October 2021 - Devel - libvirt List Archives

[PATCH v2] qemu_agent: remove unused code
by Kristina Hanicova 01 Nov '21

01 Nov '21

This is v2 of: https://listman.redhat.com/archives/libvir-list/2021-October/msg01064.html Diff to v1: * I forgot to delete another part of the unused code which belonged together (noticed by Jano) This section of code was left unused ever since it was introduced ten years ago. I think we can safely remove it. Signed-off-by: Kristina Hanicova <khanicov(a)redhat.com> --- src/qemu/qemu_agent.c | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c index 5f421be6f6..f319b881fc 100644 --- a/src/qemu/qemu_agent.c +++ b/src/qemu/qemu_agent.c @@ -60,17 +60,6 @@ VIR_LOG_INIT("qemu.qemu_agent"); */ #define QEMU_AGENT_MAX_RESPONSE (10 * 1024 * 1024) -/* When you are the first to uncomment this, - * don't forget to uncomment the corresponding - * part in qemuAgentIOProcessEvent as well. - * -static struct { - const char *type; - void (*handler)(qemuAgent *agent, virJSONValue *data); -} eventHandlers[] = { -}; -*/ - typedef struct _qemuAgentMessage qemuAgentMessage; struct _qemuAgentMessage { char *txBuffer; @@ -237,17 +226,6 @@ qemuAgentIOProcessEvent(qemuAgent *agent, return -1; } -/* - for (i = 0; i < G_N_ELEMENTS(eventHandlers); i++) { - if (STREQ(eventHandlers[i].type, type)) { - virJSONValue *data = virJSONValueObjectGet(obj, "data"); - VIR_DEBUG("handle %s handler=%p data=%p", type, - eventHandlers[i].handler, data); - (eventHandlers[i].handler)(agent, data); - break; - } - } -*/ return 0; } -- 2.31.1

2 1

[PATCH v2 0/4] MAINTAINERS: Sanitize 'MIPS TCG CPUs' section
by Philippe Mathieu-Daudé 01 Nov '21

01 Nov '21

Move various files unrelated to MIPS TCG frontend into new sections. Since v1: - Do not add Paul without his consent - un-deprecate nanoMIPS Philippe Mathieu-Daudé (4): MAINTAINERS: Add MIPS general architecture support entry MAINTAINERS: Add entries to cover MIPS CPS / GIC hardware MAINTAINERS: Split MIPS TCG frontend vs MIPS machines/hardware MAINTAINERS: Agree to maintain nanoMIPS TCG frontend docs/about/deprecated.rst | 23 --------------------- MAINTAINERS | 43 +++++++++++++++++++++++++-------------- 2 files changed, 28 insertions(+), 38 deletions(-) -- 2.31.1

2 9

[libvirt PATCH v2 0/3] PCI VPD: Handle More Edge Cases
by Dmitrii Shcherbakov 01 Nov '21

01 Nov '21

This patch set improves edge case testing: * The parser is now more strict about checking boundary conditions when parsing fields: an invalid field length is a possibility which is now being accounted for; * The parser will now make sure that RV and RW fields are the last in their section by making sure that no more data is left to read after those; * The RW field in the read-write section is not considered a VPD format violation even though it is a violation of the spec since it does not prevent Libvirt from parsing valid data for presenting it to a user. This is a policy decision made by Libvirt in favor of usability with hardware that does not strictly follow the PCI/PCIe VPD spec. Invalid field values are now skipped instead of halting further parsing completely. Some vendors use 0xFF as placeholders in VPD-W since those values do not correspond to printable ASCII characters, they will be discarded, however, parsing will continue beyond that point. Also, it turns out that some vendors use printable ASCII characters not present in the alphanumeric range. Following a mailing list discussion Libvirt will accept printable ASCII characters to avoid cases where useful data is discarded. https://listman.redhat.com/archives/libvir-list/2021-October/msg01043.html Higher-level software needs to account for this character set and act accordingly. For example, the outcome of this is that one may get "N/A" as a value for a serial number that is supposed to be unique, however, there is no way for Libvirt to validate serial number uniqueness anyway even if it was a different character sequence. https://gitlab.com/dmitriis/libvirt/-/pipelines/398517951 (x86_64 only, have not set up arch-specific runners yet and over the limit of what gitlab provides) Dmitrii Shcherbakov (3): PCI VPD: handle additional edge cases PCI VPD: Skip fields with invalid values PCI VPD: Fix a wrong return code in a test case src/util/virpcivpd.c | 63 +++++++--- tests/virpcivpdtest.c | 263 ++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 296 insertions(+), 30 deletions(-) -- 2.32.0

