[libvirt] [PATCH v2] test_driver: implement virDomainGetDiskErrors
by Ilias Stamatis
Return the number of disks present in the configuration of the test
domain when called with @errors as NULL and @maxerrors as 0.
Otherwise report an error for every second disk, assigning available
error codes in a cyclic order.
Signed-off-by: Ilias Stamatis <stamatis.iliass(a)gmail.com>
---
src/test/test_driver.c | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/src/test/test_driver.c b/src/test/test_driver.c
index a06d1fc402..527c2f5d3b 100644
--- a/src/test/test_driver.c
+++ b/src/test/test_driver.c
@@ -3046,6 +3046,47 @@ static int testDomainSetAutostart(virDomainPtr domain,
return 0;
}
+static int testDomainGetDiskErrors(virDomainPtr dom,
+ virDomainDiskErrorPtr errors,
+ unsigned int maxerrors,
+ unsigned int flags)
+{
+ virDomainObjPtr vm = NULL;
+ int ret = -1;
+ size_t i;
+ int n = 0;
+ int codes[] = {VIR_DOMAIN_DISK_ERROR_UNSPEC, VIR_DOMAIN_DISK_ERROR_NO_SPACE};
+ size_t ncodes = sizeof(codes) / sizeof(codes[0]);
+
+ virCheckFlags(0, -1);
+
+ if (!(vm = testDomObjFromDomain(dom)))
+ goto cleanup;
+
+ if (virDomainObjCheckActive(vm) < 0)
+ goto cleanup;
+
+ if (!errors) {
+ ret = vm->def->ndisks;
+ } else {
+ for (i = 1; i < vm->def->ndisks && n < maxerrors; i += 2) {
+ if (VIR_STRDUP(errors[n].disk, vm->def->disks[i]->dst) < 0)
+ goto cleanup;
+ errors[n].error = codes[n % ncodes];
+ n++;
+ }
+ ret = n;
+ }
+
+ cleanup:
+ virDomainObjEndAPI(&vm);
+ if (ret < 0) {
+ for (i = 0; i < n; i++)
+ VIR_FREE(errors[i].disk);
+ }
+ return ret;
+}
+
static char *testDomainGetSchedulerType(virDomainPtr domain ATTRIBUTE_UNUSED,
int *nparams)
{
@@ -6832,6 +6873,7 @@ static virHypervisorDriver testHypervisorDriver = {
.domainUndefineFlags = testDomainUndefineFlags, /* 0.9.4 */
.domainGetAutostart = testDomainGetAutostart, /* 0.3.2 */
.domainSetAutostart = testDomainSetAutostart, /* 0.3.2 */
+ .domainGetDiskErrors = testDomainGetDiskErrors, /* 5.4.0 */
.domainGetSchedulerType = testDomainGetSchedulerType, /* 0.3.2 */
.domainGetSchedulerParameters = testDomainGetSchedulerParameters, /* 0.3.2 */
.domainGetSchedulerParametersFlags = testDomainGetSchedulerParametersFlags, /* 0.9.2 */
--
2.21.0
5 years, 7 months
[libvirt] [PATCH] virt-aa-helper: allow sysfs path used for vhost-scsi
by Christian Ehrhardt
When a vhost scsi device is hotplugged virt-aa-helper is called to
add the respective path.
For example the config:
<hostdev mode='subsystem' type='scsi_host' managed='no'>
<source protocol='vhost' wwpn='naa.50014059de6fba4f'/>
</hostdev>
Will call it to add:
/sys/kernel/config/target/vhost//naa.50014059de6fba4f
But in general /sys paths are filtered in virt-aa-helper.c:valid_path
To allow the path used for vhost-scsi we need to add it to the list of
known and accepted overrides.
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1829223
Signed-off-by: Christian Ehrhardt <christian.ehrhardt(a)canonical.com>
---
src/security/virt-aa-helper.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index d0fe86cefc..ad9a7dda94 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -510,8 +510,9 @@ valid_path(const char *path, const bool readonly)
};
/* override the above with these */
const char * const override[] = {
- "/sys/devices/pci", /* for hostdev pci devices */
- "/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */
+ "/sys/devices/pci", /* for hostdev pci devices */
+ "/sys/kernel/config/target/vhost", /* for hostdev vhost_scsi devices */
+ "/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */
};
const int nropaths = ARRAY_CARDINALITY(restricted);
--
2.21.0
5 years, 7 months
[libvirt] [PATCH] qemu: Do not override config XML in case of snapshot revert
by Maxiwell S. Garcia
Snapshot create operation saves the live XML and uses it to replace the
domain definition in case of revert. But the VM config XML is not saved
and the revert operation does not address this issue. This commit
prevents the config XML from being overridden by snapshot definition.
