October 2025 - Devel - libvirt List Archives

[PATCH] domain_conf: Avoid memory leak in virDomainMemoryDefFree()
by Michal Privoznik 29 Oct '25

29 Oct '25

From: Michal Privoznik <mprivozn(a)redhat.com> In my one of my recent commits I've introduced new member to virDomainMemoryDef struct. While allocated in virDomainMemoryDefParseXML() its counterpart for freeing is missing in virDomainMemoryDefFree(). Add it. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- Pushed as trivial. src/conf/domain_conf.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index c09f026a1c..1e84c93841 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3614,6 +3614,7 @@ void virDomainMemoryDefFree(virDomainMemoryDef *def) } virDomainDeviceInfoClear(&def->info); + g_free(def->virtio); g_free(def); } -- 2.51.0

1 0

[PATCH 0/7] conf: Introduce virtio options for virtio memory models
by Michal Privoznik 29 Oct '25

29 Oct '25

*** BLURB HERE *** Michal Prívozník (7): domain_conf: Make virDomainMemoryDefFormat() return void domain_cof: Switch to virXMLFormatElement() in virDomainMemoryDefFormat() conf: Introduce virDomainMemoryIsVirtioModel() qemu: Use virDomainMemoryIsVirtioModel() conf: Introduce virtio options for virtio memory models qemu_command: Generate virtio options for memory device NEWS: Document virtio options for memory models NEWS.rst | 6 ++ src/conf/domain_conf.c | 64 +++++++++++++------ src/conf/domain_conf.h | 2 + src/conf/domain_validate.c | 5 ++ src/conf/schemas/domaincommon.rng | 5 ++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 2 + src/qemu/qemu_domain_address.c | 44 +++---------- .../virtio-options.x86_64-latest.args | 9 ++- tests/qemuxmlconfdata/virtio-options.xml | 23 ++++++- 10 files changed, 102 insertions(+), 59 deletions(-) -- 2.51.0

3 15

[PATCH] bhyve: support specifying disk rotation rate
by Roman Bogorodskiy 29 Oct '25

