[PATCH] virt-host-validate: Fix IOMMU output on aarch64
by Fabiano Fidêncio
virt-host-validate should print "Checking for device assignment IOMMU
support" for all architectures, not only for Intel / AMD.
This is the output without the patch:
```
[fidencio@dentola libvirt]$ virt-host-validate
QEMU: comprobando if device /dev/kvm exists : PASA
QEMU: comprobando if device /dev/kvm is accessible : PASA
QEMU: comprobando if device /dev/vhost-net exists : PASA
QEMU: comprobando if device /dev/net/tun exists : PASA
QEMU: comprobando for cgroup 'cpu' controller support : PASA
QEMU: comprobando for cgroup 'cpuacct' controller support : PASA
QEMU: comprobando for cgroup 'cpuset' controller support : PASA
QEMU: comprobando for cgroup 'memory' controller support : PASA
QEMU: comprobando for cgroup 'devices' controller support : ADVERTENCIA (Enable 'devices' in kernel Kconfig file or mount/enable cgroup controller in your system)
QEMU: comprobando for cgroup 'blkio' controller support : PASA
ADVERTENCIA (Unknown if this platform has IOMMU support)
QEMU: comprobando for secure guest support : ADVERTENCIA (Unknown if this platform has Secure Guest support)
```
This is the output with the patch:
```
[fidencio@dentola libvirt]$ ./build/tools/virt-host-validate
QEMU: Checking if device /dev/kvm exists : PASS
QEMU: Checking if device /dev/kvm is accessible : PASS
QEMU: Checking if device /dev/vhost-net exists : PASS
QEMU: Checking if device /dev/net/tun exists : PASS
QEMU: Checking for cgroup 'cpu' controller support : PASS
QEMU: Checking for cgroup 'cpuacct' controller support : PASS
QEMU: Checking for cgroup 'cpuset' controller support : PASS
QEMU: Checking for cgroup 'memory' controller support : PASS
QEMU: Checking for cgroup 'devices' controller support : WARN (Enable 'devices' in kernel Kconfig file or mount/enable cgroup controller in your system)
QEMU: Checking for cgroup 'blkio' controller support : PASS
QEMU: Checking for device assignment IOMMU support : WARN (Unknown if this platform has IOMMU support)
QEMU: Checking for secure guest support : WARN (Unknown if this platform has Secure Guest support)
```
Signed-off-by: Fabiano Fidêncio <fabiano(a)fidencio.org>
---
This is a follow-up on https://listman.redhat.com/archives/libvir-list/2021-June/msg00190.html
---
tools/virt-host-validate-common.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-common.c
index 9412bb7514..ee22a88b31 100644
--- a/tools/virt-host-validate-common.c
+++ b/tools/virt-host-validate-common.c
@@ -335,6 +335,8 @@ int virHostValidateIOMMU(const char *hvname,
struct dirent *dent;
int rc;
+ virHostMsgCheck(hvname, "%s", _("for device assignment IOMMU support"));
+
flags = virHostValidateGetCPUFlags();
if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_VMX))
@@ -345,7 +347,6 @@ int virHostValidateIOMMU(const char *hvname,
virBitmapFree(flags);
if (isIntel) {
- virHostMsgCheck(hvname, "%s", _("for device assignment IOMMU support"));
if (access("/sys/firmware/acpi/tables/DMAR", F_OK) == 0) {
virHostMsgPass();
bootarg = "intel_iommu=on";
@@ -357,7 +358,6 @@ int virHostValidateIOMMU(const char *hvname,
return VIR_HOST_VALIDATE_FAILURE(level);
}
} else if (isAMD) {
- virHostMsgCheck(hvname, "%s", _("for device assignment IOMMU support"));
if (access("/sys/firmware/acpi/tables/IVRS", F_OK) == 0) {
virHostMsgPass();
bootarg = "iommu=pt iommu=1";
--
2.31.1
3 years, 6 months
[libvirt PATCH 0/2] Update sync_qemu_i386.py tool for changes in QEMU
by Tim Wiederhake
QEMU commit e11fd68996fb27c040552320f01a7d30a15a7cc1 changed a line that
was used by our tool as marker. Commit 1 prepares for the change, commit 2
actually makes the required adjustment.
