[PATCH v1 0/5] Allow Guest CPU Model with Deprecated Features Disabled
by Collin Walling
Add support for libvirt to query and cache an array of deprecated CPU features
(aka CPU properties) for the host-model. This data is queried via a full
query-cpu-model-expansion and cached in the QEMU capabilities file. This
model expansion will depend on the availability of the "deprecated-props" field
resulting from a query-cpu-model-expansion command. Currently, only s390x
supports this field.
The purpose of these patches is to make it easy for users to create guests with
a CPU model that will be compatible & migratable with future hardware.
An updated host CPU model with deprecated features paired with the policy "disable"
may be visable via an update to the virsh domcapabilities command with the
--disable-deprecated-features flag. An example is shown below.
Note: other CPU model queries (e.g. baseline and comparison) currently do not
consider deprecated features, as their outputs do not consider feature policy.
If implementation is desired, it will require a discussion on how these
commands should report policies.
Examples:
virsh domcapabilities --disable-deprecated-features
e.g. output (trimmed):
<mode name='host-model' supported='yes'>
<model fallback='forbid'>z14.2-base</model>
<feature policy='require' name='aen'/>
<feature policy='require' name='cmmnt'/>
<feature policy='require' name='aefsi'/>
<feature policy='require' name='diag318'/>
<feature policy='require' name='mepoch'/>
<feature policy='require' name='msa8'/>
<feature policy='require' name='msa7'/>
<feature policy='require' name='msa6'/>
<feature policy='require' name='msa5'/>
<feature policy='require' name='msa4'/>
<feature policy='require' name='msa3'/>
<feature policy='require' name='msa2'/>
<feature policy='require' name='msa1'/>
<feature policy='require' name='sthyi'/>
<feature policy='require' name='edat'/>
<feature policy='require' name='ri'/>
<feature policy='require' name='edat2'/>
<feature policy='require' name='etoken'/>
<feature policy='require' name='vx'/>
<feature policy='require' name='ipter'/>
<feature policy='require' name='mepochptff'/>
<feature policy='require' name='ap'/>
<feature policy='require' name='vxeh'/>
<feature policy='require' name='vxpd'/>
<feature policy='require' name='esop'/>
<feature policy='require' name='apqi'/>
<feature policy='require' name='apft'/>
<feature policy='require' name='els'/>
<feature policy='require' name='iep'/>
<feature policy='require' name='apqci'/>
<feature policy='disable' name='cte'/>
<feature policy='require' name='ais'/>
<feature policy='disable' name='bpb'/>
<feature policy='require' name='ctop'/>
<feature policy='require' name='gs'/>
<feature policy='require' name='ppa15'/>
<feature policy='require' name='zpci'/>
<feature policy='require' name='sea_esop2'/>
<feature policy='disable' name='te'/>
<feature policy='require' name='cmm'/>
<feature policy='disable' name='csske'/>
</mode>
A domain may be defined with a new <cpu> XML attribute, deprecated_features='on|off':
<cpu mode='host-model' check='partial' deprecated_features='off'/>
e.g. after guest has started (trimmed):
<cpu mode='custom' match='exact' check='partial' deprecated_features='off'>
<model fallback='forbid'>z14.2-base</model>
<feature policy='require' name='aen'/>
<feature policy='require' name='cmmnt'/>
<feature policy='require' name='aefsi'/>
<feature policy='require' name='diag318'/>
<feature policy='require' name='mepoch'/>
<feature policy='require' name='msa8'/>
<feature policy='require' name='msa7'/>
<feature policy='require' name='msa6'/>
<feature policy='require' name='msa5'/>
<feature policy='require' name='msa4'/>
<feature policy='require' name='msa3'/>
<feature policy='require' name='msa2'/>
<feature policy='require' name='msa1'/>
<feature policy='require' name='sthyi'/>
<feature policy='require' name='edat'/>
<feature policy='require' name='ri'/>
<feature policy='require' name='edat2'/>
<feature policy='require' name='etoken'/>
<feature policy='require' name='vx'/>
<feature policy='require' name='ipter'/>
<feature policy='require' name='mepochptff'/>
<feature policy='require' name='ap'/>
<feature policy='require' name='vxeh'/>
<feature policy='require' name='vxpd'/>
<feature policy='require' name='esop'/>
<feature policy='require' name='apqi'/>
<feature policy='require' name='apft'/>
<feature policy='require' name='els'/>
<feature policy='require' name='iep'/>
<feature policy='require' name='apqci'/>
<feature policy='disable' name='cte'/>
<feature policy='require' name='ais'/>
<feature policy='disable' name='bpb'/>
<feature policy='require' name='ctop'/>
<feature policy='require' name='gs'/>
<feature policy='require' name='ppa15'/>
<feature policy='require' name='zpci'/>
<feature policy='require' name='sea_esop2'/>
<feature policy='disable' name='te'/>
<feature policy='require' name='cmm'/>
<feature policy='disable' name='csske'/>
</cpu>
Collin Walling (5):
qemuMonitorJSONGetCPUModelExpansion: refactor parsing functions
qemu: parse deprecated-props from query-cpu-model-expansion response
qemu_capabilities: query deprecated features for host-model
virsh: add --disable-deprecated-features flag to domcapabilities
conf: add deprecated_features attribute
docs/manpages/virsh.rst | 6 +
include/libvirt/libvirt-domain.h | 12 +
src/conf/cpu_conf.c | 10 +
src/conf/cpu_conf.h | 1 +
src/conf/schemas/cputypes.rng | 12 +
src/libvirt-domain.c | 2 +-
src/qemu/qemu_capabilities.c | 89 +++++
src/qemu/qemu_capabilities.h | 4 +
src/qemu/qemu_driver.c | 8 +-
src/qemu/qemu_monitor.c | 10 +
src/qemu/qemu_monitor.h | 1 +
src/qemu/qemu_monitor_json.c | 64 +++-
src/qemu/qemu_process.c | 4 +
.../caps_9.1.0_s390x.replies | 348 +++++++++++++++++-
.../qemucapabilitiesdata/caps_9.1.0_s390x.xml | 13 +
.../caps_9.2.0_s390x.replies | 348 +++++++++++++++++-
.../qemucapabilitiesdata/caps_9.2.0_s390x.xml | 13 +
tools/virsh-host.c | 9 +-
18 files changed, 940 insertions(+), 14 deletions(-)
--
2.45.1
1 month, 2 weeks
[PATCH] Drop unused function declarations
by Michal Privoznik
When moving function and/or renaming them sometimes corresponding
change to corresponding header file is not done. This leaves us
with functions that are declared in header files, but nowhere
implemented. Drop such declarations.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
These were identified by a bash oneliner which basically tried to list
every "function" in every header file (function was matched as '\w\+(')
and for every function from the list, git grep was done to see if it
lives in a .c file.
