[PATCH 0/1] Fix the bug about virsh attach-interface from an ovs
bridge_driver: use ovs-vsctl to setup and clean Qos when using an OVS bridge Fix bug 1826168: bridge type network with ovs bridge can start with Qos setting which do not take any effect Resolves:https://bugzilla.redhat.com/show_bug.cgi?id=1826168 zhangjl02 (1): bridge_driver: use ovs-vsctl to setup and clean Qos when using an OVS bridge src/network/bridge_driver.c | 65 +++-- 1 file changed, 55 insertions(+), 10 deletions(-) -- 2.30.2.windows.1
[PATCH 1/1] bridge_driver: use ovs-vsctl to setup and clean Qos when
From: zhangjl02
Fix bug 1826168: bridge type network with ovs bridge can start with Qos
setting which do not take any effect
Resolves:https://bugzilla.redhat.com/show_bug.cgi?id=1826168
Signed-off-by: zhangjl02
---
src/network/bridge_driver.c | 65 +++--
1 file changed, 55 insertions(+), 10 deletions(-)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 498c45d0a7..d0627848cd 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -2305,6 +2305,15 @@ networkAddRouteToBridge(virNetworkObj *obj,
}
+static int
+networkDefIsOvsBridge(virNetworkDef *def)
+{
+const virNetDevVPortProfile *vport = def->virtPortProfile;
+return vport &&
+vport->virtPortType == VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH;
+}
+
+
static int
networkStartNetworkVirtual(virNetworkDriverState *driver,
virNetworkObj *obj)
@@ -2320,6 +2329,7 @@ networkStartNetworkVirtual(virNetworkDriverState *driver,
bool dnsmasqStarted = false;
bool devOnline = false;
bool firewalRulesAdded = false;
+bool ovsType = networkDefIsOvsBridge(def);
/* Check to see if any network IP collides with an existing route */
if (networkCheckRouteCollision(def) < 0)
@@ -2439,15 +2449,29 @@ networkStartNetworkVirtual(virNetworkDriverState
*driver,
if (v6present && networkStartRadvd(driver, obj) < 0)
goto error;
-if (virNetDevBandwidthSet(def->bridge, def->bandwidth, true, true) < 0)
-goto error;
+if (ovsType) {
+if (virNetDevOpenvswitchInterfaceSetQos(def->bridge, def->bandwidth,
+def->uuid,
+true) < 0)
+goto error;
+} else {
+if (virNetDevBandwidthSet(def->bridge, def->bandwidth, true, true) < 0)
+goto error;
+}
return 0;
error:
virErrorPreserveLast(_err);
-if (def->bandwidth)
- virNetDevBandwidthClear(def->bridge);
+if (ovsType) {
+if (virNetDevOpenvswitchInterfaceClearQos(def->bridge, def->uuid) < 0)
+VIR_WARN("cannot clear bandwidth setting for ovs bridge : %s",
+ def->bridge);
+} else {
+if (def->bandwidth) {
+virNetDevBandwidthClear(def->bridge);
+}
+}
if (dnsmasqStarted) {
pid_t dnsmasqPid = virNetworkObjGetDnsmasqPid(obj);
@@ -2536,13 +2560,21 @@ static int
networkStartNetworkBridge(virNetworkObj *obj)
{
virNetworkDef *def = virNetworkObjGetDef(obj);
+bool ovsType = networkDefIsOvsBridge(def);
/* put anything here that needs to be done each time a network of
* type BRIDGE, is started. On failure, undo anything you've done,
* and return -1. On success return 0.
*/
-if (virNetDevBandwidthSet(def->bridge, def->bandwidth, true, true) < 0)
-goto error;
+if (ovsType) {
+if (virNetDevOpenvswitchInterfaceSetQos(def->bridge, def->bandwidth,
+def->uuid,
+true) < 0)
+goto error;
+} else {
+if (virNetDevBandwidthSet(def->bridge, def->bandwidth, true, true) < 0)
+goto error;
+}
if (networkStartHandleMACTableManagerMode(obj) < 0)
goto error;
@@ -2550,8 +2582,15 @@ networkStartNetworkBridge(virNetworkObj *obj)
return 0;
error:
-if (def->bandwidth)
- virNetDevBandwidthClear(def->bridge);
+if (ovsType) {
+if (virNetDevOpenvswitchInterfaceClearQos(def->bridge, def->uuid) < 0)
+VIR_WARN("cannot clear bandwidth setting for ovs bridge : %s",
+ def->bridge);
+} else {
+if (def->bandwidth) {
+virNetDevBandwidthClear(def->bridge);
+}
+}
return -1;
}
@@ -2565,9 +2604,15 @@ networkShutdownNetworkBridge(virNetworkObj *obj
G_GNUC_UNUSED)
* type BRIDGE is shutdown. On failure, undo anything you've done,
* and return -1. On success return 0.
*/
-if (def->bandwidth)
- virNetDevBandwidthClear(def->bridge);
+if (networkDefIsOvsBridge(def)) {
+if (virNetDevOpenvswitchInterfaceClearQos(def->bridge, def->uuid) < 0)
+VIR_WARN("cannot clear bandwidth setting for ovs bridge : %s",
+ def->bridge);
+} else {
+if (def->bandwidth)
+virNetDevBandwidthClear(def->bridge);
+}
return 0;
}
--
2.30.2.windows.1
Re: [libvirt PATCH 01/13] util: Helper functions to get process info
Hey Michal, Thanks for your review of this patch set. I am Out of Office for 2 weeks. I will send an updated patch set addressing all your comments, next week. -- Regards, Praveen K Paladugu
[PATCH 2/5] virpcivpd: Bring variables into loops
I've noticed one function inside virpcivpd.c, namely
virPCIVPDParseVPDLargeResourceFields() that declares some
variables at the top level even though they are used only inside
a loop in which they have to be freed explicitly.
