October 2022 - Devel - libvirt List Archives

[libvirt RFC PATCH 0/4] add external backend for tpm
by Ján Tomko 21 Oct '22

21 Oct '22

Ján Tomko (3): qemu: tpm: fix spacing qemu: add external backend for tpm qemu: add tests for external swtpm Peter Krempa (1): schema: domain: Allow interleaving of 'tpm' config elements src/conf/domain_audit.c | 11 +++++ src/conf/domain_conf.c | 16 +++++++ src/conf/domain_conf.h | 4 ++ src/conf/domain_validate.c | 1 + src/conf/schemas/domaincommon.rng | 42 ++++++++++++++----- src/qemu/qemu_capabilities.c | 4 +- src/qemu/qemu_cgroup.c | 1 + src/qemu/qemu_command.c | 11 ++++- src/qemu/qemu_domain.c | 3 ++ src/qemu/qemu_namespace.c | 1 + src/qemu/qemu_tpm.c | 2 +- src/security/security_dac.c | 2 + src/security/security_selinux.c | 2 + .../domaincapsdata/qemu_4.2.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_4.2.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_4.2.0.x86_64.xml | 1 + .../domaincapsdata/qemu_5.0.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_5.0.0-tcg.x86_64.xml | 1 + .../qemu_5.0.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.0.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.0.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_5.0.0.x86_64.xml | 1 + .../domaincapsdata/qemu_5.1.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_5.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_5.1.0.x86_64.xml | 1 + .../domaincapsdata/qemu_5.2.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_5.2.0-tcg.x86_64.xml | 1 + .../qemu_5.2.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.2.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.2.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_5.2.0.x86_64.xml | 1 + .../domaincapsdata/qemu_6.0.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_6.0.0-tcg.x86_64.xml | 1 + .../qemu_6.0.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.0.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.0.0.x86_64.xml | 1 + .../domaincapsdata/qemu_6.1.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_6.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_6.1.0.x86_64.xml | 1 + .../domaincapsdata/qemu_6.2.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_6.2.0-tcg.x86_64.xml | 1 + .../qemu_6.2.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.2.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.2.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_6.2.0.x86_64.xml | 1 + .../domaincapsdata/qemu_7.0.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_7.0.0-tcg.x86_64.xml | 1 + .../qemu_7.0.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_7.0.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_7.0.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_7.0.0.x86_64.xml | 1 + .../domaincapsdata/qemu_7.1.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_7.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_7.1.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_7.1.0.x86_64.xml | 1 + .../tpm-external.x86_64-latest.args | 36 ++++++++++++++++ tests/qemuxml2argvdata/tpm-external.xml | 40 ++++++++++++++++++ tests/qemuxml2argvtest.c | 1 + .../tpm-external.x86_64-latest.xml | 1 + tests/qemuxml2xmltest.c | 1 + 60 files changed, 208 insertions(+), 13 deletions(-) create mode 100644 tests/qemuxml2argvdata/tpm-external.x86_64-latest.args create mode 100644 tests/qemuxml2argvdata/tpm-external.xml create mode 120000 tests/qemuxml2xmloutdata/tpm-external.x86_64-latest.xml -- 2.37.3

2 5

[libvirt PATCH] qemu: do not attempt to pass unopened vsock FD
by Ján Tomko 20 Oct '22

20 Oct '22

On normal vm startup, we open a file descriptor for the vsock device in qemuProcessPrepareHost. However, when doing domxml-to-native, no file descriptors are open. Only pass the fd if it's not -1, to make domxml-to-native work. https://bugzilla.redhat.com/show_bug.cgi?id=1777212 Signed-off-by: Ján Tomko <jtomko(a)redhat.com> --- Technically a v2 of: https://listman.redhat.com/archives/libvir-list/2021-July/msg00803.html I did not look at other cases, but IIRC the ones converted to use qemuFD* wrappers should handle missing FDs gracefully. src/qemu/qemu_command.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 150824f2e1..bbbde57c0f 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -9717,7 +9717,8 @@ qemuBuildVsockCommandLine(virCommand *cmd, if (!(devprops = qemuBuildVsockDevProps(def, vsock, qemuCaps, ""))) return -1; - virCommandPassFD(cmd, priv->vhostfd, VIR_COMMAND_PASS_FD_CLOSE_PARENT); + if (priv->vhostfd != -1) + virCommandPassFD(cmd, priv->vhostfd, VIR_COMMAND_PASS_FD_CLOSE_PARENT); priv->vhostfd = -1; if (qemuCommandAddExtDevice(cmd, &vsock->info, def, qemuCaps) < 0) -- 2.37.3

