[PATCH] qemu_saveimage: add zstd to supported compression formats
by Adam Julis
Extend the list of supported formats, update and clarify comment
in qemu.conf.in (removed misleading sentence about the order of
compression format types).
Signed-off-by: Adam Julis <ajulis(a)redhat.com>
---
libvirt.spec.in | 1 +
src/qemu/qemu.conf.in | 7 +++----
src/qemu/qemu_saveimage.c | 2 ++
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 64018192b6..88c62f6d92 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -815,6 +815,7 @@ Requires: gzip
Requires: bzip2
Requires: lzop
Requires: xz
+Requires: zstd
Requires: systemd-container
Requires: swtpm-tools
%if %{with_numad}
diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in
index f406df8749..6bc2140dcb 100644
--- a/src/qemu/qemu.conf.in
+++ b/src/qemu/qemu.conf.in
@@ -582,10 +582,9 @@
# memory from the domain is dumped out directly to a file. If you have
# guests with a large amount of memory, however, this can take up quite
# a bit of space. If you would like to compress the images while they
-# are being saved to disk, you can also set "lzop", "gzip", "bzip2", or "xz"
-# for save_image_format. Note that this means you slow down the process of
-# saving a domain in order to save disk space; the list above is in descending
-# order by performance and ascending order by compression ratio.
+# are being saved to disk, you can also set "zstd", "lzop", "gzip", "bzip2",
+# or "xz" for save_image_format. Note that this means you slow down the process
+# of saving a domain in order to save disk space.
#
# save_image_format is used when you use 'virsh save' or 'virsh managedsave'
# at scheduled saving, and it is an error if the specified save_image_format
diff --git a/src/qemu/qemu_saveimage.c b/src/qemu/qemu_saveimage.c
index 89112e3e44..018ab5a222 100644
--- a/src/qemu/qemu_saveimage.c
+++ b/src/qemu/qemu_saveimage.c
@@ -47,6 +47,7 @@ typedef enum {
*/
QEMU_SAVE_FORMAT_XZ = 3,
QEMU_SAVE_FORMAT_LZOP = 4,
+ QEMU_SAVE_FORMAT_ZSTD = 5,
/* Note: add new members only at the end.
These values are used in the on-disk format.
Do not change or re-use numbers. */
@@ -62,6 +63,7 @@ VIR_ENUM_IMPL(qemuSaveCompression,
"bzip2",
"xz",
"lzop",
+ "zstd",
);
static inline void
--
2.44.0
5 months, 2 weeks
[PATCH v2 0/4] qemu: Substract isolcpus from all online affinity
by Michal Privoznik
v2 of:
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/4V...
diff to v1:
- Don't error out on systems where /sys/devices/system/cpu/isolated is
unavailable.
- Don't error out on systems where /sys/devices/system/cpu/isolated is
empty.
Both of these resulted in new patches.
Michal Prívozník (4):
virbitmap: Introduce virBitmapParseUnlimitedAllowEmpty()
virfile: Introduce virFileReadValueBitmapAllowEmpty()
virhostcpu: Introduce virHostCPUGetIsolated()
qemu: Substract isolcpus from all online affinity
src/libvirt_private.syms | 3 ++
src/qemu/qemu_process.c | 9 +++++
src/util/virbitmap.c | 40 +++++++++++++++++---
src/util/virbitmap.h | 3 ++
src/util/virfile.c | 81 ++++++++++++++++++++++++++++++----------
src/util/virfile.h | 2 +
src/util/virhostcpu.c | 31 +++++++++++++++
src/util/virhostcpu.h | 1 +
tests/virbitmaptest.c | 40 ++++++++++++++++++++
9 files changed, 186 insertions(+), 24 deletions(-)
--
2.43.2
5 months, 2 weeks
[PATCH] NEWS: document qemu: ras as a new feature
by Kristina Hanicova
Signed-off-by: Kristina Hanicova <khanicov(a)redhat.com>
---
NEWS.rst | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 5a771b4b2f..d72c15bf10 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -17,6 +17,11 @@ v10.4.0 (unreleased)
* **New features**
+ * qemu: Support for ras feature for virt machine type
+
+ It is now possible to set on/off ``ras`` feature in the domain XML for virt
+ (Arm) machine type as ``<ras state='on'/>``.