Bringing variable declarations into the loop allows us to make
the code nicer.
Signed-off-by: Michal Privoznik
---
src/util/virpcivpd.c | 19 ---
1 file changed, 4 insertions(+), 15 deletions(-)
diff --git a/src/util/virpcivpd.c b/src/util/virpcivpd.c
index d8f2a43cde..9af0566d19 100644
--- a/src/util/virpcivpd.c
+++ b/src/util/virpcivpd.c
@@ -456,10 +456,6 @@ bool
virPCIVPDParseVPDLargeResourceFields(int vpdFileFd, uint16_t resPos, uint16_t
resDataLen,
bool readOnly, uint8_t *csum,
virPCIVPDResource *res)
{
-g_autofree char *fieldKeyword = NULL;
-g_autofree char *fieldValue = NULL;
-virPCIVPDResourceFieldValueFormat fieldFormat =
VIR_PCI_VPD_RESOURCE_FIELD_VALUE_FORMAT_LAST;
-
/* A buffer of up to one resource record field size (plus a zero byte) is
needed. */
g_autofree uint8_t *buf = g_malloc0(PCI_VPD_MAX_FIELD_SIZE + 1);
uint16_t fieldDataLen = 0, bytesToRead = 0;
@@ -473,6 +469,10 @@ virPCIVPDParseVPDLargeResourceFields(int vpdFileFd,
uint16_t resPos, uint16_t re
* just occupy 3 header bytes. In the in case of the RW field this may
mean that
* no more space is left in the section. */
while (fieldPos + 3 <= resPos + resDataLen) {
+virPCIVPDResourceFieldValueFormat fieldFormat =
VIR_PCI_VPD_RESOURCE_FIELD_VALUE_FORMAT_LAST;
+g_autofree char *fieldKeyword = NULL;
+g_autofree char *fieldValue = NULL;
+
/* Keyword resources consist of keywords (2 ASCII bytes per the spec)
and 1-byte length. */
if (virPCIVPDReadVPDBytes(vpdFileFd, buf, 3, fieldPos, csum) != 3) {
/* Invalid field encountered which means the resource itself is
invalid too. Report
@@ -548,8 +548,6 @@ virPCIVPDParseVPDLargeResourceFields(int vpdFileFd,
uint16_t resPos, uint16_t re
/* Skip fields with invalid values - this is safe assuming
field length is
* correctly specified. */
VIR_DEBUG("A value for field %s contains invalid characters",
fieldKeyword);
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
continue;
}
} else if (fieldFormat ==
VIR_PCI_VPD_RESOURCE_FIELD_VALUE_FORMAT_RESVD) {
@@ -559,19 +557,13 @@ virPCIVPDParseVPDLargeResourceFields(int vpdFileFd,
uint16_t resPos, uint16_t re
return false;
}
hasChecksum = true;
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
break;
} else if (fieldFormat ==
VIR_PCI_VPD_RESOURCE_FIELD_VALUE_FORMAT_RDWR) {
/* Skip the read-write space since it is used for indication only.
*/
hasRW = true;
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
break;
} else if (fieldFormat ==
VIR_PCI_VPD_RESOURCE_FIELD_VALUE_FORMAT_LAST) {
/* Skip unknown fields */
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
continue;
} else {
fieldValue = g_malloc(fieldDataLen);
@@ -591,9 +583,6 @@ virPCIVPDParseVPDLargeResourceFields(int vpdFileFd,
uint16_t resPos, uint16_t re
_("Could not update the VPD resource keyword: %s"),
fieldKeyword);
return false;
}
-/* No longer need those since copies were made during the keyword
update. */
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
}
/* May have exited the loop prematurely in case RV or RW were encountered
and
--
2.32.0
[PATCH 5/5] scripts: Properly declare g_auto() stub for cocci
While being great semantic patching tool, coccinelle fails to understand some of macros we use (including those provided by glib). What they have in common is use of __attribute__ under the hood. We store a list of such macros in a file. But in there, g_auto() macro is not defined properly. Indeed, g_auto(type) declares a local variable of given type, for instance from cocci's POV: g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER; virBuffer buf = VIR_BUFFER_INITIALIZER; are both the same declaration. Fix declaration of g_auto() stub. Signed-off-by: Michal Privoznik --- scripts/cocci-macro-file.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/cocci-macro-file.h b/scripts/cocci-macro-file.h index a76ba533b4..4e6d218a97 100644 --- a/scripts/cocci-macro-file.h +++ b/scripts/cocci-macro-file.h @@ -34,6 +34,6 @@ #define g_autoptr(x) x##_autoptr #define g_autofree -#define g_auto +#define g_auto(x) x #define BAD_CAST -- 2.32.0
[PATCH 3/5] virpcivpdtest: Declare variables at multiple lines
In testPCIVPDResourceCustomCompareIndex() there are two variables
declared at one line. They are both g_autoptr() decorated which
makes it worse, because coccinelle fails to parse that.
