January 2025 - Devel - libvirt List Archives

[PATCH] Passing a domain XML to a polkit rule engine
by Takuya Nakaike 09 Jan '25

09 Jan '25

This patch is a draft implementation to pass a domain XML to a polkit access driver. With this new feature, a polkit rule can verify the domain XML to be deployed on a host, and thus protect deploying a malicious VM. There is a discussion about this new feature in the following issue. https://gitlab.com/libvirt/libvirt/-/issues/719 Any question, comment, and suggestion are welcome. Thanks, Signed-off-by: Takuya Nakaike <nakaike(a)jp.ibm.com> --- src/access/viraccessdriverpolkit.c | 2 ++ src/access/viraccessmanager.c | 22 ++++++++++++++++++++++ src/access/viraccessmanager.h | 3 +++ src/libvirt_private.syms | 1 + src/qemu/qemu_driver.c | 3 +++ 5 files changed, 31 insertions(+) diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdriverpolkit.c index 83381183a5..56457010e0 100644 --- a/src/access/viraccessdriverpolkit.c +++ b/src/access/viraccessdriverpolkit.c @@ -177,10 +177,12 @@ virAccessDriverPolkitCheckDomain(virAccessManager *manager, virAccessPermDomain perm) { char uuidstr[VIR_UUID_STRING_BUFLEN]; + char *xml = virAccessManagerGetXMLDesc(domain); const char *attrs[] = { "connect_driver", driverName, "domain_name", domain->name, "domain_uuid", uuidstr, + "xml", xml != NULL ? xml : "", NULL, }; virUUIDFormat(domain->uuid, uuidstr); diff --git a/src/access/viraccessmanager.c b/src/access/viraccessmanager.c index 6d9fdee5f1..7be31eb19a 100644 --- a/src/access/viraccessmanager.c +++ b/src/access/viraccessmanager.c @@ -44,11 +44,13 @@ struct _virAccessManager { virObjectLockable parent; virAccessDriver *drv; + virDomainXMLOption *xmlopt; void *privateData; }; static virClass *virAccessManagerClass; static virAccessManager *virAccessManagerDefault; +static virDomainXMLOption *virAccessManagerXMLOption = NULL; static void virAccessManagerDispose(void *obj); @@ -376,3 +378,23 @@ int virAccessManagerCheckStorageVol(virAccessManager *manager, return virAccessManagerSanitizeError(ret, driverName); } + +virDomainXMLOption *virAccessManagerGetXMLOption(void) +{ + return virAccessManagerXMLOption; +} + +void virAccessManagerSetXMLOption(virDomainXMLOption *xmlopt) +{ + virObjectUnref(virAccessManagerXMLOption); + + virAccessManagerXMLOption = virObjectRef(xmlopt); +} + +char *virAccessManagerGetXMLDesc(virDomainDef *domain) +{ + if (virAccessManagerGetXMLOption() != NULL) { + return virDomainDefFormat(domain, virAccessManagerGetXMLOption(), 0); + } + return NULL; +} diff --git a/src/access/viraccessmanager.h b/src/access/viraccessmanager.h index 2050ac9b85..3516f4f8e4 100644 --- a/src/access/viraccessmanager.h +++ b/src/access/viraccessmanager.h @@ -94,3 +94,6 @@ int virAccessManagerCheckStorageVol(virAccessManager *manager, virStoragePoolDef *pool, virStorageVolDef *vol, virAccessPermStorageVol perm); +virDomainXMLOption *virAccessManagerGetXMLOption(void); +void virAccessManagerSetXMLOption(virDomainXMLOption *xmlopt); +char *virAccessManagerGetXMLDesc(virDomainDef *domain); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 33b93cbd3e..8bcbc9c478 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -19,6 +19,7 @@ virAccessManagerGetDefault; virAccessManagerNew; virAccessManagerNewStack; virAccessManagerSetDefault; +virAccessManagerSetXMLOption; # access/viraccessperm.h diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index d2eddbd9ae..f9880f8ee3 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -105,6 +105,7 @@ #include "virdomaincheckpointobjlist.h" #include "virutil.h" #include "backup_conf.h" +#include "viraccessmanager.h" #define VIR_FROM_THIS VIR_FROM_QEMU @@ -835,6 +836,8 @@ qemuStateInitialize(bool privileged, defsecmodel))) goto error; + virAccessManagerSetXMLOption(qemu_driver->xmlopt); + qemu_driver->nbdkitCapsCache = qemuNbdkitCapsCacheNew(cfg->cacheDir); /* If hugetlbfs is present, then we need to create a sub-directory within -- 2.43.5