Cheers,
Tim
Tim Wiederhake (2):
cpu_map: sync_qemu_i386.py: Use regex to look for begin mark
cpu_map: sync_qemu_i386.py: Allow begin mark to contain `const`
src/cpu_map/sync_qemu_i386.py | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
--
2.26.3
3 years, 6 months
[libvirt PATCH 0/4] Support autostart for mediated devices
by Jonathon Jongsma
This is a short patch series based on an initial patch from Boris Fiuczynski
that I massaged a little bit and added a few additional patches.
This allows you to define mediated devices in libvirt which are started
automatically at boot or parent device plugin.
Boris Fiuczynski (1):
nodedev: support auto-start property for mdevs
Jonathon Jongsma (3):
test: move nodedev xml2xml output to a separate dir
tests: nodedevxml2xmltest: test more mdev files
docs: nodedev: document mdev uuid property
docs/formatnode.html.in | 14 ++++++++
docs/schemas/nodedev.rng | 11 +++++++
src/conf/node_device_conf.c | 20 ++++++++++-
src/conf/node_device_conf.h | 12 +++++++
src/libvirt_private.syms | 2 ++
src/node_device/node_device_driver.c | 7 +++-
.../mdevctl-list-multiple.out.xml | 4 +++
tests/nodedevschemadata/mdev_autostart.xml | 10 ++++++
tests/nodedevschemadata/mdev_manual.xml | 10 ++++++
tests/nodedevxml2xmlout/DVD_GCC_4247N.xml | 15 +++++++++
tests/nodedevxml2xmlout/DVD_with_media.xml | 18 ++++++++++
tests/nodedevxml2xmlout/ap_07_0038.xml | 9 +++++
tests/nodedevxml2xmlout/ap_card07.xml | 8 +++++
tests/nodedevxml2xmlout/ap_matrix.xml | 7 ++++
.../ap_matrix_mdev_types.xml | 14 ++++++++
tests/nodedevxml2xmlout/ccw_0_0_ffff.xml | 10 ++++++
tests/nodedevxml2xmlout/computer.xml | 16 +++++++++
.../css_0_0_fffe_mdev_types.xml | 17 ++++++++++
tests/nodedevxml2xmlout/css_0_0_ffff.xml | 10 ++++++
tests/nodedevxml2xmlout/drm_renderD129.xml | 10 ++++++
...v_3627463d_b7f0_4fea_b468_f1da537d301b.xml | 9 +++++
tests/nodedevxml2xmlout/mdev_autostart.xml | 11 +++++++
...v_d069d019_36ea_4111_8f0a_8c9a70e21366.xml | 10 ++++++
...v_d2441d39_495e_4243_ad9f_beb3f14c23d9.xml | 11 +++++++
...v_ee0b88c4_f554_4dc1_809d_b2a01e8e48ad.xml | 10 ++++++
...v_fedc4916_1ca8_49ac_b176_871d16c13076.xml | 10 ++++++
tests/nodedevxml2xmlout/mdev_manual.xml | 11 +++++++
.../net_00_13_02_b9_f9_d3.xml | 21 ++++++++++++
.../net_00_15_58_2f_e9_55.xml | 21 ++++++++++++
.../pci_0000_00_02_0_header_type.xml | 16 +++++++++
.../pci_0000_00_1c_0_header_type.xml | 21 ++++++++++++
.../pci_0000_02_10_7_mdev_types.xml | 33 +++++++++++++++++++
.../pci_0000_02_10_7_sriov.xml | 24 ++++++++++++++
.../pci_0000_02_10_7_sriov_pf_vfs_all.xml | 29 ++++++++++++++++
...0_02_10_7_sriov_pf_vfs_all_header_type.xml | 31 +++++++++++++++++
.../pci_0000_02_10_7_sriov_vfs.xml | 27 +++++++++++++++
..._0000_02_10_7_sriov_zero_vfs_max_count.xml | 22 +++++++++++++
tests/nodedevxml2xmlout/pci_1002_71c4.xml | 14 ++++++++
.../pci_8086_0c0c_snd_hda_intel.xml | 17 ++++++++++
.../pci_8086_10c9_sriov_pf.xml | 18 ++++++++++
.../pci_8086_27c5_scsi_host.xml | 7 ++++
.../pci_8086_27c5_scsi_host_0.xml | 7 ++++
.../pci_8086_27c5_scsi_host_0_unique_id.xml | 8 +++++
...i_8086_27c5_scsi_host_scsi_device_lun0.xml | 11 +++++++
.../pci_8086_27c5_scsi_host_scsi_host.xml | 7 ++++
.../pci_8086_4238_pcie_wireless.xml | 27 +++++++++++++++
tests/nodedevxml2xmlout/scsi_target0_0_0.xml | 7 ++++
tests/nodedevxml2xmlout/scsi_target1_0_0.xml | 12 +++++++
...rial_3600c0ff000d7a2a5d463ff4902000000.xml | 19 +++++++++++
...al_SATA_HTS721010G9SA00_MPCZ12Y0GNGWSE.xml | 14 ++++++++
.../usb_device_1d6b_1_0000_00_1d_0.xml | 10 ++++++
.../usb_device_1d6b_1_0000_00_1d_0_if0.xml | 10 ++++++