Signed-off-by: Michal Privoznik
---
tests/virpcivpdtest.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/virpcivpdtest.c b/tests/virpcivpdtest.c
index a9405f9427..add1c74c04 100644
--- a/tests/virpcivpdtest.c
+++ b/tests/virpcivpdtest.c
@@ -178,7 +178,8 @@ testPCIVPDResourceBasic(const void *data G_GNUC_UNUSED)
static int
testPCIVPDResourceCustomCompareIndex(const void *data G_GNUC_UNUSED)
{
-g_autoptr(virPCIVPDResourceCustom) a = NULL, b = NULL;
+g_autoptr(virPCIVPDResourceCustom) a = NULL;
+g_autoptr(virPCIVPDResourceCustom) b = NULL;
/* Both are NULL */
if (!virPCIVPDResourceCustomCompareIndex(a, b))
--
2.32.0
[PATCH 1/5] node_device_conf: Bring variables into loops
I've noticed three functions inside node_device_conf.c, namely:
- virNodeDeviceCapVPDParseCustomFields()
- virNodeDeviceCapVPDParseReadOnlyFields()
- virNodeDeviceCapVPDParseXML()
that have strange attitude towards g_auto* variables. The first
problem is that variables are declared at the top level despite
being used inside a loop. The second problem is use of g_free()
in combination with g_steal_pointer() even though we have
VIR_FREE() which does exactly that.
Bringing variable declarations into their respective loops allows
us to make the code nicer.
Signed-off-by: Michal Privoznik
---
src/conf/node_device_conf.c | 46 ++---
1 file changed, 17 insertions(+), 29 deletions(-)
diff --git a/src/conf/node_device_conf.c b/src/conf/node_device_conf.c
index e958367572..ca534dfbed 100644
--- a/src/conf/node_device_conf.c
+++ b/src/conf/node_device_conf.c
@@ -940,19 +940,20 @@ static int
virNodeDeviceCapVPDParseCustomFields(xmlXPathContextPtr ctxt,
virPCIVPDResource *res, bool readOnly)
{
int nfields = -1;
-g_autofree char *index = NULL, *value = NULL, *keyword = NULL;
g_autofree xmlNodePtr *nodes = NULL;
-xmlNodePtr orignode = NULL;
size_t i = 0;
-orignode = ctxt->node;
if ((nfields = virXPathNodeSet("./vendor_field[@index]", ctxt, )) <
0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to evaluate elements"));
-ctxt->node = orignode;
return -1;
}
for (i = 0; i < nfields; i++) {
+g_autofree char *value = NULL;
+g_autofree char *index = NULL;
+VIR_XPATH_NODE_AUTORESTORE(ctxt)
+g_autofree char *keyword = NULL;
+
ctxt->node = nodes[i];
if (!(index = virXPathStringLimit("string(./@index[1])", 2, ctxt))) {
virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -966,21 +967,21 @@ virNodeDeviceCapVPDParseCustomFields(xmlXPathContextPtr
ctxt, virPCIVPDResource
}
keyword = g_strdup_printf("V%c", index[0]);
virPCIVPDResourceUpdateKeyword(res, readOnly, keyword, value);
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
}
-g_free(g_steal_pointer());
-ctxt->node = orignode;
+VIR_FREE(nodes);
if (!readOnly) {
if ((nfields = virXPathNodeSet("./system_field[@index]", ctxt,
)) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to evaluate elements"));
-ctxt->node = orignode;
return -1;
}
for (i = 0; i < nfields; i++) {
+g_autofree char *value = NULL;
+g_autofree char *index = NULL;
+g_autofree char *keyword = NULL;
+VIR_XPATH_NODE_AUTORESTORE(ctxt);
+
ctxt->node = nodes[i];
if (!(index = virXPathStringLimit("string(./@index[1])", 2,
ctxt))) {
virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -994,11 +995,7 @@ virNodeDeviceCapVPDParseCustomFields(xmlXPathContextPtr
ctxt, virPCIVPDResource
}
keyword = g_strdup_printf("Y%c", index[0]);
virPCIVPDResourceUpdateKeyword(res, readOnly, keyword, value);
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
}
-ctxt->node = orignode;
}
return 0;
@@ -1009,8 +1006,6 @@ virNodeDeviceCapVPDParseReadOnlyFields(xmlXPathContextPtr
ctxt, virPCIVPDResourc
{
const char *keywords[] = {"change_level", "manufacture_id",
"serial_number", "part_number", NULL};
-g_autofree char *expression = NULL;
-g_autofree char *result = NULL;
size_t i = 0;
if (res == NULL)
@@ -1019,11 +1014,10 @@
virNodeDeviceCapVPDParseReadOnlyFields(xmlXPathContextPtr ctxt, virPCIVPDResourc
res->ro = virPCIVPDResourceRONew();
while (keywords[i]) {
-expression = g_strdup_printf("string(./%s)", keywords[i]);
-result = virXPathString(expression, ctxt);
+g_autofree char *expression = g_strdup_printf("string(./%s)",
keywords[i]);
+g_autofree char *result = virXPathString(expression, ctxt);
+
virPCIVPDResourceUpdateKeyword(res, true, keywords[i], result);
-g_free(g_steal_pointer());
