[libvirt PATCH] nwfilter: spawn thread for reloading on firewalld trigger
by Daniel P. Berrangé
When firewalld is restarted or has its rules reloaded, we trigger a
reload of the nwfilter driver. This is done directly in the main
event loop thread which is a bad idea.
In a previous commit we fixed a actual deadlock problem with the
virStateReload API, when triggered from SIGHUP:
commit 33c6eb9689eb51dfe31dd05b24b3b6b1c948c267
Author: Jim Fehlig <jfehlig(a)suse.com>
Date: Thu Mar 8 15:04:48 2018 -0700
libvirtd: fix potential deadlock when reloading
The same deadlock problem previously existed with the firewalld reload
trigger, however, today it is not quite so series. The QEMU driver uses
a private event thread for each VM, so the particular deadlock would
not occur. None the less during the time the filters are reloading all
use of the event loop is blocked, which prevents APIs being serviced.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/nwfilter/nwfilter_driver.c | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 1f7d40e1b0..f620461f6a 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -59,6 +59,13 @@ static virMutex driverMutex = VIR_MUTEX_INITIALIZER;
#ifdef WITH_FIREWALLD
+static void nwfilterStateReloadThread(void *opaque G_GNUC_UNUSED)
+{
+ VIR_INFO("Reloading configuration on firewalld reload/restart");
+
+ nwfilterStateReload();
+}
+
static void
nwfilterFirewalldDBusSignalCallback(GDBusConnection *connection G_GNUC_UNUSED,
const char *senderName G_GNUC_UNUSED,
@@ -68,7 +75,15 @@ nwfilterFirewalldDBusSignalCallback(GDBusConnection *connection G_GNUC_UNUSED,
GVariant *parameters G_GNUC_UNUSED,
gpointer user_data G_GNUC_UNUSED)
{
- nwfilterStateReload();
+ virThread thr;
+
+ if (virThreadCreateFull(&thr, false, nwfilterStateReloadThread,
+ "firewall-reload", false, NULL) < 0) {
+ /*
+ * Not much we can do on error here except log it.
+ */
+ VIR_ERROR(_("Failed to create thread to handle firewall reload/restart"));
+ }
}
static unsigned int restartID;
--
2.34.1
2 years, 1 month
Release of libvirt-8.2.0
by Jiri Denemark
The 8.2.0 release of both libvirt and libvirt-python is tagged and
signed tarballs and source RPMs are available at
https://libvirt.org/sources/
https://libvirt.org/sources/python/
Thanks everybody who helped with this release by sending patches,
reviewing, testing, or providing feedback. Your work is greatly
appreciated.
* New features
* qemu: Introduce ``manual`` disk snapshot mode
This new mode allows users to synchronize libvirt snapshots with snapshots
which need to be done outside of libvirt e.g. when 'vhost-user-blk' is used
to back the disk.
* Introduce memory allocation threads
When starting a QEMU guest, libvirt can now instruct QEMU to allocate
guest's memory in parallel. This may be handy when guest has large amounts
of memory.
* Improvements
* qemu: ``VIR_MIGRATE_PARAM_TLS_DESTINATION`` now works with non-shared storage migration
The setting now also applies to the NBD connections for non-shared storage
migration allowing migration to proceed even when the user expects certificate
name not to match.
* qemu: Allow overrides of device properties via the qemu namespace
Users wishing to override or modify properties of devices configured by
libvirt can use the ``<qemu:deviceOverride>`` QEMU namespace element to
specify the overrides instead of relying on the argv passthrough of the
``-set`` qemu commandline option which no longer works with new qemu.
* qemu: Allow passing file descriptors to ``virsh qemu-monitor-command``
Passing FDs allows users wanting to experiment with qemu driven by libvirt
use commands like ``add-fd`` properly.
* libxl: Turn on user aliases
Users can now use so called user aliases for XEN domains.
* Implement support for FUSE3
The LXC driver uses fuse to overwrite some lines in ``/proc/meminfo``
inside containers so that they see correct amount of memory given to them.
The code was changed so that both ``fuse`` and ``fuse3`` are supported.
* Improve domain save/restore throughput
Code that's handling save or restore of QEMU domains was changed resulting
in better performance of I/O and thus shortening time needed for the operation.
* Bug fixes
* Both build and tests should now pass on Alpine Linux or any other
distribution with musl libc.
* virsh: Fix integer overflow in allocpages
On hosts which support hugepages larger than 1GiB ``virsh allocpages``
failed to accept them because of an integer overflow. This is now fixed.
* qemu: Fix segmentation fault in virDomainUndefineFlags
When a domain without any ``<loader/>`` was being undefined, libvirt has
crashed. This is now fixed.
