[PATCH] conf: Check for bandwidth limits during parsing
by Michal Privoznik
The 'tc' program stores speeds in 64bit integers (unit is bytes
per second) and sizes in uints (unit is bytes). We use different
units: kilobytes per second and kibibytes and therefore we can
parse values larger than 'tc' can handle. Reject those values
right away.
And while at it, fix the schema which assumed speed values fit
into uint.
Resolves: https://issues.redhat.com/browse/RHEL-45200
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/conf/netdev_bandwidth_conf.c | 17 +++++++++++++++++
src/conf/schemas/networkcommon.rng | 2 +-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/src/conf/netdev_bandwidth_conf.c b/src/conf/netdev_bandwidth_conf.c
index 9faa46a27f..f3f0b2209a 100644
--- a/src/conf/netdev_bandwidth_conf.c
+++ b/src/conf/netdev_bandwidth_conf.c
@@ -24,6 +24,16 @@
#define VIR_FROM_THIS VIR_FROM_NONE
+#define CHECK_LIMIT(val, limit, name) \
+ do { \
+ if ((val) > (limit)) { \
+ virReportError(VIR_ERR_OVERFLOW, \
+ _("value '%1$llu' is too big for '%2$s' parameter, maximum is '%3$llu'"), \
+ val, name, (unsigned long long) limit); \
+ return -1; \
+ } \
+ } while (0)
+
static int
virNetDevBandwidthParseRate(xmlNodePtr node,
virNetDevBandwidthRate *rate,
@@ -50,6 +60,11 @@ virNetDevBandwidthParseRate(xmlNodePtr node,
&rate->floor)) < 0)
return -1;
+ CHECK_LIMIT(rate->average, 1ULL << 54, "average");
+ CHECK_LIMIT(rate->peak, 1ULL << 54, "peak");
+ CHECK_LIMIT(rate->burst, UINT_MAX >> 10, "burst");
+ CHECK_LIMIT(rate->floor, 1ULL << 54, "floor");
+
if (!rc_average && !rc_floor) {
virReportError(VIR_ERR_XML_DETAIL, "%s",
_("Missing mandatory average or floor attributes"));
@@ -71,6 +86,8 @@ virNetDevBandwidthParseRate(xmlNodePtr node,
return 0;
}
+#undef CHECK_LIMIT
+
/**
* virNetDevBandwidthParse:
* @bandwidth: parsed bandwidth
diff --git a/src/conf/schemas/networkcommon.rng b/src/conf/schemas/networkcommon.rng
index 6df6d43f54..2b3f902ffe 100644
--- a/src/conf/schemas/networkcommon.rng
+++ b/src/conf/schemas/networkcommon.rng
@@ -180,7 +180,7 @@
</define>
<define name="speed">
- <data type="unsignedInt">
+ <data type="unsignedLong">
<param name="pattern">[0-9]+</param>
<param name="minInclusive">1</param>
</data>
--
2.44.2
2 months, 1 week
[PATCH v2] vmx: Ensure unique disk targets when parsing
by Adam Julis
Disk targets are generated in virVMXParseConfig() with
virVMXGenerateDiskTarget(). It works on combination of
controller, fix offset, unit and prefix. While SCSI and SATA have
same prefix "sd", function virVMXGenerateDiskTarget() could
returned in some cases same targets.
In this patch, after loaded SCSI and SATA disks to the def,
indexes are regenerated, now simply from position of the disk in
array of disks (def). With this, required uniqueness is
guaranteed.
Because assigned addresses of disks are generated from their
indexes, for every changed SATA disk is called
virDomainDiskDefAssignAddress() with the updated value.
The corresponding tests have been modified to match the index
changes.