+
* **Improvements**
* **Bug fixes**
--
2.42.0
5 months, 2 weeks
[PATCH] vsh: Don't init history in cmdComplete()
by Michal Privoznik
Recent rework of virshtest uncovered a subtle bug that was
dormant in now vsh but before that even in monolithic virsh.
In vsh.c there's this vshReadlineInit() function that's supposed
to initialize readline library, i.e. set those global rl_*
pointers. But it also initializes history library. Then, when
virsh/virt-admin quits, vshReadlineDeinit() is called which
writes history into a file (ensuring the parent directory
exists). So far no problem.
Problem arises when cmdComplete() is called (from a bash
completer, for instance). It does not guard call to
vshReadlineInit() with check for interactive shell (and it should
not), but it sets ctl->historyfile which signals to
vshReadlineDeinit() the history should be written.
Now, no real history is written, because nothing was entered on
the stdin, but the parent directory is created nevertheless. With
recent movement in virshtest.c this means some test cases might
create virsh history file which breaks our promise of not
touching user's data in test suite.
Resolves: https://bugs.gentoo.org/931109
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
tools/vsh.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/tools/vsh.c b/tools/vsh.c
index 58855f63ba..e74045c24e 100644
--- a/tools/vsh.c
+++ b/tools/vsh.c
@@ -2973,7 +2973,7 @@ vshReadlineInit(vshControl *ctl)
const char *quote_characters = "\"'";
/* initialize readline stuff only once */
- if (ctl->historydir)
+ if (autoCompleteOpaque)
return 0;
/* Opaque data for autocomplete callbacks. */
@@ -2989,6 +2989,11 @@ vshReadlineInit(vshControl *ctl)
rl_completer_quote_characters = quote_characters;
rl_char_is_quoted_p = vshReadlineCharIsQuoted;
+ /* Stuff below is needed only for interactive mode. */
+ if (!ctl->imode) {
+ return 0;
+ }
+
histsize_env = g_strdup_printf("%s_HISTSIZE", ctl->env_prefix);
/* Limit the total size of the history buffer */
@@ -3149,7 +3154,7 @@ vshInit(vshControl *ctl, const vshCmdGrp *groups)
cmdGroups = groups;
if (vshInitDebug(ctl) < 0 ||
- (ctl->imode && vshReadlineInit(ctl) < 0))
+ vshReadlineInit(ctl) < 0)
return false;
return true;
@@ -3168,7 +3173,7 @@ vshInitReload(vshControl *ctl)
if (ctl->imode)
vshReadlineDeinit(ctl);
- if (ctl->imode && vshReadlineInit(ctl) < 0)
+ if (vshReadlineInit(ctl) < 0)
return false;
return true;
--
2.43.2
5 months, 2 weeks
[PATCH] hyperv: prevent potential NULL dereference
by Oleg Sviridov
Return value of a function 'virDomainChrDefNew' is dereferenced
at hyperv_driver.c without checking for NULL, which can lead to
NULL dereference immediatly after.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Oleg Sviridov <oleg.sviridov(a)red-soft.ru>
---
src/hyperv/hyperv_driver.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/hyperv/hyperv_driver.c b/src/hyperv/hyperv_driver.c
index 414274fdfd..7580c6a06c 100644
--- a/src/hyperv/hyperv_driver.c
+++ b/src/hyperv/hyperv_driver.c
@@ -1534,7 +1534,8 @@ hypervDomainDefParseSerial(virDomainDef *def, Msvm_ResourceAllocationSettingData
continue;
}
- serial = virDomainChrDefNew(NULL);
+ if (!(serial = virDomainChrDefNew(NULL)))
+ return -1;
serial->deviceType = VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL;
serial->source->type = VIR_DOMAIN_CHR_TYPE_PIPE;
--
2.44.0
5 months, 2 weeks
[PATCH] libxl: Fix domxml-to-native conversion
by Jim Fehlig
Similar to commit 57d084febe, another case of the libxl driver not
adapting to modular daemons. When converting configuration that
contains a type='network' interface, the converter calls
virNetworkLookupByName, passing the hypervisor connection object
instead of a connection to virtnetworkd. E.g.