2 4

[PATCH] qemu: Extend qemu.conf with PCR banks to activate during 'TPM manufacturing'
by Stefan Berger 29 Oct '21

29 Oct '21

Extend qemu.conf with a configration option swtpm_active_pcr_banks that allows a user to set a comma-separated list of PCR banks to activate during 'TPM manufacturing'. Valid PCR banks are sha1,sha256,sha384 and sha512. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2016599 Signed-off-by: Stefan Berger <stefanb(a)linux.ibm.com> --- src/qemu/qemu.conf | 8 ++++++++ src/qemu/qemu_conf.c | 6 ++++++ src/qemu/qemu_conf.h | 1 + src/qemu/qemu_tpm.c | 8 ++++++++ 4 files changed, 23 insertions(+) diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index 71fd125699..7aa151ed55 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -915,6 +915,14 @@ #swtpm_user = "tss" #swtpm_group = "tss" +# The PCR banks to activate during 'TPM manufacturing' before a swtpm instance +# is started the first time. +# +# A comma-separated list without spaces containing sha1,sha256,sha384, or +# sha512. The default is 'sha256'. +# +# swtpm_active_pcr_banks = "sha256,sha384" + # For debugging and testing purposes it's sometimes useful to be able to disable # libvirt behaviour based on the capabilities of the qemu process. This option # allows to do so. DO _NOT_ use in production and beaware that the behaviour diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 0451bc70ac..a62525385e 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -384,6 +384,8 @@ static void virQEMUDriverConfigDispose(void *obj) g_strfreev(cfg->capabilityfilters); g_free(cfg->deprecationBehavior); + + g_free(cfg->swtpmActivePcrBanks); } @@ -1030,6 +1032,10 @@ virQEMUDriverConfigLoadSWTPMEntry(virQEMUDriverConfig *cfg, if (swtpm_group && virGetGroupID(swtpm_group, &cfg->swtpm_group) < 0) return -1; + if (virConfGetValueString(conf, "swtpm_active_pcr_banks", + &cfg->swtpmActivePcrBanks) < 0) + return -1; + return 0; } diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index 2f64e39a18..37461d9e31 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -219,6 +219,7 @@ struct _virQEMUDriverConfig { uid_t swtpm_user; gid_t swtpm_group; + char *swtpmActivePcrBanks; char **capabilityfilters; diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index e1b08a66c5..69fd1e67e3 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -448,6 +448,7 @@ qemuTPMEmulatorRunSetup(const char *storagepath, bool privileged, uid_t swtpm_user, gid_t swtpm_group, + const char *swtpmActivePcrBanks, const char *logfile, const virDomainTPMVersion tpmversion, const unsigned char *secretuuid, @@ -512,6 +513,9 @@ qemuTPMEmulatorRunSetup(const char *storagepath, } if (!incomingMigration) { + if (!swtpmActivePcrBanks) + swtpmActivePcrBanks = "sha256"; + virCommandAddArgList(cmd, "--tpm-state", storagepath, "--vmid", vmid, @@ -521,6 +525,7 @@ qemuTPMEmulatorRunSetup(const char *storagepath, "--create-platform-cert", "--lock-nvram", "--not-overwrite", + "--pcr-banks", swtpmActivePcrBanks, NULL); } else { virCommandAddArgList(cmd, @@ -568,6 +573,7 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, bool privileged, uid_t swtpm_user, gid_t swtpm_group, + const char *swtpmActivePcrBanks, const char *swtpmStateDir, const char *shortName, bool incomingMigration) @@ -593,6 +599,7 @@ qemuTPMEmulatorBuildCommand(virDomainTPMDef *tpm, if (created && qemuTPMEmulatorRunSetup(tpm->data.emulator.storagepath, vmname, vmuuid, privileged, swtpm_user, swtpm_group, + swtpmActivePcrBanks, tpm->data.emulator.logfile, tpm->version, secretuuid, incomingMigration) < 0) goto error; @@ -812,6 +819,7 @@ qemuExtTPMStartEmulator(virQEMUDriver *driver, driver->privileged, cfg->swtpm_user, cfg->swtpm_group, + cfg->swtpmActivePcrBanks, cfg->swtpmStateDir, shortName, incomingMigration))) return -1; -- 2.31.1