An active domain stores both current and new definitions. The current
definition (vm->def) stores the live XML and the new definition
(vm->newDef) stores the config XML. In an inactive domain, only the
config XML is persistent, and it's saved in vm->def.
The revert operation uses the virDomainObjAssignDef() to set the
snapshot definition in vm->newDef, if domain is active, or in vm->def
otherwise. But before that, it saves the old value to return to
caller. This return is used here to restore the config XML after
all snapshot startup process finish.
Signed-off-by: Maxiwell S. Garcia <maxiwell(a)linux.ibm.com>
---
src/qemu/qemu_driver.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index b2ac737d1f..a73122454a 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -16251,6 +16251,7 @@ qemuDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
qemuDomainObjPrivatePtr priv;
int rc;
virDomainDefPtr config = NULL;
+ virDomainDefPtr inactiveConfig = NULL;
virQEMUDriverConfigPtr cfg = NULL;
virCapsPtr caps = NULL;
bool was_stopped = false;
@@ -16465,7 +16466,7 @@ qemuDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
goto endjob;
}
if (config) {
- virDomainObjAssignDef(vm, config, false, NULL);
+ virDomainObjAssignDef(vm, config, false, &inactiveConfig);
virCPUDefFree(priv->origCPU);
VIR_STEAL_PTR(priv->origCPU, origCPU);
}
@@ -16474,7 +16475,7 @@ qemuDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
load:
was_stopped = true;
if (config)
- virDomainObjAssignDef(vm, config, false, NULL);
+ virDomainObjAssignDef(vm, config, false, &inactiveConfig);
/* No cookie means libvirt which saved the domain was too old to
* mess up the CPU definitions.
@@ -16533,6 +16534,9 @@ qemuDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
detail);
}
}
+ if (inactiveConfig)
+ VIR_STEAL_PTR(vm->newDef, inactiveConfig);
+
break;
case VIR_DOMAIN_SNAPSHOT_SHUTDOWN:
@@ -16560,8 +16564,11 @@ qemuDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
qemuProcessEndJob(driver, vm);
goto cleanup;
}
- if (config)
- virDomainObjAssignDef(vm, config, false, NULL);
+ if (config) {
+ virDomainObjAssignDef(vm, config, false, &inactiveConfig);
+ if (inactiveConfig)
+ VIR_STEAL_PTR(vm->newDef, inactiveConfig);
+ }
if (flags & (VIR_DOMAIN_SNAPSHOT_REVERT_RUNNING |
VIR_DOMAIN_SNAPSHOT_REVERT_PAUSED)) {
--
2.20.1
5 years, 7 months
[libvirt] [PATCH 0/2] introduction of version attribute for VFIO live migration
by Yan Zhao
This patchset introduces a version attribute under sysfs of VFIO Mediated
devices.
This version attribute is used by user space software like libvirt to
determine whether two mdev devices are compatible for live migration
before starting live migration.
Patch 1 defines version attribute as mandatory for VFIO live migration. It
means if version attribute is missing or it returns errno, the
corresponding mdev device is regarded as not supporting live migration.
samples for vfio-mdev are modified to demonstrate it.
Patch 2 uses GVT as an example to show how to expose version attribute and
check device compatibility in vendor driver.
Yan Zhao (2):
vfio/mdev: add version field as mandatory attribute for mdev device
drm/i915/gvt: export mdev device version to sysfs for Intel vGPU
Documentation/vfio-mediated-device.txt | 36 +++++++++
drivers/gpu/drm/i915/gvt/Makefile | 2 +-
drivers/gpu/drm/i915/gvt/device_version.c | 94 +++++++++++++++++++++++
drivers/gpu/drm/i915/gvt/gvt.c | 55 +++++++++++++
drivers/gpu/drm/i915/gvt/gvt.h | 6 ++
samples/vfio-mdev/mbochs.c | 17 ++++
samples/vfio-mdev/mdpy.c | 16 ++++
samples/vfio-mdev/mtty.c | 16 ++++
8 files changed, 241 insertions(+), 1 deletion(-)
create mode 100644 drivers/gpu/drm/i915/gvt/device_version.c
--
2.17.1
5 years, 7 months
[libvirt] [PATCH 0/2] Avoid issues due to qemu dropping osxsave and ospke
by Christian Ehrhardt
Hi,
this series tries to address a drop of commandline options by qemu in regard to
osxsave [1] and ospke [2].