Signed-off-by: Adam Julis <ajulis(a)redhat.com>
---
Since previous version in mailing list was complicated for trying to
preserve the indexes of SCSI and previous tests, this one going to
straightforward, although it changes all (SCSI and SATA) indexes. It's
not a bug, since we cannot guarantee the same naming inside the guest
anyway.
src/vmx/vmx.c | 19 +++++++++++++++++++
tests/vmx2xmldata/esx-in-the-wild-11.xml | 4 ++--
tests/vmx2xmldata/esx-in-the-wild-12.xml | 4 ++--
tests/vmx2xmldata/esx-in-the-wild-2.xml | 4 ++--
tests/vmx2xmldata/esx-in-the-wild-8.xml | 4 ++--
tests/vmx2xmldata/scsi-driver.xml | 12 ++++++------
6 files changed, 33 insertions(+), 14 deletions(-)
diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c
index 227744d062..22e59726c8 100644
--- a/src/vmx/vmx.c
+++ b/src/vmx/vmx.c
@@ -1400,6 +1400,7 @@ virVMXParseConfig(virVMXContext *ctx,
virCPUDef *cpu = NULL;
char *firmware = NULL;
size_t saved_ndisks = 0;
+ size_t i;
if (ctx->parseFileName == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
@@ -1805,6 +1806,24 @@ virVMXParseConfig(virVMXContext *ctx,
}
}
+ /* now disks contain only SCSI and SATA, SATA could have same name (dst) as SCSI
+ * so replace all their names with new ones to guarantee their uniqueness
+ * finally, regenerate correct addresses, while it depends on the index */
+
+ for (i = 0; i < def->ndisks; i++) {
+ virDomainDiskDef *disk = def->disks[i];
+
+ VIR_FREE(disk->dst);
+ disk->dst = virIndexToDiskName(i, "sd");
+
+ if (virDomainDiskDefAssignAddress(NULL, disk, def) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Could not assign address to disk '%1$s'"),
+ virDomainDiskGetSource(disk));
+ goto cleanup;
+ }
+ }
+
/* def:disks (ide) */
for (bus = 0; bus < 2; ++bus) {
for (unit = 0; unit < 2; ++unit) {
diff --git a/tests/vmx2xmldata/esx-in-the-wild-11.xml b/tests/vmx2xmldata/esx-in-the-wild-11.xml
index 8807a057d7..d9522c1be2 100644
--- a/tests/vmx2xmldata/esx-in-the-wild-11.xml
+++ b/tests/vmx2xmldata/esx-in-the-wild-11.xml
@@ -22,8 +22,8 @@
</disk>
<disk type='file' device='disk'>
<source file='[datastore] directory/esx6.7-rhel7.7-x86_64_3.vmdk'/>
- <target dev='sdp' bus='scsi'/>
- <address type='drive' controller='0' bus='0' target='0' unit='16'/>
+ <target dev='sdb' bus='scsi'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='1'/>
</disk>
<controller type='scsi' index='0' model='vmpvscsi'/>
<interface type='bridge'>
diff --git a/tests/vmx2xmldata/esx-in-the-wild-12.xml b/tests/vmx2xmldata/esx-in-the-wild-12.xml
index 42184501d0..a7730845ee 100644
--- a/tests/vmx2xmldata/esx-in-the-wild-12.xml
+++ b/tests/vmx2xmldata/esx-in-the-wild-12.xml
@@ -21,9 +21,9 @@
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<disk type='file' device='cdrom'>
- <target dev='sda' bus='sata'/>
+ <target dev='sdb' bus='sata'/>
<readonly/>
- <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='1'/>
</disk>
<controller type='scsi' index='0' model='vmpvscsi'/>
<controller type='sata' index='0'/>
diff --git a/tests/vmx2xmldata/esx-in-the-wild-2.xml b/tests/vmx2xmldata/esx-in-the-wild-2.xml
index 59071b5d3a..1a66f5e9c7 100644
--- a/tests/vmx2xmldata/esx-in-the-wild-2.xml
+++ b/tests/vmx2xmldata/esx-in-the-wild-2.xml
@@ -20,9 +20,9 @@
</disk>
<disk type='file' device='cdrom'>
<source file='[datastore] directory/Debian1-cdrom.iso'/>
- <target dev='sdp' bus='scsi'/>
+ <target dev='sdb' bus='scsi'/>
<readonly/>
- <address type='drive' controller='1' bus='0' target='0' unit='0'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='1'/>
</disk>
<disk type='file' device='cdrom'>
<source file='/vmimages/tools-isoimages/linux.iso'/>
diff --git a/tests/vmx2xmldata/esx-in-the-wild-8.xml b/tests/vmx2xmldata/esx-in-the-wild-8.xml
index 47d22ced2a..d5356bda34 100644
--- a/tests/vmx2xmldata/esx-in-the-wild-8.xml