3 6

[PATCH v2 0/9] Configurable policy for handling unstable interfaces
by Markus Armbruster 29 Oct '21

29 Oct '21

Option -compat lets you configure what to do when deprecated interfaces get used. This series extends this to unstable interfaces. Works the same way. Intended for testing users of the management interfaces. It is experimental. To make it possible, I replace the "x-" naming convention by special feature flag "unstable". See PATCH 1 for rationale. v2: * Rebased * PATCH 1: Commit message revamped [Kevin], R-bys kept * PATCH 6: gen_special_features() rewritten [John] * PATCH 7: disastrous typos fixed [Philippe] Markus Armbruster (9): qapi: New special feature flag "unstable" qapi: Mark unstable QMP parts with feature 'unstable' qapi: Eliminate QCO_NO_OPTIONS for a slight simplification qapi: Tools for sets of special feature flags in generated code qapi: Generalize struct member policy checking qapi: Generalize command policy checking qapi: Generalize enum member policy checking qapi: Factor out compat_policy_input_ok() qapi: Extend -compat to set policy for unstable interfaces docs/devel/qapi-code-gen.rst | 9 +- qapi/block-core.json | 123 +++++++++++++++++------- qapi/compat.json | 6 +- qapi/migration.json | 35 +++++-- qapi/misc.json | 6 +- qapi/qom.json | 11 ++- include/qapi/compat-policy.h | 7 ++ include/qapi/qmp/dispatch.h | 6 +- include/qapi/util.h | 8 +- include/qapi/visitor-impl.h | 6 +- include/qapi/visitor.h | 17 +++- monitor/misc.c | 7 +- qapi/qapi-forward-visitor.c | 16 +-- qapi/qapi-visit-core.c | 41 ++++---- qapi/qmp-dispatch.c | 57 ++++++++--- qapi/qmp-registry.c | 4 +- qapi/qobject-input-visitor.c | 22 ++--- qapi/qobject-output-visitor.c | 13 ++- storage-daemon/qemu-storage-daemon.c | 3 +- qapi/trace-events | 4 +- qemu-options.hx | 20 +++- scripts/qapi/commands.py | 12 +-- scripts/qapi/events.py | 10 +- scripts/qapi/gen.py | 8 ++ scripts/qapi/schema.py | 11 ++- scripts/qapi/types.py | 22 +++-- scripts/qapi/visit.py | 14 +-- tests/qapi-schema/qapi-schema-test.json | 7 +- tests/qapi-schema/qapi-schema-test.out | 5 + 29 files changed, 348 insertions(+), 162 deletions(-) -- 2.31.1

4 27

[PATCH 0/7] qemu: Various monitor cleanups and removal of legacy cpu hotplug
by Peter Krempa 29 Oct '21

