi_direct: Simplify vol zeroing
iscsi_direct: Don't overwrite error in
virStorageBackenISCSIDirectWipeVol()
virISCSIDirectReportLuns: Drop ClearVols
storageVolWipePattern: Don't take shortcut to refreshPool()
storage_driver: Introduce storagePoolRefreshImpl()
storagePoolRefreshFailCleanup: Clear volumes on failed refresh
virsh-pool: Offer only active pool for pool-refresh completer
src/storage/storage_backend_gluster.c | 2 -
src/storage/storage_backend_iscsi_direct.c | 80 +++++++++++++---------
src/storage/storage_backend_logical.c | 12 +---
src/storage/storage_backend_rbd.c | 4 +-
src/storage/storage_driver.c | 77 ++++++++++++---------
src/storage/storage_util.c | 2 -
tools/virsh-pool.c | 2 +-
7 files changed, 96 insertions(+), 83 deletions(-)
--
2.19.2
5 years, 9 months
[libvirt] [PATCH v2 00/25] qemu: virtio-{non-}transitional support
by Cole Robinson
v1 libvirt patches:
https://www.redhat.com/archives/libvir-list/2019-January/msg00593.html
Previous incomplete RFC here:
https://www.redhat.com/archives/libvir-list/2019-January/msg00346.html
qemu patches, queued for qemu 4.0.0:
https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00923.html
Previous libvirt discussion around this:
https://www.redhat.com/archives/libvir-list/2018-August/msg01073.html
Long story short we need to expose these options so apps have a
usable way to support rhel6 + virtio + q35. This series exposes
the new devices as model= values. This required adding new
model= attributes for several devices. See v1 posting for a summary
of the XML changes introduced, mostly it's adding virtio-transitional
and virtio-non-transitional to existing model= enums, and adding
model= XML attributes for devices that don't have them (disk, fs,
input)
Changes from v1:
- <filesystem> models are now named virtio-9p, virtio-9p-transitional,
virtio-9p-non-transitional. This is to avoid ambiguity as in the near
future we will likely add virtio-fs <filesystem> support
- Cleanup and prep work is separated into separate patches and front
loaded into the series.
- qemu caps additions are separated from the qemu_command.c patches,
and squashed together upfront.
- virDomainDeviceSetData is added to make it easier to compose a
virDomainDeviceDef on the fly. This is used for the transitional cli
building but can be useful elsewhere too, but that's for another
series.
- Lots of small improvements and fixes suggested by Andrea.
Thanks,
Cole
Cole Robinson (25):
conf: Set net->model earlier
conf: Add virDomainNetIsVirtioModel
qemu: Move <memballoon> validation out of qemu_command.c
qemu: Move <rng> validation out of qemu_command.c
qemu: command: Make vhost-scsi device string depend on address
qemu: command: Convert vhost-{vsock,scsi} to qemuBuildVirtioDevStr
conf: Add virDomainDeviceSetData
qemu: command: Make BuildVirtioDevStr more generic
qemu: command: Add qemuCaps to BuildVirtioStr
qemu: capabilities: Add virtio/vhost {non-}transitional
conf: Add <disk model='virtio-{non-}transitional'/>
qemu: Support disk model=virtio-{non-}transitional
qemu: Support interface model=virtio-{non-}transitional
conf: Add <hostdev model='virtio-{non-}transitional'/>
qemu: Support hostdev model=virtio-{non-}transitional
qemu: Support rng model=virtio-{non-}transitional
conf: Add <filesystem model='virtio-9p-{non-}transitional'/>
qemu: Support filesystem model=virtio-9p-{non-}transitional
qemu: Support memballoon model=virtio-{non-}transitional