+++ b/tests/vmx2xmldata/esx-in-the-wild-8.xml
@@ -36,9 +36,9 @@
</disk>
<disk type='file' device='cdrom'>
<source file='[692eb778-2d4937fe] CentOS-4.7.ServerCD-x86_64.iso'/>
- <target dev='sda' bus='sata'/>
+ <target dev='sdd' bus='sata'/>
<readonly/>
- <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='3'/>
</disk>
<controller type='scsi' index='0' model='vmpvscsi'/>
<controller type='sata' index='0'/>
diff --git a/tests/vmx2xmldata/scsi-driver.xml b/tests/vmx2xmldata/scsi-driver.xml
index e5b73420c3..42b6fffe24 100644
--- a/tests/vmx2xmldata/scsi-driver.xml
+++ b/tests/vmx2xmldata/scsi-driver.xml
@@ -19,18 +19,18 @@
</disk>
<disk type='file' device='disk'>
<source file='[datastore] directory/harddisk2.vmdk'/>
- <target dev='sdp' bus='scsi'/>
- <address type='drive' controller='1' bus='0' target='0' unit='0'/>
+ <target dev='sdb' bus='scsi'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='1'/>
</disk>
<disk type='file' device='disk'>
<source file='[datastore] directory/harddisk3.vmdk'/>
- <target dev='sdae' bus='scsi'/>
- <address type='drive' controller='2' bus='0' target='0' unit='0'/>
+ <target dev='sdc' bus='scsi'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='2'/>
</disk>
<disk type='file' device='disk'>
<source file='[datastore] directory/harddisk4.vmdk'/>
- <target dev='sdat' bus='scsi'/>
- <address type='drive' controller='3' bus='0' target='0' unit='0'/>
+ <target dev='sdd' bus='scsi'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='3'/>
</disk>
<controller type='scsi' index='0' model='buslogic'/>
<controller type='scsi' index='1' model='lsilogic'/>
--
2.45.2
2 months, 2 weeks
[PATCH] qemuDomainDiskChangeSupported: Add missing iothreads check
by Adam Julis
GSList of iothreads is not allowed to be changed while the
virtual machine is running.
Resolves: https://issues.redhat.com/browse/RHEL-23607
Signed-off-by: Adam Julis <ajulis(a)redhat.com>
---
While the qemuDomainDiskChangeSupported() design primarily uses
its macros (CHECK_EQ and CHECK_STREQ_NULLABLE), the logic for comparing 2
GSList of iothreads could perhaps be extracted into a separate function
(e.g. IothreadsGslistCompare(GSList *first, GSList *second)). I am
absolutely not sure about this idea so feel free to comment.
src/qemu/qemu_domain.c | 53 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 53 insertions(+)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 298f4bfb9e..2b5222c685 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -8505,6 +8505,59 @@ qemuDomainDiskChangeSupported(virDomainDiskDef *disk,
CHECK_EQ(discard, "discard", true);
CHECK_EQ(iothread, "iothread", true);
+ /* compare list of iothreads, no change allowed */
+ if (orig_disk->iothreads != disk->iothreads) {
+ GSList *old;
+ GSList *new = disk->iothreads;
+ bool print_err = true;
+
+ for (old = orig_disk->iothreads; old; old = old->next) {
+ virDomainDiskIothreadDef *orig = old->data;
+ virDomainDiskIothreadDef *update;
+ print_err = false;
+
+ if (new == NULL) {
+ print_err = true;
+ break;
+ }
+
+ update = new->data;
+
+ if (orig->id != update->id) {
+ print_err = true;
+ break;
+ }
+
+ if (orig->nqueues != update->nqueues) {
+ print_err = true;
+ break;
+ }
+
+ if (orig->nqueues != 0) {
+ ssize_t i = 0;
+
+ while (i < orig->nqueues) {
+ if (orig->queues[i] != update->queues[i]) {
+ print_err = true;
+ break;
+ }
+ }
+ }
+
+ new = new->next;
+ if (new)
+ print_err = true;
+ }
+
+ if (print_err) {
+ virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
+ _("cannot modify field '%1$s' (or it's parts) of the disk"),
+ "iothreads");
+ return false;
+ }
+ }
+
+
CHECK_STREQ_NULLABLE(domain_name,
"backenddomain");
--
2.45.2
2 months, 2 weeks
[PATCH 00/12] Introduce SEV-SNP support
by Michal Privoznik
SEV-SNP support just landed in QEMU. Here is the first round of patches
to incorporate support into libvirt.