2 1

[libvirt PATCH 00/12] tools: provide virt-qemu-sev-validate for SEV(-ES) launch attestation
by Daniel P. Berrangé 20 Oct '22

20 Oct '22

The libvirt QEMU driver provides all the functionality required for launching a guest on AMD SEV(-ES) platforms, with a configuration that enables attestation of the launch measurement. The documentation for how to actually perform an attestation is severely lacking and not suitable for mere mortals to understand. IOW, someone trying to implement attestation is in for a world of pain and suffering. This series doesn't fix the documentation problem, but it does provide a reference implementation of a tool for performing attestation of SEV(-ES) guests in the context of libvirt / KVM. There will be other tools and libraries that implement attestation logic too, but this tool is likely somewhat unique in its usage of libvirt. Now for a attestation to be trustworthy you don't want to perform it on the hypervisor host, since the goal is to prove that the hypervisor has not acted maliciously. None the less it is still beneficial to have libvirt integration to some extent. When running this tool on a remote (trusted) host, it can connect to the libvirt hypervisor and fetch the data provided by the virDomainLaunchSecurityInfo API, which is safe to trust as the key pieces are cryptographically measured. Attestation is a complex problem though and it is very easy to screw up and feed the wrong information and then waste hours trying to figure out what piece was wrong, to cause the hash digest to change. For debugging such problems, you can thus tell the tool to operate insecurely, by querying libvirt for almost all of the configuration information required to determine the expected measurement. By comparing these results,to the results obtained in offline mode it helps narrow down where the mistake lies. So I view this tool as being useful in a number of ways: * Quality assurance engineers needing to test libvirt/QEMU/KVM get a simple and reliable tool for automating tests with. * Users running simple libvirt deployments without any large management stack, get a standalone tool for attestation they can rely on. * Developers writing/integrating attestation support into management stacks above libvirt, get a reference against which they can debug their own tools. * Users wanting to demonstrate the core SEV/SEV-ES functionality get a simple and reliable tool to illustrate the core concepts involved. Since I didn't fancy writing such complex logic in C, this tool is a python3 program. As such, we don't want to include it in the main libvirt-client RPM, nor any other existing RPM. THus, this series puts it in a new libvirt-client-qemu RPM which, through no co-inicidence at all, is the same RPM I invented a few days ago to hold the virt-qemu-qmp-proxy command. Note, people will have already seen an earlier version of this tool I hacked up some months ago. This code is very significantly changed since that earlier version, to make it more maintainable, and simpler to use (especially for SEV-ES) but the general theme is still the same. Daniel P. Berrangé (12): build-aux: only forbid gethostname in C files tools: support validating SEV firmware boot measurements tools: load guest config from libvirt tools: support validating SEV direct kernel boot measurements tools: load direct kernel config from libvirt tools: support validating SEV-ES initial vCPU state measurements tools: support automatically constructing SEV-ES vCPU state tools: load CPU count and CPU SKU from libvirt tools: support generating SEV secret injection tables docs/kbase: describe attestation for SEV guests scripts: add systemtap script for capturing SEV-ES VMSA docs/manpages: add checklist of problems for SEV attestation build-aux/syntax-check.mk | 1 + docs/kbase/launch_security_sev.rst | 102 ++ docs/manpages/meson.build | 1 + docs/manpages/virt-qemu-sev-validate.rst | 643 +++++++++++ examples/systemtap/amd-sev-es-vmsa.stp | 48 + libvirt.spec.in | 15 + tools/meson.build | 9 + tools/virt-qemu-sev-validate.py | 1289 ++++++++++++++++++++++ 8 files changed, 2108 insertions(+) create mode 100644 docs/manpages/virt-qemu-sev-validate.rst create mode 100644 examples/systemtap/amd-sev-es-vmsa.stp create mode 100755 tools/virt-qemu-sev-validate.py -- 2.37.3

3 27

[PATCH] qemuxml2argvtest: Don't re-parse and re-generate commandline for QAPI schema validation
by Peter Krempa 20 Oct '22