This was already discussed in [3] late last year but got forgotten afterwards.
The Ubuntu bug is at [4] and an older Fedora bug is at [5].
TL;DR:
- osxsave/ospke features were never really configurable
- KVM never returned the bits on GET_SUPPORTED_CPUID
- very rare to be seen in the wild
- avoid issues with newer qemu and old/odd XMLs to be sure
Details:
I checked various use cases from virt-install to openstack and some in between.
The only cases I found that would define osxsave/ospke is virt-install pior
to version 2.0 and even there only when used with --cpu=host-model or
--cpu=host-copy.
If you ever really enabled the feature you'd have got:
error: the CPU is incompatible with host CPU:
Host CPU does not provide required features: ospke
The problem lies in domain XMLs that explicitly disable it. That would be
<feature policy='disable' name='osxsave'/>
But due to almost (or actually none) no host exposing this the following
also triggers:
<feature policy='optional' name='ospke'/>
This will make libvirt add it to the qemu commandline like:
-cpu ...,osxsave=off,ospke=off
And that will crash when qemu starts with:
error: internal error: process exited while connecting to monitor:
2019-04-25T12:12:01.698646Z qemu-system-x86_64: can't apply global
core2duo-x86_64-cpu.osxsave=off: Property '.osxsave' not found
There are much more long term discussions about demoting and dropping qemu
features and I'd like to avoid those discussions being mixed.
The reason to drop it more or less without notice was that it never did
anything to begin with. Due to that our solution might in a similar fashion
be more trivial - just stop defining those two features to qemu commandline.
[1]: https://git.qemu.org/?p=qemu.git;a=commit;h=f1a23522b03a569f13aad49294bb4...
[2]: https://git.qemu.org/?p=qemu.git;a=commit;h=9ccb9784b57804f5c74434ad6ccb6...
[3]: https://www.mail-archive.com/qemu-devel@nongnu.org/msg561877.html
[4]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1825195
[5]: https://bugzilla.redhat.com/show_bug.cgi?id=1644848
Christian Ehrhardt (2):
qemu: do not define known no-op features
qemuxml2argvtest: add test for remove cpu features
src/qemu/qemu_command.c | 23 +++++++++++++++
.../qemuxml2argvdata/cpu-host-model-cmt.args | 2 +-
.../cpu-no-removed-features.args | 29 +++++++++++++++++++
.../cpu-no-removed-features.xml | 23 +++++++++++++++
tests/qemuxml2argvdata/cpu-tsc-frequency.args | 4 +--
tests/qemuxml2argvtest.c | 1 +
6 files changed, 79 insertions(+), 3 deletions(-)
create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.args
create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.xml
--
2.17.1
5 years, 7 months
[libvirt] [PATCH 0/2] Mitigation for Microarchitectural Data Sampling CPU flaws
by Jiri Denemark
This series introduces the libvirt side of mitigations for
Microarchitectural Data Sampling microprocessor flaws (CVE-2018-12126,
CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) which were
published earlier today.
To protect your system against possible attacks exploiting these flaws
updates to the CPU microcode, Linux kernel, and virtualization stack
(QEMU, libvirt, and higher management apps) are required.
See https://access.redhat.com/security/vulnerabilities/mds for more
details and additional links.
Both patches have already been pushed.
Jiri Denemark (2):
cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5
cpu_map: Define md-clear CPUID bit
src/cpu_map/x86_features.xml | 3 +
tests/cputest.c | 1 +
.../x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml | 7 +
.../x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 8 +
.../x86_64-cpuid-Xeon-E3-1225-v5-guest.xml | 29 +
.../x86_64-cpuid-Xeon-E3-1225-v5-host.xml | 30 +
.../x86_64-cpuid-Xeon-E3-1225-v5-json.xml | 12 +
.../x86_64-cpuid-Xeon-E3-1225-v5.json | 652 ++++++++++++++++++
.../x86_64-cpuid-Xeon-E3-1225-v5.sig | 4 +
.../x86_64-cpuid-Xeon-E3-1225-v5.xml | 47 ++
.../x86_64-cpuid-Xeon-Platinum-8268-guest.xml | 1 +
.../x86_64-cpuid-Xeon-Platinum-8268-host.xml | 1 +
12 files changed, 795 insertions(+)
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig
create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml
--
2.21.0
5 years, 7 months
[libvirt] [PATCH] qemuDomainSnapshotCreateXML: Don't leak parsed snapshot definition
by Michal Privoznik
This function gets snapshot XML (provided by used) as an
argument. It parses it into a local variable @def and then sets
some more members (e.g. it creates a copy of live domain XML).