2 1

[PATCH 0/2] storage_file: De-modularize the 'fs' backend
by Peter Krempa 09 Jan '25

09 Jan '25

See 1/2 for rationale. Peter Krempa (2): storage_file: de-modularize the local file backend NEWS: Mention de-modularization of the 'fs' storage file backend NEWS.rst | 9 +++++++++ libvirt.spec.in | 1 - src/storage_file/meson.build | 16 ---------------- src/storage_file/storage_file_backend.c | 11 ++++++----- 4 files changed, 15 insertions(+), 22 deletions(-) -- 2.47.1

2 4

[PATCH] docs: Clarify documentation of host-model CPU mode
by Jiri Denemark 09 Jan '25

09 Jan '25

The host-model CPU mode was described as similar to copying the host CPU definition from capabilities, which has not been the case for ages. The host-model definition from domain capabilities is used instead. Only the first sentence changed, but it required reformatting essentially the whole paragraph so I used this as an opportunity to reformat it a little bit more and split the long paragraph into several smaller ones for better readability. Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- docs/formatdomain.rst | 68 ++++++++++++++++++++++++------------------- 1 file changed, 38 insertions(+), 30 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 02c5361905..00acf7aa91 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -1482,38 +1482,46 @@ In case no restrictions need to be put on CPU model and its features, a simpler presented to the guest. This is the default when no ``mode`` attribute is specified. This mode makes it so that a persistent guest will see the same hardware no matter what host the guest is booted on. + ``host-model`` - The ``host-model`` mode is essentially a shortcut to copying host CPU - definition from capabilities XML into domain XML. Since the CPU definition - is copied just before starting a domain, exactly the same XML can be used - on different hosts while still providing the best guest CPU each host - supports. The ``match`` attribute can't be used in this mode. Specifying - CPU model is not supported either, but ``model``'s ``fallback`` attribute - may still be used. Using the ``feature`` element, specific flags may be - enabled or disabled specifically in addition to the host model. This may - be used to fine tune features that can be emulated. :since:`(Since 1.1.1)` - . Libvirt does not model every aspect of each CPU so the guest CPU will - not match the host CPU exactly. On the other hand, the ABI provided to the + The ``host-model`` mode is essentially a shortcut to copying host-model + CPU definition from `domain capabilities XML + <formatdomaincaps.html#cpu-configuration>`__ into domain XML. Since the + CPU definition is copied just before starting a domain, exactly the same + XML can be used on different hosts while still providing the best guest + CPU each host supports. The ``match`` attribute can't be used in this + mode. Specifying CPU model is not supported either, but ``model``'s + ``fallback`` attribute may still be used. Using the ``feature`` element, + specific flags may be enabled or disabled specifically in addition