TODOs (aka problems of future me):
- Teach tools/virt-qemu-sev-validate how to deal with SEV-SNP
- Try to find a SEV-SNP machine a test these patches in real worl
- Write a kbase article on attestation with SEV-SNP
Michal Prívozník (12):
qemu_monitor_json: Report error in error paths in SEV related code
conf: Move some members of virDomainSEVDef into virDomainSEVCommonDef
conf: Separate SEV formatting into a function
Drop needless typecast to virDomainLaunchSecurity
src: Convert some _virDomainSecDef::sectype checks to switch()
qemu_monitor: Allow querying SEV-SNP state in 'query-sev'
qemu: Report snp-policy in virDomainGetLaunchSecurityInfo()
qemu_capabilities: Introduce QEMU_CAPS_SEV_SNP_GUEST
conf: Introduce SEV-SNP support
qemu: Build cmd line for SEV-SNP
qemu: Allow setting launch security for SEV-SNP
qemu_firmware: Pick the right firmware for SEV-SNP guests
docs/formatdomain.rst | 108 ++++++++++++
include/libvirt/libvirt-domain.h | 10 ++
src/conf/domain_conf.c | 156 ++++++++++++++----
src/conf/domain_conf.h | 28 +++-
src/conf/domain_validate.c | 44 +++++
src/conf/schemas/domaincommon.rng | 73 ++++++--
src/conf/virconftypes.h | 4 +
src/qemu/qemu_capabilities.c | 4 +
src/qemu/qemu_capabilities.h | 3 +
src/qemu/qemu_cgroup.c | 19 ++-
src/qemu/qemu_command.c | 56 ++++++-
src/qemu/qemu_driver.c | 60 +++++--
src/qemu/qemu_firmware.c | 20 ++-
src/qemu/qemu_monitor.c | 7 +-
src/qemu/qemu_monitor.h | 41 ++++-
src/qemu/qemu_monitor_json.c | 67 ++++++--
src/qemu/qemu_monitor_json.h | 8 +-
src/qemu/qemu_namespace.c | 3 +-
src/qemu/qemu_process.c | 34 ++--
src/qemu/qemu_validate.c | 13 +-
src/security/security_dac.c | 34 +++-
.../caps_9.1.0_x86_64.xml | 1 +
.../firmware/60-edk2-ovmf-x64-amdsev.json | 1 +
tests/qemumonitorjsontest.c | 65 +++++++-
...launch-security-sev-snp.x86_64-latest.args | 35 ++++
.../launch-security-sev-snp.x86_64-latest.xml | 1 +
.../launch-security-sev-snp.xml | 47 ++++++
tests/qemuxmlconftest.c | 2 +
28 files changed, 817 insertions(+), 127 deletions(-)
create mode 100644 tests/qemuxmlconfdata/launch-security-sev-snp.x86_64-latest.args
create mode 120000 tests/qemuxmlconfdata/launch-security-sev-snp.x86_64-latest.xml
create mode 100644 tests/qemuxmlconfdata/launch-security-sev-snp.xml
--
2.44.2
2 months, 2 weeks
[PATCH v2 0/8] New changes in v2:
by Purna Pavan Chandra
* Add version checks in save/restore validations
* Add use_timeout in chSocketRecv
* Address Praveen Paladugu's comments
v1: https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/PT...
ch: support restore with network devices
Current ch driver supports restore only for domains without any network
configuration defined. This was because libvirt explicitly passes network fds
and CH did not had support to restore with new net FDS. This support has been
added recently, https://github.com/cloud-hypervisor/cloud-hypervisor/pull/6402
The changes in this patch series includes moving to socket communication for
restore api, create new net fds and pass them via SCM_RIGHTS to CH.