29 Oct '25

Bhyve supports specifying disk rotation rate using the nmrr attribute, e.g.: -s 3:0,ahci,hd:/data/img/freebsd.img,nmrr=1 Where 1 means the SSD, 0 (default) means do not report, and other values specify the actual RPM. Signed-off-by: Roman Bogorodskiy <bogorodskiy(a)gmail.com> --- src/bhyve/bhyve_command.c | 4 +++ src/bhyve/bhyve_domain.c | 6 ++++ ...hyvexml2argv-disk-virtio-rotation-rate.xml | 23 ++++++++++++++ .../bhyvexml2argv-sata-rotation-rate.args | 10 ++++++ .../bhyvexml2argv-sata-rotation-rate.ldargs | 4 +++ .../bhyvexml2argv-sata-rotation-rate.xml | 31 +++++++++++++++++++ tests/bhyvexml2argvtest.c | 2 ++ 7 files changed, 80 insertions(+) create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-disk-virtio-rotation-rate.xml create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.args create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.ldargs create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.xml diff --git a/src/bhyve/bhyve_command.c b/src/bhyve/bhyve_command.c index ab6d6e92e4..10f07db06c 100644 --- a/src/bhyve/bhyve_command.c +++ b/src/bhyve/bhyve_command.c @@ -278,6 +278,10 @@ bhyveBuildAHCIControllerArgStr(const virDomainDef *def, _("unsupported disk device")); return -1; } + + if (disk->rotation_rate) + virBufferAsprintf(&device, ",nmrr=%u", disk->rotation_rate); + virBufferAddBuffer(&buf, &device); } diff --git a/src/bhyve/bhyve_domain.c b/src/bhyve/bhyve_domain.c index 9dec300a99..7685d21c71 100644 --- a/src/bhyve/bhyve_domain.c +++ b/src/bhyve/bhyve_domain.c @@ -290,6 +290,12 @@ bhyveDomainDeviceDefValidate(const virDomainDeviceDef *dev, return -1; } } + } else if (dev->type == VIR_DOMAIN_DEVICE_DISK && + dev->data.disk->rotation_rate && + dev->data.disk->bus != VIR_DOMAIN_DISK_BUS_SATA) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("rotation rate is only valid for SATA bus")); + return -1; } return 0; diff --git a/tests/bhyvexml2argvdata/bhyvexml2argv-disk-virtio-rotation-rate.xml b/tests/bhyvexml2argvdata/bhyvexml2argv-disk-virtio-rotation-rate.xml new file mode 100644 index 0000000000..0ec14018c1 --- /dev/null +++ b/tests/bhyvexml2argvdata/bhyvexml2argv-disk-virtio-rotation-rate.xml @@ -0,0 +1,23 @@ +<domain type='bhyve'> + <name>bhyve</name> + <uuid>df3be7e7-a104-11e3-aeb0-50e5492bd3dc</uuid> + <memory>219136</memory> + <vcpu>1</vcpu> + <os> + <type>hvm</type> + </os> + <devices> + <disk type='file'> + <driver name='file' type='raw'/> + <source file='/tmp/freebsd.img'/> + <target dev='vda' bus='virtio' rotation_rate='10000'/> + <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> + </disk> + <interface type='bridge'> + <mac address='52:54:00:bc:85:fe'/> + <model type='virtio'/> + <source bridge="virbr0"/> + <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> + </interface> + </devices> +</domain> diff --git a/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.args b/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.args new file mode 100644 index 0000000000..2cf40953e8 --- /dev/null +++ b/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.args @@ -0,0 +1,10 @@ +bhyve \ +-c 1 \ +-m 214 \ +-u \ +-H \ +-P \ +-s 0:0,hostbridge \ +-s 2:0,ahci,hd:/tmp/freebsd1.img,nmrr=7200,hd:/tmp/freebsd2.img,nmrr=5400,hd:/tmp/freebsd3.img,nmrr=1 \ +-s 3:0,virtio-net,faketapdev,mac=52:54:00:b9:94:02 \ +bhyve diff --git a/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.ldargs b/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.ldargs new file mode 100644 index 0000000000..4257ffccee --- /dev/null +++ b/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.ldargs @@ -0,0 +1,4 @@ +bhyveload \ +-m 214 \ +-d /tmp/freebsd1.img \ +bhyve diff --git a/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.xml b/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.xml new file mode 100644 index 0000000000..a0d80cb908 --- /dev/null +++ b/tests/bhyvexml2argvdata/bhyvexml2argv-sata-rotation-rate.xml @@ -0,0 +1,31 @@ +<domain type='bhyve'> + <name>bhyve</name> + <uuid>df3be7e7-a104-11e3-aeb0-50e5492bd3dc</uuid> + <memory>219136</memory> + <vcpu>1</vcpu> + <os> + <type>hvm</type> + </os> + <devices> + <disk type='file'> + <driver name='file' type='raw'/> + <source file='/tmp/freebsd1.img'/> + <target dev='hda' bus='sata' rotation_rate='7200'/> + </disk> + <disk type='file'> + <driver name='file' type='raw'/> + <source file='/tmp/freebsd2.img'/> + <target dev='hdb' bus='sata' rotation_rate='5400'/> + </disk> + <disk type='file'> + <driver name='file' type='raw'/> + <source file='/tmp/freebsd3.img'/> + <target dev='hdc' bus='sata' rotation_rate='1'/> + </disk> + <interface type='bridge'> + <mac address='52:54:00:b9:94:02'/> + <model type='virtio'/> + <source bridge="virbr0"/> + </interface> + </devices> +</domain> diff --git a/tests/bhyvexml2argvtest.c b/tests/bhyvexml2argvtest.c index cc6b17233d..9493551f8d 100644 --- a/tests/bhyvexml2argvtest.c +++ b/tests/bhyvexml2argvtest.c @@ -259,6 +259,8 @@ mymain(void) DO_TEST("serial-tcp"); DO_TEST("4-consoles"); DO_TEST_FAILURE("serial-invalid-port"); + DO_TEST("sata-rotation-rate"); + DO_TEST_FAILURE("disk-virtio-rotation-rate"); /* Address allocation tests */ DO_TEST("addr-single-sata-disk"); -- 2.51.0