-g_free(g_steal_pointer());
++i;
}
if (virNodeDeviceCapVPDParseCustomFields(ctxt, res, true) < 0)
@@ -1047,38 +1041,34 @@
virNodeDeviceCapVPDParseReadWriteFields(xmlXPathContextPtr ctxt, virPCIVPDResour
static int
virNodeDeviceCapVPDParseXML(xmlXPathContextPtr ctxt, virPCIVPDResource **res)
{
-xmlNodePtr orignode = NULL;
g_autofree xmlNodePtr *nodes = NULL;
int nfields = -1;
-g_autofree char *access = NULL;
size_t i = 0;
g_autoptr(virPCIVPDResource) newres = g_new0(virPCIVPDResource, 1);
if (res == NULL)
return -1;
-orignode = ctxt->node;
-
if
[PATCH 0/5] Various cleanups
I've been playing with cocci lately and noticed it had troubles parsing some files. When I looked into them I had trouble parsing them as well. Michal Prívozník (5): node_device_conf: Bring variables into loops virpcivpd: Bring variables into loops virpcivpdtest: Declare variables at multiple lines lib: Use G_N_ELEMENTS instead of sizeof()/sizeof() scripts: Properly declare g_auto() stub for cocci scripts/cocci-macro-file.h | 2 +- src/conf/node_device_conf.c| 46 +- src/libxl/libxl_capabilities.c | 2 +- src/util/virpcivpd.c | 19 +++--- tests/virpcimock.c | 2 +- tests/virpcivpdtest.c | 29 ++--- 6 files changed, 39 insertions(+), 61 deletions(-) -- 2.32.0
[PATCH 4/5] lib: Use G_N_ELEMENTS instead of sizeof()/sizeof()
For statically declared arrays one can use G_N_ELEMENTS() instead
of explicit sizeof(array) / sizeof(item). I've noticed couple of
places where the latter was used.
I am not fixing every occurrence because we have some places
which do not use glib (examples and NSS module).
Signed-off-by: Michal Privoznik
---
src/libxl/libxl_capabilities.c | 2 +-
tests/virpcimock.c | 2 +-
tests/virpcivpdtest.c | 26 +-
3 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/libxl/libxl_capabilities.c b/src/libxl/libxl_capabilities.c
index e03b6fd3c3..6263b5c8b5 100644
--- a/src/libxl/libxl_capabilities.c
+++ b/src/libxl/libxl_capabilities.c
@@ -380,7 +380,7 @@ libxlCapsInitGuests(libxl_ctx *ctx, virCaps *caps)
* we "own" the buffer. Parse out the features from each token.
*/
for (str = ver_info->capabilities, nr_guest_archs = 0;
- nr_guest_archs < sizeof(guest_archs) / sizeof(guest_archs[0])
+ nr_guest_archs < G_N_ELEMENTS(guest_archs)
&& (token = strtok_r(str, " ", )) != NULL;
str = NULL) {
if (g_regex_match(regex, token, 0, )) {
diff --git a/tests/virpcimock.c b/tests/virpcimock.c
index f65ae7c0c5..77d46f0952 100644
--- a/tests/virpcimock.c
+++ b/tests/virpcimock.c
@@ -965,7 +965,7 @@ init_env(void)
};
struct pciVPD exampleVPD = {
.data = fullVPDExampleData,
-.vpd_len = sizeof(fullVPDExampleData) / sizeof(fullVPDExampleData[0]),
+.vpd_len = G_N_ELEMENTS(fullVPDExampleData),
};
if (!(fakerootdir = getenv("LIBVIRT_FAKE_ROOT_DIR")))
diff --git a/tests/virpcivpdtest.c b/tests/virpcivpdtest.c
index add1c74c04..284350fe29 100644
--- a/tests/virpcivpdtest.c
+++ b/tests/virpcivpdtest.c
@@ -76,9 +76,9 @@ testPCIVPDResourceBasic(const void *data G_GNUC_UNUSED)
{.keyword = "CP", .value = "42", .actual = NULL},
{.keyword = "EX", .value = "42", .actual = NULL},
};
-size_t numROCases = sizeof(readOnlyCases) / sizeof(TestPCIVPDKeywordValue);
-size_t numRWCases = sizeof(readWriteCases) /
sizeof(TestPCIVPDKeywordValue);
-size_t numUnsupportedCases = sizeof(unsupportedFieldCases) /
sizeof(TestPCIVPDKeywordValue);
+size_t numROCases = G_N_ELEMENTS(readOnlyCases);
+size_t numRWCases = G_N_ELEMENTS(readWriteCases);
+size_t numUnsupportedCases = G_N_ELEMENTS(unsupportedFieldCases);
g_autoptr(virPCIVPDResource) res = g_new0(virPCIVPDResource, 1);
virPCIVPDResourceCustom *custom = NULL;
@@ -328,7 +328,7 @@ testPCIVPDIsValidTextValue(const void *data G_GNUC_UNUSED)
/* The first and last code points are outside ASCII (multi-byte in
UTF-8). */
{"гbl", false},
};
-for (i = 0; i < sizeof(textValueCases) / sizeof(textValueCases[0]); ++i) {
+for (i = 0; i < G_N_ELEMENTS(textValueCases); ++i) {
if (virPCIVPDResourceIsValidTextValue(textValueCases[i].keyword) !=
textValueCases[i].expected)
return -1;
@@ -385,7 +385,7 @@ testPCIVPDGetFieldValueFormat(const void *data
G_GNUC_UNUSED)
/* Many letters. */
{"EXAMPLE", VIR_PCI_VPD_RESOURCE_FIELD_VALUE_FORMAT_LAST},
};
-for (i = 0; i < sizeof(valueFormatCases) / sizeof(valueFormatCases[0]);
++i) {
+for (i = 0; i < G_N_ELEMENTS(valueFormatCases); ++i) {