qemu: Support vsock model=virtio-{non-}transitional
conf: Add <input model='virtio-{non-}transitional'/>
qemu: Support input model=virtio-{non-}transitional
qemu: Support virtio-serial controller model=virtio-{non-}transitional
qemu: Support scsi controller model=virtio-{non-}transitional
qemu: domcaps: Report disk <enum name="model">
docs/formatdomain.html.in | 39 ++-
docs/schemas/domaincommon.rng | 61 +++-
src/conf/domain_capabilities.c | 1 +
src/conf/domain_capabilities.h | 1 +
src/conf/domain_conf.c | 328 ++++++++++++++++--
src/conf/domain_conf.h | 67 ++++
src/libvirt_private.syms | 6 +
src/libxl/libxl_conf.c | 2 +
src/qemu/qemu_capabilities.c | 61 ++++
src/qemu/qemu_capabilities.h | 28 ++
src/qemu/qemu_command.c | 252 +++++++++++---
src/qemu/qemu_domain.c | 79 ++++-
src/qemu/qemu_domain_address.c | 97 ++++--
src/qemu/qemu_driver.c | 17 +-
src/qemu/qemu_hotplug.c | 2 +-
src/qemu/qemu_interface.c | 8 +-
src/qemu/qemu_process.c | 3 +-
src/security/virt-aa-helper.c | 2 +-
src/vbox/vbox_common.c | 2 +
src/vmx/vmx.c | 5 +-
.../bhyve_basic.x86_64.xml | 1 +
.../bhyve_fbuf.x86_64.xml | 1 +
.../bhyve_uefi.x86_64.xml | 1 +
tests/domaincapsschemadata/full.xml | 6 +
.../domaincapsschemadata/libxl-xenfv-usb.xml | 1 +
.../domaincapsschemadata/libxl-xenpv-usb.xml | 1 +
.../qemu_1.7.0.x86_64.xml | 3 +
.../qemu_2.12.0-virt.aarch64.xml | 5 +
.../qemu_2.12.0.ppc64.xml | 5 +
.../qemu_2.12.0.s390x.xml | 5 +
.../qemu_2.12.0.x86_64.xml | 5 +
.../qemu_2.6.0-virt.aarch64.xml | 5 +
.../qemu_2.6.0.aarch64.xml | 5 +
.../domaincapsschemadata/qemu_2.6.0.ppc64.xml | 5 +
.../qemu_2.6.0.x86_64.xml | 5 +
.../domaincapsschemadata/qemu_2.7.0.s390x.xml | 5 +
.../qemu_2.8.0-tcg.x86_64.xml | 5 +
.../domaincapsschemadata/qemu_2.8.0.s390x.xml | 5 +
.../qemu_2.8.0.x86_64.xml | 5 +
.../qemu_2.9.0-q35.x86_64.xml | 5 +
.../qemu_2.9.0-tcg.x86_64.xml | 5 +
.../qemu_2.9.0.x86_64.xml | 5 +
.../domaincapsschemadata/qemu_3.0.0.s390x.xml | 5 +
.../qemu_4.0.0.x86_64.xml | 154 ++++++++
tests/domaincapstest.c | 4 +
.../caps_4.0.0.x86_64.xml | 20 ++
.../virtio-non-transitional.x86_64-3.1.0.args | 65 ++++
...virtio-non-transitional.x86_64-latest.args | 62 ++++
.../virtio-non-transitional.xml | 40 +++
.../virtio-transitional.x86_64-3.1.0.args | 50 +++
.../virtio-transitional.x86_64-latest.args | 52 +++
.../qemuxml2argvdata/virtio-transitional.xml | 40 +++
tests/qemuxml2argvmock.c | 2 +-
tests/qemuxml2argvtest.c | 6 +
.../virtio-non-transitional.xml | 121 +++++++
.../virtio-transitional.xml | 80 +++++
tests/qemuxml2xmltest.c | 26 +-
57 files changed, 1736 insertions(+), 141 deletions(-)
create mode 100644 tests/domaincapsschemadata/qemu_4.0.0.x86_64.xml
create mode 100644 tests/qemuxml2argvdata/virtio-non-transitional.x86_64-3.1.0.args
create mode 100644 tests/qemuxml2argvdata/virtio-non-transitional.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/virtio-non-transitional.xml
create mode 100644 tests/qemuxml2argvdata/virtio-transitional.x86_64-3.1.0.args
create mode 100644 tests/qemuxml2argvdata/virtio-transitional.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/virtio-transitional.xml
create mode 100644 tests/qemuxml2xmloutdata/virtio-non-transitional.xml
create mode 100644 tests/qemuxml2xmloutdata/virtio-transitional.xml
--
2.20.1
5 years, 9 months
[libvirt] [PATCH v2 0/6] Drop support for certain init scripts
by Andrea Bolognani
Changes from [v1]:
* drop support for "Red Hat" init scripts in addition to Upstart.