Purna Pavan Chandra (8):
ch: report response message instead of just code
ch: Pass net ids explicitly during vm creation
ch: refactor chProcessAddNetworkDevices
ch: support poll with -1 in chSocketRecv
ch: use monitor socket fd to send restore request
ch: refactor virCHMonitorSaveVM
ch: support restore with net devices
ch: kill CH process if restore fails
src/ch/ch_capabilities.c | 6 +
src/ch/ch_capabilities.h | 1 +
src/ch/ch_driver.c | 29 +++--
src/ch/ch_monitor.c | 62 +++++++----
src/ch/ch_monitor.h | 6 +-
src/ch/ch_process.c | 233 +++++++++++++++++++++++++++++++--------
6 files changed, 254 insertions(+), 83 deletions(-)
--
2.34.1
2 months, 2 weeks
[PATCH] network: allow "modify" option for DNS-Srv records
by Adam Julis
The "modify" command allows to replace an existing Srv record
(some of its elements respectively: port, priority and weight).
The primary key used to choose the modify record is the remaining
parameters, only one of them is required. Not using some of these
parameters may cause duplicate records and error message. This
logic is there because of the previous implementation (Add and
Delete options) in the function.
Tests in networkxml2xmlupdatetest.c contain replacements of an
existing DNS-Srv record and failure due to non-existing record.
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/639
Signed-off-by: Adam Julis <ajulis(a)redhat.com>
---
src/conf/network_conf.c | 27 ++++++++++++++-----
.../srv-not-existing.xml | 1 +
.../srv-record-modify-few.xml | 1 +
.../nat-network-dns-srv-modify-few.xml | 26 ++++++++++++++++++
tests/networkxml2xmlupdatetest.c | 10 ++++++-
5 files changed, 58 insertions(+), 7 deletions(-)
create mode 100644 tests/networkxml2xmlupdatein/srv-not-existing.xml
create mode 100644 tests/networkxml2xmlupdatein/srv-record-modify-few.xml
create mode 100644 tests/networkxml2xmlupdateout/nat-network-dns-srv-modify-few.xml
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index 2a541cd5b0..fc387f9566 100644
--- a/src/conf/network_conf.c
+++ b/src/conf/network_conf.c
@@ -3255,12 +3255,6 @@ virNetworkDefUpdateDNSSrv(virNetworkDef *def,
command == VIR_NETWORK_UPDATE_COMMAND_ADD_LAST);
int foundCt = 0;
- if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
- virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
- _("DNS SRV records cannot be modified, only added or deleted"));
- goto cleanup;
- }
-
if (virNetworkDefUpdateCheckElementName(def, ctxt->node, "srv") < 0)
goto cleanup;
@@ -3310,6 +3304,27 @@ virNetworkDefUpdateDNSSrv(virNetworkDef *def,
virNetworkDNSSrvDefClear(&dns->srvs[foundIdx]);
VIR_DELETE_ELEMENT(dns->srvs, foundIdx, dns->nsrvs);
+ } else if (command == VIR_NETWORK_UPDATE_COMMAND_MODIFY) {
+
+ if (foundCt == 0) {
+ virReportError(VIR_ERR_OPERATION_INVALID,
+ _("couldn't locate a matching DNS SRV record in network %1$s"),
+ def->name);
+ goto cleanup;
+ }
+
+ if (foundCt > 1) {
+ virReportError(VIR_ERR_OPERATION_INVALID,
+ _("multiple DNS SRV records matching all specified fields were found in network %1$s"),
+ def->name);
+ goto cleanup;
+ }
+
+ virNetworkDNSSrvDefClear(&dns->srvs[foundIdx]);
+