It's nowhere exhaustive or perfect, but if found at least something.
src/ch/ch_monitor.h | 4 ----
src/conf/device_conf.h | 1 -
src/conf/virinterfaceobj.h | 3 ---
src/conf/virstorageobj.h | 3 ---
src/libxl/libxl_domain.h | 3 ---
src/logging/log_handler.h | 2 --
src/lxc/lxc_cgroup.h | 1 -
src/lxc/lxc_hostdev.h | 6 ------
src/lxc/lxc_monitor.h | 3 ---
src/lxc/lxc_process.h | 9 ---------
src/qemu/qemu_command.h | 3 ---
src/qemu/qemu_domain.h | 12 ------------
src/qemu/qemu_monitor.h | 4 ----
src/qemu/qemu_monitor_json.h | 29 -----------------------------
src/qemu/qemu_process.h | 3 ---
src/rpc/virnetlibsshsession.h | 1 -
src/rpc/virnetserverclient.h | 2 --
src/util/virmdev.h | 3 ---
src/util/virnetdev.h | 10 ----------
src/vz/vz_utils.h | 8 --------
tests/testutilsqemu.h | 3 ---
21 files changed, 113 deletions(-)
diff --git a/src/ch/ch_monitor.h b/src/ch/ch_monitor.h
index b35f5ea027..9ec58e5b20 100644
--- a/src/ch/ch_monitor.h
+++ b/src/ch/ch_monitor.h
@@ -118,10 +118,6 @@ int virCHMonitorSaveVM(virCHMonitor *mon,
const char *to);
int virCHMonitorGetInfo(virCHMonitor *mon, virJSONValue **info);
-void virCHMonitorCPUInfoFree(virCHMonitorCPUInfo *cpus);
-int virCHMonitorGetCPUInfo(virCHMonitor *mon,
- virCHMonitorCPUInfo **vcpus,
- size_t maxvcpus);
size_t virCHMonitorGetThreadInfo(virCHMonitor *mon, bool refresh,
virCHMonitorThreadInfo **threads);
int virCHMonitorGetIOThreads(virCHMonitor *mon,
diff --git a/src/conf/device_conf.h b/src/conf/device_conf.h
index 2d674ecd85..2d97410f6e 100644
--- a/src/conf/device_conf.h
+++ b/src/conf/device_conf.h
@@ -193,7 +193,6 @@ int virDeviceHostdevPCIDriverInfoParseXML(xmlNodePtr node,
int virDeviceHostdevPCIDriverInfoFormat(virBuffer *buf,
const virDeviceHostdevPCIDriverInfo *driver);
-void virDeviceHostdevPCIDriverInfoPostParse(virDeviceHostdevPCIDriverInfo *driver);
void virDeviceHostdevPCIDriverInfoClear(virDeviceHostdevPCIDriverInfo *driver);
void virDomainDeviceInfoClear(virDomainDeviceInfo *info);
diff --git a/src/conf/virinterfaceobj.h b/src/conf/virinterfaceobj.h
index 5927484167..c59dac28d3 100644
--- a/src/conf/virinterfaceobj.h
+++ b/src/conf/virinterfaceobj.h
@@ -51,9 +51,6 @@ virInterfaceObj *
virInterfaceObjListFindByName(virInterfaceObjList *interfaces,
const char *name);
-void
-virInterfaceObjFree(virInterfaceObj *obj);
-
virInterfaceObjList *
virInterfaceObjListClone(virInterfaceObjList *interfaces);
diff --git a/src/conf/virstorageobj.h b/src/conf/virstorageobj.h
index d9dae9ceb9..e1eabfdb3a 100644
--- a/src/conf/virstorageobj.h
+++ b/src/conf/virstorageobj.h
@@ -229,9 +229,6 @@ virStoragePoolObjGetNames(virStoragePoolObjList *pools,
char **const names,
int maxnames);
-void
-virStoragePoolObjFree(virStoragePoolObj *obj);
-
typedef void
(*virStoragePoolObjListIterator)(virStoragePoolObj *obj,
const void *opaque);
diff --git a/src/libxl/libxl_domain.h b/src/libxl/libxl_domain.h
index 94b693e477..a35d121323 100644
--- a/src/libxl/libxl_domain.h
+++ b/src/libxl/libxl_domain.h
@@ -46,9 +46,6 @@ extern virDomainDefParserConfig libxlDomainDefParserConfig;
extern virXMLNamespace libxlDriverDomainXMLNamespace;
extern const struct libxl_event_hooks ev_hooks;
-int
-libxlDomainObjPrivateInitCtx(virDomainObj *vm);
-
int
libxlDomainJobGetTimeElapsed(virDomainJobObj *job,
unsigned long long *timeElapsed);
diff --git a/src/logging/log_handler.h b/src/logging/log_handler.h
index 97dad27eda..38c300289e 100644
--- a/src/logging/log_handler.h
+++ b/src/logging/log_handler.h
@@ -67,8 +67,6 @@ virLogHandler *virLogHandlerNewPostExecRestart(virJSONValue *child,
virLogHandlerShutdownInhibitor inhibitor,
void *opaque);
-void virLogHandlerFree(virLogHandler *handler);
-
int virLogHandlerDomainOpenLogFile(virLogHandler *handler,
const char *driver,
const unsigned char *domuuid,
diff --git a/src/lxc/lxc_cgroup.h b/src/lxc/lxc_cgroup.h
index 64d0c51175..83f342c08c 100644
--- a/src/lxc/lxc_cgroup.h
+++ b/src/lxc/lxc_cgroup.h
@@ -29,7 +29,6 @@ virCgroup *virLXCCgroupCreate(virDomainDef *def,
pid_t initpid,
size_t nnicindexes,
int *nicindexes);
-virCgroup *virLXCCgroupJoin(virDomainDef *def);
int virLXCCgroupSetup(virDomainDef *def,
virCgroup *cgroup,
virBitmap *nodemask);
diff --git a/src/lxc/lxc_hostdev.h b/src/lxc/lxc_hostdev.h
index 34b813e3e9..4aa124c660 100644
--- a/src/lxc/lxc_hostdev.h
+++ b/src/lxc/lxc_hostdev.h
@@ -26,12 +26,6 @@
int virLXCUpdateActiveUSBHostdevs(virLXCDriver *driver,
virDomainDef *def);
-int virLXCFindHostdevUSBDevice(virDomainHostdevDef *hostdev,
- bool mandatory,
- virUSBDevice **usb);
-int virLXCPrepareHostdevUSBDevices(virLXCDriver *driver,
- const char *name,
- virUSBDeviceList *list);
int virLXCPrepareHostDevices(virLXCDriver *driver,
virDomainDef *def);
void virLXCDomainReAttachHostDevices(virLXCDriver *driver,
diff --git a/src/lxc/lxc_monitor.h b/src/lxc/lxc_monitor.h
index 5b5954f8e9..0a10768452 100644
--- a/src/lxc/lxc_monitor.h
+++ b/src/lxc/lxc_monitor.h
@@ -53,6 +53,3 @@ virLXCMonitor *virLXCMonitorNew(virDomainObj *vm,
virLXCMonitorCallbacks *cb);
void virLXCMonitorClose(virLXCMonitor *mon);
-
-void virLXCMonitorLock(virLXCMonitor *mon);
-void virLXCMonitorUnlock(virLXCMonitor *mon);
diff --git a/src/lxc/lxc_process.h b/src/lxc/lxc_process.h
index 4b84e31fef..95eacdd1e5 100644
--- a/src/lxc/lxc_process.h
+++ b/src/lxc/lxc_process.h
@@ -33,15 +33,6 @@ int virLXCProcessStop(virLXCDriver *driver,
virDomainShutoffReason reason,
unsigned int cleanupFlags);
-void virLXCProcessAutoDestroyRun(virLXCDriver *driver,
- virConnectPtr conn);
-void virLXCProcessAutoDestroyShutdown(virLXCDriver *driver);
-int virLXCProcessAutoDestroyAdd(virLXCDriver *driver,
- virDomainObj *vm,
- virConnectPtr conn);
-int virLXCProcessAutoDestroyRemove(virLXCDriver *driver,
- virDomainObj *vm);
-
void virLXCProcessAutostartAll(virLXCDriver *driver);
int virLXCProcessReconnectAll(virLXCDriver *driver,
virDomainObjList *doms);
diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h
index fb4551a7d0..76c514b5f7 100644
--- a/src/qemu/qemu_command.h
+++ b/src/qemu/qemu_command.h
@@ -93,7 +93,6 @@ qemuBuildNicDevProps(virDomainDef *def,
virDomainNetDef *net,
virQEMUCaps *qemuCaps);
-char *qemuDeviceDriveHostAlias(virDomainDiskDef *disk);
bool qemuDiskBusIsSD(int bus);
int
@@ -208,8 +207,6 @@ qemuBuildRedirdevDevProps(const virDomainDef *def,
virJSONValue *
qemuBuildZPCIDevProps(virDomainDeviceInfo *dev);
-int qemuNetworkPrepareDevices(virDomainDef *def);
-
bool
qemuDiskConfigBlkdeviotuneEnabled(const virDomainDiskDef *disk);
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index a19314b48b..047a11b7fe 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -588,8 +588,6 @@ virDomainObj *qemuDomainObjFromDomain(virDomainPtr domain);
qemuDomainSaveCookie *qemuDomainSaveCookieNew(virDomainObj *vm);
-void qemuDomainEventFlush(int timer, void *opaque);
-
qemuMonitor *qemuDomainGetMonitor(virDomainObj *vm)
ATTRIBUTE_NONNULL(1);
void qemuDomainObjEnterMonitor(virDomainObj *obj)
@@ -645,9 +643,6 @@ void qemuDomainObjTaint(virQEMUDriver *driver,
virDomainTaintFlags taint,
qemuLogContext *logCtxt);
-char **qemuDomainObjGetTainting(virQEMUDriver *driver,
- virDomainObj *obj);
-
void qemuDomainObjCheckTaint(virQEMUDriver *driver,
virDomainObj *obj,
qemuLogContext *logCtxt,
@@ -716,10 +711,6 @@ int qemuDomainCheckDiskStartupPolicy(virQEMUDriver *driver,
size_t diskIndex,
bool cold_boot);
-int qemuDomainCheckDiskPresence(virQEMUDriver *driver,
- virDomainObj *vm,
- unsigned int flags);
-
int qemuDomainStorageSourceValidateDepth(virStorageSource *src,
int add,
const char *diskdst);
@@ -947,9 +938,6 @@ int qemuDomainSecretPrepare(virQEMUDriver *driver,
virDomainObj *vm)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
-int qemuDomainDeviceDefValidateDisk(const virDomainDiskDef *disk,
- virQEMUCaps *qemuCaps);
-
int qemuDomainDeviceDiskDefPostParse(virDomainDiskDef *disk,
unsigned int parseFlags);
diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
index 4341519cfe..035c9a7e3c 100644
--- a/src/qemu/qemu_monitor.h
+++ b/src/qemu/qemu_monitor.h
@@ -939,10 +939,6 @@ void qemuMonitorChardevInfoFree(void *data);
int qemuMonitorGetChardevInfo(qemuMonitor *mon,
GHashTable **retinfo);
-int qemuMonitorAttachPCIDiskController(qemuMonitor *mon,
- const char *bus,
- virPCIDeviceAddress *guestAddr);
-
int qemuMonitorAddDeviceProps(qemuMonitor *mon,
virJSONValue **props);
diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h
index 10491b809b..ab3c2cb7c8 100644
--- a/src/qemu/qemu_monitor_json.h
+++ b/src/qemu/qemu_monitor_json.h
@@ -175,10 +175,6 @@ qemuMonitorJSONMigrate(qemuMonitor *mon,
int
qemuMonitorJSONGetMigrationBlockers(qemuMonitor *mon,
char ***blockers);
-int
-qemuMonitorJSONGetSpiceMigrationStatus(qemuMonitor *mon,
- bool *spice_migrated);
-
int
qemuMonitorJSONMigrateCancel(qemuMonitor *mon);
@@ -208,26 +204,6 @@ qemuMonitorJSONGraphicsRelocate(qemuMonitor *mon,
int tlsPort,
const char *tlsSubject);
-int
-qemuMonitorJSONAddPCIHostDevice(qemuMonitor *mon,
- virPCIDeviceAddress *hostAddr,
- virPCIDeviceAddress *guestAddr);
-
-int
-qemuMonitorJSONAddPCIDisk(qemuMonitor *mon,
- const char *path,
- const char *bus,
- virPCIDeviceAddress *guestAddr);
-
-int
-qemuMonitorJSONAddPCINetwork(qemuMonitor *mon,
- const char *nicstr,
- virPCIDeviceAddress *guestAddr);
-
-int
-qemuMonitorJSONRemovePCIDevice(qemuMonitor *mon,
- virPCIDeviceAddress *guestAddr);
-
int
qemuMonitorJSONAddFileHandleToSet(qemuMonitor *mon,
int fd,
@@ -268,11 +244,6 @@ int
qemuMonitorJSONGetChardevInfo(qemuMonitor *mon,
GHashTable *info);
-int
-qemuMonitorJSONAttachPCIDiskController(qemuMonitor *mon,
- const char *bus,
- virPCIDeviceAddress *guestAddr);
-
int
qemuMonitorJSONAddDeviceProps(qemuMonitor *mon,
virJSONValue **props);
diff --git a/src/qemu/qemu_process.h b/src/qemu/qemu_process.h
index 878c522d82..12781673c5 100644
--- a/src/qemu/qemu_process.h
+++ b/src/qemu/qemu_process.h
@@ -189,9 +189,6 @@ void qemuProcessShutdownOrReboot(virDomainObj *vm);
void qemuProcessAutoDestroy(virDomainObj *dom,
virConnectPtr conn);
-int qemuProcessSetSchedParams(int id, pid_t pid, size_t nsp,
- virDomainThreadSchedParam *sp);
-
virDomainDiskDef *qemuProcessFindDomainDiskByAliasOrQOM(virDomainObj *vm,
const char *alias,
const char *qomid);
diff --git a/src/rpc/virnetlibsshsession.h b/src/rpc/virnetlibsshsession.h
index 7f94fd15dc..949680035c 100644
--- a/src/rpc/virnetlibsshsession.h
+++ b/src/rpc/virnetlibsshsession.h
@@ -26,7 +26,6 @@
typedef struct _virNetLibsshSession virNetLibsshSession;
virNetLibsshSession *virNetLibsshSessionNew(const char *username);
-void virNetLibsshSessionFree(virNetLibsshSession *sess);
typedef enum {
VIR_NET_LIBSSH_HOSTKEY_VERIFY_NORMAL,
diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h
index 2ae6c85b20..0a1ddd6f28 100644
--- a/src/rpc/virnetserverclient.h
+++ b/src/rpc/virnetserverclient.h
@@ -152,8 +152,6 @@ int virNetServerClientInit(virNetServerClient *client);
int virNetServerClientInitKeepAlive(virNetServerClient *client,
int interval,
unsigned int count);
-bool virNetServerClientCheckKeepAlive(virNetServerClient *client,
- virNetMessage *msg);
int virNetServerClientStartKeepAlive(virNetServerClient *client);
const char *virNetServerClientLocalAddrStringSASL(virNetServerClient *client);
diff --git a/src/util/virmdev.h b/src/util/virmdev.h
index e8e69040e5..75853bc0ff 100644
--- a/src/util/virmdev.h
+++ b/src/util/virmdev.h
@@ -72,9 +72,6 @@ typedef int (*virMediatedDeviceCallback)(virMediatedDevice *dev,
virMediatedDevice *
virMediatedDeviceNew(const char *uuidstr, virMediatedDeviceModelType model);
-virMediatedDevice *
-virMediatedDeviceCopy(virMediatedDevice *dev);
-
void
virMediatedDeviceFree(virMediatedDevice *dev);
diff --git a/src/util/virnetdev.h b/src/util/virnetdev.h
index c287a7b272..99fe761c1d 100644
--- a/src/util/virnetdev.h
