[RFC] Adding timestamp to guest's serial console log
by Shaleen Bathla
Hi,
Need some comments regarding the following feature :
Addition of timestamp support for serial console logs of a guest.
We can implement it as a configurable attribute in xml.
For example :
<serial type='pty'>
<log file='$PATH/$GUESTNAME-serial0.log' append='on' timestamp="on/off"/>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
</serial>
We can add a timestamp after every '\n' character received from qemu.
Can I have some comments regarding this change like what I should keep
in mind while implementing, whether it is a welcome addition or not,
issues I might face, any qemu changes required.
Thanks and Regards,
Shaleen Bathla
8 months, 3 weeks
[libvirt PATCH 00/20] ci: Move GitLab build recipes to a standalone script
by Erik Skultety
This is a follow up to:
https://listman.redhat.com/archives/libvir-list/2023-January/237201.html
The effort here is to unify the way builds/tests are executed in GitLab CI vs
local container executions and make another step forward in terms of
reproducibility of (specifically) GitLab environments.
Even though code to run all but one (coverity) jobs from GitLab via the
build.sh script is added with this series, local behavior remains the same as
before this series. The reason for that is that that will require more patches
ridding of the Makefile which is currently used and instead integrate usage of
lcitool with the ci/helper Python script which is currently the entry point for
local container executions.
Pipeline: https://gitlab.com/eskultety/libvirt/-/pipelines/768645158
Ubuntu is having some repo connection issues today, so the one failed ^job
can be ignored
Erik Skultety (20):
gitlab-ci.yml: Replace all explicit calls to ninja with meson commands
gitlab-ci.yml: potfile: Consolidate the meson compile calls
gitlab-ci.yml: Use $HOME for rpmbuild's topdir instead of PWD
ci: build.sh: Drop the commentary about CI_BUILD_SCRIPT
ci: build.sh: Use 'meson setup' explicitly
ci: build.sh: Always assume -Dsystem=true
ci: build.sh: Drop the CI prefix from the CI_{MESON,NINJA}_ARGS vars
ci: build.sh: Move off of ninja command to directly calling meson
ci: build.sh: Join MESON_ARGS and MESON_OPTS
ci: build.sh: Break the script functionality into helper functions
ci: build.sh: Move the necessary env variables to build.sh
ci: build.sh: Add support for individual GitLab jobs
ci: build.sh: Wire up the individual job functions to the CLI
ci: build.sh: Document CI_CONT_SRCDIR
ci: build.sh: Make the build script fail ASAP with 'set -e'
ci: build.sh: Update git index in local container environments on
'dist'
ci: build.sh: Make the script executable
gitlab-ci.yml: Add 'after_script' stage to prep for artifact
collection
gitlab-ci.yml: Adopt job execution via a Bash script
gitlab-ci.yml: Drop the usage of script variables reference
.gitlab-ci.yml | 56 ++++++++++-------------
ci/Makefile | 16 ++++---
ci/build.sh | 121 +++++++++++++++++++++++++++++++++++++++++++------
ci/helper | 21 ++++++---
4 files changed, 155 insertions(+), 59 deletions(-)
mode change 100644 => 100755 ci/build.sh
--
2.39.1
8 months, 4 weeks
[libvirt PATCH v6 00/36] Use nbdkit for http/ftp/ssh network drives in libvirt
by Jonathon Jongsma
This is the sixth version of this patch series. See
https://bugzilla.redhat.com/show_bug.cgi?id=2016527 for more information about
the goal, but the summary is that RHEL does not want to ship the qemu storage
plugins for curl and ssh. Handling them outside of the qemu process provides
several advantages such as reduced attack surface and stability.
Pretty much all of the patches have already been reviewed by Peter but I have
been waiting for selinux policy changes before pushing it upstream. The selinux
changes are not fully done, but there is a new policy in development that has
allowed me to run with selinux in enforcing mode for the common cases.
See https://bugzilla.redhat.com/show_bug.cgi?id=2182505 for more information.