tests/nodedevxml2xmltest.c | 17 +++++++---
53 files changed, 739 insertions(+), 7 deletions(-)
create mode 100644 tests/nodedevschemadata/mdev_autostart.xml
create mode 100644 tests/nodedevschemadata/mdev_manual.xml
create mode 100644 tests/nodedevxml2xmlout/DVD_GCC_4247N.xml
create mode 100644 tests/nodedevxml2xmlout/DVD_with_media.xml
create mode 100644 tests/nodedevxml2xmlout/ap_07_0038.xml
create mode 100644 tests/nodedevxml2xmlout/ap_card07.xml
create mode 100644 tests/nodedevxml2xmlout/ap_matrix.xml
create mode 100644 tests/nodedevxml2xmlout/ap_matrix_mdev_types.xml
create mode 100644 tests/nodedevxml2xmlout/ccw_0_0_ffff.xml
create mode 100644 tests/nodedevxml2xmlout/computer.xml
create mode 100644 tests/nodedevxml2xmlout/css_0_0_fffe_mdev_types.xml
create mode 100644 tests/nodedevxml2xmlout/css_0_0_ffff.xml
create mode 100644 tests/nodedevxml2xmlout/drm_renderD129.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_3627463d_b7f0_4fea_b468_f1da537d301b.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_autostart.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_d069d019_36ea_4111_8f0a_8c9a70e21366.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_d2441d39_495e_4243_ad9f_beb3f14c23d9.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_ee0b88c4_f554_4dc1_809d_b2a01e8e48ad.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_fedc4916_1ca8_49ac_b176_871d16c13076.xml
create mode 100644 tests/nodedevxml2xmlout/mdev_manual.xml
create mode 100644 tests/nodedevxml2xmlout/net_00_13_02_b9_f9_d3.xml
create mode 100644 tests/nodedevxml2xmlout/net_00_15_58_2f_e9_55.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_00_02_0_header_type.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_00_1c_0_header_type.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_02_10_7_mdev_types.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_02_10_7_sriov.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_02_10_7_sriov_pf_vfs_all.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_02_10_7_sriov_pf_vfs_all_header_type.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_02_10_7_sriov_vfs.xml
create mode 100644 tests/nodedevxml2xmlout/pci_0000_02_10_7_sriov_zero_vfs_max_count.xml
create mode 100644 tests/nodedevxml2xmlout/pci_1002_71c4.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_0c0c_snd_hda_intel.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_10c9_sriov_pf.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_27c5_scsi_host.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_27c5_scsi_host_0.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_27c5_scsi_host_0_unique_id.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_27c5_scsi_host_scsi_device_lun0.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_27c5_scsi_host_scsi_host.xml
create mode 100644 tests/nodedevxml2xmlout/pci_8086_4238_pcie_wireless.xml
create mode 100644 tests/nodedevxml2xmlout/scsi_target0_0_0.xml
create mode 100644 tests/nodedevxml2xmlout/scsi_target1_0_0.xml
create mode 100644 tests/nodedevxml2xmlout/storage_serial_3600c0ff000d7a2a5d463ff4902000000.xml
create mode 100644 tests/nodedevxml2xmlout/storage_serial_SATA_HTS721010G9SA00_MPCZ12Y0GNGWSE.xml
create mode 100644 tests/nodedevxml2xmlout/usb_device_1d6b_1_0000_00_1d_0.xml
create mode 100644 tests/nodedevxml2xmlout/usb_device_1d6b_1_0000_00_1d_0_if0.xml
--
2.31.1
3 years, 6 months
[PATCH 0/5] qemu: Adapt to virtio-gpu-gl-pci and virtio-vga-gl
by Han Han
The virgl property of virtio-gpu-pci&virtio-vga will be replaced by
virtio-gpu-gl-pci&virtio-vga-gl in QEMU 6.1. Adapt to that update.