* lxc: Fix unaligned reads of /proc/meminfo within a container
When /proc/meminfo was read in chunks smaller than the entire file, libvirt
would produce mangled output. While porting the code to FUSE3 this area was
reworked and the file can now be read with any granularity.
* qemu: Be less aggressive around cgroup_device_acl
A basic set of devices common to every domain can be set in ``qemu.conf``
via cgroup_device_acl knob. Devices from this set are allowed in CGroup and
created in domain private namespace for every domain. However, upon device
hotunplug it may have had happened that libvirt mistakenly denied a device
from this set and/or removed it from the namespace. For instance,
/dev/urandom was removed and denied in CGroup on RNG hotunplug.
* nodedev: trigger mdev device definition update on udev add and remove
When nodedev objects are added and removed mdev device definitions are
updated to report correct associated parent.
Enjoy.
Jirka
2 years, 1 month
[PATCH] NEWS: Document some contributions
by Michal Privoznik
Document either my contributions or commits I helped review for
the upcoming release.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
NEWS.rst | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 51 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 754687ac4d..47859f2193 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -17,6 +17,12 @@ v8.2.0 (unreleased)
* **New features**
+ * Introduce memory allocation threads
+
+ When starting a QEMU guest, libvirt can now instruct QEMU to allocate
+ guest's memory in parallel. This may be handy when guest has large amounts
+ of memory.
+
* **Improvements**
* qemu: ``VIR_MIGRATE_PARAM_TLS_DESTINATION`` now works with non-shared storage migration
@@ -32,11 +38,56 @@ v8.2.0 (unreleased)
specify the overrides instead of relying on the argv passthrough of the
``-set`` qemu commandline option which no longer works with new qemu.
+ * libxl: Turn on user aliases
+
+ Users can now use so called user aliases for XEN domains.
+
+ * Implement support for FUSE3
+
+ The LXC driver uses fuse to overwrite some lines in ``/proc/meminfo``
+ inside containers so that they see correct amount of memory given to them.
+ The code was changed so that both ``fuse`` and ``fuse3`` are supported.
+
+ * Improve domain save/restore throughput
+
+ Code that's handling save or restore of QEMU domains was changed resulting
+ in better performance of I/O and thus shortening time needed for the operation.
+
* **Bug fixes**
* Both build and tests should now pass on Alpine Linux or any other
distribution with musl libc.
+ * virsh: Fix integer overflow in allocpages
+
+ On hosts which support hugepages larger than 1GiB ``virsh allocpages``
+ failed to accept them because of an integer overflow. This is now fixed.
+
+ * qemu: Fix segmentation fault in virDomainUndefineFlags
+
+ When a domain without any ``<loader/>`` was being undefined, libvirt has
+ crashed. This is now fixed.
+
+ * lxc: Fix unaligned reads of /proc/meminfo within a container
+
+ When /proc/meminfo was read in chunks smaller than the entire file, libvirt
+ would produce mangled output. While porting the code to FUSE3 this area was
+ reworked and the file can now be read with any granularity.
+
+ * qemu: Be less aggressive around cgroup_device_acl
+
+ A basic set of devices common to every domain can be set in ``qemu.conf``
+ via cgroup_device_acl knob. Devices from this set are allowed in CGroup and
+ created in domain private namespace for every domain. However, upon device
+ hotunplug it may have had happened that libvirt mistakenly denied a device
+ from this set and/or removed it from the namespace. For instance,
+ /dev/urandom was removed and denied in CGroup on RNG hotunplug.
+
+ * nodedev: trigger mdev device definition update on udev add and remove
+
+ When nodedev objects are added and removed mdev device definitions are
+ updated to report correct associated parent.
+
v8.1.0 (2022-03-01)
===================
--
2.35.1
2 years, 1 month
[PATCH] NEWS: Mention 'manual' snapshots and FD passing for 'virsh qemu-monitor-command'
by Peter Krempa
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
NEWS.rst | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 754687ac4d..900e2702dd 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -17,6 +17,12 @@ v8.2.0 (unreleased)
* **New features**
+ * qemu: Introduce ``manual`` disk snapshot mode
+
+ This new mode allows users to synchronize libvirt snapshots with snapshots
+ which need to be done outside of libvirt e.g. when 'vhost-user-blk' is used
+ to back the disk.
+
* **Improvements**
* qemu: ``VIR_MIGRATE_PARAM_TLS_DESTINATION`` now works with non-shared storage migration
@@ -32,6 +38,11 @@ v8.2.0 (unreleased)
specify the overrides instead of relying on the argv passthrough of the
``-set`` qemu commandline option which no longer works with new qemu.