For me, the following scenarios work now with selinux enabled using the selinux
policy from that bug:
- http/https disks
- ssh disks with password authentication
- ssh disks with passwordless keyfile
The one major thing that doesn't work and is difficult to get working with
selinux enabled is the ssh-agent. This is because there doesn't seem to be any
selinux policy for ssh-agent, so by default the ssh-agent socket is labeled
unconfined_t. We cannot allow access from the libvirt/qemu to unconfined_t
because that would open up access to just about anything on the host. So
additional work will likely be necessary for ssh-agent/libvirt interaction in
the future. Fortunately ssh-agent is something that never was really supported
with the old qemu block driver either, so I think we could potentially merge
this patchset either without the ssh-agent patches or with a note that
ssh-agent won't work with selinux enabled.
Note also that gitlab CI will not work for this series without changes to the
ci definitions due to the addition of libnbd dependency. It also will require
changes to selinux policy to enable nbdkit to execute in the proper context.
Changes in v6:
- rebased to latest master
- slightly improved error reporting
- removed polling fallback if pidfd_open is unavailable
- split ssh-agent feature into separate patches
- other smaller changes suggested by Peter in v5
Jonathon Jongsma (36):
schema: allow 'ssh' as a protocol for network disks
qemu: Add functions for determining nbdkit availability
qemu: expand nbdkit capabilities
util: Allow virFileCache data to be any GObject
qemu: implement basic virFileCache for nbdkit caps
qemu: implement persistent file cache for nbdkit caps
qemu: use file cache for nbdkit caps
qemu: Add qemuNbdkitProcess
qemu: query nbdkit module dir from binary
qemu: add functions to start and stop nbdkit
qemu: remove unused 'mode' param from qemuDomainLogContextNew()
Generalize qemuDomainLogContextNew()
qemu: Extract qemuDomainLogContext into a new file
qemu: move qemuProcessReadLog() to qemuLogContext
qemu: log error output from nbdkit
tests: add ability to test various nbdkit capabilities
qemu: split qemuDomainSecretStorageSourcePrepare
qemu: include nbdkit state in private xml
util: secure erase virCommand send buffers
qemu: pass sensitive data to nbdkit via pipe
qemu: use nbdkit to serve network disks if available
util: make virCommandSetSendBuffer testable
tests: add tests for nbdkit invocation
qemu: add test for authenticating a https network disk
qemu: Monitor nbdkit process for exit
qemu: try to connect to nbdkit early to detect errors
schema: add password configuration for ssh disk
qemu: implement password auth for ssh disks with nbdkit
schema: add configuration for host verification of ssh disks
qemu: implement knownHosts for ssh disks with nbdkit
schema: add keyfile configuration for ssh disks
qemu: implement keyfile auth for ssh disks with nbdkit
schema: add ssh-agent configuration for ssh disks
qemu: implement ssh-agent auth for ssh disks with nbdkit
run: add ability to set selinux context
rpm: update spec file for for nbdkit support
build-aux/syntax-check.mk | 2 +-
docs/formatdomain.rst | 45 +-
libvirt.spec.in | 8 +
meson.build | 14 +
meson_options.txt | 1 +
po/POTFILES | 2 +
run.in | 100 +-
src/conf/domain_conf.c | 33 +
src/conf/schemas/domaincommon.rng | 55 +
src/conf/storage_source_conf.c | 3 +
src/conf/storage_source_conf.h | 6 +-
src/libvirt_private.syms | 1 +
src/qemu/meson.build | 3 +
src/qemu/qemu_block.c | 162 ++-
src/qemu/qemu_conf.c | 22 +
src/qemu/qemu_conf.h | 6 +
src/qemu/qemu_domain.c | 439 +++---
src/qemu/qemu_domain.h | 37 +-
src/qemu/qemu_driver.c | 3 +
src/qemu/qemu_extdevice.c | 62 +
src/qemu/qemu_hotplug.c | 7 +
src/qemu/qemu_logcontext.c | 329 +++++
src/qemu/qemu_logcontext.h | 41 +
src/qemu/qemu_nbdkit.c | 1280 +++++++++++++++++
src/qemu/qemu_nbdkit.h | 115 ++
src/qemu/qemu_nbdkitpriv.h | 31 +
src/qemu/qemu_process.c | 114 +-
src/util/vircommand.c | 19 +-
src/util/vircommand.h | 8 +
src/util/vircommandpriv.h | 4 +
src/util/virfilecache.c | 14 +-
src/util/virfilecache.h | 2 +-
tests/meson.build | 1 +
tests/qemublocktest.c | 2 +-
...w2-invalid.json => network-ssh-qcow2.json} | 0
...cow2-invalid.xml => network-ssh-qcow2.xml} | 0
.../disk-cdrom-network.args.disk0 | 6 +
.../disk-cdrom-network.args.disk1 | 8 +