if (virPCIVPDResourceGetFieldValueFormat(valueFormatCases[i].keyword)
!=
valueFormatCases[i].expected)
return -1;
@@ -442,7 +442,7 @@ testVirPCIVPDReadVPDBytes(const void *opaque G_GNUC_UNUSED)
VPD_R_FIELDS_EXAMPLE_HEADER, VPD_R_FIELDS_EXAMPLE_DATA,
PCI_VPD_RESOURCE_END_VAL
};
-dataLen = sizeof(fullVPDExample) / sizeof(uint8_t) - 2;
+dataLen = G_N_ELEMENTS(fullVPDExample) - 2;
buf = g_malloc0(dataLen);
fd = virCreateAnonymousFile(fullVPDExample, dataLen);
@@ -480,7 +480,7 @@ testVirPCIVPDParseVPDStringResource(const void *opaque
G_GNUC_UNUSED)
VPD_STRING_RESOURCE_EXAMPLE_DATA
};
-dataLen = sizeof(stringResExample) / sizeof(uint8_t);
+dataLen = G_N_ELEMENTS(stringResExample);
fd = virCreateAnonymousFile(stringResExample, dataLen);
result = virPCIVPDParseVPDLargeResourceString(fd, 0, dataLen, , res);
VIR_FORCE_CLOSE(fd);
@@ -550,7 +550,7 @@ testVirPCIVPDParseFullVPD(const void *opaque G_GNUC_UNUSED)
PCI_VPD_RESOURCE_END_VAL
};
-dataLen = sizeof(fullVPDExample) / sizeof(uint8_t);
+dataLen = G_N_ELEMENTS(fullVPDExample);
fd = virCreateAnonymousFile(fullVPDExample, dataLen);
res = virPCIVPDParse(fd);
VIR_FORCE_CLOSE(fd);
@@ -618,7 +618,7 @@ testVirPCIVPDParseZeroLengthRW(const void *opaque
G_GNUC_UNUSED)
PCI_VPD_RESOURCE_END_VAL
};
-dataLen = sizeof(fullVPDExample) / sizeof(uint8_t);
+dataLen = G_N_ELEMENTS(fullVPDExample);
fd = virCreateAnonymousFile(fullVPDExample, dataLen);
res = virPCIVPDParse(fd);
VIR_FORCE_CLOSE(fd);
@@ -668,7
[PULL 07/10] ui/console: replace kbd_timer with chr_accept_input callback
From: Volker Rümelin
There's a ChardevClass chr_accept_input() callback function that
can replace the write retry timer.
Reviewed-by: Marc-André Lureau
Signed-off-by: Volker Rümelin
Message-Id: <20210916192239.18742-2-vr_q...@t-online.de>
Signed-off-by: Gerd Hoffmann
---
ui/console.c | 28 +---
1 file changed, 13 insertions(+), 15 deletions(-)
diff --git a/ui/console.c b/ui/console.c
index d2433c0636d0..dda1e6861d6a 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -116,7 +116,6 @@ struct QemuConsole {
Chardev *chr;
/* fifo for key pressed */
Fifo8 out_fifo;
-QEMUTimer *kbd_timer;
CoQueue dump_queue;
QTAILQ_ENTRY(QemuConsole) next;
@@ -1106,30 +1105,21 @@ static int vc_chr_write(Chardev *chr, const uint8_t
*buf, int len)
return len;
}
-static void kbd_send_chars(void *opaque)
+static void kbd_send_chars(QemuConsole *s)
{
-QemuConsole *s = opaque;
uint32_t len, avail;
len = qemu_chr_be_can_write(s->chr);
avail = fifo8_num_used(>out_fifo);
-if (len > avail) {
-len = avail;
-}
-while (len > 0) {
+while (len > 0 && avail > 0) {
const uint8_t *buf;
uint32_t size;
-buf = fifo8_pop_buf(>out_fifo, len, );
+buf = fifo8_pop_buf(>out_fifo, MIN(len, avail), );
qemu_chr_be_write(s->chr, (uint8_t *)buf, size);
-len -= size;
+len = qemu_chr_be_can_write(s->chr);
avail -= size;
}
-/* characters are pending: we send them a bit later (XXX:
- horrible, should change char device API) */
-if (avail > 0) {
-timer_mod(s->kbd_timer, qemu_clock_get_ms(QEMU_CLOCK_REALTIME) + 1);
-}
}
/* called when an ascii key is pressed */
@@ -2141,6 +2131,14 @@ int qemu_console_get_height(QemuConsole *con, int
fallback)
return con ? surface_height(con->surface) : fallback;
}
+static void vc_chr_accept_input(Chardev *chr)
+{
+VCChardev *drv = VC_CHARDEV(chr);
+QemuConsole *s = drv->console;
+
+kbd_send_chars(s);
+}
+
static void vc_chr_set_echo(Chardev *chr, bool echo)
{
VCChardev *drv = VC_CHARDEV(chr);
@@ -2189,7 +2187,6 @@ static void text_console_do_init(Chardev *chr,
DisplayState *ds)
int g_height = 24 * FONT_HEIGHT;
fifo8_create(>out_fifo, 16);
-s->kbd_timer = timer_new_ms(QEMU_CLOCK_REALTIME, kbd_send_chars, s);
s->ds = ds;
s->y_displayed = 0;
@@ -2439,6 +2436,7 @@ static void char_vc_class_init(ObjectClass *oc, void
*data)
cc->parse = qemu_chr_parse_vc;
cc->open = vc_chr_open;
cc->chr_write = vc_chr_write;
+cc->chr_accept_input = vc_chr_accept_input;
cc->chr_set_echo = vc_chr_set_echo;
}
--
2.31.1
[PULL 05/10] ui/gtk: skip any extra draw of same guest scanout blob res
From: Dongwon Kim
Any extra draw call for the same blob resource representing guest scanout
before the previous drawing is not finished can break synchronous draw
sequence. To prevent this, drawing is now done only once for each draw
submission (when draw_submitted == true).