3 2

[PATCH 0/4] bhyve: implement NVMe device support
by Roman Bogorodskiy 29 Oct '25

29 Oct '25

Roman Bogorodskiy (4): bhyve: implement NVMe device support bhyve: tests: cover 2 NVMe devices on 2 controllers case bhyve: do not allow more than one NVMe device per controller bhyve: nvme: check if NVMe is supported by bhyve src/bhyve/bhyve_capabilities.c | 14 ++++++ src/bhyve/bhyve_capabilities.h | 1 + src/bhyve/bhyve_command.c | 47 ++++++++++++++++++- src/bhyve/bhyve_device.c | 1 + src/bhyve/bhyve_domain.c | 42 +++++++++++++++-- .../bhyvexml2argv-2-nvme-2-controllers.args | 10 ++++ .../bhyvexml2argv-2-nvme-2-controllers.ldargs | 4 ++ .../bhyvexml2argv-2-nvme-2-controllers.xml | 21 +++++++++ .../bhyvexml2argv-2-nvme-same-controller.args | 10 ++++ ...hyvexml2argv-2-nvme-same-controller.ldargs | 4 ++ .../bhyvexml2argv-2-nvme-same-controller.xml | 21 +++++++++ .../bhyvexml2argvdata/bhyvexml2argv-nvme.args | 9 ++++ .../bhyvexml2argv-nvme.ldargs | 4 ++ .../bhyvexml2argvdata/bhyvexml2argv-nvme.xml | 16 +++++++ tests/bhyvexml2argvtest.c | 9 +++- .../bhyvexml2xmlout-2-nvme-2-controllers.xml | 36 ++++++++++++++ .../bhyvexml2xmlout-nvme.xml | 27 +++++++++++ tests/bhyvexml2xmltest.c | 2 + 18 files changed, 272 insertions(+), 6 deletions(-) create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-2-nvme-2-controllers.args create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-2-nvme-2-controllers.ldargs create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-2-nvme-2-controllers.xml create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-2-nvme-same-controller.args create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-2-nvme-same-controller.ldargs create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-2-nvme-same-controller.xml create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-nvme.args create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-nvme.ldargs create mode 100644 tests/bhyvexml2argvdata/bhyvexml2argv-nvme.xml create mode 100644 tests/bhyvexml2xmloutdata/bhyvexml2xmlout-2-nvme-2-controllers.xml create mode 100644 tests/bhyvexml2xmloutdata/bhyvexml2xmlout-nvme.xml -- 2.51.0

3 6

[PATCH] qemuDomainBlocksStatsGather: Fix blockstats gathering after refactor
by Peter Krempa 29 Oct '25

29 Oct '25

From: Peter Krempa <pkrempa(a)redhat.com> Commit 58aa005f3e95114 which refactored how block stats are stored intended to change the code path where stats for all devices are totaled together by allocating new stats object and using that but the commit forgot to actually change the pointers inside the loop. Unfortunately this was not caught by the compiler as there were pre-existing pointers of the same type with the same name, which resulted into a NULL dereference. Fixes: 58aa005f3e95114b4f2dab76ee4ade06182a3f20 Closes: https://gitlab.com/libvirt/libvirt/-/issues/827 Signed-off-by: Peter Krempa <pkrempa(a)redhat.com> --- src/qemu/qemu_driver.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index b0eff443aa..5fe4568d98 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -9657,6 +9657,8 @@ qemuDomainBlocksStatsGather(virDomainObj *vm, g_autoptr(qemuBlockStats) stats = qemuBlockStatsNew(); for (i = 0; i < vm->def->ndisks; i++) { + qemuBlockStats *entry; + disk = vm->def->disks[i]; entryname = disk->info.alias; @@ -9670,13 +9672,13 @@ qemuDomainBlocksStatsGather(virDomainObj *vm, if (!entryname) continue; - if (!(stats = virHashLookup(blockstats, entryname))) { + if (!(entry = virHashLookup(blockstats, entryname))) { virReportError(VIR_ERR_INTERNAL_ERROR, _("cannot find statistics for device '%1$s'"), entryname); return -1; } - qemuDomainBlockStatsGatherTotals(stats, *retstats); + qemuDomainBlockStatsGatherTotals(entry, stats); } *retstats = g_steal_pointer(&stats); -- 2.51.0

2 1

[PATCH] conf: never reject <disk> <seclabel relabel='no'> overrides
by Peter Krempa 28 Oct '25