+ * qemu: Allow passing file descriptors to ``virsh qemu-monitor-command``
+
+ Passing FDs allows users wanting to experiment with qemu driven by libvirt
+ use commands like ``add-fd`` properly.
+
* **Bug fixes**
* Both build and tests should now pass on Alpine Linux or any other
--
2.35.1
2 years, 1 month
[libvirt PATCH 0/3] tests: Update capabilities for QEMU 7.0.0
by Andrea Bolognani
Heavily snipped to accomodate mailing list size limits, get the full
version with
$ git fetch https://gitlab.com/abologna/libvirt.git caps-7.0.0
I'm going to push these as a straightforward capabilities update
later today, once the 8.3.0 development cycle opens, unless somebody
shouts about it. They are a prerequisite for my virtio-iommu
patches[1], for which I'll send out a respin after merging these.
Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/506156899
[1] https://listman.redhat.com/archives/libvir-list/2022-March/229397.html
Andrea Bolognani (3):
tests: Update capabilities for QEMU 7.0.0 on x86_64
tests: Update capabilities for QEMU 7.0.0 on ppc64
tests: Add capabilities for QEMU 7.0.0 on aarch64
.../domaincapsdata/qemu_7.0.0-q35.x86_64.xml | 1 +
....ppc64.xml => qemu_7.0.0-virt.aarch64.xml} | 75 +-
...7.0.0.ppc64.xml => qemu_7.0.0.aarch64.xml} | 65 +-
tests/domaincapsdata/qemu_7.0.0.ppc64.xml | 2 +
tests/domaincapsdata/qemu_7.0.0.x86_64.xml | 1 +
...c64.replies => caps_7.0.0.aarch64.replies} | 15654 +++++++---------
.../caps_7.0.0.aarch64.xml | 552 +
.../caps_7.0.0.ppc64.replies | 2400 ++-
.../qemucapabilitiesdata/caps_7.0.0.ppc64.xml | 27 +-
.../caps_7.0.0.x86_64.replies | 2211 ++-
.../caps_7.0.0.x86_64.xml | 90 +-
...fault-cpu-kvm-virt-4.2.aarch64-latest.args | 6 +-
...fault-cpu-tcg-virt-4.2.aarch64-latest.args | 6 +-
.../aarch64-tpm.aarch64-latest.args | 2 +-
.../aarch64-virt-graphics.aarch64-latest.args | 36 +-
.../aarch64-virt-headless.aarch64-latest.args | 28 +-
.../cpu-host-model.x86_64-latest.args | 2 +-
...ult-video-type-aarch64.aarch64-latest.args | 6 +-
...default-video-type-ppc64.ppc64-latest.args | 1 +
.../disk-arm-virtio-sd.aarch64-latest.args | 2 +-
...e-expander-bus-aarch64.aarch64-latest.args | 2 +-
...ault-cpu-kvm-pseries-2.7.ppc64-latest.args | 1 +
...ault-cpu-kvm-pseries-3.1.ppc64-latest.args | 1 +
...ault-cpu-kvm-pseries-4.2.ppc64-latest.args | 1 +
...ault-cpu-tcg-pseries-2.7.ppc64-latest.args | 1 +
...ault-cpu-tcg-pseries-3.1.ppc64-latest.args | 1 +
...ault-cpu-tcg-pseries-4.2.ppc64-latest.args | 1 +
.../ppc64-pseries-graphics.ppc64-latest.args | 1 +
.../ppc64-pseries-headless.ppc64-latest.args | 1 +
.../ppc64-tpmproxy-single.ppc64-latest.args | 1 +
.../ppc64-tpmproxy-with-tpm.ppc64-latest.args | 1 +
.../tpm-emulator-spapr.ppc64-latest.args | 1 +
32 files changed, 10525 insertions(+), 10655 deletions(-)
copy tests/domaincapsdata/{qemu_7.0.0.ppc64.xml => qemu_7.0.0-virt.aarch64.xml} (58%)
copy tests/domaincapsdata/{qemu_7.0.0.ppc64.xml => qemu_7.0.0.aarch64.xml} (60%)
copy tests/qemucapabilitiesdata/{caps_7.0.0.ppc64.replies => caps_7.0.0.aarch64.replies} (77%)
create mode 100644 tests/qemucapabilitiesdata/caps_7.0.0.aarch64.xml
--
2.35.1
2 years, 1 month
[PATCH] virsh: Provide completer for virtualization types
by natto1784
Related: https://gitlab.com/libvirt/libvirt/-/issues/9
Signed-off-by: natto1784 <natto(a)weirdnatto.in>
---
.gitignore | 4 ++++
tools/virsh-completer-host.c | 12 ++++++++++++