.../disk-cdrom-network.args.disk1.pipe.778 | 1 +
.../disk-cdrom-network.args.disk2 | 8 +
.../disk-cdrom-network.args.disk2.pipe.780 | 1 +
.../disk-network-http.args.disk0 | 6 +
.../disk-network-http.args.disk1 | 5 +
.../disk-network-http.args.disk2 | 6 +
.../disk-network-http.args.disk2.pipe.778 | 1 +
.../disk-network-http.args.disk3 | 7 +
.../disk-network-http.args.disk3.pipe.780 | 1 +
...work-source-curl-nbdkit-backing.args.disk0 | 7 +
...ce-curl-nbdkit-backing.args.disk0.pipe.778 | 1 +
.../disk-network-source-curl.args.disk0 | 7 +
...sk-network-source-curl.args.disk0.pipe.778 | 1 +
.../disk-network-source-curl.args.disk1 | 9 +
...sk-network-source-curl.args.disk1.pipe.780 | 1 +
...sk-network-source-curl.args.disk1.pipe.782 | 1 +
.../disk-network-source-curl.args.disk2 | 7 +
...sk-network-source-curl.args.disk2.pipe.782 | 1 +
...sk-network-source-curl.args.disk2.pipe.784 | 1 +
.../disk-network-source-curl.args.disk3 | 6 +
.../disk-network-source-curl.args.disk4 | 6 +
.../disk-network-ssh-key.args.disk0 | 9 +
.../disk-network-ssh-key.args.disk1 | 9 +
.../disk-network-ssh-password.args.disk0 | 9 +
...k-network-ssh-password.args.disk0.pipe.778 | 1 +
.../disk-network-ssh.args.disk0 | 7 +
.../disk-network-ssh.args.disk1 | 8 +
.../disk-network-ssh.args.disk1.pipe.778 | 1 +
.../disk-network-ssh.args.disk2 | 9 +
tests/qemunbdkittest.c | 310 ++++
tests/qemustatusxml2xmldata/modern-in.xml | 4 +
...sk-cdrom-network-nbdkit.x86_64-latest.args | 42 +
.../disk-cdrom-network-nbdkit.xml | 1 +
...isk-network-http-nbdkit.x86_64-latest.args | 44 +
.../disk-network-http-nbdkit.xml | 1 +
...rce-curl-nbdkit-backing.x86_64-latest.args | 37 +
...isk-network-source-curl-nbdkit-backing.xml | 45 +
...work-source-curl-nbdkit.x86_64-latest.args | 49 +
.../disk-network-source-curl-nbdkit.xml | 1 +
...isk-network-source-curl.x86_64-latest.args | 53 +
.../disk-network-source-curl.xml | 74 +
.../qemuxml2argvdata/disk-network-ssh-key.xml | 44 +
...disk-network-ssh-nbdkit.x86_64-latest.args | 35 +
.../disk-network-ssh-nbdkit.xml | 1 +
...sk-network-ssh-password.x86_64-latest.args | 35 +
.../disk-network-ssh-password.xml | 35 +
.../disk-network-ssh.x86_64-latest.args | 35 +
tests/qemuxml2argvdata/disk-network-ssh.xml | 32 +
tests/qemuxml2argvtest.c | 19 +
tests/testutilsqemu.c | 26 +
tests/testutilsqemu.h | 4 +
89 files changed, 3545 insertions(+), 504 deletions(-)
create mode 100644 src/qemu/qemu_logcontext.c
create mode 100644 src/qemu/qemu_logcontext.h
create mode 100644 src/qemu/qemu_nbdkit.c
create mode 100644 src/qemu/qemu_nbdkit.h
create mode 100644 src/qemu/qemu_nbdkitpriv.h
rename tests/qemublocktestdata/imagecreate/{network-ssh-qcow2-invalid.json => network-ssh-qcow2.json} (100%)
rename tests/qemublocktestdata/imagecreate/{network-ssh-qcow2-invalid.xml => network-ssh-qcow2.xml} (100%)
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk1.pipe.778
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk2
create mode 100644 tests/qemunbdkitdata/disk-cdrom-network.args.disk2.pipe.780
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk2
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk2.pipe.778
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk3
create mode 100644 tests/qemunbdkitdata/disk-network-http.args.disk3.pipe.780
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl-nbdkit-backing.args.disk0.pipe.778
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk0.pipe.778
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk1.pipe.780
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk1.pipe.782
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk2
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.782
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk2.pipe.784
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk3
create mode 100644 tests/qemunbdkitdata/disk-network-source-curl.args.disk4
create mode 100644 tests/qemunbdkitdata/disk-network-ssh-key.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-ssh-key.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-network-ssh-password.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-ssh-password.args.disk0.pipe.778
create mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk0
create mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1
create mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk1.pipe.778
create mode 100644 tests/qemunbdkitdata/disk-network-ssh.args.disk2