28 Oct '25

From: Cole Robinson <crobinso(a)redhat.com> Trying to disable <seclabel> for the whole <domain> and _also_ disable <seclabel> at the <disk> level will fail with: error: unsupported configuration: label overrides require relabeling to be enabled at the domain level which seems wrong. Instead skip the validation when disk seclabel has relabel='no', that config should always be valid. Reviewed-by: Michal Privoznik <mprivozn(a)redhat.com> Signed-off-by: Cole Robinson <crobinso(a)redhat.com> --- src/conf/domain_validate.c | 5 +++ ...l-selinux-none-override.x86_64-latest.args | 35 +++++++++++++++ ...el-selinux-none-override.x86_64-latest.xml | 43 +++++++++++++++++++ .../seclabel-selinux-none-override.xml | 30 +++++++++++++ tests/qemuxmlconftest.c | 1 + 5 files changed, 114 insertions(+) create mode 100644 tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/seclabel-selinux-none-override.xml diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 93a2bc9b01..eea9b38b21 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -303,6 +303,11 @@ virSecurityDeviceLabelDefValidate(virSecurityDeviceLabelDef **seclabels, for (i = 0; i < nseclabels; i++) { seclabel = seclabels[i]; + /* relabel='no' is always valid to request, regardless of + * domain level <seclabel> config */ + if (!seclabel->relabel) + continue; + /* find the security label that it's being overridden */ for (j = 0; j < nvmSeclabels; j++) { if (STRNEQ_NULLABLE(vmSeclabels[j]->model, seclabel->model)) diff --git a/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args new file mode 100644 index 0000000000..23beb54806 --- /dev/null +++ b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args @@ -0,0 +1,35 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1 \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=QEMUGuest1,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/master-key.aes"}' \ +-machine pc,usb=off,dump-guest-core=off,memory-backend=pc.ram,acpi=off \ +-accel tcg \ +-cpu qemu64 \ +-m size=219136k \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ +-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","read-only":false}' \ +-device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-storage","id":"ide0-0-0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml new file mode 100644 index 0000000000..15049a8a32 --- /dev/null +++ b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml @@ -0,0 +1,43 @@ +<domain type='qemu'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219100</memory> + <currentMemory unit='KiB'>219100</currentMemory> + <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <disk type='block' device='disk'> + <driver name='qemu' type='raw'/> + <source dev='/dev/HostVG/QEMUGuest1'> + <seclabel model='selinux' relabel='no'/> + </source> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='usb' index='0' model='piix3-uhci'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> + </controller> + <controller type='ide' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> + </controller> + <controller type='pci' index='0' model='pci-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <memballoon model='virtio'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> + </memballoon> + </devices> + <seclabel type='none' model='selinux'/> +</domain> diff --git a/tests/qemuxmlconfdata/seclabel-selinux-none-override.xml b/tests/qemuxmlconfdata/seclabel-selinux-none-override.xml new file mode 100644 index 0000000000..2a174e8495 --- /dev/null +++ b/tests/qemuxmlconfdata/seclabel-selinux-none-override.xml @@ -0,0 +1,30 @@ +<domain type='qemu'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219100</memory> + <currentMemory unit='KiB'>219100</currentMemory> + <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <disk type='block' device='disk'> + <source dev='/dev/HostVG/QEMUGuest1'> + <seclabel model='selinux' relabel='no'/> + </source> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='usb' index='0'/> + <controller type='ide' index='0'/> + <controller type='pci' index='0' model='pci-root'/> + <memballoon model='virtio'/> + </devices> + <seclabel type='none' model='selinux'/> +</domain> diff --git a/tests/qemuxmlconftest.c b/tests/qemuxmlconftest.c index aa6e1ad167..dd55c1ef28 100644 --- a/tests/qemuxmlconftest.c +++ b/tests/qemuxmlconftest.c @@ -2611,6 +2611,7 @@ mymain(void) DO_TEST_CAPS_LATEST("seclabel-static-labelskip"); DO_TEST_CAPS_LATEST("seclabel-none"); DO_TEST_CAPS_LATEST("seclabel-dac-none"); + DO_TEST_CAPS_LATEST("seclabel-selinux-none-override"); DO_TEST_CAPS_LATEST_PARSE_ERROR("seclabel-multiple"); DO_TEST_CAPS_LATEST_PARSE_ERROR("seclabel-device-duplicates"); DO_TEST_CAPS_LATEST_PARSE_ERROR("seclabel-device-relabel-invalid"); -- 2.51.0