Then it proceeds to checking if snapshot XML is valid (e.g. it
contains as many disks as currently in the domain). If this fails
then the control jumps to endjob label and subsequently return
from the function. This is where AUTOFREE function for @def is
ran. Well, because the code says to run plain VIR_FREE() we leak
some memory because @def is actually an object and therefore
it should have been declared as AUTOUNREF.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_driver.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index f01282a037..0a425b82e5 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -15563,7 +15563,7 @@ qemuDomainSnapshotCreateXML(virDomainPtr domain,
virCapsPtr caps = NULL;
qemuDomainObjPrivatePtr priv;
virDomainSnapshotState state;
- VIR_AUTOFREE(virDomainSnapshotDefPtr) def = NULL;
+ VIR_AUTOUNREF(virDomainSnapshotDefPtr) def = NULL;
virCheckFlags(VIR_DOMAIN_SNAPSHOT_CREATE_REDEFINE |
VIR_DOMAIN_SNAPSHOT_CREATE_CURRENT |
--
2.21.0
5 years, 7 months
[libvirt] [PATCH 0/4] Couple of allocation fixes
by Michal Privoznik
These stem from me playing with OOM testing. I've discovered more bugs,
but they're mostly in tests themselves, e.g. use without check.
Michal Prívozník (4):
virstorageobj: Don't clear vols if they weren't initialized
virNetServerPreExecRestart: Check for retval of virJSONValueNewArray()
virCommand: Make virCommandPassFDGetFDIndex fail if passed command is
in error state
storagepoolxml2argvtest: Avoid double free
src/conf/virstorageobj.c | 6 ++++--
src/rpc/virnetserver.c | 8 ++++++--
src/util/vircommand.c | 3 +++
tests/storagepoolxml2argvtest.c | 1 -
4 files changed, 13 insertions(+), 5 deletions(-)
--
2.21.0
5 years, 7 months
[libvirt] [PATCH 0/2] node device cleanup
by Pavel Hrdina
Pavel Hrdina (2):
node_device_udev: remove deprecated logging function
src: remove HAL node device driver
configure.ac | 3 +-
docs/drvnodedev.html.in | 3 +-
docs/hvsupport.pl | 2 +-
libvirt.spec.in | 1 -
m4/virt-hal.m4 | 10 +-
m4/virt-udev.m4 | 5 -
po/POTFILES | 1 -
src/node_device/Makefile.inc.am | 12 -
src/node_device/node_device_driver.c | 10 +-
src/node_device/node_device_driver.h | 5 -
src/node_device/node_device_hal.c | 804 ---------------------------
src/node_device/node_device_hal.h | 22 -
src/node_device/node_device_udev.c | 41 --
13 files changed, 9 insertions(+), 910 deletions(-)
delete mode 100644 src/node_device/node_device_hal.c
delete mode 100644 src/node_device/node_device_hal.h
--
2.21.0
5 years, 7 months
[libvirt] [PATCH] virsh: Don't leak disk targets in cmdDomBlkError
by Michal Privoznik
The virDomainGetDiskErrors() API copies disk targets into @disks
array that we allocate. But we forgot to free it:
==140828== 16 bytes in 4 blocks are definitely lost in loss record 41 of 242
==140828== at 0x4C2F08F: malloc (vg_replace_malloc.c:299)
==140828== by 0x8C406D9: strdup (in /lib64/libc-2.28.so)
==140828== by 0x5377DD3: virStrdup (virstring.c:966)
==140828== by 0x54C112F: testDomainGetDiskErrors (test_driver.c:3068)
==140828== by 0x55C863D: virDomainGetDiskErrors (libvirt-domain.c:10988)
==140828== by 0x15D1FA: cmdDomBlkError (virsh-domain-monitor.c:1215)
==140828== by 0x17F1A8: vshCommandRun (vsh.c:1335)
==140828== by 0x13489E: main (virsh.c:920)
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
Pushed under trivial rule.
tools/virsh-domain-monitor.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/virsh-domain-monitor.c b/tools/virsh-domain-monitor.c
index d87475f6f6..d2b7e5a059 100644
--- a/tools/virsh-domain-monitor.c
+++ b/tools/virsh-domain-monitor.c
@@ -1229,6 +1229,8 @@ cmdDomBlkError(vshControl *ctl, const vshCmd *cmd)
ret = true;
cleanup:
+ for (i = 0; i < count; i++)
+ VIR_FREE(disks[i].disk);
VIR_FREE(disks);
virshDomainFree(dom);
return ret;
--
2.21.0
5 years, 7 months