tools/virsh-completer-host.h | 5 +++++
tools/virsh-host.c | 3 +++
4 files changed, 24 insertions(+)
diff --git a/.gitignore b/.gitignore
index 4695391..62012f4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -23,4 +23,8 @@ tags
# clangd related ignores
.clangd
+.cache/clangd
compile_commands.json
+
+# ccls cache
+.ccls-cache
diff --git a/tools/virsh-completer-host.c b/tools/virsh-completer-host.c
index 40cb687..e481a73 100644
--- a/tools/virsh-completer-host.c
+++ b/tools/virsh-completer-host.c
@@ -27,6 +27,7 @@
#include "virxml.h"
#include "virutil.h"
#include "virsh-host.h"
+#include "conf/domain_conf.h"
static char *
virshPagesizeNodeToString(xmlNodePtr node)
@@ -180,3 +181,14 @@ virshNodeSuspendTargetCompleter(vshControl *ctl G_GNUC_UNUSED,
return virshEnumComplete(VIR_NODE_SUSPEND_TARGET_LAST,
virshNodeSuspendTargetTypeToString);
}
+
+char **
+virshVirtTypeCompleter(vshControl *ctl G_GNUC_UNUSED,
+ const vshCmd *cmd G_GNUC_UNUSED,
+ unsigned int flags)
+{
+ virCheckFlags(0, NULL);
+
+ return virshEnumComplete(VIR_DOMAIN_VIRT_LAST,
+ virDomainVirtTypeToString);
+}
diff --git a/tools/virsh-completer-host.h b/tools/virsh-completer-host.h
index e71ccff..372ac14 100644
--- a/tools/virsh-completer-host.h
+++ b/tools/virsh-completer-host.h
@@ -41,3 +41,8 @@ char **
virshNodeSuspendTargetCompleter(vshControl *ctl,
const vshCmd *cmd,
unsigned int flags);
+
+char **
+virshVirtTypeCompleter(vshControl *ctl,
+ const vshCmd *cmd,
+ unsigned int flags);
diff --git a/tools/virsh-host.c b/tools/virsh-host.c
index 2e3cbc3..b28f29f 100644
--- a/tools/virsh-host.c
+++ b/tools/virsh-host.c
@@ -77,6 +77,7 @@ static const vshCmdInfo info_domcapabilities[] = {
static const vshCmdOptDef opts_domcapabilities[] = {
{.name = "virttype",
.type = VSH_OT_STRING,
+ .completer = virshVirtTypeCompleter,
.help = N_("virtualization type (/domain/@type)"),
},
{.name = "emulatorbin",
@@ -1577,6 +1578,7 @@ static const vshCmdOptDef opts_hypervisor_cpu_compare[] = {
VIRSH_COMMON_OPT_FILE(N_("file containing an XML CPU description")),
{.name = "virttype",
.type = VSH_OT_STRING,
+ .completer = virshVirtTypeCompleter,
.help = N_("virtualization type (/domain/@type)"),
},
{.name = "emulator",
@@ -1686,6 +1688,7 @@ static const vshCmdOptDef opts_hypervisor_cpu_baseline[] = {
VIRSH_COMMON_OPT_FILE(N_("file containing XML CPU descriptions")),
{.name = "virttype",
.type = VSH_OT_STRING,
+ .completer = virshVirtTypeCompleter,
.help = N_("virtualization type (/domain/@type)"),
},
{.name = "emulator",
--
2.35.1
2 years, 1 month
[PATCH] checkpoint: Fix a typo of comments
by Han Han
Signed-off-by: Han Han <hhan(a)redhat.com>
---
src/libvirt-domain-checkpoint.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libvirt-domain-checkpoint.c b/src/libvirt-domain-checkpoint.c
index e6ad4f4f5d..58ee26857d 100644
--- a/src/libvirt-domain-checkpoint.c
+++ b/src/libvirt-domain-checkpoint.c
@@ -248,7 +248,7 @@ virDomainCheckpointGetXMLDesc(virDomainCheckpointPtr checkpoint,
* @checkpoints: pointer to variable to store the array containing checkpoint
* object, or NULL if the list is not required (just returns
* number of checkpoints)
- * @flags: bitwise-OR of supported virDomainCheckpoinListFlags
+ * @flags: bitwise-OR of supported virDomainCheckpointListFlags
*
* Collect the list of domain checkpoints for the given domain and allocate
* an array to store those objects.
--
2.35.1
2 years, 1 month