20 Oct '22

The removal of the special internal flag for '-netdev' validatition now allows us to use the same virCommand object for validation of the schema. Pass it into the validator instead of re-parsing and re-generating everything. This improved the runtime of qemuxml2argvtest by ~25% on my box. Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- tests/qemuxml2argvtest.c | 29 +++-------------------------- 1 file changed, 3 insertions(+), 26 deletions(-) diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index de69cd426a..7ede68d555 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -548,17 +548,11 @@ testCompareXMLToArgvValidateSchemaCommand(GStrv args, static int -testCompareXMLToArgvValidateSchema(virQEMUDriver *drv, - const char *migrateURI, - struct testQemuInfo *info, - unsigned int flags) +testCompareXMLToArgvValidateSchema(virCommand *cmd, + struct testQemuInfo *info) { g_auto(GStrv) args = NULL; - g_autoptr(virDomainObj) vm = NULL; - qemuDomainObjPrivate *priv = NULL; GHashTable *schema = NULL; - g_autoptr(virCommand) cmd = NULL; - unsigned int parseFlags = info->parseFlags; /* comment out with line comment to enable schema checking for non _CAPS tests if (!info->schemafile) @@ -580,23 +574,6 @@ testCompareXMLToArgvValidateSchema(virQEMUDriver *drv, if (!schema) return 0; - if (!(vm = virDomainObjNew(driver.xmlopt))) - return -1; - - parseFlags |= VIR_DOMAIN_DEF_PARSE_INACTIVE; - if (!(vm->def = virDomainDefParseFile(info->infile, - driver.xmlopt, - NULL, parseFlags))) - return -1; - - priv = vm->privateData; - - if (virBitmapParse("0-3", &priv->autoNodeset, 4) < 0) - return -1; - - if (!(cmd = testCompareXMLToArgvCreateArgs(drv, vm, migrateURI, info, flags))) - return -1; - if (virCommandGetArgList(cmd, &args) < 0) return -1; @@ -762,7 +739,7 @@ testCompareXMLToArgv(const void *data) goto cleanup; } - if (testCompareXMLToArgvValidateSchema(&driver, migrateURI, info, flags) < 0) + if (testCompareXMLToArgvValidateSchema(cmd, info) < 0) goto cleanup; if (virCommandToStringBuf(cmd, &actualBuf, true, false) < 0) -- 2.37.3

2 1

[RFC PATCH 0/6] qemu: add support for query-stats-schemas
by Amneesh Singh 19 Oct '22

19 Oct '22

This patch adds an API for query-stats-schemas and uses it to work with the pre-existing API for query-stats to display those stats. [1/6]: This patch adds a simple API for query-stats-schemas and an extractor function to deserialise it into a GHashTable. The GHashTable here is a pair of the name of the stat and the schema for it. Some fields in the latter like the exponent, base and bucket-size are not utilised in this patchset but they will be useful in the subsequent patches which add the support for the histograms. [2/6]: Add query-stats-schemas to the qemu capabilities. [3/6]: This patch adds the schema hashtable to the virDomainObjectPrivate. This decision was made due to QEMU upstream not having vCPUs to generate the schema, so that they could be stored as the file cache. This might be changed in the future if there is workaround upstream or if libvirt ends up using a dummy VM just to query the schema. [4/6]: This patch simply adds a utility function to traverse the schemas to find the object that corresponds to the provided QOM path. [5/6]: This patch adds vCPU stats in addition to the pre-existing ones using a helper function. Histograms are ignored for now but they will be added in the next patchset. [6/6]: This patch adds a new stat worker for QEMU called "Vm" due to the stats being for the "vm" target. It utilises the same helper function as above. Comments are much appreciated. Amneesh Singh (6): qemu_monitor: add qemuMonitorQueryStatsSchema qemu_capabilities: add "query-stats-schemas" QMP command to the QEMU capabilities qemu_domain: add statsSchema to qemuDomainObjPrivate qemu_monitor: add qemuMonitorGetStatsByQOMPath qemu_driver: add the vCPU stats by KVM to the current stats qemu_driver: add new stats worker qemuDomainGetStatsVm include/libvirt/libvirt-domain.h | 1 + src/libvirt-domain.c | 3 + src/qemu/qemu_capabilities.c | 2 + src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_domain.c | 41 ++++++ src/qemu/qemu_domain.h | 5 + src/qemu/qemu_driver.c | 127 ++++++++++++++++++ src/qemu/qemu_monitor.c | 67 +++++++++ src/qemu/qemu_monitor.h | 39 ++++++ src/qemu/qemu_monitor_json.c | 93 +++++++++++++ src/qemu/qemu_monitor_json.h | 4 + .../caps_7.1.0.x86_64.xml | 1 + tools/virsh-domain-monitor.c | 7 + 13 files changed, 391 insertions(+) -- 2.37.1

3 11

[PATCH 0/3] Support only socket activation for libvirtd and virtproxyd on systemd
by Martin Kletzander 19 Oct '22