to the + host model. This may be used to fine tune features that can be emulated. + :since:`(Since 1.1.1)` + + Libvirt does not model every aspect of each CPU so the guest CPU will not + match the host CPU exactly. On the other hand, the ABI provided to the guest is reproducible. During migration, complete CPU model definition is - transferred to the destination host so the migrated guest will see exactly - the same CPU model for the running instance of the guest, even if the - destination host contains more capable CPUs or newer kernel; but shutting - down and restarting the guest may present different hardware to the guest - according to the capabilities of the new host. Prior to libvirt 3.2.0 and - QEMU 2.9.0 detection of the host CPU model via QEMU is not supported. Thus - the CPU configuration created using ``host-model`` may not work as - expected. :since:`Since 3.2.0 and QEMU 2.9.0` this mode works the way it - was designed and it is indicated by the ``fallback`` attribute set to - ``forbid`` in the host-model CPU definition advertised in `domain - capabilities XML <formatdomaincaps.html#cpu-configuration>`__. When - ``fallback`` attribute is set to ``allow`` in the domain capabilities - XML, it is recommended to use ``custom`` mode with just the CPU model - from the host capabilities XML. :since:`Since 1.2.11` PowerISA allows - processors to run VMs in binary compatibility mode supporting an older - version of ISA. Libvirt on PowerPC architecture uses the ``host-model`` - to signify a guest mode CPU running in binary compatibility mode. - Example: When a user needs a power7 VM to run in compatibility mode on a - Power8 host, this can be described in XML as follows : + transferred to the destination host so the migrated guest will see + exactly the same CPU model for the running instance of the guest, even if + the destination host contains more capable CPUs or newer kernel; but + shutting down and restarting the guest may present different hardware to + the guest according to the capabilities of the new host. + + Prior to libvirt 3.2.0 and QEMU 2.9.0 detection of the host CPU model via + QEMU is not supported. Thus the CPU configuration created using + ``host-model`` may not work as expected. :since:`Since 3.2.0 and QEMU + 2.9.0` this mode works the way it was designed and it is indicated by the + ``fallback`` attribute set to ``forbid`` in the host-model CPU definition + advertised in `domain capabilities XML + <formatdomaincaps.html#cpu-configuration>`__. When ``fallback`` attribute + is set to ``allow`` in the domain capabilities XML, it is recommended to + use ``custom`` mode with just the CPU model from the host capabilities + XML. + + :since:`Since 1.2.11` PowerISA allows processors to run VMs in binary + compatibility mode supporting an older version of ISA. Libvirt on + PowerPC architecture uses the ``host-model`` to signify a guest mode CPU + running in binary compatibility mode. Example: When a user needs a power7 + VM to run in compatibility mode on a Power8 host, this can be described + in XML as follows: :: -- 2.47.1