+ memcpy(&dns->srvs[foundIdx], &srv, sizeof(virNetworkDNSSrvDef));
+ memset(&srv, 0, sizeof(virNetworkDNSSrvDef));
+
} else {
virNetworkDefUpdateUnknownCommand(command);
goto cleanup;
diff --git a/tests/networkxml2xmlupdatein/srv-not-existing.xml b/tests/networkxml2xmlupdatein/srv-not-existing.xml
new file mode 100644
index 0000000000..401e14c616
--- /dev/null
+++ b/tests/networkxml2xmlupdatein/srv-not-existing.xml
@@ -0,0 +1 @@
+<srv service='name' protocol='tcp' domain='unknown-domain' target='.' port='666' priority='99' weight='10'/>
diff --git a/tests/networkxml2xmlupdatein/srv-record-modify-few.xml b/tests/networkxml2xmlupdatein/srv-record-modify-few.xml
new file mode 100644
index 0000000000..88ec1b97d9
--- /dev/null
+++ b/tests/networkxml2xmlupdatein/srv-record-modify-few.xml
@@ -0,0 +1 @@
+<srv service='name' protocol='tcp' domain='test-domain-name' target='.' port='1221' priority='42' weight='69'/>
diff --git a/tests/networkxml2xmlupdateout/nat-network-dns-srv-modify-few.xml b/tests/networkxml2xmlupdateout/nat-network-dns-srv-modify-few.xml
new file mode 100644
index 0000000000..a7e5fcffa6
--- /dev/null
+++ b/tests/networkxml2xmlupdateout/nat-network-dns-srv-modify-few.xml
@@ -0,0 +1,26 @@
+<network>
+ <name>default</name>
+ <uuid>81ff0d90-c91e-6742-64da-4a736edb9a9b</uuid>
+ <forward dev='eth1' mode='nat'>
+ <interface dev='eth1'/>
+ </forward>
+ <bridge name='virbr0' stp='on' delay='0'/>
+ <dns>
+ <srv service='name' protocol='tcp' domain='test-domain-name' target='.' port='1221' priority='42' weight='69'/>
+ </dns>
+ <ip address='192.168.122.1' netmask='255.255.255.0'>
+ <dhcp>
+ <range start='192.168.122.2' end='192.168.122.254'/>
+ <host mac='00:16:3e:77:e2:ed' name='a.example.com' ip='192.168.122.10'/>
+ <host mac='00:16:3e:3e:a9:1a' name='b.example.com' ip='192.168.122.11'/>
+ </dhcp>
+ </ip>
+ <ip family='ipv4' address='192.168.123.1' netmask='255.255.255.0'>
+ </ip>
+ <ip family='ipv6' address='2001:db8:ac10:fe01::1' prefix='64'>
+ </ip>
+ <ip family='ipv6' address='2001:db8:ac10:fd01::1' prefix='64'>
+ </ip>
+ <ip family='ipv4' address='10.24.10.1'>
+ </ip>
+</network>
diff --git a/tests/networkxml2xmlupdatetest.c b/tests/networkxml2xmlupdatetest.c
index 383cbf85ce..59e6ce98e5 100644
--- a/tests/networkxml2xmlupdatetest.c
+++ b/tests/networkxml2xmlupdatetest.c
@@ -328,7 +328,6 @@ mymain(void)
"nat-network-dns-srv-record",
"nat-network-dns-srv-records",
VIR_NETWORK_UPDATE_COMMAND_ADD_LAST);
-
DO_TEST_FAIL("delete-missing-srv-record-service",
"srv-record-service",
"nat-network",
@@ -351,6 +350,15 @@ mymain(void)
"nat-network-dns-srv-record",
"nat-network",
VIR_NETWORK_UPDATE_COMMAND_DELETE);
+ DO_TEST("modify-srv-record-protocol",
+ "srv-record-modify-few",
+ "nat-network-dns-srv-record",
+ "nat-network-dns-srv-modify-few",
+ VIR_NETWORK_UPDATE_COMMAND_MODIFY);
+ DO_TEST_FAIL("modify-not-existing-srv-record",
+ "srv-not-existing",
+ "nat-network-dns-srv-record",
+ VIR_NETWORK_UPDATE_COMMAND_MODIFY);
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
--
2.45.2
2 months, 2 weeks
[PATCH v2 0/7] introduce job-change qmp command
by Vladimir Sementsov-Ogievskiy
Hi all!