+++ b/src/util/virnetdev.h
@@ -185,16 +185,6 @@ int virNetDevGetMAC(const char *ifname,
virMacAddr *macaddr)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) G_GNUC_WARN_UNUSED_RESULT;
-int virNetDevReplaceMacAddress(const char *linkdev,
- const virMacAddr *macaddress,
- const char *stateDir)
- ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
- G_GNUC_WARN_UNUSED_RESULT;
-
-int virNetDevRestoreMacAddress(const char *linkdev,
- const char *stateDir)
- ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) G_GNUC_WARN_UNUSED_RESULT;
-
int virNetDevSetCoalesce(const char *ifname,
virNetDevCoalesce *coalesce,
bool update)
diff --git a/src/vz/vz_utils.h b/src/vz/vz_utils.h
index 7a797953a5..a7003a5370 100644
--- a/src/vz/vz_utils.h
+++ b/src/vz/vz_utils.h
@@ -39,14 +39,6 @@
#define IS_CT(def) (def->os.type == VIR_DOMAIN_OSTYPE_EXE)
-#define vzDomNotFoundError(domain) \
- do { \
- char uuidstr[VIR_UUID_STRING_BUFLEN]; \
- virUUIDFormat(domain->uuid, uuidstr); \
- virReportError(VIR_ERR_NO_DOMAIN, \
- _("no domain with matching uuid '%1$s'"), uuidstr); \
- } while (0)
-
#define PARALLELS_DOMAIN_ROUTED_NETWORK_NAME "host-routed"
#define VIRTUOZZO_VER_7 ((unsigned long)7000000)
diff --git a/tests/testutilsqemu.h b/tests/testutilsqemu.h
index 90632031ff..74e307d653 100644
--- a/tests/testutilsqemu.h
+++ b/tests/testutilsqemu.h
@@ -126,9 +126,6 @@ typedef struct _testQemuInfo testQemuInfo;
void testQemuInfoFree(testQemuInfo *info);
G_DEFINE_AUTOPTR_CLEANUP_FUNC(testQemuInfo, testQemuInfoFree);
-virDomainXMLOption *testQemuXMLConfInit(void);
-
-
virQEMUCaps *qemuTestParseCapabilitiesArch(virArch arch,
const char *capsFile);
virCPUDef *qemuTestGetCPUDef(qemuTestCPUDef d);
--
2.45.2
1 month, 2 weeks
[PATCH] virnetserverclient.h: Fix typo in comment of virNetServerClientPrivPreExecRestart()
by Michal Privoznik
The function the comment is referring to is
virNetServerClientPrivNew() not virNetServerClintPrivNew(). The
latter doesn't even exist.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/rpc/virnetserverclient.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h
index 0d585eb2ce..2ae6c85b20 100644
--- a/src/rpc/virnetserverclient.h
+++ b/src/rpc/virnetserverclient.h
@@ -48,7 +48,7 @@ typedef int (*virNetServerClientFilterFunc)(virNetServerClient *client,
void *opaque);
/*
- * @data: value allocated by virNetServerClintPrivNew(PostExecRestart) callback
+ * @data: value allocated by virNetServerClientPrivNew(PostExecRestart) callback
*/
typedef virJSONValue *(*virNetServerClientPrivPreExecRestart)(virNetServerClient *client,
void *data);
--
2.45.2
1 month, 2 weeks
[PATCH v3] qemu_hotplug: Do not report unknown error when hot-unplugging non-existing device
by Martin Kletzander
When qemuDomainDeleteDevice() gets "DeviceNotFound" error it is a
special case as we're trying to remove a device which does not exists
any more. Such occasion is indicated by the return value -2.
Callers of the aforementioned function ought to base their behaviour on
the return value. However not all callers take as much care for the
return value as one could realistically anticipate.
Follow the usual direction of removing possible backend object (in case
of character devices), remove the device from its XML without waiting
for the device removal from QEMU (since it is already not there) and
basically follow the same algorithm as there is when the device was
removed, skipping over the wait for the device removal.
The overall return value also needs to be adjusted since
qemuDomainDeleteDevice() does not set an error on the -2 return value
and would otherwise trigger an unknown error being reported to the user
or management application.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
v3:
- Skip qemuDomainWaitForDeviceRemoval() when the vCPU does not exist, as
written in the commit message
- Do all the other necessary things when the vCPU is missing
v2:
- Adjust for -2 return value in callers
src/qemu/qemu_hotplug.c | 32 +++++++++++++++++++-------------
1 file changed, 19 insertions(+), 13 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 8361d3d9c1b7..bddd553c88a5 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -6090,8 +6090,12 @@ qemuDomainDetachDeviceChr(virQEMUDriver *driver,
if (rc < 0)
goto cleanup;
} else {
- if (qemuDomainDeleteDevice(vm, tmpChr->info.alias) < 0)
+ ret = qemuDomainDeleteDevice(vm, tmpChr->info.alias);
+ if (ret < 0) {
+ if (ret == -2)
+ ret = qemuDomainRemoveChrDevice(driver, vm, tmpChr, true);
goto cleanup;
+ }
}
if (guestfwd) {
@@ -6595,18 +6599,20 @@ qemuDomainHotplugDelVcpu(virQEMUDriver *driver,
qemuDomainMarkDeviceAliasForRemoval(vm, vcpupriv->alias);
- if (qemuDomainDeleteDevice(vm, vcpupriv->alias) < 0) {
- if (virDomainObjIsActive(vm))
- virDomainAuditVcpu(vm, oldvcpus, oldvcpus - nvcpus, "update", false);
- goto cleanup;
- }
-
- if ((rc = qemuDomainWaitForDeviceRemoval(vm)) <= 0) {
- if (rc == 0)
- virReportError(VIR_ERR_OPERATION_TIMEOUT, "%s",
- _("vcpu unplug request timed out. Unplug result must be manually inspected in the domain"));
-
- goto cleanup;
+ rc = qemuDomainDeleteDevice(vm, vcpupriv->alias);
+ if (rc < 0) {
+ if (rc != -2) {
+ if (virDomainObjIsActive(vm))
+ virDomainAuditVcpu(vm, oldvcpus, oldvcpus - nvcpus, "update", false);
+ goto cleanup;
+ }
+ } else {
+ if ((rc = qemuDomainWaitForDeviceRemoval(vm)) <= 0) {
+ if (rc == 0)
+ virReportError(VIR_ERR_OPERATION_TIMEOUT, "%s",
+ _("vcpu unplug request timed out. Unplug result must be manually inspected in the domain"));
+ goto cleanup;
+ }
}
if (qemuDomainRemoveVcpu(vm, vcpu) < 0)
--
2.47.0
1 month, 2 weeks
[PATCH v2] qemu_hotplug: Do not report unknown error when hot-unplugging non-existing device
by Martin Kletzander
When qemuDomainDeleteDevice() gets "DeviceNotFound" error it is a
special case as we're trying to remove a device which does not exists
any more. Such occasion is indicated by the return value -2.
