[PATCH 0/7] Misc g_auto() rewrites
by Michal Privoznik
I've been looking at our tests lately and noticed an opportunity to
rewrite pieces of code to g_auto() magic.
Michal Prívozník (7):
qemuagenttest: Don't leak virTypedParameter on failure
Prefer g_auto(GStrv) over g_strfreev()
qemu: Use g_autoptr(qemuMonitorCPUModelInfo)
qemuConnectStealCPUModelFromInfo: Drop needless 'cleanup' label
tests: Use g_autoptr(qemuMonitorTest)
test: Use g_autofree more
tests: Drop cleanup/error labels
src/bhyve/bhyve_command.c | 3 +-
src/bhyve/bhyve_parse_command.c | 22 +--
src/libxl/libxl_conf.c | 9 +-
src/libxl/xen_common.c | 18 +-
src/libxl/xen_xl.c | 17 +-
src/lxc/lxc_container.c | 4 +-
src/lxc/lxc_native.c | 24 +--
src/qemu/qemu_driver.c | 17 +-
src/remote/remote_daemon_dispatch.c | 3 +-
src/remote/remote_driver.c | 4 +-
src/storage/storage_backend_rbd.c | 3 +-
src/util/vircgroup.c | 3 +-
src/util/vircgroupv2.c | 4 +-
src/util/virfirmware.c | 6 +-
src/util/viruri.c | 3 +-
src/vbox/vbox_common.c | 12 +-
src/vbox/vbox_snapshot_conf.c | 40 ++--
src/vbox/vbox_tmpl.c | 3 +-
src/vz/vz_sdk.c | 3 +-
tests/qemuagenttest.c | 286 ++++++++++++----------------
tests/qemucapabilitiestest.c | 22 +--
tests/qemuhotplugtest.c | 3 +-
tests/qemumigparamstest.c | 40 ++--
tests/qemumonitorjsontest.c | 95 ++++-----
tests/qemumonitortestutils.c | 63 +++---
tests/vboxsnapshotxmltest.c | 3 +-
tests/virconftest.c | 3 +-
tests/virfiletest.c | 3 +-
tests/virstringtest.c | 3 +-
tools/virsh-host.c | 13 +-
tools/virt-login-shell-helper.c | 7 +-
tools/vsh.c | 4 +-
32 files changed, 279 insertions(+), 464 deletions(-)
--
2.32.0
3 years, 1 month
[PATCH for-6.2] docs: Deprecate incorrectly typed device_add arguments
by Kevin Wolf
While introducing a non-QemuOpts code path for device creation for JSON
-device, we noticed that QMP device_add doesn't check its input
correctly (accepting arguments that should have been rejected), and that
users may be relying on this behaviour (libvirt did until it was fixed
recently).
Let's use a deprecation period before we fix this bug in QEMU to avoid
nasty surprises for users.
Signed-off-by: Kevin Wolf <kwolf(a)redhat.com>
---
docs/about/deprecated.rst | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index 600031210d..c03fcf951f 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -250,6 +250,20 @@ options are removed in favor of using explicit ``blockdev-create`` and
``blockdev-add`` calls. See :doc:`/interop/live-block-operations` for
details.
+Incorrectly typed ``device_add`` arguments (since 6.2)
+''''''''''''''''''''''''''''''''''''''''''''''''''''''
+
+Due to shortcomings in the internal implementation of ``device_add``, QEMU
+incorrectly accepts certain invalid arguments: Any object or list arguments are
+silently ignored. Other argument types are not checked, but an implicit
+conversion happens, so that e.g. string values can be assigned to integer
+device properties or vice versa.
+
+This is a bug in QEMU that will be fixed in the future so that previously
+accepted incorrect commands will return an error. Users should make sure that
+all arguments passed to ``device_add`` are consistent with the documented
+property types.
+
System accelerators
-------------------
--
2.31.1
3 years, 1 month
[PATCH 0/5] Use virXXXEndAPI() more
by Michal Privoznik
*** BLURB HERE ***
Michal Prívozník (5):
Use virDomainObjEndAPI() more
Use virInterfaceObjEndAPI() more
Use virNWFilterBindingObjEndAPI() more
Use virNodeDeviceObjEndAPI() more
Use virSecretObjEndAPI() more
src/conf/virdomainobjlist.c | 24 +++++++-----------------
src/conf/virinterfaceobj.c | 3 +--
src/conf/virnodedeviceobj.c | 3 +--
src/conf/virnwfilterbindingobjlist.c | 10 +++-------
src/conf/virsecretobj.c | 3 +--
src/libxl/libxl_driver.c | 3 +--
6 files changed, 14 insertions(+), 32 deletions(-)
--
2.32.0
3 years, 1 month
[PATCH v1 0/2] qemu_process: ensure the reboot process is performed completely
by Bihong Yu
When the vm reboot in ACPI mode, the vm has a certain probability to be shutoff
or paused status if the libvirtd is restarted for some reason, which is not
expected.