v2:
- removed mutex
- updated commit msg
Cc: Gerd Hoffmann
Cc: Vivek Kasireddy
Signed-off-by: Dongwon Kim
Message-Id: <20210924225105.24930-1-dongwon@intel.com>
Signed-off-by: Gerd Hoffmann
---
include/ui/console.h| 1 +
hw/display/virtio-gpu-udmabuf.c | 2 +-
ui/gtk-egl.c| 40 ++-
ui/gtk-gl-area.c| 49 -
4 files changed, 59 insertions(+), 33 deletions(-)
diff --git a/include/ui/console.h b/include/ui/console.h
index 244664d727a4..b6bedc5f4152 100644
--- a/include/ui/console.h
+++ b/include/ui/console.h
@@ -171,6 +171,7 @@ typedef struct QemuDmaBuf {
void *sync;
int fence_fd;
bool allow_fences;
+bool draw_submitted;
} QemuDmaBuf;
typedef struct DisplayState DisplayState;
diff --git a/hw/display/virtio-gpu-udmabuf.c b/hw/display/virtio-gpu-udmabuf.c
index c6f7f587847f..60ea7f8f4972 100644
--- a/hw/display/virtio-gpu-udmabuf.c
+++ b/hw/display/virtio-gpu-udmabuf.c
@@ -186,7 +186,7 @@ static VGPUDMABuf
dmabuf->buf.fourcc = qemu_pixman_to_drm_format(fb->format);
dmabuf->buf.fd = res->dmabuf_fd;
dmabuf->buf.allow_fences = true;
-
+dmabuf->buf.draw_submitted = false;
dmabuf->scanout_id = scanout_id;
QTAILQ_INSERT_HEAD(>dmabuf.bufs, dmabuf, next);
diff --git a/ui/gtk-egl.c b/ui/gtk-egl.c
index 72ce5e1f8f41..e912b200755a 100644
--- a/ui/gtk-egl.c
+++ b/ui/gtk-egl.c
@@ -63,6 +63,9 @@ void gd_egl_init(VirtualConsole *vc)
void gd_egl_draw(VirtualConsole *vc)
{
GdkWindow *window;
+#ifdef CONFIG_GBM
+QemuDmaBuf *dmabuf = vc->gfx.guest_fb.dmabuf;
+#endif
int ww, wh;
if (!vc->gfx.gls) {
@@ -74,10 +77,31 @@ void gd_egl_draw(VirtualConsole *vc)
wh = gdk_window_get_height(window);
if (vc->gfx.scanout_mode) {
+#ifdef CONFIG_GBM
+if (dmabuf) {
+if (!dmabuf->draw_submitted) {
+return;
+} else {
+dmabuf->draw_submitted = false;
+}
+}
+#endif
gd_egl_scanout_flush(>gfx.dcl, 0, 0, vc->gfx.w, vc->gfx.h);
vc->gfx.scale_x = (double)ww / vc->gfx.w;
vc->gfx.scale_y = (double)wh / vc->gfx.h;
+
+glFlush();
+#ifdef CONFIG_GBM
+if (dmabuf) {
+egl_dmabuf_create_fence(dmabuf);
+if (dmabuf->fence_fd > 0) {
+qemu_set_fd_handler(dmabuf->fence_fd, gd_hw_gl_flushed, NULL,
vc);
+return;
+}
+graphic_hw_gl_block(vc->gfx.dcl.con, false);
+}
+#endif
} else {
if (!vc->gfx.ds) {
return;
@@ -92,21 +116,10 @@ void gd_egl_draw(VirtualConsole *vc)
vc->gfx.scale_x = (double)ww / surface_width(vc->gfx.ds);
vc->gfx.scale_y = (double)wh / surface_height(vc->gfx.ds);
-}
-
-glFlush();
-#ifdef CONFIG_GBM
-if (vc->gfx.guest_fb.dmabuf) {
-QemuDmaBuf *dmabuf = vc->gfx.guest_fb.dmabuf;
-egl_dmabuf_create_fence(dmabuf);
-if (dmabuf->fence_fd > 0) {
-qemu_set_fd_handler(dmabuf->fence_fd, gd_hw_gl_flushed, NULL, vc);
-return;
-}
-graphic_hw_gl_block(vc->gfx.dcl.con, false);
+glFlush();
}
-#endif
+
graphic_hw_gl_flushed(vc->gfx.dcl.con);
}
@@ -317,6 +330,7 @@ void gd_egl_flush(DisplayChangeListener *dcl,
if (vc->gfx.guest_fb.dmabuf) {
graphic_hw_gl_block(vc->gfx.dcl.con, true);
+vc->gfx.guest_fb.dmabuf->draw_submitted = true;
gtk_widget_queue_draw_area(area, x, y, w, h);
return;
}
diff --git a/ui/gtk-gl-area.c b/ui/gtk-gl-area.c
index afcb29f65823..461da7712f4f 100644
--- a/ui/gtk-gl-area.c
+++ b/ui/gtk-gl-area.c
@@ -38,6 +38,9 @@ static void gtk_gl_area_set_scanout_mode(VirtualConsole *vc,
bool scanout)
void gd_gl_area_draw(VirtualConsole *vc)
{
+#ifdef CONFIG_GBM
+QemuDmaBuf *dmabuf = vc->gfx.guest_fb.dmabuf;
+#endif
int ww, wh, y1, y2;
if (!vc->gfx.gls) {
@@ -53,6 +56,16 @@ void gd_gl_area_draw(VirtualConsole *vc)