create mode 100644 tests/qemunbdkittest.c
create mode 100644 tests/qemuxml2argvdata/disk-cdrom-network-nbdkit.x86_64-latest.args
create mode 120000 tests/qemuxml2argvdata/disk-cdrom-network-nbdkit.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-http-nbdkit.x86_64-latest.args
create mode 120000 tests/qemuxml2argvdata/disk-network-http-nbdkit.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-source-curl-nbdkit-backing.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-network-source-curl-nbdkit-backing.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-source-curl-nbdkit.x86_64-latest.args
create mode 120000 tests/qemuxml2argvdata/disk-network-source-curl-nbdkit.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-source-curl.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-network-source-curl.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-ssh-key.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-ssh-nbdkit.x86_64-latest.args
create mode 120000 tests/qemuxml2argvdata/disk-network-ssh-nbdkit.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-ssh-password.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-network-ssh-password.xml
create mode 100644 tests/qemuxml2argvdata/disk-network-ssh.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/disk-network-ssh.xml
--
2.41.0
9 months
[libvirt PATCH v2 00/24] introduce external snapshot revert support
by Pavel Hrdina
This implements virDomainRevertToSnapshot to work with external
snapshots. In addition it modifies virDomainSnapshotDelete to work
correctly when we revert to non-leaf snapshot or when there is
non-linear snapshot tree with multiple branches.
Gitlab repo with the patches:
https://gitlab.com/phrdina/libvirt/-/tree/snapshot-revert-external
Pavel Hrdina (24):
libvirt_private: list virDomainMomentDefPostParse
snapshot_conf: export virDomainSnapshotDiskDefClear
snapshot_conf: use alternate domain definition in
virDomainSnapshotDefAssignExternalNames
snapshot_conf: introduce <revertDisks> metadata element
snapshot_conf: add new argument to virDomainSnapshotAlignDisks
qemu_snapshot: introduce qemuSnapshotDomainDefUpdateDisk
qemu_snapshot: use virDomainDiskByName while updating domain def
qemu_snapshot: introduce qemuSnapshotCreateQcow2Files
qemu_snapshot: allow using alternate domain definition when creating
qcow2 files
qemu_snapshot: move external disk prepare to single function
qemu_snapshot: use VIR_ASYNC_JOB_SNAPSHOT when reverting snapshot
qemu_snapshot: introduce external snapshot revert support
qemu_snapshot: rename qemuSnapshotDeleteExternalPrepare
qemu_snapshot: extract external snapshot delete prepare to function
qemu_snapshot: add merge to external snapshot delete prepare data
qemu_snapshot: prepare data for non-active leaf external snapshot
deletion
qemu_snapshot: add support to delete external snapshot without block
commit
qemu_snapshot: delete: properly update parent snapshot with revert
data
qemu_snapshot: remove revertdisks when creating new snapshot
virdomainmomentobjlist: introduce virDomainMomentIsAncestor
qemu_snapshot: update backing store after deleting external snapshot
qemu_snapshot: check only once if snapshot is external
qemu_snapshot: add checks for external snapshot deletion
qemu_snapshot: allow snapshot revert for external snapshots
src/conf/schemas/domainsnapshot.rng | 7 +
src/conf/snapshot_conf.c | 52 +-
src/conf/snapshot_conf.h | 11 +-
src/conf/virdomainmomentobjlist.c | 17 +
src/conf/virdomainmomentobjlist.h | 4 +
src/libvirt_private.syms | 6 +
src/qemu/qemu_snapshot.c | 874 ++++++++++++++++++++++------
src/test/test_driver.c | 2 +-
8 files changed, 780 insertions(+), 193 deletions(-)
--
2.41.0
9 months, 2 weeks
[PATCH 0/2] libvirt-guests: small improvments
by Jim Fehlig
The first patch is trivial. I suppose the second is debatable. If I build
libvirt with -Dremote_default_mode=legacy but deploy modular daemons,
/run/libvirt/libvirt-sock is provided by virtproxyd, which may or may not
be running when libvirt-guests starts/stops. I added an 'After=virtproxyd.socket'
ordering dependency to libvirt-guests, but it hasn't fixed an issue I'm
seeing when using libvirt-guests+virtproxyd
libvirt-guests.sh[2607]: Can't connect to default. Skipping
I'm still investigating that issue but think the dependency issue is worth
discussing independently.