> cat dom.xml
...
<interface type='network'>
<source network='default'/>
</interface>
...
> virsh net-info default
Name: default
UUID: 25a5b089-1e71-4956-99aa-df2213bbb407
Active: yes
Persistent: no
Autostart: no
Bridge: virbr0
> virsh domxml-to-native xen-xl dom.xml
error: Network not found: default
Acquire a connection to virtnetworkd and use it when calling
virNetwork* APIs.
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
src/libxl/libxl_driver.c | 4 ++--
src/libxl/xen_common.c | 25 +++++++++++++++----------
src/libxl/xen_common.h | 1 -
src/libxl/xen_xl.c | 4 ++--
src/libxl/xen_xl.h | 2 +-
src/libxl/xen_xm.c | 5 ++---
src/libxl/xen_xm.h | 2 +-
tests/xlconfigtest.c | 7 +------
tests/xmconfigtest.c | 7 +------
9 files changed, 25 insertions(+), 32 deletions(-)
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index e42a3dc0a9..4d5eb920bf 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -2709,10 +2709,10 @@ libxlConnectDomainXMLToNative(virConnectPtr conn, const char * nativeFormat,
goto cleanup;
if (STREQ(nativeFormat, XEN_CONFIG_FORMAT_XL)) {
- if (!(conf = xenFormatXL(def, conn)))
+ if (!(conf = xenFormatXL(def)))
goto cleanup;
} else if (STREQ(nativeFormat, XEN_CONFIG_FORMAT_XM)) {
- if (!(conf = xenFormatXM(conn, def)))
+ if (!(conf = xenFormatXM(def)))
goto cleanup;
} else {
diff --git a/src/libxl/xen_common.c b/src/libxl/xen_common.c
index 79eb593432..0b2346d8b5 100644
--- a/src/libxl/xen_common.c
+++ b/src/libxl/xen_common.c
@@ -24,6 +24,7 @@
#include <config.h>
+#include "driver.h"
#include "internal.h"
#include "virerror.h"
#include "virconf.h"
@@ -1586,8 +1587,7 @@ xenMakeIPList(virNetDevIPInfo *guestIP)
}
static int
-xenFormatNet(virConnectPtr conn,
- virConfValue *list,
+xenFormatNet(virConfValue *list,
virDomainNetDef *net,
int hvm,
const char *vif_typename)
@@ -1649,13 +1649,21 @@ xenFormatNet(virConnectPtr conn,
case VIR_DOMAIN_NET_TYPE_NETWORK:
{
- virNetworkPtr network = virNetworkLookupByName(conn, net->data.network.name);
+ virConnectPtr conn = NULL;
+ virNetworkPtr network;
char *bridge;
- if (!network) {
+
+ if (!(conn = virGetConnectNetwork()))
+ return -1;
+
+ if (!(network = virNetworkLookupByName(conn, net->data.network.name))) {
virReportError(VIR_ERR_NO_NETWORK, "%s",
net->data.network.name);
+ virObjectUnref(conn);
return -1;
}
+ virObjectUnref(conn);
+
bridge = virNetworkGetBridgeName(network);
virObjectUnref(network);
if (!bridge) {
@@ -2304,7 +2312,6 @@ xenFormatSound(virConf *conf, virDomainDef *def)
static int
xenFormatVif(virConf *conf,
- virConnectPtr conn,
virDomainDef *def,