Callers of the aforementioned function ought to base their behaviour on
the return value. However not all callers take as much care for the
return value as one could realistically anticipate.
Follow the usual direction of removing possible backend object (in case
of character devices), remove the device from its XML without waiting
for the device removal from QEMU (since it is already not there) and
basically follow the same algorithm as there is when the device was
removed, skipping over the wait for the device removal.
The overall return value also needs to be adjusted since
qemuDomainDeleteDevice() does not set an error on the -2 return value
and would otherwise trigger an unknown error being reported to the user
or management application.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/qemu/qemu_hotplug.c | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 8361d3d9c1b7..1b6ecb1cd1f9 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -6090,8 +6090,12 @@ qemuDomainDetachDeviceChr(virQEMUDriver *driver,
if (rc < 0)
goto cleanup;
} else {
- if (qemuDomainDeleteDevice(vm, tmpChr->info.alias) < 0)
+ ret = qemuDomainDeleteDevice(vm, tmpChr->info.alias);
+ if (ret < 0) {
+ if (ret == -2)
+ ret = qemuDomainRemoveChrDevice(driver, vm, tmpChr, true);
goto cleanup;
+ }
}
if (guestfwd) {
@@ -6595,18 +6599,19 @@ qemuDomainHotplugDelVcpu(virQEMUDriver *driver,
qemuDomainMarkDeviceAliasForRemoval(vm, vcpupriv->alias);
- if (qemuDomainDeleteDevice(vm, vcpupriv->alias) < 0) {
- if (virDomainObjIsActive(vm))
+ rc = qemuDomainDeleteDevice(vm, vcpupriv->alias);
+ if (rc < 0) {
+ if (rc == -1 && virDomainObjIsActive(vm))
virDomainAuditVcpu(vm, oldvcpus, oldvcpus - nvcpus, "update", false);
goto cleanup;
- }
-
- if ((rc = qemuDomainWaitForDeviceRemoval(vm)) <= 0) {
- if (rc == 0)
- virReportError(VIR_ERR_OPERATION_TIMEOUT, "%s",
- _("vcpu unplug request timed out. Unplug result must be manually inspected in the domain"));
+ } else {
+ if ((rc = qemuDomainWaitForDeviceRemoval(vm)) <= 0) {
+ if (rc == 0)
+ virReportError(VIR_ERR_OPERATION_TIMEOUT, "%s",
+ _("vcpu unplug request timed out. Unplug result must be manually inspected in the domain"));
- goto cleanup;
+ goto cleanup;
+ }
}
if (qemuDomainRemoveVcpu(vm, vcpu) < 0)
--
2.47.0
1 month, 2 weeks
[PATCH] security_apparmor: store dynamically generated rules
by Georgia Garcia
Some rules are generated dynamically during boot and added to the
AppArmor policy. An example of that is macvtap devices that call the
AppArmorSetFDLabel hook to add a rule for the tap device path.
Since this information is dynamic, it is not available in the xml
config, therefore whenever a "Restore" hook is called, the entire
profile is regenerated by virt-aa-helper based only the information
from the VM definition, so the dynamic information is lost.
This patch stores the dynamically generated rules while the domain is
running and reloads them whenever there's a restore operation.
Note that there are no hooks for restoring FD labels, so that
information is not removed from the set of rules while the domain is
running.
Closes: https://gitlab.com/libvirt/libvirt/-/issues/692
Signed-off-by: Georgia Garcia <georgia.garcia(a)canonical.com>
---
src/security/security_apparmor.c | 208 +++++++++++++++++++++++++++++--
1 file changed, 200 insertions(+), 8 deletions(-)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 07e95ec81d..ae5815fb0d 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -60,6 +60,24 @@ struct SDPDOP {
virDomainDef *def;
};
+typedef struct _virSecurityAppArmorLabel virSecurityAppArmorLabel;
+struct _virSecurityAppArmorLabel {
+ GPtrArray *paths;
+ char *name;
+};
+
+typedef struct _virSecurityAppArmorLabelList virSecurityAppArmorLabelList;
+struct _virSecurityAppArmorLabelList {
+ GPtrArray *labels;
+ virMutex lock;
+};
+
+virSecurityAppArmorLabelList *labelList = NULL;
+
+static int AppArmorRestorePolicy(virSecurityManager *mgr,
+ virDomainDef *def,
+ char *seclabel);
+
/*
* profile_status returns '-2' on error, '-1' if not loaded, '0' if loaded
*
@@ -273,6 +291,119 @@ reload_profile(virSecurityManager *mgr,
secdef->imagelabel);
return -1;
}
+ if (!append) {
+ if (AppArmorRestorePolicy(mgr, def, secdef->imagelabel) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("cannot restore rules from AppArmor profile \'%1$s\'"),
+ secdef->imagelabel);
+ return -1;
+ }
+ }
+
+ }
+ return 0;
+}
+
+static int
+AppArmorInitLabelList(void)
+{
+ if (labelList)
+ return 0;
+
+ labelList = g_new0(virSecurityAppArmorLabelList, 1);
+ labelList->labels = g_ptr_array_new();
+ if (virMutexInit(&labelList->lock) < 0) {
+ virReportSystemError(errno, "%s",
+ _("Failed to initialize AppArmor mutex"));
+ return -1;
+ }
+ return 0;
+}
+
+static void
+AppArmorFreeLabelList(void)
+{
+ size_t i;
+ if (!labelList)
+ return;
+
+ VIR_WITH_MUTEX_LOCK_GUARD(&labelList->lock) {
+ for (i = 0; i < labelList->labels->len; i++) {
+ virSecurityAppArmorLabel *label = g_ptr_array_index(labelList->labels, i);
+ g_ptr_array_free(label->paths, TRUE);
+ g_free(label->name);
+ }
+ g_ptr_array_free(labelList->labels, TRUE);
+ }
+ virMutexDestroy(&labelList->lock);
+ g_free(labelList);
+ labelList = NULL;
+}
+
+static int
+AppArmorAppendPathToLabelList(char *seclabel,
+ const char *path)
+{
+ size_t i;
+ char *new;
+
+ if (!path)
+ return 0;
+
+ if (!labelList) {
+ if (AppArmorInitLabelList() < 0)
+ return -1;
+ }
+
+ VIR_WITH_MUTEX_LOCK_GUARD(&labelList->lock) {
+ for (i = 0; i < labelList->labels->len; i++) {
+ virSecurityAppArmorLabel *label = g_ptr_array_index(labelList->labels, i);
+ if (STREQ(seclabel, label->name)) {
+ new = g_strdup(path);
+ g_ptr_array_add(label->paths, new);
+ }
+ }
+ }
+ return 0;
+}
+
+static int
+AppArmorLoadStoredPath(virSecurityAppArmorLabel *label,