2 1

[PATCH] spec: Disable ch driver on RHEL
by Jiri Denemark 09 Jan '25

09 Jan '25

Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- libvirt.spec.in | 1 + 1 file changed, 1 insertion(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index eb8b35da76..2bc8dfd323 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -133,6 +133,7 @@ %define with_libxl 0 %define with_hyperv 0 %define with_lxc 0 + %define with_ch 0 %endif %define with_firewalld_zone 0%{!?_without_firewalld_zone:1} -- 2.47.1

2 1

[PATCH] rpc: log details of OS signals received by daemon
by Daniel P. Berrangé 09 Jan '25

09 Jan '25

When debugging it is useful to know what signals are being received and metadata related to them. Log this data before calling the signal handling callbacks. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com> --- src/rpc/virnetdaemon.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/rpc/virnetdaemon.c b/src/rpc/virnetdaemon.c index e4c6261536..94c23e973f 100644 --- a/src/rpc/virnetdaemon.c +++ b/src/rpc/virnetdaemon.c @@ -562,6 +562,10 @@ virNetDaemonSignalEvent(int watch, virNetDaemonSignalFunc func = dmn->signals[i]->func; void *funcopaque = dmn->signals[i]->opaque; virObjectUnlock(dmn); + VIR_DEBUG("Dispatch signal num=%d errno=%d code=%d pid=%llu uid=%llu status=%d", + siginfo.si_signo, siginfo.si_errno, siginfo.si_code, + (unsigned long long)siginfo.si_pid, (unsigned long long)siginfo.si_uid, + siginfo.si_status); func(dmn, &siginfo, funcopaque); return; } -- 2.47.1

2 1

[PATCH] util: don't attempt to acquire logind inhibitor if not requested
by Daniel P. Berrangé 08 Jan '25