return;
}
+#ifdef CONFIG_GBM
+if (dmabuf) {
+if (!dmabuf->draw_submitted) {
+return;
+} else {
+dmabuf->draw_submitted = false;
+}
+}
+#endif
+
glBindFramebuffer(GL_READ_FRAMEBUFFER, vc->gfx.guest_fb.framebuffer);
/* GtkGLArea sets GL_DRAW_FRAMEBUFFER for us */
@@ -62,6 +75,22 @@ void gd_gl_area_draw(VirtualConsole *vc)
glBlitFramebuffer(0, y1, vc->gfx.w, y2,
0, 0, ww, wh,
GL_COLOR_BUFFER_BIT, GL_NEAREST);
+#ifdef CONFIG_GBM
+if (dmabuf) {
+
[PULL 10/10] usb-storage: tag usb_msd_csw as packed struct
Without this the struct has the wrong size: sizeof() evaluates
to 16 instead of 13. In most cases the bug is hidden by the
fact that guests submits a buffer which is exactly 13 bytes
long, so the padding added by the compiler is simply ignored.
But sometimes guests submit a larger buffer and expect a short
transfer, which does not work properly with the wrong struct
size.
Cc: vintagepc...@protonmail.com
Signed-off-by: Gerd Hoffmann
Fixes: a917d384ac0 ("SCSI TCQ support.")
Reviewed-by: Philippe Mathieu-Daudé
Message-Id: <20210906045523.1259629-1-kra...@redhat.com>
---
include/hw/usb/msd.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/hw/usb/msd.h b/include/hw/usb/msd.h
index 7538c54569bf..54e9f38bda46 100644
--- a/include/hw/usb/msd.h
+++ b/include/hw/usb/msd.h
@@ -17,7 +17,7 @@ enum USBMSDMode {
USB_MSDM_CSW /* Command Status. */
};
-struct usb_msd_csw {
+struct QEMU_PACKED usb_msd_csw {
uint32_t sig;
uint32_t tag;
uint32_t residue;
--
2.31.1
[PULL 09/10] hw/misc: deprecate the 'sga' device
From: Daniel P. Berrangé
This is obsolete since SeaBIOS 1.11.0 introduced native support for
sending messages to the serial console. The new support can be
activated using -machine graphics=off on x86 targets.
Signed-off-by: Daniel P. Berrangé
Reviewed-by: Gerd Hoffmann
Message-Id: <20210909123219.862652-1-berra...@redhat.com>
Signed-off-by: Gerd Hoffmann
---
hw/misc/sga.c | 2 ++
docs/about/deprecated.rst | 10 ++
2 files changed, 12 insertions(+)
diff --git a/hw/misc/sga.c b/hw/misc/sga.c
index 4dbe6d78f9e5..1d04672b013b 100644
--- a/hw/misc/sga.c
+++ b/hw/misc/sga.c
@@ -30,6 +30,7 @@
#include "hw/loader.h"
#include "qemu/module.h"
#include "qom/object.h"
+#include "qemu/error-report.h"
#define SGABIOS_FILENAME "sgabios.bin"
@@ -42,6 +43,7 @@ struct ISASGAState {
static void sga_realizefn(DeviceState *dev, Error **errp)
{
+warn_report("-device sga is deprecated, use -machine graphics=off");
rom_add_vga(SGABIOS_FILENAME);
}
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index be19317470a1..25b7ec8d92d9 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -313,6 +313,16 @@ full SCSI support. Use virtio-scsi instead when SCSI
passthrough is required.
Note this also applies to ``-device virtio-blk-pci,scsi=on|off``, which is an
alias.
+``-device sga`` (since 6.2)
+^^^
+
+The ``sga`` device loads an option ROM for x86 targets which enables
+SeaBIOS to send messages to the serial console. SeaBIOS 1.11.0 onwards
+contains native support for this feature and thus use of the option
+ROM approach is obsolete. The native SeaBIOS support can be activated
+by using ``-machine graphics=off``.
+
+
Block device options
--
2.31.1
[PULL 04/10] ui/gtk: Update the refresh rate for gl-area too
From: Nikola Pavlica
This is a bugfix that stretches all the way back to January 2020,
where I initially introduced this problem and potential solutions.