[v1] https://www.redhat.com/archives/libvir-list/2019-March/msg00917.html
Andrea Bolognani (6):
travis: Stop using --with-init-script
travis: Drop $DISTCHECK_CONFIGURE_FLAGS
Drop support for Upstart init scripts
Drop support for "Red Hat" init scripts
m4: Simplify LIBVIRT_CHECK_INIT_SCRIPT
news: Document dropping support for certain init scripts
.gitignore | 1 -
.travis.yml | 5 +-
docs/news.xml | 13 ++++
m4/virt-init-script.m4 | 30 ++-------
src/Makefile.am | 61 -----------------
src/locking/Makefile.inc.am | 9 ---
src/locking/virtlockd.init.in | 98 ---------------------------
src/logging/Makefile.inc.am | 11 ---
src/logging/virtlogd.init.in | 98 ---------------------------
src/remote/Makefile.inc.am | 4 --
src/remote/libvirtd.init.in | 122 ----------------------------------
src/remote/libvirtd.upstart | 47 -------------
tools/Makefile.am | 33 +--------
tools/libvirt-guests.init.in | 30 ---------
14 files changed, 22 insertions(+), 540 deletions(-)
delete mode 100644 src/locking/virtlockd.init.in
delete mode 100644 src/logging/virtlogd.init.in
delete mode 100644 src/remote/libvirtd.init.in
delete mode 100644 src/remote/libvirtd.upstart
delete mode 100644 tools/libvirt-guests.init.in
--
2.20.1
5 years, 9 months
[libvirt] [PATCH] object: Add sanity check on correct parent class
by Eric Blake
Checking that the derived class is larger than the requested parent
class saves us from some obvious mistakes, but as written, it does not
catch all the cases; in particular, it is easy to forget to update a
VIR_CLASS_NEW when changing the 'parent' member from virObject to
virObjectLockabale, but where the size checks don't catch that. Add a
parameter for one more layer of sanity checking.
Note that I did NOT change the fact that we require derived classes to
be larger (as the difference in size makes it easy to tell classes
apart), which means that even if a derived class has no functionality
to add (but rather exists for compiler-enforced type-safety), it must
still include a dummy member. But I did fix the wording of the error
message to match the code.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
Here's hoping Coverity doesn't have a false-positive complaint about
the error message being a potential dereference of NULL (the only time
'parent == NULL' is when 'parentsize == 0', based on the fact that our
syntax checks forbid raw calls to virClassNew() except for "virObject"
itself - but Coverity likely won't see that).
