December 2023 - Devel - libvirt List Archives

[libvirt PATCH 0/2] docs: Switch to DuckDuckGo for search
by Andrea Bolognani 05 Dec '23

05 Dec '23

Andrea Bolognani (2): docs: Use DuckDuckGo for website/wiki search docs: Mention use of DuckDuckGo docs/css/libvirt.css | 2 +- docs/js/main.js | 16 +++++++++++----- docs/page.xsl | 8 ++++---- 3 files changed, 16 insertions(+), 10 deletions(-) -- 2.43.0

2 3

[libvirt PATCH 0/9] rpm: Tweak dependencies
by Andrea Bolognani 05 Dec '23

05 Dec '23

Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/1092535621 lcitool changes: https://gitlab.com/libvirt/libvirt-ci/-/merge_requests/447 Andrea Bolognani (9): rpm: Drop MinGW BuildRequires on libgcrypt/libgpg-error meson: Stop looking for udevadm at build time meson: Stop looking for scrub at build time meson: Stop looking for passt at build time rpm: Add Requires on scrub rpm: Drop BuildDepends on scrub rpm: Drop BuildDepends on passt ci: Refresh generated files ci: Stop passing --nodeps to rpmbuild ci/buildenv/almalinux-8.sh | 5 ++++- ci/buildenv/alpine-317.sh | 1 + ci/buildenv/alpine-edge.sh | 1 + ci/buildenv/centos-stream-8.sh | 5 ++++- ci/buildenv/centos-stream-9.sh | 5 ++++- ci/buildenv/debian-11-cross-aarch64.sh | 2 +- ci/buildenv/debian-11-cross-armv6l.sh | 2 +- ci/buildenv/debian-11-cross-armv7l.sh | 2 +- ci/buildenv/debian-11-cross-i686.sh | 2 +- ci/buildenv/debian-11-cross-mips64el.sh | 2 +- ci/buildenv/debian-11-cross-mipsel.sh | 2 +- ci/buildenv/debian-11-cross-ppc64le.sh | 2 +- ci/buildenv/debian-11-cross-s390x.sh | 2 +- ci/buildenv/debian-11.sh | 2 +- ci/buildenv/debian-12-cross-aarch64.sh | 2 +- ci/buildenv/debian-12-cross-armv6l.sh | 2 +- ci/buildenv/debian-12-cross-armv7l.sh | 2 +- ci/buildenv/debian-12-cross-i686.sh | 2 +- ci/buildenv/debian-12-cross-mips64el.sh | 2 +- ci/buildenv/debian-12-cross-mipsel.sh | 2 +- ci/buildenv/debian-12-cross-ppc64le.sh | 2 +- ci/buildenv/debian-12-cross-s390x.sh | 2 +- ci/buildenv/debian-12.sh | 2 +- ci/buildenv/debian-sid-cross-aarch64.sh | 2 +- ci/buildenv/debian-sid-cross-armv6l.sh | 2 +- ci/buildenv/debian-sid-cross-armv7l.sh | 2 +- ci/buildenv/debian-sid-cross-i686.sh | 2 +- ci/buildenv/debian-sid-cross-mips64el.sh | 2 +- ci/buildenv/debian-sid-cross-ppc64le.sh | 2 +- ci/buildenv/debian-sid-cross-s390x.sh | 2 +- ci/buildenv/debian-sid.sh | 2 +- ci/buildenv/fedora-37.sh | 2 +- ci/buildenv/fedora-38-cross-mingw32.sh | 2 +- ci/buildenv/fedora-38-cross-mingw64.sh | 2 +- ci/buildenv/fedora-38.sh | 2 +- ci/buildenv/fedora-rawhide-cross-mingw32.sh | 2 +- ci/buildenv/fedora-rawhide-cross-mingw64.sh | 2 +- ci/buildenv/fedora-rawhide.sh | 2 +- ci/buildenv/opensuse-leap-15.sh | 5 ++++- ci/buildenv/opensuse-tumbleweed.sh | 4 ++-- ci/buildenv/ubuntu-2004.sh | 2 +- ci/buildenv/ubuntu-2204.sh | 2 +- ci/cirrus/freebsd-12.vars | 2 +- ci/cirrus/freebsd-13.vars | 2 +- ci/cirrus/macos-13.vars | 2 +- ci/cirrus/macos-14.vars | 2 +- ci/containers/almalinux-8.Dockerfile | 6 +++++- ci/containers/alpine-317.Dockerfile | 1 + ci/containers/alpine-edge.Dockerfile | 1 + ci/containers/centos-stream-8.Dockerfile | 6 +++++- ci/containers/centos-stream-9.Dockerfile | 6 +++++- ci/containers/debian-11-cross-aarch64.Dockerfile | 2 +- ci/containers/debian-11-cross-armv6l.Dockerfile | 2 +- ci/containers/debian-11-cross-armv7l.Dockerfile | 2 +- ci/containers/debian-11-cross-i686.Dockerfile | 2 +- ci/containers/debian-11-cross-mips64el.Dockerfile | 2 +- ci/containers/debian-11-cross-mipsel.Dockerfile | 2 +- ci/containers/debian-11-cross-ppc64le.Dockerfile | 2 +- ci/containers/debian-11-cross-s390x.Dockerfile | 2 +- ci/containers/debian-11.Dockerfile | 2 +- ci/containers/debian-12-cross-aarch64.Dockerfile | 2 +- ci/containers/debian-12-cross-armv6l.Dockerfile | 2 +- ci/containers/debian-12-cross-armv7l.Dockerfile | 2 +- ci/containers/debian-12-cross-i686.Dockerfile | 2 +- ci/containers/debian-12-cross-mips64el.Dockerfile | 2 +- ci/containers/debian-12-cross-mipsel.Dockerfile | 2 +- ci/containers/debian-12-cross-ppc64le.Dockerfile | 2 +- ci/containers/debian-12-cross-s390x.Dockerfile | 2 +- ci/containers/debian-12.Dockerfile | 2 +- ci/containers/debian-sid-cross-aarch64.Dockerfile | 2 +- ci/containers/debian-sid-cross-armv6l.Dockerfile | 2 +- ci/containers/debian-sid-cross-armv7l.Dockerfile | 2 +- ci/containers/debian-sid-cross-i686.Dockerfile | 2 +- ci/containers/debian-sid-cross-mips64el.Dockerfile | 2 +- ci/containers/debian-sid-cross-ppc64le.Dockerfile | 2 +- ci/containers/debian-sid-cross-s390x.Dockerfile | 2 +- ci/containers/debian-sid.Dockerfile | 2 +- ci/containers/fedora-37.Dockerfile | 2 +- ci/containers/fedora-38-cross-mingw32.Dockerfile | 2 +- ci/containers/fedora-38-cross-mingw64.Dockerfile | 2 +- ci/containers/fedora-38.Dockerfile | 2 +- ci/containers/fedora-rawhide-cross-mingw32.Dockerfile | 2 +- ci/containers/fedora-rawhide-cross-mingw64.Dockerfile | 2 +- ci/containers/fedora-rawhide.Dockerfile | 2 +- ci/containers/opensuse-leap-15.Dockerfile | 6 +++++- ci/containers/opensuse-tumbleweed.Dockerfile | 4 ++-- ci/containers/ubuntu-2004.Dockerfile | 2 +- ci/containers/ubuntu-2204.Dockerfile | 2 +- ci/jobs.sh | 1 - libvirt.spec.in | 11 ++--------- meson.build | 3 --- src/qemu/qemu_passt.c | 3 +++ src/storage/storage_util.c | 1 + src/util/virutil.c | 2 ++ 94 files changed, 126 insertions(+), 99 deletions(-) -- 2.43.0