Resolves:
https://gitlab.com/libvirt/libvirt/-/issues/167
https://bugzilla.redhat.com/show_bug.cgi?id=1967356
Han Han (5):
qemu_capabilities: Add QEMU_CAPS_VIRTIO_GPU_GL_PCI
qemu: Adapt to virtio-gpu-gl-pci device when available
qemu_capabilities: Add QEMU_CAPS_VIRTIO_VGA_GL
qemu: Adapt to virtio-vga-gl device
tests: Tests for virtio-vga-gl and virtio-gpu-gl-pci device
src/qemu/qemu_capabilities.c | 4 ++
src/qemu/qemu_capabilities.h | 2 +
src/qemu/qemu_command.c | 11 ++++-
.../caps_6.1.0.x86_64.xml | 2 +
.../video-virtio-vga-gpu-gl.args | 29 +++++++++++++
.../video-virtio-vga-gpu-gl.xml | 34 +++++++++++++++
tests/qemuxml2argvtest.c | 6 +++
.../video-virtio-vga-gpu-gl.xml | 43 +++++++++++++++++++
tests/qemuxml2xmltest.c | 6 +++
9 files changed, 136 insertions(+), 1 deletion(-)
create mode 100644 tests/qemuxml2argvdata/video-virtio-vga-gpu-gl.args
create mode 100644 tests/qemuxml2argvdata/video-virtio-vga-gpu-gl.xml
create mode 100644 tests/qemuxml2xmloutdata/video-virtio-vga-gpu-gl.xml
--
2.31.1
3 years, 6 months
[PATCH 0/5] virth-host-validate: Couple of cleanups
by Michal Privoznik
I've noticed couple of bugs/problems while reviewing Fabiano's patch.
Here are fixes.
Michal Prívozník (5):
virt-host-validate: Initialize the error object
virt-host-validate: Report an error if failed to detect CGroups
virt-host-validate: Turn failure to read /proc/cmdline into an error
virt-host-validate: Call VIR_HOST_VALIDATE_FAILURE() more frequently
virHostValidateSecureGuests: Drop useless 'return 0' at the end
tools/virt-host-validate-common.c | 28 +++++++++++++++-------------
tools/virt-host-validate.c | 6 +++++-
2 files changed, 20 insertions(+), 14 deletions(-)
--
2.31.1
3 years, 6 months
[PATCH] apparmor: Add denied capabilities
by Jim Fehlig
The audit log contains the following denials from libvirtd
apparmor="DENIED" operation="capable" profile="libvirtd" pid=6012 comm="daemon-init" capability=17 capname="sys_rawio"
apparmor="DENIED" operation="capable" profile="libvirtd" pid=6012 comm="rpc-worker" capability=39 capname="bpf"
apparmor="DENIED" operation="capable" profile="libvirtd" pid=6012 comm="rpc-worker" capability=38 capname="perfmon"
Squelch the denials and allow the capabilities in the libvirtd
apparmor profile.
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
I'm not really sure when these denials first started appearing, nor
have I noticed any problems they are causing. Likely I have not exercised
the affected functionality.
src/security/apparmor/usr.sbin.libvirtd.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/security/apparmor/usr.sbin.libvirtd.in b/src/security/apparmor/usr.sbin.libvirtd.in
index bf4563e1e8..928782b709 100644
--- a/src/security/apparmor/usr.sbin.libvirtd.in
+++ b/src/security/apparmor/usr.sbin.libvirtd.in
@@ -25,6 +25,9 @@ profile libvirtd @sbindir@/libvirtd flags=(attach_disconnected) {
capability fsetid,
capability audit_write,
capability ipc_lock,
+ capability sys_rawio,
+ capability bpf,
+ capability perfmon,
# Needed for vfio
capability sys_resource,
--
2.31.1
3 years, 6 months
[PATCH] storage: Don't overwrite error in virISCSIDirectDisconnect()
by Michal Privoznik
The iscsi-direct storage pool backend works merely like this: a
connection is established to the target (usually done via
virStorageBackendISCSIDirectSetConnection()), intended action is
executed (e.g. reporting LUNs, volume wiping), and at the end the
connection is closed via virISCSIDirectDisconnect().