08 Jan '25

When VIR_INHIBITOR_WHAT_NONE is passed to virInhibitorNew, it is an indication that daemon shutdown should be inhibited, but no OS level inhibitors acquired. This is done by the virtnetworkd daemon, for example, to prevent shutdown while running virtual machines are present, without blocking / delaying OS shutdown. Unfortunately the code forgot to skip the DBus call in this case, resulting in errors being logged. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com> --- src/util/virinhibitor.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/util/virinhibitor.c b/src/util/virinhibitor.c index 647bdc9fbb..a95021de5a 100644 --- a/src/util/virinhibitor.c +++ b/src/util/virinhibitor.c @@ -152,7 +152,7 @@ virInhibitor *virInhibitorNew(virInhibitorWhat what, virInhibitor *inhibitor = g_new0(virInhibitor, 1); inhibitor->fd = -1; - inhibitor->what = virInhibitorWhatFormat(what); + inhibitor->what = what ? virInhibitorWhatFormat(what) : NULL; inhibitor->who = g_strdup(who); inhibitor->why = g_strdup(why); inhibitor->mode = virInhibitorModeTypeToString(mode); @@ -171,7 +171,8 @@ void virInhibitorHold(virInhibitor *inhibitor) inhibitor->action(true, inhibitor->actionData); } #ifdef G_OS_UNIX - if (virInhibitorAcquire( + if (inhibitor->what && + virInhibitorAcquire( inhibitor->what, inhibitor->who, inhibitor->why, inhibitor->mode, &inhibitor->fd) < 0) { VIR_ERROR(_("Failed to acquire inhibitor: %1$s"), -- 2.47.1

2 1

[PATCH v5 0/4] iproute2 bridge vlan support
by Leigh Brown 08 Jan '25

08 Jan '25

Very sorry, I blindly fixed the lack of braces on the multiline if statements pointed out by Laine, but didn't check for others. I have now fixed up the remaining ones. Description ----------- The iproute2 bridge command supports the capability for VLAN filtering that allows each interface connected to a standard linux bridge to be configured to use one or more VLANs. For simple setups, this capability is enough to allow virtual machines or containers to be put onto separate VLANs without creating multiple bridges and VLANs on the host. The first patch adds a new function virNetDevBridgeVlanFilterSet that allows a VLAN filter to be added or removed from an interface associated with a bridge. The second patch adds virNetDevBridgeSetupVlans that will, given a virNetDevVlan structure, call virNetDevBridgeVlanFilterSet to apply the required VLAN filtering for the given interface. The third patch adjusts the domain and network validation to permit standard linux bridges to allow VLAN configuration and updates calls to virNetDevBridgeAddPort to pass the VLAN configuration. The fourth patch updates documentation to match the new capability. Changes since v4 ---------------- - Fix the remaining examples of missing braces in virNetDevBridgeSetupVlans. Changes since v3 ---------------- - Update patch series description. - Fix coding style. - Add G_GNUC_UNUSED annotation to virNetDevBridgeAddPort for MacOS. Changes since v2 ---------------- - Convert to use netlink rather than executing bridge vlan commands. - Add unsupported on this platform error message on FreeBSD. Changes since v1 ---------------- - Fix bug in virNetDevSetupVlans where bridge port has no native vlan. - Update bridge network validation to permit vlan configuration. - Update documentation to match the functionality. - Tweak some of the commit descriptions for clarity. Usage example ------------- Configure the host with systemd-networkd as follows: /etc/systemd/network/br0.netdev (br0.network not shown) [NetDev] Name=br0 Kind=bridge MACAddress=xx:xx:xx:xx:xx:xx [Bridge] VLANFiltering=on /etc/systemd/network/eno1.network [Match] Name=eno1 [Network] Bridge=br0 [Link] MTUBytes=9000 [BridgeVLAN] VLAN=40 [BridgeVLAN] VLAN=60 Then add <vlan> tags into the lxc or qemu config: lxc interface definition: <interface type='bridge'> <mac address='xx:xx:xx:xx:xx:xx'/> <source bridge='br0'/> <vlan> <tag id='40'/> </vlan> </interface> qemu interface definition: <interface type='network'> <mac address='xx:xx:xx:xx:xx:xx'/> <source network='br0'/> <vlan> <tag id='60'/> </vlan> <model type='virtio'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface> Then, after starting them, you will see the following $ sudo bridge vlan port vlan-id eno1 1 PVID Egress Untagged 40 60 br0 1 PVID Egress Untagged vnet0 60 PVID Egress Untagged vnet1 40 PVID Egress Untagged Regards, Leigh Brown (4): util: add netlink bridge vlan filtering util: Add vlan support to virNetDevBridgeAddPort Enable vlan support for standard linux bridges docs: standard linux bridges now support vlans docs/formatdomain.rst | 37 +++++++++--------- docs/formatnetwork.rst | 45 +++++++++++----------- src/conf/domain_validate.c | 3 +- src/lxc/lxc_process.c | 2 +- src/network/bridge_driver.c | 13 ++++--- src/util/virnetdevbridge.c | 77 +++++++++++++++++++++++++++++++++++-- src/util/virnetdevbridge.h | 4 +- src/util/virnetdevtap.c | 2 +- src/util/virnetlink.c | 66 +++++++++++++++++++++++++++++++ src/util/virnetlink.h | 7 ++++ 10 files changed, 203 insertions(+), 53 deletions(-) -- 2.39.5