2 10

[PATCH] NEWS: Fix indentation
by Andrea Bolognani 01 Dec '23

01 Dec '23

Signed-off-by: Andrea Bolognani <abologna(a)redhat.com> --- Pushed as trivial. NEWS.rst | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/NEWS.rst b/NEWS.rst index c0a6d180a2..dc40602c72 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -176,10 +176,10 @@ v9.6.0 (2023-08-01) * ``CVE-2023-3750``: Fix race condition in storage driver leading to a crash - In **libvirt-8.3** a bug was introduced which in rare cases could cause - ``libvirtd`` or ``virtstoraged`` to crash if multiple clients attempted to - look up a storage volume by key, path or target path, while other clients - attempted to access something from the same storage pool. + In **libvirt-8.3** a bug was introduced which in rare cases could cause + ``libvirtd`` or ``virtstoraged`` to crash if multiple clients attempted to + look up a storage volume by key, path or target path, while other clients + attempted to access something from the same storage pool. * **Improvements** @@ -1983,17 +1983,17 @@ v7.1.0 (2021-03-01) * qemu: Fix disk quiescing rollback when creating external snapshots - If the qemu guest agent call to freeze filesystems failed when creating - an external snapshot with ``VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE`` flag the - filesystems would be unconditionally thawed. This could cause problems when - the filesystems were frozen by an explicit call to ``virDomainFSFreeze`` - since the guest agent then rejects any further freeze attempts once are - filesystems frozen, an explicit freeze followed by a quiesced snapshot - would fail and thaw filesystems. + If the qemu guest agent call to freeze filesystems failed when creating + an external snapshot with ``VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE`` flag the + filesystems would be unconditionally thawed. This could cause problems when + the filesystems were frozen by an explicit call to ``virDomainFSFreeze`` + since the guest agent then rejects any further freeze attempts once are + filesystems frozen, an explicit freeze followed by a quiesced snapshot + would fail and thaw filesystems. - Users are also encouraged to use ``virDomainFSFreeze/Thaw`` manually instead - of relying on ``VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE`` if they need finer - grained control. + Users are also encouraged to use ``virDomainFSFreeze/Thaw`` manually instead + of relying on ``VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE`` if they need finer + grained control. * cgroups: Fix how we setup and configure cgroups on hosts with systemd @@ -2155,11 +2155,12 @@ v6.10.0 (2020-12-01) * qemu: Enable client TLS certificate validation by default for ``chardev``, ``migration``, and ``backup`` servers. - The default value if qemu.conf options ``chardev_tls_x509_verify``, - ``migrate_tls_x509_verify``, or ``backup_tls_x509_verify`` are not specified - explicitly in the config file and also the ``default_tls_x509_verify`` config - option is missing are now '1'. This ensures that only legitimate clients - access servers, which don't have any additional form of authentication. + The default value if qemu.conf options ``chardev_tls_x509_verify``, + ``migrate_tls_x509_verify``, or ``backup_tls_x509_verify`` are not + specified explicitly in the config file and also the + ``default_tls_x509_verify`` config option is missing are now '1'. This + ensures that only legitimate clients access servers, which don't have any + additional form of authentication. * qemu: Introduce "migrate_tls_force" qemu.conf option -- 2.43.0

1 0

[PATCH] NEWS: Fix vertical spacing
by Andrea Bolognani 01 Dec '23

01 Dec '23

Signed-off-by: Andrea Bolognani <abologna(a)redhat.com> --- Pushed as trivial. NEWS.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/NEWS.rst b/NEWS.rst index 29b977565b..c0a6d180a2 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -89,6 +89,7 @@ v9.9.0 (2023-11-01) The ``virsh create --console`` now tries to connect to the guest console before starting the vCPUs. + v9.8.0 (2023-10-02) =================== @@ -131,6 +132,7 @@ v9.8.0 (2023-10-02) Now libvirt validates more values of virtio-mem and virtio-pmem devices, e.g. overlapping memory addresses or alignment. + v9.7.0 (2023-09-01) =================== @@ -2549,7 +2551,6 @@ v6.6.0 (2020-08-02) management applications may wish to override this behaviour. This is now possible via new ``cow`` element. - * **Improvements** * esx: Change the NIC limit for recent virtualHW versions @@ -2574,7 +2575,6 @@ v6.6.0 (2020-08-02) instead of all possible CPUs are returned making these APIs consistent with the behavior of ``vcpuinfo``. - * **Bug fixes** * virdevmapper: Don't use libdevmapper to obtain dependencies -- 2.43.0

1 0

Release of libvirt-9.10.0
by Jiri Denemark 01 Dec '23

01 Dec '23

The 9.10.0 release of both libvirt and libvirt-python is tagged and signed tarballs and source RPMs are available at https://download.libvirt.org/ https://download.libvirt.org/python/ Thanks everybody who helped with this release by sending patches, reviewing, testing, or providing feedback. Your work is greatly appreciated. * New features * Introduce pipewire audio backend The QEMU hypervisor driver now allows setting ``pipewire`` backend for ``<audio/>`` device. * Improvements * Adapt to qemu's use of protocol drivers in QCOW2 'backing file format' field QEMU allows creating images where the 'backing file format' is actually a protocol name such as 'file'/'host_device'/'nbd'/etc.. Adapt libvirt to properly handle such images and don't assume automatic format probing is necessary, which is in many cases forbidden due to security implications. * Bug fixes * qemu: Fix setup of images on hotplug of disk Internal image metadata was not setup correctly which could cause some disk hotplug configurations (namely those including backing images) to fail. * qemu: Fix qemu crash when reverting an internal snapshot Libvirt attempted to start qemu with wrong arguments when attempting to revert to an internal snapshot causing qemu to crash. * qemu: Fix hotplug of empty cdrom Empty cdrom drive couldn't be hotplugged as libvirt wanted to setup the storage backing it unconditionally. Enjoy. Jirka