const char *vif_typename)
{
@@ -2317,8 +2324,7 @@ xenFormatVif(virConf *conf,
netVal->list = NULL;
for (i = 0; i < def->nnets; i++) {
- if (xenFormatNet(conn, netVal, def->nets[i],
- hvm, vif_typename) < 0)
+ if (xenFormatNet(netVal, def->nets[i], hvm, vif_typename) < 0)
return -1;
}
@@ -2336,7 +2342,6 @@ xenFormatVif(virConf *conf,
int
xenFormatConfigCommon(virConf *conf,
virDomainDef *def,
- virConnectPtr conn,
const char *nativeFormat)
{
if (xenFormatGeneralMeta(conf, def) < 0)
@@ -2364,10 +2369,10 @@ xenFormatConfigCommon(virConf *conf,
return -1;
if (STREQ(nativeFormat, XEN_CONFIG_FORMAT_XL)) {
- if (xenFormatVif(conf, conn, def, "vif") < 0)
+ if (xenFormatVif(conf, def, "vif") < 0)
return -1;
} else if (STREQ(nativeFormat, XEN_CONFIG_FORMAT_XM)) {
- if (xenFormatVif(conf, conn, def, "netfront") < 0)
+ if (xenFormatVif(conf, def, "netfront") < 0)
return -1;
} else {
virReportError(VIR_ERR_INVALID_ARG,
diff --git a/src/libxl/xen_common.h b/src/libxl/xen_common.h
index b21046e959..95408fa896 100644
--- a/src/libxl/xen_common.h
+++ b/src/libxl/xen_common.h
@@ -61,7 +61,6 @@ int xenParseConfigCommon(virConf *conf,
int xenFormatConfigCommon(virConf *conf,
virDomainDef *def,
- virConnectPtr conn,
const char *nativeFormat);
char *xenMakeIPList(virNetDevIPInfo *guestIP);
diff --git a/src/libxl/xen_xl.c b/src/libxl/xen_xl.c
index f175359307..53f6871efc 100644
--- a/src/libxl/xen_xl.c
+++ b/src/libxl/xen_xl.c
@@ -2041,14 +2041,14 @@ xenFormatXLDomainNamespaceData(virConf *conf, virDomainDef *def)
}
virConf *
-xenFormatXL(virDomainDef *def, virConnectPtr conn)
+xenFormatXL(virDomainDef *def)
{
g_autoptr(virConf) conf = NULL;
if (!(conf = virConfNew()))
return NULL;
- if (xenFormatConfigCommon(conf, def, conn, XEN_CONFIG_FORMAT_XL) < 0)
+ if (xenFormatConfigCommon(conf, def, XEN_CONFIG_FORMAT_XL) < 0)
return NULL;
if (xenFormatXLOS(conf, def) < 0)
diff --git a/src/libxl/xen_xl.h b/src/libxl/xen_xl.h
index f8b1ebfde9..028b359b76 100644
--- a/src/libxl/xen_xl.h
+++ b/src/libxl/xen_xl.h
@@ -29,6 +29,6 @@ virDomainDef *xenParseXL(virConf *conn,
virCaps *caps,
virDomainXMLOption *xmlopt);
-virConf *xenFormatXL(virDomainDef *def, virConnectPtr);
+virConf *xenFormatXL(virDomainDef *def);
const char *xenTranslateCPUFeature(const char *feature_name, bool from_libxl);
diff --git a/src/libxl/xen_xm.c b/src/libxl/xen_xm.c
index 5705a5ec0c..274b35153b 100644
--- a/src/libxl/xen_xm.c
+++ b/src/libxl/xen_xm.c
@@ -543,15 +543,14 @@ G_STATIC_ASSERT(MAX_VIRT_CPUS <= sizeof(1UL) * CHAR_BIT);
* Convert a virDomainDef object into an XM config record.