This patchset ensure the reboot process is performed completely.
Bihong Yu (2):
qemu_process: set fakereboot flags false after processing fakereboot
over
qemu_process: continue to process fakereboot after restarting libvirtd
src/qemu/qemu_process.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
--
2.27.0
3 years, 1 month
[libvirt PATCH v2 0/1] Ignore EPERM on attempts to clear a VF VLAN ID
by Dmitrii Shcherbakov
SmartNIC DPUs may not expose some privileged eswitch operations
to the hypervisor hosts. For example, this happens with Bluefield
devices running in the ECPF (default) mode [1] for security reasons. While
VF MAC address programming is possible via an RTM_SETLINK operation,
trying to set a VLAN ID in the same operation will fail with EPERM.
In the kernel a relevant call chain may look like
do_setlink -> do_setvfinfo -> dev->netdev_ops->set_vf_vlan
which calls a driver-specific function like [2] eventually.
The equivalent ip link commands below provide an illustration:
1. This works:
sudo ip link set enp130s0f0 vf 2 mac de:ad:be:ef:ca:fe
2. Setting (or clearing) a VLAN fails with EPERM:
sudo ip link set enp130s0f0 vf 2 vlan 0
RTNETLINK answers: Operation not permitted
3. This is what Libvirt attempts to do today (when trying to clear a
VF VLAN at the same time as programming a VF MAC).
sudo ip link set enp130s0f0 vf 2 vlan 0 mac de:ad:be:ef:ca:fe
RTNETLINK answers: Operation not permitted
If setting an explicit VLAN ID results in an EPERM, clearing a VLAN
(setting a VLAN ID to 0) can be handled gracefully by ignoring the
EPERM error with the rationale being that if we cannot set this state
in the first place, we cannot clear it either.
Thus, virNetDevSetVfConfig is split into two distinct functions. If
clearing a VLAN ID fails with EPERM, the error is simply ignored.
Both new functions rely virNetDevSendVfSetLinkRequest that implements
common functionality related to formatting a request, sending it and
handling error conditions and returns 0 or an error since in both cases
the payload is either NLMSG_DONE (no error) or NLMSG_ERROR where an
error message is needed by the caller to handle known cases
appropriately. This function allows the conditional code to be unit tested.
An alternative to this could be providing a higher level control plane
mechanism that would provide metadata about a device being remotely
managed in which case Libvirt would avoid trying to set or clear a
VLAN ID. This would be more complicated since other software (like Nova
in the OpenStack case) would have to annotate every guest device with an
attribute indicating whether a device is remotely managed or not based
on operator provided configuration so that Libvirt can act on this and
avoid VLAN programming.
https://gitlab.com/dmitriis/libvirt/-/pipelines/406528913
[1] https://docs.mellanox.com/display/BlueFieldSWv35111601/Modes+of+Operation...
[2] https://github.com/torvalds/linux/blob/v5.15/drivers/net/ethernet/mellano...
Dmitrii Shcherbakov (1):
Ignore EPERM on attempts to clear VF VLAN ID
src/libvirt_private.syms | 7 ++
src/util/virnetdev.c | 199 ++++++++++++++++++++++-------------
src/util/virnetdevpriv.h | 44 ++++++++
tests/virnetdevtest.c | 222 ++++++++++++++++++++++++++++++++++++++-
4 files changed, 396 insertions(+), 76 deletions(-)
create mode 100644 src/util/virnetdevpriv.h
--
2.32.0
3 years, 1 month
[PATCH] libxl: Free data returned from libxl_userdata_retrieve
by Jim Fehlig
Found via valgrind
==15016== 3,701 bytes in 2 blocks are definitely lost in loss record 975 of 1,009
==15016== at 0x4C2A2AF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==15016== by 0x1FCD30CB: libxl_read_file_contents (in /usr/lib64/libxenlight.so.4.12.0)
==15016== by 0x1FCCA58A: ??? (in /usr/lib64/libxenlight.so.4.12.0)
==15016== by 0x1FCCA6C2: libxl_userdata_retrieve (in /usr/lib64/libxenlight.so.4.12.0)
==15016== by 0x1FA42A5A: libxlReconnectDomain (libxl_driver.c:394)
==15016== by 0x53BAC99: virDomainObjListHelper (virdomainobjlist.c:802)
==15016== by 0x530842F: virHashForEach (virhash.c:575)
==15016== by 0x53BC0E0: virDomainObjListForEach (virdomainobjlist.c:817)
==15016== by 0x1FA423C4: libxlReconnectDomains (libxl_driver.c:468)
==15016== by 0x1FA423C4: libxlStateInitialize (libxl_driver.c:778)
==15016== by 0x54E8E9E: virStateInitialize (libvirt.c:657)
==15016== by 0x12DBFA: daemonRunStateInit (remote_daemon.c:797)
==15016== by 0x535BF79: virThreadHelper (virthread.c:206)
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
src/libxl/libxl_driver.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index 7ea157f9c4..1a9bf8f186 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -461,6 +461,7 @@ libxlReconnectDomain(virDomainObj *vm,
cleanup:
libxl_dominfo_dispose(&d_info);
+ VIR_FREE(data);
virObjectUnlock(vm);
virObjectUnref(vm);
virObjectUnref(cfg);
--
2.33.0
3 years, 1 month
[PATCH 0/2] Remove support for tls_allowed_dn_list
by Martin Kletzander
Patch 1/2 details the reasons for this change.