1 1

[PATCH] apparmor: Allow AMD-SEV device access for AMD-SEV VM
by Hector Cao 28 Oct '25

28 Oct '25

AMD-SEV virtual machines interact with the underlying AMD-SEV technology through the character device /dev/sev. Currently, the AppArmor profile does not include the rule required to allow this access. There are two main approaches to address this limitation: 1) Add the required rule to the libvirt-qemu abstraction. 2) Dynamically add the rule only when the VM is an AMD-SEV guest. Since AMD-SEV guests represent a niche use case, it is more appropriate to apply the rule dynamically rather than granting access to all VMs through a global abstraction change. This commit implements option (2) by modifying the virt-aa-helper binary to insert the necessary rule into the AppArmor dynamic profile when the VM is identified as an AMD-SEV guest. The added entry in the generated libvirt-<uuid>.files file will look like: ... "/dev/sev" rw, ... Signed-off-by: Hector Cao <hector.cao(a)canonical.com> --- src/security/virt-aa-helper.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 8a297d4b54..de0a826063 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -1370,6 +1370,21 @@ get_files(vahControl * ctl) virBufferAddLit(&buf, " deny \"/var/lib/libvirt/.cache/\" w,\n"); } + /* AMD-SEV VM needs to read/write the character device /dev/sev */ + if (ctl->def->sec) { + switch (ctl->def->sec->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + case VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP: + virBufferAddLit(&buf, " \"/dev/sev\" rw,\n"); + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: + case VIR_DOMAIN_LAUNCH_SECURITY_TDX: + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + break; + } + } + if (ctl->newfile && vah_add_file(&buf, ctl->newfile, "rwk") != 0) { return -1; -- 2.45.2

2 1

[PATCH] conf: never reject <disk> <seclabel relabel='no'> overrides
by Cole Robinson 28 Oct '25