*/
virConf *
-xenFormatXM(virConnectPtr conn,
- virDomainDef *def)
+xenFormatXM(virDomainDef *def)
{
g_autoptr(virConf) conf = NULL;
if (!(conf = virConfNew()))
return NULL;
- if (xenFormatConfigCommon(conf, def, conn, XEN_CONFIG_FORMAT_XM) < 0)
+ if (xenFormatConfigCommon(conf, def, XEN_CONFIG_FORMAT_XM) < 0)
return NULL;
if (xenFormatXMOS(conf, def) < 0)
diff --git a/src/libxl/xen_xm.h b/src/libxl/xen_xm.h
index afb4f51ff7..db2ae52581 100644
--- a/src/libxl/xen_xm.h
+++ b/src/libxl/xen_xm.h
@@ -26,7 +26,7 @@
#include "virconf.h"
#include "domain_conf.h"
-virConf *xenFormatXM(virConnectPtr conn, virDomainDef *def);
+virConf *xenFormatXM(virDomainDef *def);
virDomainDef *xenParseXM(virConf *conf,
virCaps *caps, virDomainXMLOption *xmlopt);
diff --git a/tests/xlconfigtest.c b/tests/xlconfigtest.c
index 962a1f2c4b..00b6a355eb 100644
--- a/tests/xlconfigtest.c
+++ b/tests/xlconfigtest.c
@@ -65,17 +65,12 @@ testCompareParseXML(const char *xlcfg, const char *xml, bool replaceVars)
{
g_autofree char *gotxlcfgData = NULL;
g_autoptr(virConf) conf = NULL;
- g_autoptr(virConnect) conn = NULL;
int wrote = 4096;
g_autoptr(virDomainDef) def = NULL;
g_autofree char *replacedXML = NULL;
gotxlcfgData = g_new0(char, wrote);
- conn = virGetConnect();
- if (!conn)
- return -1;
-
if (replaceVars) {
if (!(replacedXML = testReplaceVarsXML(xml)))
return -1;
@@ -93,7 +88,7 @@ testCompareParseXML(const char *xlcfg, const char *xml, bool replaceVars)
return -1;
}
- if (!(conf = xenFormatXL(def, conn)))
+ if (!(conf = xenFormatXL(def)))
return -1;
if (virConfWriteMem(gotxlcfgData, &wrote, conf) < 0)
diff --git a/tests/xmconfigtest.c b/tests/xmconfigtest.c
index dbf9f7a4c7..30ad49f8b1 100644
--- a/tests/xmconfigtest.c
+++ b/tests/xmconfigtest.c
@@ -39,16 +39,11 @@ testCompareParseXML(const char *xmcfg, const char *xml)
{
g_autofree char *gotxmcfgData = NULL;
g_autoptr(virConf) conf = NULL;
- g_autoptr(virConnect) conn = NULL;
int wrote = 4096;
g_autoptr(virDomainDef) def = NULL;
gotxmcfgData = g_new0(char, wrote);
- conn = virGetConnect();
- if (!conn)
- return -1;
-
if (!(def = virDomainDefParseFile(xml, driver->xmlopt, NULL,
VIR_DOMAIN_DEF_PARSE_INACTIVE)))
return -1;
@@ -58,7 +53,7 @@ testCompareParseXML(const char *xmcfg, const char *xml)
return -1;
}
- if (!(conf = xenFormatXM(conn, def)))
+ if (!(conf = xenFormatXM(def)))
return -1;
if (virConfWriteMem(gotxmcfgData, &wrote, conf) < 0)
--
2.44.0
5 months, 2 weeks
[PATCH v2 0/5] qemu: Introduce shared_filesystems configuration option
by Andrea Bolognani
The need to have something like this in the first place is driven by
KubeVirt (see [1] and [2]). A draft version of this series has been
integrated into KubeVirt and it has been confirmed that it was
effective in removing the need to use LD_PRELOAD hacks in the storage
provider.