1 0

[libvirt PATCH 0/1] rpcgen: Skip generator tests on macOS
by Andrea Bolognani 01 Dec '23

01 Dec '23

Based on: https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/GLJL… Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/1091405064 Since we're supposed to tag 9.10.0 tomorrow, go for the quick and dirty workaround. Andrea Bolognani (1): rpcgen: Skip generator tests on macOS scripts/rpcgen/meson.build | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.43.0

2 3

[PATCH 0/2] Report better error message with no socket to connect to
by Martin Kletzander 01 Dec '23

01 Dec '23

When opening a libvirt connection with no URI set and no daemon running the error message might be confusing at times, so these patches are trying to mitigate such confusion. Martin Kletzander (2): Report first tried socket from remoteProbeSystemDriverFromSocket Report better error message in remoteGetUNIXSocket src/remote/remote_daemon_dispatch.c | 2 +- src/remote/remote_sockets.c | 22 ++++++++++++++++++---- src/remote/remote_sockets.h | 2 +- 3 files changed, 20 insertions(+), 6 deletions(-) -- 2.43.0

5 25

[PATCH] NEWS: Mention image probing, snaphsot and hotplug fixes
by Peter Krempa 01 Dec '23

01 Dec '23

Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- NEWS.rst | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index f12734c2a1..9739bcdc36 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -24,8 +24,30 @@ v9.10.0 (unreleased) * **Improvements** + * Adapt to qemu's use of protocol drivers in QCOW2 'backing file format' field + + QEMU allows creating images where the 'backing file format' is actually a + protocol name such as 'file'/'host_device'/'nbd'/etc.. Adapt libvirt to + properly handle such images and don't assume automatic format probing is + necessary, which is in many cases forbidden due to security implications. + * **Bug fixes** + * qemu: Fix setup of images on hotplug of disk + + Internal image metadata was not setup correctly which could cause some disk + hotplug configurations (namely those including backing images) to fail. + + * qemu: Fix qemu crash when reverting an internal snapshot + + Libvirt attempted to start qemu with wrong arguments when attempting to + revert to an internal snapshot causing qemu to crash. + + * qemu: Fix hotplug of empty cdrom + + Empty cdrom drive couldn't be hotplugged as libvirt wanted to setup the + storage backing it unconditionally. + v9.9.0 (2023-11-01) =================== -- 2.43.0

2 1

[PATCH for 9.9.0] qemuProcessStartWithMemoryState: Don't start qemu with '-loadvm SNAP' and '-incoming defer' together
by Peter Krempa 01 Dec '23

01 Dec '23

A bug in qemuProcessStartWithMemoryState caused that we would start qemu with '-loadvm SNAP' and '-incoming defer' together. qemu doesn't expect that and crashes on an assertion failure [1]. [1]: https://issues.redhat.com/browse/RHEL-16782 Fixes: 8a88d3e5860881f430e528d3e5e8d6455ded4d1d Resolves: https://issues.redhat.com/browse/RHEL-17841 Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- src/qemu/qemu_process.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index f32e82bbd1..fc05b4b24f 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -8196,6 +8196,7 @@ qemuProcessStartWithMemoryState(virConnectPtr conn, VIR_AUTOCLOSE intermediatefd = -1; g_autoptr(virCommand) cmd = NULL; g_autofree char *errbuf = NULL; + const char *migrateFrom = NULL; int rc = 0; if (data) { @@ -8207,6 +8208,8 @@ qemuProcessStartWithMemoryState(virConnectPtr conn, &errbuf, &cmd) < 0) { return -1; } + + migrateFrom = "stdio"; } /* No cookie means libvirt which saved the domain was too old to mess up @@ -8220,7 +8223,7 @@ qemuProcessStartWithMemoryState(virConnectPtr conn, priv->disableSlirp = true; if (qemuProcessStart(conn, driver, vm, cookie ? cookie->cpu : NULL, - asyncJob, "stdio", *fd, path, snapshot, + asyncJob, migrateFrom, *fd, path, snapshot, VIR_NETDEV_VPORT_PROFILE_OP_RESTORE, start_flags) == 0) *started = true; -- 2.43.0

2 1