2 5

[PATCH v2] spec: Enable ch driver
by Praveen K Paladugu 08 Jan '25

08 Jan '25

Enabling building and packaging ch driver in the spec file. Signed-off-by: Praveen K Paladugu <praveenkpaladugu(a)gmail.com> --- libvirt.spec.in | 67 ++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 64 insertions(+), 3 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 3d5164b534..eb8b35da76 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -35,6 +35,7 @@ %define with_lxc 0%{!?_without_lxc:1} %define with_libxl 0%{!?_without_libxl:1} %define with_vbox 0%{!?_without_vbox:1} +%define with_ch 0%{!?_without_ch:1} %ifarch %{arches_qemu_kvm} %define with_qemu_kvm %{with_qemu} @@ -317,6 +318,9 @@ Obsoletes: libvirt-daemon-uml <= 5.0.0 %if %{with_vbox} Requires: libvirt-daemon-driver-vbox = %{version}-%{release} %endif +%if %{with_ch} +Requires: libvirt-daemon-driver-ch = %{version}-%{release} +%endif Requires: libvirt-daemon-driver-nwfilter = %{version}-%{release} Requires: libvirt-daemon-driver-interface = %{version}-%{release} Requires: libvirt-daemon-driver-secret = %{version}-%{release} @@ -1026,6 +1030,20 @@ Server side daemon and driver required to manage the virtualization capabilities of VirtualBox %endif + %if %{with_ch} +%package daemon-driver-ch +Summary: Cloud-Hypervisor driver plugin for libvirtd daemon +Requires: libvirt-daemon-common = %{version}-%{release} +Requires: libvirt-daemon-log = %{version}-%{release} +Requires: libvirt-libs = %{version}-%{release} + +%description daemon-driver-ch +The ch driver plugin for the libvirtd daemon, providing +an implementation of the hypervisor driver APIs by +Cloud-Hypervisor + %endif + + %package client Summary: Client side utilities of the libvirt library Requires: libvirt-libs = %{version}-%{release} @@ -1188,9 +1206,15 @@ exit 1 %endif %if %{with_esx} - %define arg_esx -Ddriver_esx=enabled -Dcurl=enabled + %define arg_esx -Ddriver_esx=enabled +%else + %define arg_esx -Ddriver_esx=disabled +%endif + +%if %{with_esx} || %{with_ch} + %define arg_curl -Dcurl=enabled %else - %define arg_esx -Ddriver_esx=disabled -Dcurl=disabled + %define arg_curl -Dcurl=disabled %endif %if %{with_hyperv} @@ -1205,6 +1229,12 @@ exit 1 %define arg_vmware -Ddriver_vmware=disabled %endif +%if %{with_ch} + %define arg_ch -Ddriver_ch=enabled +%else + %define arg_ch -Ddriver_ch=disabled +%endif + %if %{with_storage_rbd} %define arg_storage_rbd -Dstorage_rbd=enabled %else @@ -1335,11 +1365,12 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/libvirt.spec) -Ddriver_remote=enabled \ -Ddriver_test=enabled \ %{?arg_esx} \ + %{?arg_curl} \ %{?arg_hyperv} \ %{?arg_vmware} \ + %{?arg_ch} \ -Ddriver_vz=disabled \ -Ddriver_bhyve=disabled \ - -Ddriver_ch=disabled \ %{?arg_remote_mode} \ -Ddriver_interface=enabled \ -Ddriver_network=enabled \ @@ -1541,6 +1572,10 @@ rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.libxl rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_libxl.aug rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug %endif + %if ! %{with_ch} +rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_ch.aug +rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_ch.aug + %endif # Copied into libvirt-docs subpackage eventually mv $RPM_BUILD_ROOT%{_datadir}/doc/libvirt libvirt-docs @@ -1940,6 +1975,19 @@ exit 0 %libvirt_systemd_unix_preun virtxend %endif + %if %{with_ch} +%pre daemon-driver-ch +%libvirt_sysconfig_pre virtchd +%libvirt_systemd_unix_pre virtchd + +%posttrans daemon-driver-ch +%libvirt_sysconfig_posttrans virtchd +%libvirt_systemd_unix_posttrans virtchd + +%preun daemon-driver-ch +%libvirt_systemd_unix_preun virtchd + %endif + %pre daemon-config-network %libvirt_systemd_config_pre libvirtd %libvirt_systemd_config_pre virtnetworkd @@ -2405,6 +2453,19 @@ exit 0 %attr(0755, root, root) %{_libexecdir}/libvirt_sanlock_helper %endif + %if %{with_ch} +%files daemon-driver-ch +%attr(0755, root, root) %{_sbindir}/virtchd +%config(noreplace) %{_sysconfdir}/libvirt/virtchd.conf +%{_datadir}/augeas/lenses/virtchd.aug +%{_datadir}/augeas/lenses/tests/test_virtchd.aug +%{_unitdir}/virtchd-admin.socket +%{_unitdir}/virtchd-ro.socket +%{_unitdir}/virtchd.service +%{_unitdir}/virtchd.socket +%{_libdir}/libvirt/connection-driver/libvirt_driver_ch.so + %endif + %files client %{_mandir}/man1/virsh.1* %{_mandir}/man1/virt-xml-validate.1* -- 2.47.0