Changes from [v1]:
* documented more explicitly that the newly introduced option is
intended for very specific scenarios and not general usage; as
part of this, the NEWS update has been dropped too;
* made a few tweaks and addressed a few oversight based on review
feedback;
* several preparatory cleanup patches have been pushed.
Changes from [v0]:
* reworked approach.
CC'ing Stefan so he can have a look at the TPM part and shout if I've
gotten anything wrong :)
[v1] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/XE...
[v0] https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/MM...
[1] https://issues.redhat.com/browse/CNV-34322
[2] https://issues.redhat.com/browse/CNV-39370
Andrea Bolognani (5):
security: Fix alignment
qemu: Introduce shared_filesystems configuration option
qemu: Propagate shared_filesystems
utils: Use overrides in virFileIsSharedFS()
qemu: Always set labels for TPM state
src/lxc/lxc_controller.c | 3 +-
src/lxc/lxc_driver.c | 2 +-
src/lxc/lxc_process.c | 4 +-
src/qemu/libvirtd_qemu.aug | 3 ++
src/qemu/qemu.conf.in | 23 ++++++++
src/qemu/qemu_conf.c | 17 ++++++
src/qemu/qemu_conf.h | 2 +
src/qemu/qemu_domain.c | 7 ++-
src/qemu/qemu_extdevice.c | 2 +-
src/qemu/qemu_migration.c | 23 ++++----
src/qemu/qemu_security.c | 85 +++++++++++++++++++++++-------
src/qemu/qemu_tpm.c | 38 +++++++------
src/qemu/qemu_tpm.h | 10 ++--
src/qemu/test_libvirtd_qemu.aug.in | 5 ++
src/security/security_apparmor.c | 2 +
src/security/security_dac.c | 47 +++++++++++++----
src/security/security_driver.h | 8 ++-
src/security/security_manager.c | 33 +++++++++---
src/security/security_manager.h | 9 +++-
src/security/security_nop.c | 5 ++
src/security/security_selinux.c | 56 +++++++++++++++-----
src/security/security_stack.c | 32 ++++++++---
src/util/virfile.c | 53 +++++++++++++++++--
src/util/virfile.h | 3 +-
tests/securityselinuxlabeltest.c | 2 +-
tests/virfiletest.c | 2 +-
26 files changed, 370 insertions(+), 106 deletions(-)
--
2.44.0
5 months, 2 weeks
[PATCH v4 00/30] [PATCH v3 00/27] native support for nftables in virtual network driver
by Laine Stump
V3: https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/HO...
V2: https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/5R...
This patch series enables libvirt to use nftables rules rather than
iptables *when setting up virtual networks* (it does *not* add
nftables support to the nwfilter driver).
Changes from V3:
* Fixed a bug (newly added in V3) that resulted in the firewall name
attribute not being added to the XML.
* renamed the table to "libvirt_network" (new patch 28)
* renamed the chains to be more descriptive, and lower case rather
than all caps. (new patch 29)
* eliminated all the guest->host and host->guest rules since they are
redundant in nftables. (new patch 30)
Laine Stump (30):
util/network: move viriptables.[ch] from util to network directory
network: move all functions manipulating iptables rules into
network_iptables.c
network: make all iptables functions used only in network_iptables.c
static
util: #define the names used for private packet filter chains
util: change name of virFirewallRule to virFirewallCmd
util: rename virNetFilterAction to iptablesAction, and add
VIR_ENUM_DECL/IMPL
util: check for 0 args when applying iptables rule
util: add -w/--concurrent when applying a FirewallCmd rather than when
building it
util: determine ignoreErrors value when creating virFirewallCmd, not
when applying
util/network: new virFirewallBackend enum
network: add (empty) network.conf file to distribution files
network: support setting firewallBackend from network.conf
network: framework to call backend-specific function to init private
filter chains