This is an updated first part of my "[RFC 00/15] block job API"
Supersedes: <20240313150907.623462-1-vsementsov(a)yandex-team.ru>
v2:
- only job-change for now, as a first step
- drop "type-based unions", and keep type parameter as is for now (I now
doubt that this was good idea, as it makes QAPI protocol dependent on
context)
03: improve documentation
06: deprecated only block-job-change for now
07: new
Vladimir Sementsov-Ogievskiy (7):
qapi: rename BlockJobChangeOptions to JobChangeOptions
blockjob: block_job_change_locked(): check job type
qapi: block-job-change: make copy-mode parameter optional
blockjob: move change action implementation to job from block-job
qapi: add job-change
qapi/block-core: derpecate block-job-change
iotests/mirror-change-copy-mode: switch to job-change command
block/mirror.c | 13 +++++---
blockdev.c | 4 +--
blockjob.c | 20 ------------
docs/about/deprecated.rst | 5 +++
include/block/blockjob.h | 11 -------
include/block/blockjob_int.h | 7 -----
include/qemu/job.h | 12 +++++++
job-qmp.c | 15 +++++++++
job.c | 23 ++++++++++++++
qapi/block-core.json | 31 ++++++++++++++-----
.../tests/mirror-change-copy-mode | 2 +-
11 files changed, 90 insertions(+), 53 deletions(-)
--
2.34.1
2 months, 3 weeks
[PATCH v4 0/8] qemu: Introduce shared_filesystems configuration option
by Peter Krempa
For justification see v3:
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/P...
This version includes patches that deal with seclabel remembering
without instructing users to disable it.
Patch 2/8 was modified to change the docs for the new option.
Patches 1-5 will get an R-b by me as I've adopted them.
Patches 6-8 are new.
Andrea Bolognani (5):
security: Fix alignment
qemu: Introduce shared_filesystems configuration option
qemu: Propagate shared_filesystems
utils: Use overrides in virFileIsSharedFS()
qemu: Always set labels for TPM state
Peter Krempa (3):
virFileIsSharedFSOverride: Export
storage_source: Add field for skipping seclabel remembering
qemu: migration: Don't remember seclabel for images shared from
current host
src/conf/storage_source_conf.c | 3 ++
src/conf/storage_source_conf.h | 9 ++++
src/libvirt_private.syms | 1 +
src/lxc/lxc_controller.c | 3 +-
src/lxc/lxc_driver.c | 2 +-
src/lxc/lxc_process.c | 4 +-
src/qemu/libvirtd_qemu.aug | 3 ++
src/qemu/qemu.conf.in | 26 +++++++++
src/qemu/qemu_conf.c | 31 +++++++++++
src/qemu/qemu_conf.h | 2 +
src/qemu/qemu_domain.c | 7 ++-
src/qemu/qemu_extdevice.c | 2 +-
src/qemu/qemu_migration.c | 72 +++++++++++++++++++++----
src/qemu/qemu_security.c | 85 +++++++++++++++++++++++-------
src/qemu/qemu_tpm.c | 38 +++++++------
src/qemu/qemu_tpm.h | 10 ++--
src/qemu/test_libvirtd_qemu.aug.in | 5 ++
src/security/security_apparmor.c | 8 ++-
src/security/security_dac.c | 50 ++++++++++++++----
src/security/security_driver.h | 8 ++-
src/security/security_manager.c | 33 +++++++++---
src/security/security_manager.h | 9 +++-
src/security/security_nop.c | 5 ++
src/security/security_selinux.c | 59 ++++++++++++++++-----
src/security/security_stack.c | 32 ++++++++---
src/util/virfile.c | 63 ++++++++++++++++++++--
src/util/virfile.h | 5 +-
tests/securityselinuxlabeltest.c | 2 +-
tests/virfiletest.c | 2 +-
29 files changed, 472 insertions(+), 107 deletions(-)
--
2.45.2
2 months, 3 weeks
[PATCH 0/2] qemu: Strip <acpi/> from configs on s390
by Peter Krempa
See patch 1 for the rationale.