Jim Fehlig (2):
libvirt-guests: Remove unused variable 'libvirtd'
libvirt-guests: Add systemd odering dependency to virtproxyd
tools/libvirt-guests.service.in | 1 +
tools/libvirt-guests.sh.in | 1 -
2 files changed, 1 insertion(+), 1 deletion(-)
--
2.41.0
9 months, 2 weeks
[PATCH] Fix some typos in documentation and comments
by Stefan Weil
Signed-off-by: Stefan Weil <sw(a)weilnetz.de>
---
This patch was triggered by a spelling check for the generated
QEMU documentation using codespell. It does not try to fix all
typos which still exist in the QEMU code, but has a focus on
those required to fix the documentation. Nevertheless some code
comments with the same typos were fixed, too.
I think the patch is trivial, so maybe it can still be included
in the upcoming release, but that's not strictly necessary.
Stefan
docs/about/deprecated.rst | 2 +-
docs/devel/qom.rst | 2 +-
docs/system/devices/nvme.rst | 2 +-
hw/core/loader.c | 4 ++--
include/exec/memory.h | 2 +-
ui/vnc-enc-tight.c | 2 +-
6 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index 1c35f55666..92a2bafd2b 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -369,7 +369,7 @@ mapping permissions et al by using its 'mapped' security model option.
Nowadays it would make sense to reimplement the ``proxy`` backend by using
QEMU's ``vhost`` feature, which would eliminate the high latency costs under
which the 9p ``proxy`` backend currently suffers. However as of to date nobody
-has indicated plans for such kind of reimplemention unfortunately.
+has indicated plans for such kind of reimplementation unfortunately.
Block device options
diff --git a/docs/devel/qom.rst b/docs/devel/qom.rst
index 0b506426d7..9918fac7f2 100644
--- a/docs/devel/qom.rst
+++ b/docs/devel/qom.rst
@@ -30,7 +30,7 @@ user configuration.
Creating a QOM class
====================
-A simple minimal device implementation may look something like bellow:
+A simple minimal device implementation may look something like below:
.. code-block:: c
:caption: Creating a minimal type
diff --git a/docs/system/devices/nvme.rst b/docs/system/devices/nvme.rst
index a8bb8d729c..2a3af268f7 100644
--- a/docs/system/devices/nvme.rst
+++ b/docs/system/devices/nvme.rst
@@ -232,7 +232,7 @@ parameters:
Set the number of Reclaim Groups.
``fdp.nruh`` (default: ``0``)
- Set the number of Reclaim Unit Handles. This is a mandatory paramater and
+ Set the number of Reclaim Unit Handles. This is a mandatory parameter and
must be non-zero.
``fdp.runs`` (default: ``96M``)
diff --git a/hw/core/loader.c b/hw/core/loader.c
index 8b7fd9e9e5..4dd5a71fb7 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -863,7 +863,7 @@ ssize_t load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz)
/*
* The Linux header magic number for a EFI PE/COFF
- * image targetting an unspecified architecture.