util: new functions to support adding individual firewall rollback
commands
util: implement rollback rule autocreation for iptables commands
network: turn on auto-rollback for the rules added for virtual
networks
util: add name attribute to virFirewall
util: new function virFirewallNewFromRollback()
util: new functions virFirewallParseXML() and virFirewallFormat()
conf: add a virFirewall object to virNetworkObj
network: use previously saved list of firewall removal commands
network: save network status when firewall rules are reloaded
meson: stop looking for iptables/ip6tables/ebtables at build time
network: add an nftables backend for network driver's firewall
construction
tests: test cases for nftables backend
network: prefer the nftables backend over iptables
spec: require either iptables or nftables if network driver is
installed
network: name the nftables table "libvirt_network" rather than
"libvirt"
network: rename chains used by network driver nftables backend
network: eliminate pointless host input/output rules from nftables
backend
libvirt.spec.in | 7 +-
meson.build | 10 +-
meson_options.txt | 1 +
po/POTFILES | 3 +-
src/conf/virnetworkobj.c | 41 +
src/conf/virnetworkobj.h | 8 +
src/libvirt_private.syms | 58 +-
src/network/bridge_driver.c | 39 +-
src/network/bridge_driver_conf.c | 64 +
src/network/bridge_driver_conf.h | 3 +
src/network/bridge_driver_linux.c | 630 +------
src/network/bridge_driver_nop.c | 6 +-
src/network/bridge_driver_platform.h | 6 +-
src/network/libvirtd_network.aug | 39 +
src/network/meson.build | 36 +
src/network/network.conf.in | 28 +
src/network/network_iptables.c | 1677 +++++++++++++++++
src/network/network_iptables.h | 30 +
src/network/network_nftables.c | 968 ++++++++++
src/network/network_nftables.h | 28 +
src/network/test_libvirtd_network.aug.in | 5 +
src/nwfilter/nwfilter_ebiptables_driver.c | 1004 +++++-----
src/util/meson.build | 1 -
src/util/virebtables.c | 36 +-
src/util/virfirewall.c | 820 ++++++--
src/util/virfirewall.h | 87 +-
src/util/viriptables.c | 1072 -----------
src/util/viriptables.h | 155 --
.../{base.args => base.iptables} | 0
tests/networkxml2firewalldata/base.nftables | 256 +++
...-linux.args => nat-default-linux.iptables} | 0
.../nat-default-linux.nftables | 144 ++
...pv6-linux.args => nat-ipv6-linux.iptables} | 0
.../nat-ipv6-linux.nftables | 202 ++
...rgs => nat-ipv6-masquerade-linux.iptables} | 0
.../nat-ipv6-masquerade-linux.nftables | 274 +++
...linux.args => nat-many-ips-linux.iptables} | 0
.../nat-many-ips-linux.nftables | 368 ++++
...-linux.args => nat-no-dhcp-linux.iptables} | 0
.../nat-no-dhcp-linux.nftables | 202 ++
...ftp-linux.args => nat-tftp-linux.iptables} | 0
.../nat-tftp-linux.nftables | 144 ++
...inux.args => route-default-linux.iptables} | 0
.../route-default-linux.nftables | 58 +
tests/networkxml2firewalltest.c | 56 +-
tests/virfirewalltest.c | 424 ++---
46 files changed, 6239 insertions(+), 2751 deletions(-)
create mode 100644 src/network/libvirtd_network.aug
create mode 100644 src/network/network.conf.in
create mode 100644 src/network/network_iptables.c
create mode 100644 src/network/network_iptables.h
create mode 100644 src/network/network_nftables.c
create mode 100644 src/network/network_nftables.h
create mode 100644 src/network/test_libvirtd_network.aug.in
delete mode 100644 src/util/viriptables.c
delete mode 100644 src/util/viriptables.h
rename tests/networkxml2firewalldata/{base.args => base.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/base.nftables
rename tests/networkxml2firewalldata/{nat-default-linux.args => nat-default-linux.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/nat-default-linux.nftables