+ virSecurityManager *mgr,
+ virDomainDef *def,
+ char *seclabel)
+{
+ size_t i;
+ for (i = 0; i < label->paths->len; i++) {
+ if (load_profile(mgr, seclabel, def, g_ptr_array_index(label->paths, i), true) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("cannot update AppArmor profile \'%1$s\' \'%2$s\'"),
+ seclabel, (char *)g_ptr_array_index(label->paths, i));
+ return -1;
+ }
+ }
+ return 0;
+}
+
+static int
+AppArmorRestorePolicy(virSecurityManager *mgr,
+ virDomainDef *def,
+ char *seclabel)
+{
+ size_t i;
+
+ if (!labelList) {
+ return 0;
+ }
+
+ VIR_WITH_MUTEX_LOCK_GUARD(&labelList->lock) {
+ for (i = 0; i < labelList->labels->len; i++) {
+ virSecurityAppArmorLabel *label = g_ptr_array_index(labelList->labels, i);
+ if (STREQ(seclabel, label->name)) {
+ if (AppArmorLoadStoredPath(label, mgr, def, seclabel) < 0)
+ return -1;
+ }
+ }
}
return 0;
}
@@ -330,12 +461,13 @@ AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
static int
AppArmorSecurityManagerOpen(virSecurityManager *mgr G_GNUC_UNUSED)
{
- return 0;
+ return AppArmorInitLabelList();
}
static int
AppArmorSecurityManagerClose(virSecurityManager *mgr G_GNUC_UNUSED)
{
+ AppArmorFreeLabelList();
return 0;
}
@@ -364,6 +496,7 @@ AppArmorGenSecurityLabel(virSecurityManager *mgr G_GNUC_UNUSED,
g_autofree char *profile_name = NULL;
virSecurityLabelDef *secdef = virDomainDefGetSecurityLabelDef(def,
SECURITY_APPARMOR_NAME);
+ virSecurityAppArmorLabel *label;
if (!secdef)
return 0;
@@ -404,6 +537,18 @@ AppArmorGenSecurityLabel(virSecurityManager *mgr G_GNUC_UNUSED,
goto err;
}
+ if (!labelList) {
+ if (AppArmorInitLabelList() < 0)
+ goto err;
+ }
+
+ label = g_new0(virSecurityAppArmorLabel, 1);
+ label->paths = g_ptr_array_new();
+ label->name = g_strdup(profile_name);
+ VIR_WITH_MUTEX_LOCK_GUARD(&labelList->lock) {
+ g_ptr_array_add(labelList->labels, label);
+ }
+
return 0;
err:
@@ -421,6 +566,7 @@ AppArmorSetSecurityAllLabel(virSecurityManager *mgr,
bool chardevStdioLogd G_GNUC_UNUSED,
bool migrated G_GNUC_UNUSED)
{
+ int rc;
virSecurityLabelDef *secdef = virDomainDefGetSecurityLabelDef(def,
SECURITY_APPARMOR_NAME);
if (!secdef || !secdef->relabel)
@@ -428,8 +574,15 @@ AppArmorSetSecurityAllLabel(virSecurityManager *mgr,
/* Reload the profile if incomingPath is specified. Note that
GenSecurityLabel() will have already been run. */
- if (incomingPath)
- return reload_profile(mgr, def, incomingPath, true);
+ if (incomingPath) {
+ rc = reload_profile(mgr, def, incomingPath, true);
+ if (AppArmorAppendPathToLabelList(secdef->imagelabel, incomingPath) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("Could not store path"));
+ return -1;
+ }
+ return rc;
+ }
return 0;
}
@@ -495,6 +648,7 @@ AppArmorRestoreSecurityAllLabel(virSecurityManager *mgr G_GNUC_UNUSED,
bool migrated G_GNUC_UNUSED,
bool chardevStdioLogd G_GNUC_UNUSED)
{
+ size_t i;
int rc = 0;
virSecurityLabelDef *secdef =
virDomainDefGetSecurityLabelDef(def, SECURITY_APPARMOR_NAME);
@@ -508,6 +662,21 @@ AppArmorRestoreSecurityAllLabel(virSecurityManager *mgr G_GNUC_UNUSED,
_("could not remove profile for \'%1$s\'"),
secdef->label);
}
+ if (labelList) {
+ VIR_WITH_MUTEX_LOCK_GUARD(&labelList->lock) {
+ for (i = 0; i < labelList->labels->len; i++) {
+ virSecurityAppArmorLabel *label;
+ label = g_ptr_array_index(labelList->labels, i);
+ if (STREQ(secdef->label, label->name)) {
+ g_free(label->name);
+ g_ptr_array_free(label->paths, TRUE);
+ g_ptr_array_remove_index(labelList->labels, i);
+ break;
+ }
+ }
+ }
+ }
+
}
return rc;
}
@@ -1082,15 +1251,26 @@ AppArmorSetPathLabel(virSecurityManager *mgr,
{
int rc = -1;
char *full_path = NULL;
+ virSecurityLabelDef *secdef;
+
+ secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_APPARMOR_NAME);
if (allowSubtree) {
full_path = g_strdup_printf("%s/{,**}", path);
- rc = reload_profile(mgr, def, full_path, true);
- VIR_FREE(full_path);
} else {
- rc = reload_profile(mgr, def, path, true);
+ full_path = g_strdup(path);
+ }
+
+ rc = reload_profile(mgr, def, full_path, true);
+ if (rc == 0) {
+ if (AppArmorAppendPathToLabelList(secdef->imagelabel, full_path) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("Could not store path"));
+ rc = -1;
+ }
}
+ VIR_FREE(full_path);
return rc;
}
@@ -1107,6 +1287,7 @@ AppArmorSetFDLabel(virSecurityManager *mgr,
virDomainDef *def,
int fd)
{
+ int rc = 0;
char *proc = NULL;
char *fd_path = NULL;
@@ -1121,10 +1302,21 @@ AppArmorSetFDLabel(virSecurityManager *mgr,
if (virFileResolveLink(proc, &fd_path) < 0) {
/* it's a deleted file, presumably. Ignore? */
VIR_WARN("could not find path for descriptor %s, skipping", proc);
- return 0;
+ goto err;
}
- return reload_profile(mgr, def, fd_path, true);
+ rc = reload_profile(mgr, def, fd_path, true);
+ if (rc == 0) {
+ if (AppArmorAppendPathToLabelList(secdef->imagelabel, fd_path) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("Could not store path"));
+ rc = -1;
+ }
+ }
+ g_free(fd_path);
+ err:
+ g_free(proc);
+ return rc;
}
static char *
--
2.34.1
1 month, 2 weeks
[PATCH v2] docs: Recommend virtio instead of virtio-(non-)transitional
by Andrea Bolognani
When virtio-(non-)transitional models were introduced, the
documentation was updated to include them; at the same time,
language was introduced indicating that using the existing
virtio model is no longer recommended.
This is unnecessarily harsh, and has resulted in people
incorrectly believing (through no fault of their own) that the
virtio model has been deprecated.
In reality, it's perfectly fine to use the virtio model as the
stress-free option that, while often not producing the ideal
PCI topology, will generally get the job done and work reliably
across libvirt versions and machine types.
Tweak the documentation so that it hopefully carries the
desired message across.