+ * image targeting an unspecified architecture.
*/
#define EFI_PE_LINUX_MAGIC "\xcd\x23\x82\x81"
@@ -1492,7 +1492,7 @@ RomGap rom_find_largest_gap_between(hwaddr base, size_t size)
if (rom->mr || rom->fw_file) {
continue;
}
- /* ignore anything finishing bellow base */
+ /* ignore anything finishing below base */
if (rom->addr + rom->romsize <= base) {
continue;
}
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 7f5c11a0cc..68284428f8 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -942,7 +942,7 @@ struct MemoryListener {
*
* @listener: The #MemoryListener.
* @last_stage: The last stage to synchronize the log during migration.
- * The caller should gurantee that the synchronization with true for
+ * The caller should guarantee that the synchronization with true for
* @last_stage is triggered for once after all VCPUs have been stopped.
*/
void (*log_sync_global)(MemoryListener *listener, bool last_stage);
diff --git a/ui/vnc-enc-tight.c b/ui/vnc-enc-tight.c
index 09200d71b8..ee853dcfcb 100644
--- a/ui/vnc-enc-tight.c
+++ b/ui/vnc-enc-tight.c
@@ -77,7 +77,7 @@ static int tight_send_framebuffer_update(VncState *vs, int x, int y,
#ifdef CONFIG_VNC_JPEG
static const struct {
- double jpeg_freq_min; /* Don't send JPEG if the freq is bellow */
+ double jpeg_freq_min; /* Don't send JPEG if the freq is below */
double jpeg_freq_threshold; /* Always send JPEG if the freq is above */
int jpeg_idx; /* Allow indexed JPEG */
int jpeg_full; /* Allow full color JPEG */
--
2.39.2
9 months, 3 weeks
[PATCH RFC 0/3] Reflect MAC change in live domain XML
by Michal Privoznik
These are RFC patches. I'd like to start a discussion on the following
problem:
A mgmt application has info tied to an <interface/> (stored elsewhere,
not important right now). And they use basically the only piece of
information that's visible in both host and guest: MAC address. No, user
aliases are not visible in the guest. Therefore, when they query the
guest-agent (e.g. via 'virsh domifaddr --source agent') they can
reconstruct their knowledge on NICs.
But there's a catch - if user decides to change MAC address form inside
of the VM. Then the only link between host and guest is broken.
Now, we could make the guest-agent report both current and permanent MAC
address. But unfortunately, libvirt's virDomainInterfaceAddresses() is
not prepared for that.
Now, I don't recall why we decided to not update MAC address in the live
XML on change, but maybe somebody else does. Or we can pass the event
from QEMU to the mgmt application so that it can update its state.
Michal Prívozník (3):
qemu: Reflect MAC address change in live domain XML
Introduce NIC_MAC_CHANGE event
qemu: Emit NIC_MAC_CHANGE event
examples/c/misc/event-test.c | 14 +++++
include/libvirt/libvirt-domain.h | 28 +++++++++
src/conf/domain_event.c | 93 +++++++++++++++++++++++++++++
src/conf/domain_event.h | 12 ++++
src/libvirt_private.syms | 2 +
src/qemu/qemu_domain.c | 34 ++++++++++-
src/qemu/qemu_domain.h | 3 +-
src/qemu/qemu_driver.c | 11 ++--
src/qemu/qemu_process.c | 2 +-
src/remote/remote_daemon_dispatch.c | 32 ++++++++++
src/remote/remote_driver.c | 34 +++++++++++
src/remote/remote_protocol.x | 17 +++++-
tools/virsh-domain-event.c | 20 +++++++
13 files changed, 294 insertions(+), 8 deletions(-)
--
2.39.3
9 months, 3 weeks
[libvirt PATCH 0/9] src: some improvements to systemd unit files
by Daniel P. Berrangé
These were suggested by Lennart in
https://gitlab.com/libvirt/libvirt/-/issues/489
Daniel P. Berrangé (9):
src: remove After=local-fs.target from systemd units
src: remote deps on ip[6]tables/firewalld.service from systemd units