Martin Kletzander (2):
tls: Drop support for tls_allowed_dn_list
news: Add information about removing tls_allowed_dn_list
NEWS.rst | 6 ++++
docs/remote.html.in | 26 --------------
docs/tlscerts.html.in | 6 ----
src/remote/libvirtd.aug.in | 1 -
src/remote/libvirtd.conf.in | 16 ---------
src/remote/remote_daemon.c | 2 --
src/remote/remote_daemon_config.c | 19 +++++-----
src/remote/remote_daemon_config.h | 1 -
src/remote/test_libvirtd.aug.in | 4 ---
src/rpc/virnettlscontext.c | 60 ++++++-------------------------
src/rpc/virnettlscontext.h | 2 --
tests/virconfdata/libvirtd.conf | 17 ---------
tests/virconfdata/libvirtd.out | 14 --------
tests/virnettlscontexttest.c | 1 -
tests/virnettlssessiontest.c | 1 -
15 files changed, 27 insertions(+), 149 deletions(-)
--
2.33.1
3 years, 1 month
[PATCH v4 0/5] qapi: Add feature flags to enum members
by Markus Armbruster
PATCH 1+2 add feature flags to enum members. Awkward due to an
introspection design mistake; see PATCH 1 for details.
PATCH 3+4 implement policy deprecated-input={reject,crash} for enum
values.
Policy deprecated-output=hide is not implemented, because we can't
hide a value without hiding the entire member, which is almost
certainly more than the requester of this policy bargained for.
Perhaps we want a new policy deprecated-output=hide-or-else-crash to
help us catch unwanted use of deprecated enum values. Perhaps we want
deprecated-output=hide to behave that way together with
deprecated-input=crash. Or even always. Thoughts?
PATCH 5 puts the new feature flags to use. It's RFC because it makes
sense only on top of Vladimir's deprecation of drive-backup. See its
commit message for a reference.
I prefer to commit new features together with a use outside tests/.
PATCH 5 adds such a use, but it's RFC, because it depends on
Vladimir's work. Perhaps another use pops up. I can delay this work
in the hope of a use becoming ready, but the feature flags work I have
in the pipeline will eventually force my hand.
v4:
* PATCH 1: Deprecate SchemaInfoEnum member @values.
* PATCH 2: Doc tweak
v3:
* PATCH 1+2: Update qapi-code-gen.rst [Kevin, Eric]
* PATCH 4: Commit message typo [Eric], doc update moved to PATCH 2
* PATCH 5: Doc comment FIXME resolved [Kevin]
v2:
* Rebased with straightforward conflicts.
* PATCH 1-4: No longer RFC.
* PATCH 1: "Since" information fixed [Eric]. Commit message updated
to reflect feedback.
* PATCH 2: Commit message amended to point out special feature flag
'deprecated' is ignored at this stage.
* PATCH 4: Documentation updated. Commit message tweaked.