src/util/virobject.h | 5 ++++-
src/util/virobject.c | 8 +++++---
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/util/virobject.h b/src/util/virobject.h
index d4ec943a43..757068fcc1 100644
--- a/src/util/virobject.h
+++ b/src/util/virobject.h
@@ -82,12 +82,15 @@ virClassPtr virClassForObjectRWLockable(void);
*/
# define VIR_CLASS_NEW(name, prnt) \
verify_expr(offsetof(name, parent) == 0, \
- (name##Class = virClassNew(prnt, #name, sizeof(name), name##Dispose)))
+ (name##Class = virClassNew(prnt, #name, sizeof(name), \
+ sizeof(((name *)NULL)->parent), \
+ name##Dispose)))
virClassPtr
virClassNew(virClassPtr parent,
const char *name,
size_t objectSize,
+ size_t parentSize,
virObjectDisposeCallback dispose)
VIR_PARENT_REQUIRED ATTRIBUTE_NONNULL(2);
diff --git a/src/util/virobject.c b/src/util/virobject.c
index 3b28331ba7..b4ee068cb2 100644
--- a/src/util/virobject.c
+++ b/src/util/virobject.c
@@ -78,6 +78,7 @@ virObjectOnceInit(void)
if (!(virObjectClass = virClassNew(NULL,
"virObject",
sizeof(virObject),
+ 0,
NULL)))
return -1;
@@ -159,6 +160,7 @@ virClassPtr
virClassNew(virClassPtr parent,
const char *name,
size_t objectSize,
+ size_t parentSize,
virObjectDisposeCallback dispose)
{
virClassPtr klass;
@@ -167,10 +169,10 @@ virClassNew(virClassPtr parent,
STRNEQ(name, "virObject")) {
virReportInvalidNonNullArg(parent);
return NULL;
- } else if (parent &&
- objectSize <= parent->objectSize) {
+ } else if (objectSize <= parentSize ||
+ parentSize != (parent ? parent->objectSize : 0)) {
virReportInvalidArg(objectSize,
- _("object size %zu of %s is smaller than parent class %zu"),
+ _("object size %zu of %s is not larger than parent class %zu"),
objectSize, name, parent->objectSize);
return NULL;
}
--
2.20.1
5 years, 9 months
[libvirt] AMD SEV's /dev/sev permissions and probing QEMU for capabilities
by Erik Skultety
Hi,
this is a summary of a private discussion I've had with guys CC'd on this email
about finding a solution to [1] - basically, the default permissions on
/dev/sev (below) make it impossible to query for SEV platform capabilities,
since by default we run QEMU as qemu:qemu when probing for capabilities. It's
worth noting is that this is only relevant to probing, since for a proper QEMU
VM we create a mount namespace for the process and chown all the nodes (needs a
SEV fix though).
# ll /dev/sev
crw-------. 1 root root
I suggested either force running QEMU as root for probing (despite the obvious
security implications) or using namespaces for probing too. Dan argued that
this would have a significant perf impact and suggested we ask systemd to add a
global udev rule.
I proceeded with cloning [1] to systemd and creating an udev rule that I planned
on submitting to systemd upstream - the initial idea was to mimic /dev/kvm and
make it world accessible to which Brijesh from AMD expressed a concern that
regular users might deplete the resources (limit on the number of guests
allowed by the platform). But since the limit is claimed to be around 4, Dan
discouraged me to continue with restricting the udev rule to only the 'kvm'
group which Laszlo suggested earlier as the limit is so small that a malicious
QEMU could easily deplete this during probing. This fact also ruled out any
kind of ACL we could create dynamically. Instead, he suggested that we filter
out the kvm-capable QEMU and put only that one in the namespace without a
significant perf impact.
- my take on this is that there could potentially be more than a single
kvm-enabled QEMU and therefore we'd need to create more than just a
single namespace.
- I also argued that I can image that the same kind of DOS attack might be
possible from within the namespace, even if we created the /dev/sev node
only in SEV-enabled guests (which we currently don't). All of us have
agreed that allowing /dev/sev in the namespace for only SEV-enabled
guests is worth doing nonetheless.
In the meantime, Christophe went through the kernel code to verify how the SEV
resources are managed and what protection is currently in place to mitigate the
chance of a process easily depleting the limit on SEV guests. He found that
ASID, which determines the encryption key, is allocated from a single ASID
bitmap and essentially guarded by a single 'sev->active' flag.
So, in conclusion, we absolutely need input from Brijesh (AMD) whether there
was something more than the low limit on number of guests behind the default
permissions. Also, we'd like to get some details on how the limit is managed,
helping to assess the approaches mentioned above.
Thanks and please do share your ideas,
Erik
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1665400
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1561113
5 years, 9 months