28 Oct '25

Trying to disable <seclabel> for the whole <domain> and _also_ disable <seclabel> at the <disk> level will fail with: error: unsupported configuration: label overrides require relabeling to be enabled at the domain level which seems wrong. Instead skip the validation when disk seclabel has relabel='no', that config should always be valid. Signed-off-by: Cole Robinson <crobinso(a)redhat.com> --- src/conf/domain_validate.c | 5 +++ ...l-selinux-none-override.x86_64-latest.args | 35 +++++++++++++++ ...el-selinux-none-override.x86_64-latest.xml | 43 +++++++++++++++++++ .../seclabel-selinux-none-override.xml | 30 +++++++++++++ tests/qemuxmlconftest.c | 1 + 5 files changed, 114 insertions(+) create mode 100644 tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/seclabel-selinux-none-override.xml diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 93a2bc9b01..eea9b38b21 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -303,6 +303,11 @@ virSecurityDeviceLabelDefValidate(virSecurityDeviceLabelDef **seclabels, for (i = 0; i < nseclabels; i++) { seclabel = seclabels[i]; + /* relabel='no' is always valid to request, regardless of + * domain level <seclabel> config */ + if (!seclabel->relabel) + continue; + /* find the security label that it's being overridden */ for (j = 0; j < nvmSeclabels; j++) { if (STRNEQ_NULLABLE(vmSeclabels[j]->model, seclabel->model)) diff --git a/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args new file mode 100644 index 0000000000..23beb54806 --- /dev/null +++ b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.args @@ -0,0 +1,35 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1 \ +USER=test \ +LOGNAME=test \ +XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=QEMUGuest1,debug-threads=on \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/master-key.aes"}' \ +-machine pc,usb=off,dump-guest-core=off,memory-backend=pc.ram,acpi=off \ +-accel tcg \ +-cpu qemu64 \ +-m size=219136k \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \ +-overcommit mem-lock=off \ +-smp 1,sockets=1,cores=1,threads=1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-boot strict=on \ +-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \ +-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","read-only":false}' \ +-device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-storage","id":"ide0-0-0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x2"}' \ +-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \ +-msg timestamp=on diff --git a/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml new file mode 100644 index 0000000000..15049a8a32 --- /dev/null +++ b/tests/qemuxmlconfdata/seclabel-selinux-none-override.x86_64-latest.xml @@ -0,0 +1,43 @@ +<domain type='qemu'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219100</memory> + <currentMemory unit='KiB'>219100</currentMemory> + <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <cpu mode='custom' match='exact' check='none'> + <model fallback='forbid'>qemu64</model> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <disk type='block' device='disk'> + <driver name='qemu' type='raw'/> + <source dev='/dev/HostVG/QEMUGuest1'> + <seclabel model='selinux' relabel='no'/> + </source> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='usb' index='0' model='piix3-uhci'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> + </controller> + <controller type='ide' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> + </controller> + <controller type='pci' index='0' model='pci-root'/> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <audio id='1' type='none'/> + <memballoon model='virtio'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/> + </memballoon> + </devices> + <seclabel type='none' model='selinux'/> +</domain> diff --git a/tests/qemuxmlconfdata/seclabel-selinux-none-override.xml b/tests/qemuxmlconfdata/seclabel-selinux-none-override.xml new file mode 100644 index 0000000000..2a174e8495 --- /dev/null +++ b/tests/qemuxmlconfdata/seclabel-selinux-none-override.xml @@ -0,0 +1,30 @@ +<domain type='qemu'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219100</memory> + <currentMemory unit='KiB'>219100</currentMemory> + <vcpu placement='static' cpuset='1-4,8-20,525'>1</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + <disk type='block' device='disk'> + <source dev='/dev/HostVG/QEMUGuest1'> + <seclabel model='selinux' relabel='no'/> + </source> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='usb' index='0'/> + <controller type='ide' index='0'/> + <controller type='pci' index='0' model='pci-root'/> + <memballoon model='virtio'/> + </devices> + <seclabel type='none' model='selinux'/> +</domain> diff --git a/tests/qemuxmlconftest.c b/tests/qemuxmlconftest.c index 55c622176a..cdcab3fa5d 100644 --- a/tests/qemuxmlconftest.c +++ b/tests/qemuxmlconftest.c @@ -2609,6 +2609,7 @@ mymain(void) DO_TEST_CAPS_LATEST("seclabel-static-labelskip"); DO_TEST_CAPS_LATEST("seclabel-none"); DO_TEST_CAPS_LATEST("seclabel-dac-none"); + DO_TEST_CAPS_LATEST("seclabel-selinux-none-override"); DO_TEST_CAPS_LATEST_PARSE_ERROR("seclabel-multiple"); DO_TEST_CAPS_LATEST_PARSE_ERROR("seclabel-device-duplicates"); DO_TEST_CAPS_LATEST_PARSE_ERROR("seclabel-device-relabel-invalid"); -- 2.51.0

2 1

[PATCH] esx: cast dynamicProperty->val->int32 to unsigned long to avoid overflow
by gerben＠altlinux.org 28 Oct '25

28 Oct '25

From: Denis Rastyogin <gerben(a)altlinux.org> dynamicProperty->val->int32 is now explicitly cast to unsigned long before multiplying by 1024. This prevents potential overflow from 32-bit arithmetic when handling large VM memory values and ensures correct scaling from megabytes to kilobytes. Found by Linux Verification Center (linuxtesting.org) with SVACE. Reported-by: Dmitriy Fedin <d.fedin(a)fobos-nt.ru> Signed-off-by: Denis Rastyogin <gerben(a)altlinux.org> --- src/esx/esx_driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index 554fb3e18f..41ca2a9bc1 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -2052,7 +2052,7 @@ esxDomainGetInfo(virDomainPtr domain, virDomainInfoPtr info) goto cleanup; } - info->maxMem = dynamicProperty->val->int32 * 1024; /* Scale from megabyte to kilobyte */ + info->maxMem = (unsigned long) dynamicProperty->val->int32 * 1024; /* Scale from megabyte to kilobyte */ } else if (STREQ(dynamicProperty->name, "config.hardware.numCPU")) { if (esxVI_AnyType_ExpectType(dynamicProperty->val, esxVI_Type_Int) < 0) { -- 2.42.2

1 0

[PATCH v3] qemu: Drop /dev/kvm from default device ACL
by Praveen K Paladugu 28 Oct '25