Markus Armbruster (5):
qapi: Enable enum member introspection to show more than name
qapi: Add feature flags to enum members
qapi: Move compat policy from QObject to generic visitor
qapi: Implement deprecated-input={reject,crash} for enum values
block: Deprecate transaction type drive-backup
docs/about/deprecated.rst | 6 ++++
docs/devel/qapi-code-gen.rst | 29 ++++++++++++++-----
qapi/compat.json | 3 ++
qapi/introspect.json | 28 ++++++++++++++++--
qapi/transaction.json | 6 +++-
include/qapi/qobject-input-visitor.h | 4 ---
include/qapi/qobject-output-visitor.h | 4 ---
include/qapi/util.h | 6 +++-
include/qapi/visitor-impl.h | 3 ++
include/qapi/visitor.h | 9 ++++++
qapi/qapi-visit-core.c | 27 +++++++++++++++--
qapi/qmp-dispatch.c | 4 +--
qapi/qobject-input-visitor.c | 14 +--------
qapi/qobject-output-visitor.c | 14 +--------
scripts/qapi/expr.py | 3 +-
scripts/qapi/introspect.py | 19 +++++++++---
scripts/qapi/schema.py | 22 ++++++++++++--
scripts/qapi/types.py | 17 ++++++++++-
tests/qapi-schema/doc-good.json | 5 +++-
tests/qapi-schema/doc-good.out | 3 ++
tests/qapi-schema/doc-good.txt | 3 ++
.../qapi-schema/enum-dict-member-unknown.err | 2 +-
tests/qapi-schema/qapi-schema-test.json | 3 +-
tests/qapi-schema/qapi-schema-test.out | 1 +
tests/qapi-schema/test-qapi.py | 1 +
25 files changed, 174 insertions(+), 62 deletions(-)
--
2.31.1
3 years, 1 month
[libvirt PATCH] qemu_command: do not use host-nodes for system memory
by Pavel Hrdina
Commit 88957116c9d3cb4705380c3702c9d4315fb500bb switched to use
memory-backend-* for regular VM memory as well. That change indirectly
started using 'host-nodes' for system memory which results in QEMU
calling mbind() to bind the system memory to specific NUMA node if the
VM XML contains the configuration similar to this:
...
<numatune>
<memory mode='strict' nodeset='0'/>
</numatune>
...
Once the VM was started with that configuration it was no longer
possible to change the memory NUMA nodeset.
Fixes: 677c90cc1d1fcb3aba09b5d4f0f8f83099911775
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/qemu/qemu_command.c | 3 +-
.../numatune-system-memory.x86_64-latest.args | 32 +++++++++++++++++++
.../numatune-system-memory.xml | 24 ++++++++++++++
tests/qemuxml2argvtest.c | 1 +
4 files changed, 59 insertions(+), 1 deletion(-)
create mode 100644 tests/qemuxml2argvdata/numatune-system-memory.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/numatune-system-memory.xml
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 483041f584..9bd7258b1d 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -3631,7 +3631,8 @@ qemuBuildMemoryBackendProps(virJSONValue **backendProps,
/* If mode is "restrictive", we should only use cgroups setting allowed memory
* nodes, and skip passing the host-nodes and policy parameters to QEMU command
* line which means we will use system default memory policy. */
- if (nodemask && mode != VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) {
+ if (!systemMemory && nodemask &&
+ mode != VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) {
if (!virNumaNodesetIsAvailable(nodemask))
return -1;
if (virJSONValueObjectAdd(props,
diff --git a/tests/qemuxml2argvdata/numatune-system-memory.x86_64-latest.args b/tests/qemuxml2argvdata/numatune-system-memory.x86_64-latest.args
new file mode 100644
index 0000000000..aee9b2ce76
--- /dev/null
+++ b/tests/qemuxml2argvdata/numatune-system-memory.x86_64-latest.args
@@ -0,0 +1,32 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/tmp/lib/domain--1-QEMUGuest1 \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
+/usr/bin/qemu-system-x86_64 \
+-name guest=QEMUGuest1,debug-threads=on \
+-S \
+-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-QEMUGuest1/master-key.aes"}' \
+-machine pc,accel=tcg,usb=off,dump-guest-core=off,memory-backend=pc.ram \
+-cpu qemu64 \
+-m 214 \
+-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \
+-overcommit mem-lock=off \
+-smp 2,sockets=2,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-no-acpi \
+-boot strict=on \
+-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \
+-audiodev id=audio1,driver=none \
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
+-msg timestamp=on
diff --git a/tests/qemuxml2argvdata/numatune-system-memory.xml b/tests/qemuxml2argvdata/numatune-system-memory.xml
new file mode 100644
index 0000000000..833303fe36
--- /dev/null
+++ b/tests/qemuxml2argvdata/numatune-system-memory.xml
@@ -0,0 +1,24 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219136</memory>
+ <currentMemory unit='KiB'>219136</currentMemory>
+ <vcpu placement='static'>2</vcpu>
+ <numatune>
+ <memory mode='strict' nodeset='0'/>
+ </numatune>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type='usb' index='0'/>
+ <controller type='pci' index='0' model='pci-root'/>
+ <memballoon model='none'/>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index a0498a0d92..161e7efa62 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2063,6 +2063,7 @@ mymain(void)
DO_TEST_CAPS_LATEST("numatune-memnode");
DO_TEST_PARSE_ERROR_NOCAPS("numatune-memnode-invalid-mode");
DO_TEST_CAPS_LATEST("numatune-memnode-restrictive-mode");
+ DO_TEST_CAPS_LATEST("numatune-system-memory");
DO_TEST("numatune-memnode-no-memory",
QEMU_CAPS_NUMA,
--
2.31.1
3 years, 1 month