Peter Krempa (2):
qemu_domain: Strip <acpi/> from s390(x) definitions
qemuxmlconftest: Add tests for the ACPI stripping hack on s390
src/qemu/qemu_domain.c | 94 +++++++++++++++++++
.../aarch64-nousb-acpi.aarch64-latest.err | 1 +
tests/qemuxmlconfdata/aarch64-nousb-acpi.xml | 18 ++++
...ngarch64-virt-acpi.loongarch64-latest.args | 31 ++++++
...ongarch64-virt-acpi.loongarch64-latest.xml | 26 +++++
.../qemuxmlconfdata/loongarch64-virt-acpi.xml | 15 +++
.../misc-acpi.x86_64-latest.args | 34 -------
.../misc-acpi.x86_64-latest.xml | 41 --------
tests/qemuxmlconfdata/misc-acpi.xml | 33 -------
.../riscv64-virt-acpi.riscv64-latest.args | 33 +++++++
.../riscv64-virt-acpi.riscv64-latest.xml | 36 +++++++
tests/qemuxmlconfdata/riscv64-virt-acpi.xml | 15 +++
.../s390x-ccw-acpi.s390x-latest.args | 32 +++++++
.../s390x-ccw-acpi.s390x-latest.xml | 27 ++++++
tests/qemuxmlconfdata/s390x-ccw-acpi.xml | 15 +++
.../x86_64-q35-acpi.x86_64-latest.args | 38 ++++++++
.../x86_64-q35-acpi.x86_64-latest.xml | 53 +++++++++++
tests/qemuxmlconfdata/x86_64-q35-acpi.xml | 15 +++
tests/qemuxmlconftest.c | 13 ++-
19 files changed, 461 insertions(+), 109 deletions(-)
create mode 100644 tests/qemuxmlconfdata/aarch64-nousb-acpi.aarch64-latest.err
create mode 100644 tests/qemuxmlconfdata/aarch64-nousb-acpi.xml
create mode 100644 tests/qemuxmlconfdata/loongarch64-virt-acpi.loongarch64-latest.args
create mode 100644 tests/qemuxmlconfdata/loongarch64-virt-acpi.loongarch64-latest.xml
create mode 100644 tests/qemuxmlconfdata/loongarch64-virt-acpi.xml
delete mode 100644 tests/qemuxmlconfdata/misc-acpi.x86_64-latest.args
delete mode 100644 tests/qemuxmlconfdata/misc-acpi.x86_64-latest.xml
delete mode 100644 tests/qemuxmlconfdata/misc-acpi.xml
create mode 100644 tests/qemuxmlconfdata/riscv64-virt-acpi.riscv64-latest.args
create mode 100644 tests/qemuxmlconfdata/riscv64-virt-acpi.riscv64-latest.xml
create mode 100644 tests/qemuxmlconfdata/riscv64-virt-acpi.xml
create mode 100644 tests/qemuxmlconfdata/s390x-ccw-acpi.s390x-latest.args
create mode 100644 tests/qemuxmlconfdata/s390x-ccw-acpi.s390x-latest.xml
create mode 100644 tests/qemuxmlconfdata/s390x-ccw-acpi.xml
create mode 100644 tests/qemuxmlconfdata/x86_64-q35-acpi.x86_64-latest.args
create mode 100644 tests/qemuxmlconfdata/x86_64-q35-acpi.x86_64-latest.xml
create mode 100644 tests/qemuxmlconfdata/x86_64-q35-acpi.xml
--
2.45.2
2 months, 3 weeks