2 1

[PATCH] spec: Enable ch driver
by Praveen K Paladugu 08 Jan '25

08 Jan '25

Enabling building and packaging ch driver in the spec file. Signed-off-by: Praveen K Paladugu <praveenkpaladugu(a)gmail.com> --- libvirt.spec.in | 51 ++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 48 insertions(+), 3 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 3d5164b534..303d7cb34a 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -35,6 +35,7 @@ %define with_lxc 0%{!?_without_lxc:1} %define with_libxl 0%{!?_without_libxl:1} %define with_vbox 0%{!?_without_vbox:1} +%define with_ch 0%{!?_without_ch:1} %ifarch %{arches_qemu_kvm} %define with_qemu_kvm %{with_qemu} @@ -1026,6 +1027,20 @@ Server side daemon and driver required to manage the virtualization capabilities of VirtualBox %endif + %if %{with_ch} +%package daemon-driver-ch +Summary: Cloud-Hypervisor driver plugin for libvirtd daemon +Requires: libvirt-daemon-common = %{version}-%{release} +Requires: libvirt-daemon-log = %{version}-%{release} +Requires: libvirt-libs = %{version}-%{release} + +%description daemon-driver-ch +The ch driver plugin for the libvirtd daemon, providing +an implementation of the hypervisor driver APIs by +Cloud-Hypervisor + %endif + + %package client Summary: Client side utilities of the libvirt library Requires: libvirt-libs = %{version}-%{release} @@ -1188,9 +1203,15 @@ exit 1 %endif %if %{with_esx} - %define arg_esx -Ddriver_esx=enabled -Dcurl=enabled + %define arg_esx -Ddriver_esx=enabled +%else + %define arg_esx -Ddriver_esx=disabled +%endif + +%if %{with_esx} || %{with_ch} + %define arg_curl -Dcurl=enabled %else - %define arg_esx -Ddriver_esx=disabled -Dcurl=disabled + %define arg_curl -Dcurl=disabled %endif %if %{with_hyperv} @@ -1205,6 +1226,12 @@ exit 1 %define arg_vmware -Ddriver_vmware=disabled %endif +%if %{with_ch} + %define arg_ch -Ddriver_ch=enabled +%else + %define arg_ch -Ddriver_ch=disabled +%endif + %if %{with_storage_rbd} %define arg_storage_rbd -Dstorage_rbd=enabled %else @@ -1335,11 +1362,12 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y' %{_specdir}/libvirt.spec) -Ddriver_remote=enabled \ -Ddriver_test=enabled \ %{?arg_esx} \ + %{?arg_curl} \ %{?arg_hyperv} \ %{?arg_vmware} \ + %{?arg_ch} \ -Ddriver_vz=disabled \ -Ddriver_bhyve=disabled \ - -Ddriver_ch=disabled \ %{?arg_remote_mode} \ -Ddriver_interface=enabled \ -Ddriver_network=enabled \ @@ -1541,6 +1569,10 @@ rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/libvirtd.libxl rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_libxl.aug rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_libxl.aug %endif + %if ! %{with_ch} +rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/libvirtd_ch.aug +rm -f $RPM_BUILD_ROOT%{_datadir}/augeas/lenses/tests/test_libvirtd_ch.aug + %endif # Copied into libvirt-docs subpackage eventually mv $RPM_BUILD_ROOT%{_datadir}/doc/libvirt libvirt-docs @@ -2405,6 +2437,19 @@ exit 0 %attr(0755, root, root) %{_libexecdir}/libvirt_sanlock_helper %endif + %if %{with_ch} +%files daemon-driver-ch +%attr(0755, root, root) %{_sbindir}/virtchd +%config(noreplace) %{_sysconfdir}/libvirt/virtchd.conf +%{_datadir}/augeas/lenses/virtchd.aug +%{_datadir}/augeas/lenses/tests/test_virtchd.aug +%{_unitdir}/virtchd-admin.socket +%{_unitdir}/virtchd-ro.socket +%{_unitdir}/virtchd.service +%{_unitdir}/virtchd.socket +%{_libdir}/libvirt/connection-driver/libvirt_driver_ch.so + %endif + %files client %{_mandir}/man1/virsh.1* %{_mandir}/man1/virt-xml-validate.1* -- 2.47.0

2 2

[PATCH] meson: Drop devmapper_dep for libvirt_admin_lib
by Michal Privoznik 08 Jan '25

08 Jan '25

Nothing inside libvirt-admin library calls devmapper nor it should. This is a historic artefact that was just copied over from autotools era. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- NB, I think there are more deps that can be dropped. I've built successfully with capng_dep, gnutls_dep, json_c_dep, libssh2_dep, libssh_dep and sasl_dep removed. Those libraries are required by libvirt.so which libvirt_admin.so links with. src/meson.build | 1 - 1 file changed, 1 deletion(-) diff --git a/src/meson.build b/src/meson.build index cce89fac27..74fbe43667 100644 --- a/src/meson.build +++ b/src/meson.build @@ -556,7 +556,6 @@ if conf.has('WITH_REMOTE') ], dependencies: [ capng_dep, - devmapper_dep, gnutls_dep, json_c_dep, libssh2_dep, -- 2.45.2

3 2