rename tests/networkxml2firewalldata/{nat-ipv6-linux.args => nat-ipv6-linux.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/nat-ipv6-linux.nftables
rename tests/networkxml2firewalldata/{nat-ipv6-masquerade-linux.args => nat-ipv6-masquerade-linux.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables
rename tests/networkxml2firewalldata/{nat-many-ips-linux.args => nat-many-ips-linux.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/nat-many-ips-linux.nftables
rename tests/networkxml2firewalldata/{nat-no-dhcp-linux.args => nat-no-dhcp-linux.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables
rename tests/networkxml2firewalldata/{nat-tftp-linux.args => nat-tftp-linux.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/nat-tftp-linux.nftables
rename tests/networkxml2firewalldata/{route-default-linux.args => route-default-linux.iptables} (100%)
create mode 100644 tests/networkxml2firewalldata/route-default-linux.nftables
--
2.44.0
5 months, 2 weeks
[PATCH v3 0/6] migration removals & deprecations
by Fabiano Rosas
since v2:
- removed some more stuff which I missed:
blk/inc options from hmp-commands.hx
the entire ram-compress.h
unused declarations from options.h
unused compression functions from qemu-file.c
- removed must_remove_block_options earlier in the 'blk' patch
- added a deprecation warning to outgoing/incoming fd
CI run: https://gitlab.com/farosas/qemu/-/pipelines/1272385260
v2:
https://lore.kernel.org/r/20240426131408.25410-1-farosas@suse.de
v1:
https://lore.kernel.org/r/20240425150939.19268-1-farosas@suse.de
Hi everyone,
Here's some cleaning up of deprecated code. It removes the old block
migration and compression code. Both have suitable replacements in the
form of the blockdev-mirror driver and multifd compression,
respectively.
There's also a deprecation for fd: + file to cope with the fact that
the new MigrationAddress API defines transports instead of protocols
(loose terms) like the old string API did. So we cannot map 1:1 from
fd: to any transport because fd: allows *both* file migration and
socket migration.
Fabiano Rosas (6):
migration: Remove 'skipped' field from MigrationStats
migration: Remove 'inc' option from migrate command
migration: Remove 'blk/-b' option from migrate commands
migration: Remove block migration
migration: Remove non-multifd compression
migration: Deprecate fd: for file migration
.gitlab-ci.d/buildtest.yml | 2 +-
MAINTAINERS | 1 -
docs/about/deprecated.rst | 51 +-
docs/about/removed-features.rst | 103 +++
docs/devel/migration/main.rst | 2 +-
hmp-commands.hx | 17 +-
hw/core/machine.c | 1 -
include/migration/misc.h | 6 -
meson.build | 2 -
meson_options.txt | 2 -
migration/block.c | 1019 ------------------------------
migration/block.h | 52 --
migration/colo.c | 1 -
migration/fd.c | 12 +
migration/meson.build | 4 -
migration/migration-hmp-cmds.c | 97 +--
migration/migration.c | 70 +-
migration/migration.h | 11 -
migration/options.c | 229 -------
migration/options.h | 13 -
migration/qemu-file.c | 78 ---
migration/qemu-file.h | 4 -
migration/ram-compress.c | 564 -----------------
migration/ram-compress.h | 77 ---
migration/ram.c | 169 +----
migration/savevm.c | 5 -
qapi/migration.json | 205 +-----
scripts/meson-buildoptions.sh | 4 -
tests/qemu-iotests/183 | 147 -----
tests/qemu-iotests/183.out | 66 --
tests/qemu-iotests/common.filter | 7 -
tests/qtest/migration-test.c | 139 ----
32 files changed, 147 insertions(+), 3013 deletions(-)
delete mode 100644 migration/block.c
delete mode 100644 migration/block.h
delete mode 100644 migration/ram-compress.c
delete mode 100644 migration/ram-compress.h
delete mode 100755 tests/qemu-iotests/183
delete mode 100644 tests/qemu-iotests/183.out
base-commit: fd87be1dada5672f877e03c2ca8504458292c479
--
2.35.3
5 months, 2 weeks