The problem is that virISCSIDirectDisconnect() reports its own
errors which may overwrite error that occurred during LUN
reporting, or volume wiping or whatever.
To fix this, use virErrorPreserveLast() + virErrorRestore()
combo, which either preserves previously reported error message,
or is NOP if there's no error reported.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1797879
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/storage/storage_backend_iscsi_direct.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/src/storage/storage_backend_iscsi_direct.c b/src/storage/storage_backend_iscsi_direct.c
index 0bff1882b9..e4a14c3fd6 100644
--- a/src/storage/storage_backend_iscsi_direct.c
+++ b/src/storage/storage_backend_iscsi_direct.c
@@ -391,19 +391,28 @@ virISCSIDirectReportLuns(virStoragePoolObj *pool,
static int
virISCSIDirectDisconnect(struct iscsi_context *iscsi)
{
+ virErrorPtr orig_err;
+ int ret = -1;
+
+ virErrorPreserveLast(&orig_err);
+
if (iscsi_logout_sync(iscsi) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to logout: %s"),
iscsi_get_error(iscsi));
- return -1;
+ goto cleanup;
}
if (iscsi_disconnect(iscsi) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Failed to disconnect: %s"),
iscsi_get_error(iscsi));
- return -1;
+ goto cleanup;
}
- return 0;
+
+ ret = 0;
+ cleanup:
+ virErrorRestore(&orig_err);
+ return ret;
}
static int
--
2.31.1
3 years, 6 months
[PATCH 0/2] Another round of CH driver fixes
by Michal Privoznik
*** BLURB HERE ***
Michal Prívozník (2):
ch_driver: Avoid driver double free
virCHDriverConfig: Drop @uri member
src/ch/ch_conf.c | 1 -
src/ch/ch_conf.h | 1 -
src/ch/ch_driver.c | 2 +-
3 files changed, 1 insertion(+), 3 deletions(-)
--
2.31.1
3 years, 6 months
[PATCH] meson.build: Compile with -Walloca
by Thomas Huth
We are already compiling libvirt with -Wvla - so it does not make
too much sense to still allow people to use alloca() instead. Thus
put it on the list of things we want to warn about. Fortunately,
there is currently no warning with this flag, so the current
sources should be clean.
Signed-off-by: Thomas Huth <thuth(a)redhat.com>
---
meson.build | 1 +
1 file changed, 1 insertion(+)
diff --git a/meson.build b/meson.build
index 40c841e777..a97efdf8f4 100644
--- a/meson.build
+++ b/meson.build
@@ -234,6 +234,7 @@ cc_flags += [
'-Waddress-of-packed-member',
'-Waggressive-loop-optimizations',
'-Walloc-size-larger-than=@0@'.format(alloc_max.stdout().strip()),
+ '-Walloca',
'-Warray-bounds=2',
'-Wattribute-alias=2',
'-Wattribute-warning',
--
2.27.0
3 years, 6 months
[PATCH] meson.build: Remove the -Wvla-larger-then flag
by Thomas Huth
The flag has a typo in it, it's "...-than=..." and not "...-then=...",
so this was in fact never used. Since we're also using -Wvla (without
size), we should already get warnings about any variable length arrays
anyway, so the additional "-Wvla-larger-than" does not make much sense
and thus we can simply drop this.
Signed-off-by: Thomas Huth <thuth(a)redhat.com>
---
meson.build | 1 -
1 file changed, 1 deletion(-)
diff --git a/meson.build b/meson.build
index 4f23f9104e..40c841e777 100644
--- a/meson.build
+++ b/meson.build
@@ -390,7 +390,6 @@ cc_flags += [
'-Wvariadic-macros',
'-Wvector-operation-performance',
'-Wvla',
- '-Wvla-larger-then=4031',
'-Wvolatile-register-var',
'-Wwrite-strings',
]
--
2.27.0
3 years, 6 months