Signed-off-by: Andrea Bolognani <abologna(a)redhat.com>
---
docs/formatdomain.rst | 55 ++++++++++++++++++++++---------------------
1 file changed, 28 insertions(+), 27 deletions(-)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index c50744b57b..75dff5a153 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -2756,8 +2756,8 @@ paravirtualized driver is specified via the ``disk`` element.
``model``
Indicates the emulated device model of the disk. Typically this is
indicated solely by the ``bus`` property but for ``bus`` "virtio" the
- model can be specified further with "virtio-transitional",
- "virtio-non-transitional", or "virtio". See `Virtio transitional devices`_
+ model can be specified further with "virtio", "virtio-transitional" or
+ "virtio-non-transitional". See `virtio device models`_
for more details. :since:`Since 5.2.0`
``rawio``
Indicates whether the disk needs rawio capability. Valid settings are
@@ -3680,9 +3680,8 @@ A directory on the host that can be accessed directly from the guest.
info <https://lists.gnu.org/archive/html/qemu-devel/2010-09/msg00121.html>`__
:since:`Since 5.2.0`, the filesystem element has an optional attribute
- ``model`` with supported values "virtio-transitional",
- "virtio-non-transitional", or "virtio". See `Virtio transitional devices`_
- for more details.
+ ``model`` with supported values "virtio", "virtio-transitional" or
+ "virtio-non-transitional". See `virtio device models`_ for more details.
The filesystem element has optional attributes ``fmode`` and ``dmode``.
These two attributes control the creation mode for files and directories
@@ -3910,11 +3909,20 @@ Note: In general you should leave this option alone, unless you are very certain
you know what you are doing.
-Virtio transitional devices
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Virtio device models
+~~~~~~~~~~~~~~~~~~~~
+
+Virtio devices come in several variants, some of which are only applicable to
+certain machine types or scenarios. The variant can be chosen via the ``model``
+attribute, which supports the following values:
-:since:`Since 5.2.0`, some of QEMU's virtio devices, when used with PCI/PCIe
-machine types, accept the following ``model`` values:
+``virtio``
+ This is the recommended choice in the absence of guest OS specific
+ constraints, as it will will generally work correctly across a large range
+ of architectures, machine types and libvirt versions.
+
+:since:`Since 5.2.0`, the following values can additionally be used with machine
+types based on PCI (either conventional PCI or PCI Express):
``virtio-transitional``
This device can work both with virtio 0.9 and virtio 1.0 guest drivers, so
@@ -3926,12 +3934,6 @@ machine types, accept the following ``model`` values:
necessary. libvirt will plug the device into either a PCI Express slot or a
conventional PCI slot based on the machine type, resulting in a more
optimized PCI topology.
-``virtio``
- This device will work like a ``virtio-non-transitional`` device when plugged
- into a PCI Express slot, and like a ``virtio-transitional`` device otherwise;
- libvirt will pick one or the other based on the machine type. This is the
- best choice when compatibility with libvirt versions older than 5.2.0 is
- necessary, but it's otherwise not recommended to use it.
While the information outlined above applies to most virtio devices, there are a
few exceptions:
@@ -3992,14 +3994,14 @@ specific features, such as:
The ``virtio-serial`` controller has two additional optional attributes
``ports`` and ``vectors``, which control how many devices can be connected
through the controller. :since:`Since 5.2.0`, it supports an optional
- attribute ``model`` which can be 'virtio', 'virtio-transitional', or
- 'virtio-non-transitional'. See `Virtio transitional devices`_ for more details.
+ attribute ``model`` which can be 'virtio', 'virtio-transitional' or
+ 'virtio-non-transitional'. See `virtio device models`_ for more details.
``scsi``
A ``scsi`` controller has an optional attribute ``model``, which is one of
'auto', 'buslogic', 'ibmvscsi', 'lsilogic', 'lsisas1068', 'lsisas1078',
'virtio-scsi', 'vmpvscsi', 'virtio-transitional', 'virtio-non-transitional',
'ncr53c90' (as builtin implicit controller only), 'am53c974', 'dc390'.
- See `Virtio transitional devices`_ for more details.
+ See `virtio device models`_ for more details.
``usb``
A ``usb`` controller has an optional attribute ``model``, which is one of
"piix3-uhci", "piix4-uhci", "ehci", "ich9-ehci1", "ich9-uhci1", "ich9-uhci2",
@@ -4452,9 +4454,8 @@ or:
:since:`since 2.5.0` For SCSI devices, user is responsible to make sure
the device is not used by host. This ``type`` passes all LUNs presented by
a single HBA to the guest. :since:`Since 5.2.0`, the ``model`` attribute
- can be specified further with "virtio-transitional",
- "virtio-non-transitional", or "virtio". `Virtio transitional devices`_
- for more details.
+ can be specified further with "virtio", "virtio-transitional" or
+ "virtio-non-transitional". See `virtio device models`_ for more details.
``mdev``
For mediated devices ( :since:`Since 3.2.0` ) the ``model`` attribute
specifies the device API which determines how the host's vfio driver will
@@ -6300,8 +6301,8 @@ value 'all' which when enabled grabs all input devices instead of just one,
change the grab key combination.
``input`` type ``evdev`` is currently supported only on linux devices.
(KVM only) :since:`Since 5.2.0`, the ``input`` element accepts a
-``model`` attribute which has the values 'virtio', 'virtio-transitional' and
-'virtio-non-transitional'. See `Virtio transitional devices`_ for more details.
+``model`` attribute which has the values 'virtio', 'virtio-transitional' or
+'virtio-non-transitional'. See `virtio device models`_ for more details.
The subelement ``driver`` can be used to tune the virtio options of the device:
`Virtio-related options`_ can also be set. ( :since:`Since 3.5.0` )
@@ -7982,7 +7983,7 @@ Example: manually added device with static PCI slot 2 requested
- 'virtio-non-transitional' :since:`Since 5.2.0`
- 'xen' - default with Xen
- See `Virtio transitional devices`_ for more details.
+ See `virtio device models`_ for more details.
``autodeflate``
The optional ``autodeflate`` attribute allows to enable/disable (values
@@ -8048,7 +8049,7 @@ Example: usage of the RNG device:
- 'virtio-transitional' :since:`Since 5.2.0`
- 'virtio-non-transitional' :since:`Since 5.2.0`
- See `Virtio transitional devices`_ for more details.
+ See `virtio device models`_ for more details.
``rate``
The optional ``rate`` element allows limiting the rate at which entropy can
@@ -8673,8 +8674,8 @@ Vsock
~~~~~
A vsock host/guest interface. The ``model`` attribute defaults to ``virtio``.
-:since:`Since 5.2.0` ``model`` can also be 'virtio-transitional' and
-'virtio-non-transitional', see `Virtio transitional devices`_ for more details.
+:since:`Since 5.2.0` ``model`` can also be 'virtio-transitional' or
+'virtio-non-transitional', see `virtio device models`_ for more details.
The optional attribute ``address`` of the ``cid`` element specifies the CID
assigned to the guest. If the attribute ``auto`` is set to ``yes``, libvirt will
assign a free CID automatically on domain startup. :since:`Since 4.4.0`
--
2.47.0
1 month, 2 weeks
[PATCH] ci: Update with newer lcitool
by Martin Kletzander
This switches to newer freebsd 14.1 and implements the new RUN_PIPELINE
behaviour introduced by Daniel.