28 Oct '25

From: Praveen K Paladugu <prapal(a)linux.microsoft.com> A domain that runs with TCG emulation does not need kvm device, so drop it from default device ACL. Dynamically grant access to /dev/kvm based on domain type. Signed-off-by: Praveen K Paladugu <prapal(a)linux.microsoft.com> --- src/qemu/qemu.conf.in | 3 +-- src/qemu/qemu_cgroup.c | 10 ++++++++-- src/qemu/qemu_domain.h | 1 + src/qemu/qemu_namespace.c | 9 +++++++-- src/qemu/test_libvirtd_qemu.aug.in | 3 +-- 5 files changed, 18 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in index fc91ba8f08..0a8abd9544 100644 --- a/src/qemu/qemu.conf.in +++ b/src/qemu/qemu.conf.in @@ -618,8 +618,7 @@ #cgroup_device_acl = [ # "/dev/null", "/dev/full", "/dev/zero", # "/dev/random", "/dev/urandom", -# "/dev/ptmx", "/dev/kvm", -# "/dev/userfaultfd" +# "/dev/ptmx", "/dev/userfaultfd" #] # # RDMA migration requires the following extra files to be added to the list: diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index f10976c2b0..46a7dc1d8b 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -41,8 +41,7 @@ VIR_LOG_INIT("qemu.qemu_cgroup"); const char *const defaultDeviceACL[] = { "/dev/null", "/dev/full", "/dev/zero", "/dev/random", "/dev/urandom", - "/dev/ptmx", "/dev/kvm", - "/dev/userfaultfd", + "/dev/ptmx", "/dev/userfaultfd", NULL, }; #define DEVICE_PTY_MAJOR 136 @@ -783,6 +782,13 @@ qemuSetupDevicesCgroup(virDomainObj *vm) if (qemuCgroupAllowDevicesPaths(vm, deviceACL, VIR_CGROUP_DEVICE_RW, false) < 0) return -1; + if (vm->def->virtType == VIR_DOMAIN_VIRT_KVM) { + /* KVM requires access to /dev/kvm */ + if (qemuCgroupAllowDevicePath(vm, QEMU_DEV_KVM, VIR_CGROUP_DEVICE_RW, + false) < 0) + return -1; + } + if (qemuSetupFirmwareCgroup(vm) < 0) return -1; diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index f4945f598a..fe4ba4fa15 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -89,6 +89,7 @@ struct _qemuDomainUnpluggingDevice { #define QEMU_DEV_SGX_PROVISION "/dev/sgx_provision" #define QEMU_DEVICE_MAPPER_CONTROL_PATH "/dev/mapper/control" #define QEMU_DEV_UDMABUF "/dev/udmabuf" +#define QEMU_DEV_KVM "/dev/kvm" #define QEMU_DOMAIN_AES_IV_LEN 16 /* 16 bytes for 128 bit random */ diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index f72da83929..ca12fcf587 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -210,13 +210,18 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfig *cfg, static int qemuDomainPopulateDevices(virQEMUDriverConfig *cfg, + virDomainObj *vm, GSList **paths) { const char *const *devices = (const char *const *) cfg->cgroupDeviceACL; size_t i; - if (!devices) + if (!devices) { devices = defaultDeviceACL; + if (vm->def->virtType == VIR_DOMAIN_VIRT_KVM) { + *paths = g_slist_prepend(*paths, g_strdup(QEMU_DEV_KVM)); + } + } for (i = 0; devices[i]; i++) { *paths = g_slist_prepend(*paths, g_strdup(devices[i])); @@ -694,7 +699,7 @@ qemuDomainBuildNamespace(virQEMUDriverConfig *cfg, return 0; } - if (qemuDomainPopulateDevices(cfg, &paths) < 0) + if (qemuDomainPopulateDevices(cfg, vm, &paths) < 0) return -1; if (qemuDomainSetupAllDisks(vm, &paths) < 0) diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in index 90012b3f52..82cfec3b4b 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -76,8 +76,7 @@ module Test_libvirtd_qemu = { "4" = "/dev/random" } { "5" = "/dev/urandom" } { "6" = "/dev/ptmx" } - { "7" = "/dev/kvm" } - { "8" = "/dev/userfaultfd" } + { "7" = "/dev/userfaultfd" } } { "save_image_format" = "raw" } { "dump_image_format" = "raw" } -- 2.51.0

2 1