19 Oct '22

After dealing with some issues and talking to Daniel it seems we don't really need to properly support non-socket activation for all the daemons on systemd. I'm not sure how to phrase that in the documentation, but I gave it a shot. Martin Kletzander (3): docs: Specify reverting to traditional service mode more clearly virtproxyd: use Wants instead of Requires for sockets docs: Do not support non-socket activated modular daemons with systemd docs/manpages/libvirtd.rst | 10 +++++++-- docs/manpages/virtinterfaced.rst | 23 +++++++++---------- docs/manpages/virtlxcd.rst | 37 +++++++++---------------------- docs/manpages/virtnetworkd.rst | 23 +++++++++---------- docs/manpages/virtnodedevd.rst | 23 +++++++++---------- docs/manpages/virtnwfilterd.rst | 23 +++++++++---------- docs/manpages/virtproxyd.rst | 10 +++++++-- docs/manpages/virtqemud.rst | 37 +++++++++---------------------- docs/manpages/virtsecretd.rst | 23 +++++++++---------- docs/manpages/virtstoraged.rst | 23 +++++++++---------- docs/manpages/virtvboxd.rst | 38 ++++++++++---------------------- docs/manpages/virtvzd.rst | 37 +++++++++---------------------- docs/manpages/virtxend.rst | 37 +++++++++---------------------- src/remote/virtproxyd.service.in | 6 ++--- 14 files changed, 141 insertions(+), 209 deletions(-) -- 2.38.0

2 6

[PATCH] qemu_driver: Fix indentation in qemuDomainGetStatsVcpu
by Martin Kletzander 19 Oct '22

19 Oct '22

Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com> --- Pushed as trivial. src/qemu/qemu_driver.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 5c7500074269..d76ab25ff240 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -17979,9 +17979,9 @@ qemuDomainGetStatsVcpu(virQEMUDriver *driver G_GNUC_UNUSED, if (HAVE_JOB(privflags) && virDomainObjIsActive(dom) && qemuDomainRefreshVcpuHalted(dom, VIR_ASYNC_JOB_NONE) < 0) { - /* it's ok to be silent and go ahead, because halted vcpu info - * wasn't here from the beginning */ - virResetLastError(); + /* it's ok to be silent and go ahead, because halted vcpu info + * wasn't here from the beginning */ + virResetLastError(); } if (qemuDomainHelperGetVcpus(dom, cpuinfo, cpuwait, cpudelay, -- 2.38.0

1 0

[PATCH v4 RESEND 0/8] qemu: Enable SCHED_CORE for domains and helper processes
by Michal Privoznik 19 Oct '22

19 Oct '22

This is just a resend of: https://listman.redhat.com/archives/libvir-list/2022-August/233895.html Michal Prívozník (8): virprocess: Core Scheduling support virCommand: Introduce APIs for core scheduling qemu_conf: Introduce a knob to set SCHED_CORE qemu_domain: Introduce qemuDomainSchedCoreStart() qemu_process: Enable SCHED_CORE for QEMU process qemu: Enable SCHED_CORE for helper processes qemu: Enable SCHED_CORE for vCPUs qemu: Enable for vCPUs on hotplug src/libvirt_private.syms | 6 ++ src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf.in | 16 ++++ src/qemu/qemu_conf.c | 38 +++++++++ src/qemu/qemu_conf.h | 13 +++ src/qemu/qemu_domain.c | 105 ++++++++++++++++++++++++ src/qemu/qemu_domain.h | 12 +++ src/qemu/qemu_hotplug.c | 2 +- src/qemu/qemu_process.c | 116 ++++++++++++++++++++++++++- src/qemu/qemu_process.h | 3 +- src/qemu/qemu_security.c | 11 +++ src/qemu/qemu_virtiofs.c | 11 +++ src/qemu/test_libvirtd_qemu.aug.in | 1 + src/util/vircommand.c | 63 +++++++++++++++ src/util/vircommand.h | 5 ++ src/util/virprocess.c | 124 +++++++++++++++++++++++++++++ src/util/virprocess.h | 8 ++ 17 files changed, 531 insertions(+), 4 deletions(-) -- 2.35.1

3 13

Plans for the next release
by Jiri Denemark 19 Oct '22

19 Oct '22

We are getting close to the next release of libvirt. To aim for the release on Nov 01 I suggest entering the freeze on Friday Oct 28 and tagging RC2 on Tuesday Oct 25. I hope this works for everyone. Jirka

1 1

[libvirt PATCH 0/2] fix LXC with cgroup libvirt sub-directory
by Pavel Hrdina 19 Oct '22

19 Oct '22

Pavel Hrdina (2): vircgroupmock: fix cgroup v1 mocking vircgroup: rework virCgroupNewSelf src/util/vircgroup.c | 15 ++++++++++++++- tests/vircgroupmock.c | 4 ++-- tests/vircgrouptest.c | 2 ++ 3 files changed, 18 insertions(+), 3 deletions(-) -- 2.37.3

2 3