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
As far as I understand this does not need any change in the CI/CD settings in
gitlab, but I do not have access to those.
ci/cirrus/freebsd-14.vars | 2 +-
ci/gitlab.yml | 13 +++++++---
ci/gitlab/build-templates.yml | 46 ++++++++++++++++++++++++++---------
ci/gitlab/builds.yml | 2 +-
ci/gitlab/sanity-checks.yml | 8 ++++--
5 files changed, 51 insertions(+), 20 deletions(-)
diff --git a/ci/cirrus/freebsd-14.vars b/ci/cirrus/freebsd-14.vars
index fbcd6130956f..3002987cbdd8 100644
--- a/ci/cirrus/freebsd-14.vars
+++ b/ci/cirrus/freebsd-14.vars
@@ -10,7 +10,7 @@ CROSS_PKGS=''
MAKE='/usr/local/bin/gmake'
NINJA='/usr/local/bin/ninja'
PACKAGING_COMMAND='pkg'
-PIP3='/usr/local/bin/pip-3.8'
+PIP3='/usr/local/bin/pip'
PKGS='augeas bash-completion ca_root_nss ccache codespell cppi curl cyrus-sasl diffutils fusefs-libs gettext git glib gmake gnugrep gnutls gsed json-c libpcap libpciaccess libssh libssh2 libxml2 libxslt meson ninja perl5 pkgconf polkit py311-black py311-docutils py311-flake8 py311-pytest python3 qemu readline'
PYPI_PKGS=''
PYTHON='/usr/local/bin/python3'
diff --git a/ci/gitlab.yml b/ci/gitlab.yml
index 7bb68b848c73..0daab1267668 100644
--- a/ci/gitlab.yml
+++ b/ci/gitlab.yml
@@ -11,8 +11,11 @@
# - RUN_PIPELINE - force creation of a CI pipeline when
# pushing to a branch in a forked repository. Official
# CI pipelines are triggered when merge requests are
-# created/updated. Setting this variable to a non-empty
-# value allows CI testing prior to opening a merge request.
+# created/updated. Setting this variable allows CI
+# testing prior to opening a merge request. A value
+# of "0" will create the pipeline but leave all jobs
+# to be manually started, while "1" will immediately
+# run all default jobs.
#
# - RUN_PIPELINE_UPSTREAM_ENV - same semantics as RUN_PIPELINE,
# but uses the CI environment (containers) from the upstream project
@@ -38,11 +41,13 @@
#
# Aliases can be set for common usage
#
-# $ git config --local alias.push-ci "push -o ci.variable=RUN_PIPELINE=1"
+# $ git config --local alias.push-ci "push -o ci.variable=RUN_PIPELINE=0"
+# $ git config --local alias.push-ci-now "push -o ci.variable=RUN_PIPELINE=1"
#
# Allowing the less verbose invocation
#
-# $ git push-ci
+# $ git push-ci (create pipeline but don't start jobs)
+# $ git push-ci-now (create pipeline and start default jobs)
#
# Pipeline variables can also be set in the repository
# pipeline config globally, or set against scheduled pipelines
diff --git a/ci/gitlab/build-templates.yml b/ci/gitlab/build-templates.yml
index b1e41b0783d9..5ba91ffc673d 100644
--- a/ci/gitlab/build-templates.yml
+++ b/ci/gitlab/build-templates.yml
@@ -47,19 +47,27 @@
when: on_success
# forks: pushes to a branch when a pipeline run in upstream env is explicitly requested
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV && $JOB_OPTIONAL'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "0"'
when: manual
allow_failure: true
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "1" && $JOB_OPTIONAL'
+ when: manual
+ allow_failure: true
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "1"'
when: on_success
# forks: pushes to branches with pipeline requested
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "0"'
+ when: manual
+ allow_failure: true
+ variables:
+ IMAGE: $TARGET_BASE_IMAGE
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "1" && $JOB_OPTIONAL'
when: manual
allow_failure: true
variables:
IMAGE: $TARGET_BASE_IMAGE
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "1"'
when: on_success
variables:
IMAGE: $TARGET_BASE_IMAGE
@@ -183,19 +191,27 @@
when: on_success
# forks: pushes to a branch when a pipeline run in upstream env is explicitly requested
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV && $JOB_OPTIONAL'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "0"'
+ when: manual
+ allow_failure: true
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "1" && $JOB_OPTIONAL'
when: manual
allow_failure: true
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "1"'
when: on_success
# forks: pushes to branches with pipeline requested
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "0"'
when: manual
allow_failure: true
variables:
IMAGE: $TARGET_BASE_IMAGE
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "1" && $JOB_OPTIONAL'
+ when: manual
+ allow_failure: true
+ variables:
+ IMAGE: $TARGET_BASE_IMAGE
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "1"'
when: on_success
variables:
IMAGE: $TARGET_BASE_IMAGE
@@ -302,15 +318,21 @@
when: on_success
# forks: pushes to branches with pipeline requested (including pipeline in upstream environment)
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE && $JOB_OPTIONAL'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "0"'
when: manual
allow_failure: true
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "1" && $JOB_OPTIONAL'
+ when: manual
+ allow_failure: true
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE == "1"'
when: on_success
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV && $JOB_OPTIONAL'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "0"'
+ when: manual
+ allow_failure: true
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "1" && $JOB_OPTIONAL'
when: manual
allow_failure: true
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $RUN_PIPELINE_UPSTREAM_ENV == "1"'
when: on_success
# upstream+forks: Run pipelines on MR, web, api & scheduled
diff --git a/ci/gitlab/builds.yml b/ci/gitlab/builds.yml
index c24421378c51..3e7f36802e15 100644
--- a/ci/gitlab/builds.yml
+++ b/ci/gitlab/builds.yml
@@ -617,7 +617,7 @@ x86_64-freebsd-14:
allow_failure:
exit_codes: 3
variables:
- CIRRUS_VM_IMAGE_NAME: freebsd-14-0
+ CIRRUS_VM_IMAGE_NAME: freebsd-14-1
CIRRUS_VM_IMAGE_SELECTOR: image_family
CIRRUS_VM_INSTANCE_TYPE: freebsd_instance
INSTALL_COMMAND: pkg install -y
diff --git a/ci/gitlab/sanity-checks.yml b/ci/gitlab/sanity-checks.yml
index d2b1768e266d..b568015db930 100644
--- a/ci/gitlab/sanity-checks.yml
+++ b/ci/gitlab/sanity-checks.yml
@@ -18,9 +18,13 @@ check-dco:
when: on_success
# forks: pushes to branches with pipeline requested (including upstream env pipelines)
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE == "0"'
+ when: manual
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE == "1"'
when: on_success
- - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE_UPSTREAM_ENV'
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE_UPSTREAM_ENV == "0"'
+ when: manual
+ - if: '$CI_PROJECT_NAMESPACE != $RUN_UPSTREAM_NAMESPACE && $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH && $RUN_PIPELINE_UPSTREAM_ENV == "1"'
when: on_success
# upstream+forks: that's all folks
--
2.47.0
1 month, 2 weeks
[PATCH 0/2] disk hotplug support for test hypervisor
by John Levon
John Levon (2):
test_driver: provide basic disk hotplug support
test_driver: provide basic disk hotunplug support
src/test/test_driver.c | 276 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 273 insertions(+), 3 deletions(-)
--
2.34.1
1 month, 2 weeks