util: remove pointless wrappers for setrlimit/getrlimit
util: add helper for raising the max files limit
rpc: automatically raise max file limit in all daemons
src: set max open file limit to match systemd >= 240 defaults
util: relax requirement for logind to be running
src: remove dep on systemd-logind.service from unit files
util: add logging about node suspend availability
src/ch/virtchd.service.in | 11 ++---
src/interface/virtinterfaced.service.in | 1 -
src/libvirt_private.syms | 1 +
src/libxl/virtxend.service.in | 1 -
src/locking/virtlockd.service.in | 8 ++--
src/logging/virtlogd.service.in | 11 ++---
src/lxc/virtlxcd.service.in | 11 ++---
src/network/virtnetworkd.service.in | 4 --
src/node_device/virtnodedevd.service.in | 1 -
src/nwfilter/virtnwfilterd.service.in | 1 -
src/qemu/virtqemud.service.in | 11 ++---
src/remote/libvirtd.service.in | 14 ++-----
src/remote/virtproxyd.service.in | 1 -
src/rpc/virnetdaemon.c | 3 ++
src/secret/virtsecretd.service.in | 1 -
src/storage/virtstoraged.service.in | 1 -
src/util/virnodesuspend.c | 3 ++
src/util/virprocess.c | 56 ++++++++++++++++---------
src/util/virprocess.h | 1 +
src/util/virstring.c | 6 +++
src/util/virsystemd.c | 12 ++++++
src/vbox/virtvboxd.service.in | 1 -
src/vz/virtvzd.service.in | 1 -
tests/virshtest.c | 1 +
tools/virsh.c | 2 +-
25 files changed, 88 insertions(+), 76 deletions(-)
--
2.40.1
9 months, 3 weeks
[PATCH] NEWS: Mention CVE-2023-3750 and BeeGFS migration support
by Peter Krempa
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
NEWS.rst | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 8f0c67f779..e31448e829 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,13 @@ v9.6.0 (unreleased)
* **Security**
+ * ``CVE-2023-3750``: Fix race condition in storage driver leading to a crash
+
+ In **libvirt-8.3** a bug was introduced which in rare cases could cause
+ ``libvirtd`` or ``virtstoraged`` to crash if multiple clients attempted to
+ look up a storage volume by key, path or target path, while other clients
+ attempted to access something from the same storage pool.
+
* **Removed features**
* **New features**
@@ -38,6 +45,11 @@ v9.6.0 (unreleased)
Users no longer need to specify guest NUMA node in the domain XML when
enabling memory hotplug, libvirt automatically adds one when it is missing.
+ * qemu: Consider ``BeeGFS`` as a shared filesystem
+
+ Allow migration with non-shared storage for VMs accessing storage via
+ ``BeeGFS``.
+
* **Bug fixes**
* qemu: Adapt to new way of specifying PC speaker
--
2.41.0
9 months, 3 weeks
[PATCH Libvirt 00/11] Support dirty page rate upper limit
by ~hyman
QEMU introduced the dirty page rate limit feature in 7.1.0, see the
details in the following link:
https://lore.kernel.org/qemu-
devel/cover.1656177590.git.huangy81(a)chinatelecom.cn/
So maybe it's the right time to enable this feature in libvirt and the
upper user can play with it, expecting the upper app can use this
feature to do a virtual CPU Qos or whatever else.
Introduce the virsh API as follows:
# virsh limit-dirty-page-rate <domain> [--rate <number>] [--vcpu
<number>] [--cancel]
Examples:
To set the dirty page rate upper limit 60MB/s for all virtual CPUs in
c81_node1, use:
# virsh limit-dirty-page-rate c81_node1 --rate 60
Set dirty page rate limit 60(MB/s) on all virtual CPUs successfully
To set the dirty page rate upper limit 35MB/s for virtual CPU 1 in
c81_node1, use:
# virsh limit-dirty-page-rate c81_node1 --rate 35 --vcpu 1
Set vcpu[1] dirty page rate upper limit 35(MB/s) successfully
Specify the 'cancel' option to do the reverse, the optional option
'vcpu' is used to specify the CPU index to be set.