29 Oct '21

Peter Krempa (7): qemuMonitorJSONQueryBlock: Reformat function header qemuMonitorJSONBlockInfoAdd: Refactor hash table addition qemuhotplugtest: Remove tests for legacy cpu hotplug on x86 qemuDomainHotplugAddVcpu: Remove legacy hotplug branch qemu: monitor: Remove unused qemuMonitorSetCPU qemuMonitorEjectMedia: Remove stale comment qemuMonitorJSONSave[Physical|Virtual]Memory: Reformat function headers src/qemu/qemu_hotplug.c | 22 +- src/qemu/qemu_monitor.c | 14 -- src/qemu/qemu_monitor.h | 6 - src/qemu/qemu_monitor_json.c | 77 +++---- src/qemu/qemu_monitor_json.h | 1 - tests/qemuhotplugtest.c | 1 - .../x86-old-bulk-domain.xml | 21 -- .../x86-old-bulk-monitor.json | 193 ------------------ .../x86-old-bulk-result-conf.xml | 31 --- .../x86-old-bulk-result-live.xml | 39 ---- tests/qemumonitorjsontest.c | 2 - 11 files changed, 35 insertions(+), 372 deletions(-) delete mode 100644 tests/qemuhotplugtestcpus/x86-old-bulk-domain.xml delete mode 100644 tests/qemuhotplugtestcpus/x86-old-bulk-monitor.json delete mode 100644 tests/qemuhotplugtestcpus/x86-old-bulk-result-conf.xml delete mode 100644 tests/qemuhotplugtestcpus/x86-old-bulk-result-live.xml -- 2.31.1

2 9

[PATCH for 7.9.0] NEWS: Document my bugfixes for v7.9.0
by Michal Privoznik 29 Oct '21

29 Oct '21

There are two bugs I fixed worth mentioning in the 7.9.0 release notes. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- NEWS.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 1d2d31430f..1bb6897abd 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -86,6 +86,21 @@ v7.9.0 (unreleased) qemu-5.2.0, regardless of qemu version and failed in qemu-5.1.0. This release fixes the bug. + * Don't enter endless loop when unable to accept new clients + + If libvirtd (or any other daemon) hit the ulimit for maximum number of open + files but there are still client connections pending then libvirtd (or + corresponding split daemon) would enter an endless loop from which it would + never recover. This behaviour is now fixed. + + * qemu: Run secondary driver hooks in split daemon mode + + Because of a bug in implementation it may happen that hooks from secondary + drivers were not called in all cases, for instance a network hook wasn't + called upon removal of interface after domain shut off itself. With this + release the bug is fixed. + + v7.8.0 (2021-10-01) =================== -- 2.32.0

2 1

[libvirt PATCH] spec: Depend on qemu-kvm-block-driver-curl in RHEL-9
by Jiri Denemark 29 Oct '21

29 Oct '21

The curl block driver is no longer a requirement for qemu-kvm package in RHEL-9, which breaks support for https network disks. Let's depend on it explicitly (in libvirt-daemon-kvm meta package) until we possibly reimplement the https disk support using nbdkit (tracked in bug 2016527). https://bugzilla.redhat.com/show_bug.cgi?id=2014229 Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- libvirt.spec.in | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index 4ecb28114c..b71888653d 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -791,6 +791,10 @@ Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release} Requires: libvirt-daemon-driver-secret = %{version}-%{release} Requires: libvirt-daemon-driver-storage = %{version}-%{release} Requires: qemu-kvm +# qemu-kvm no longer depends on curl block driver in RHEL-9 +%if 0%{?rhel} > 8 +Requires: qemu-kvm-block-driver-curl +%endif %description daemon-kvm Server side daemon and driver required to manage the virtualization -- 2.33.1

3 4

[PATCH 0/4] Some news and docs update for v7.9.0
by Han Han 29 Oct '21

29 Oct '21

Han Han (4): docs: Fix a typo of page_per_vq news: News for the new virtio attribute page_per_vq docs: Make the version requirement more clear for rbd encryption news: Add support for librbd encryption NEWS.rst | 11 +++++++++++ docs/formatdomain.rst | 2 +- docs/formatstorageencryption.html.in | 5 +++-- 3 files changed, 15 insertions(+), 3 deletions(-) -- 2.33.1

2 5

Entering freeze for libvirt-7.9.0
by Jiri Denemark 29 Oct '21

29 Oct '21

I have just tagged v7.9.0-rc1 in the repository and pushed signed tarballs and source RPMs to https://libvirt.org/sources/ Please give the release candidate some testing and in case you find a serious issue which should have a fix in the upcoming release, feel free to reply to this thread to make sure the issue is more visible. If you have not done so yet, please update NEWS.rst to document any significant change you made since the last release. Thanks, Jirka

1 1