To query the dirty page rate upper limit, use:
# virsh vcpuinfo c81_node1
VCPU: 0
CPU: 14
State: running
CPU time: 27.1s
CPU Affinity: yyyyyyyyyyyyyyyy
DirtyRate limit: 60
DirtyRate current: 0
VCPU: 1
CPU: 1
State: running
CPU time: 25.1s
CPU Affinity: yyyyyyyyyyyyyyyy
DirtyRate limit: 35
DirtyRate current: 0
VCPU: 2
CPU: 7
State: running
CPU time: 6.0s
CPU Affinity: yyyyyyyyyyyyyyyy
DirtyRate limit: 60
DirtyRate current: 0
VCPU: 3
CPU: 8
State: running
CPU time: 3.5s
CPU Affinity: yyyyyyyyyyyyyyyy
DirtyRate limit: 60
DirtyRate current: 0
The patch set adds two new APIs to implement a dirty page rate limit:
1. virDomainSetVcpuDirtyLimit, which set virtual CPU dirty page rate
limit. virsh command 'limit-dirty-page-rate' correspondingly.
2. virDomainCancelVcpuDirtyLimit, which cancel virtual CPU dirty page
rate
limit. 'cancel' option was introduced to 'limit-dirty-page-rate' to
cancel
the limit correspondingly.
In addition, function 'qemuMonitorQueryVcpuDirtyLimit' was implemented
to query the dirty page rate upper limit, the virsh command 'vcpuinfo'
was extended. So that the user can query dirty page rate limit info via
'vcpuinfo'.
This series makes the main modifications as follows:
- introduce QEMU_CAPS_VCPU_DIRTY_LIMIT capability so that libvirt
can probe before using dirty page rate upper limit feature.
- implement virsh command 'limit-dirty-page-rate' to set/cancel dirty
page rate upper limit.
- extend 'vcpuinfo' API so that it can display dirty page rate upper
limit.
- document dirty page rate limit feature.
Please review, and hoping the comments, thanks !
Yong
Hyman Huang(黄勇) (11):
qemu_capabilities: Introduce QEMU_CAPS_VCPU_DIRTY_LIMIT capability
libvirt: Add virDomainSetVcpuDirtyLimit API
qemu_driver: Implement qemuDomainSetVcpuDirtyLimit
virsh: Introduce limit-dirty-page-rate api
qemu_monitor: Implement qemuMonitorQueryVcpuDirtyLimit
qemu_driver: Extend qemuDomainGetVcpus
virsh: Extend vcpuinfo api
libvirt: Add virDomainCancelVcpuDirtyLimit API
qemu_driver: Implement qemuDomainCancelVcpuDirtyLimit
virsh: Add cancel option of limit-dirty-page-rate api
NEWS: Document limit dirty page rate APIs
NEWS.rst | 16 ++
include/libvirt/libvirt-domain.h | 22 +++
src/driver-hypervisor.h | 13 ++
src/libvirt-domain.c | 106 ++++++++++++
src/libvirt_public.syms | 6 +
src/qemu/qemu_capabilities.c | 2 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_driver.c | 154 ++++++++++++++++++
src/qemu/qemu_monitor.c | 36 ++++
src/qemu/qemu_monitor.h | 26 +++
src/qemu/qemu_monitor_json.c | 150 +++++++++++++++++
src/qemu/qemu_monitor_json.h | 13 ++
src/remote/remote_daemon_dispatch.c | 2 +
src/remote/remote_driver.c | 4 +
src/remote/remote_protocol.x | 28 +++-
src/remote_protocol-structs | 13 ++
.../qemucapabilitiesdata/caps_7.1.0_ppc64.xml | 1 +
.../caps_7.1.0_x86_64.xml | 1 +
tests/qemucapabilitiesdata/caps_7.2.0_ppc.xml | 1 +
.../caps_7.2.0_x86_64+hvf.xml | 1 +
.../caps_7.2.0_x86_64.xml | 1 +
.../caps_8.0.0_riscv64.xml | 1 +
.../caps_8.0.0_x86_64.xml | 1 +
.../qemucapabilitiesdata/caps_8.1.0_s390x.xml | 1 +
.../caps_8.1.0_x86_64.xml | 1 +
tools/virsh-domain.c | 123 ++++++++++++++
26 files changed, 723 insertions(+), 1 deletion(-)
--
2.38.5
9 months, 3 weeks