A quick recap of the issue: QEMU did not sync up with the monitors
refresh rate causing the VM to render frames that were NOT displayed
to the user. That "fix" allowed QEMU to obtain the screen refreshrate
information from the system using GDK API's and was for GTK only.
Well, I'm back with the same issue again. But this time on Wayland.
And I did NOT realize there was YET another screen refresh rate
function, this time for Wayland specifically. Thankfully the fix was
simple and without much hassle.
Thanks,
Nikola
PS: It seems that my patch has gone missing from the mailing list,
hence I'm sending it again. Sorry for any inconveniences.
Signed-off-by: Nikola Pavlica
Message-Id: <20211024143110.704296-1-pavlica.nik...@gmail.com>
Signed-off-by: Gerd Hoffmann
---
ui/gtk-gl-area.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/ui/gtk-gl-area.c b/ui/gtk-gl-area.c
index b23523748e7f..afcb29f65823 100644
--- a/ui/gtk-gl-area.c
+++ b/ui/gtk-gl-area.c
@@ -112,6 +112,9 @@ void gd_gl_area_refresh(DisplayChangeListener *dcl)
{
VirtualConsole *vc = container_of(dcl, VirtualConsole, gfx.dcl);
+vc->gfx.dcl.update_interval = gd_monitor_update_interval(
+vc->window ? vc->window : vc->gfx.drawing_area);
+
if (!vc->gfx.gls) {
if (!gtk_widget_get_realized(vc->gfx.drawing_area)) {
return;
--
2.31.1
[PULL 08/10] ui/console: remove chardev frontend connected test
From: Volker Rümelin
The test if the chardev frontend is connected in
kbd_put_keysym_console() is redundant, because the call
to qemu_chr_be_can_write() in kbd_send_chars() tests
the connected condition again.
Remove the redundant test whether the chardev frontend
is connected.
Reviewed-by: Marc-André Lureau
Signed-off-by: Volker Rümelin
Message-Id: <20210916192239.18742-3-vr_q...@t-online.de>
Signed-off-by: Gerd Hoffmann
---
ui/console.c | 13 +
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git a/ui/console.c b/ui/console.c
index dda1e6861d6a..29a3e3f0f51c 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -28,10 +28,11 @@
#include "qapi/error.h"
#include "qapi/qapi-commands-ui.h"
#include "qemu/fifo8.h"
+#include "qemu/main-loop.h"
#include "qemu/module.h"
#include "qemu/option.h"
#include "qemu/timer.h"
-#include "chardev/char-fe.h"
+#include "chardev/char.h"
#include "trace.h"
#include "exec/memory.h"
#include "io/channel-file.h"
@@ -1126,7 +1127,6 @@ static void kbd_send_chars(QemuConsole *s)
void kbd_put_keysym_console(QemuConsole *s, int keysym)
{
uint8_t buf[16], *q;
-CharBackend *be;
int c;
uint32_t num_free;
@@ -1170,12 +1170,9 @@ void kbd_put_keysym_console(QemuConsole *s, int keysym)
if (s->echo) {
vc_chr_write(s->chr, buf, q - buf);
}
-be = s->chr->be;
-if (be && be->chr_read) {
-num_free = fifo8_num_free(>out_fifo);
-fifo8_push_all(>out_fifo, buf, MIN(num_free, q - buf));
-kbd_send_chars(s);
-}
+num_free = fifo8_num_free(>out_fifo);
+fifo8_push_all(>out_fifo, buf, MIN(num_free, q - buf));
+kbd_send_chars(s);
break;
}
}
--
2.31.1
[PULL 03/10] microvm: add device tree support.
Allows edk2 detect virtio-mmio devices and pcie ecam.
See comment in hw/i386/microvm-dt.c for more details.
Signed-off-by: Gerd Hoffmann
Reviewed-by: Sergio Lopez
Message-Id: <20211014193617.2475578-1-kra...@redhat.com>
---
hw/i386/microvm-dt.h | 8 +
include/hw/i386/microvm.h | 4 +
hw/i386/microvm-dt.c | 341 +
hw/i386/microvm.c | 2 +
.gitlab-ci.d/buildtest.yml | 1 -
configs/targets/i386-softmmu.mak | 1 +
configs/targets/x86_64-softmmu.mak | 1 +
hw/i386/meson.build| 2 +-
8 files changed, 358 insertions(+), 2 deletions(-)
create mode 100644 hw/i386/microvm-dt.h
create mode 100644 hw/i386/microvm-dt.c
diff --git a/hw/i386/microvm-dt.h b/hw/i386/microvm-dt.h
new file mode 100644
index ..77c79cbdd9fb
--- /dev/null
+++ b/hw/i386/microvm-dt.h
@@ -0,0 +1,8 @@
+#ifndef HW_I386_MICROVM_DT_H
+#define HW_I386_MICROVM_DT_H
+
+#include "hw/i386/microvm.h"
+
+void dt_setup_microvm(MicrovmMachineState *mms);
+
+#endif
diff --git a/include/hw/i386/microvm.h b/include/hw/i386/microvm.h
index f25f8374413f..4d9c732d4b2b 100644
--- a/include/hw/i386/microvm.h
+++ b/include/hw/i386/microvm.h
@@ -104,6 +104,10 @@ struct MicrovmMachineState {
Notifier machine_done;
Notifier powerdown_req;
struct GPEXConfig gpex;
+
+/* device tree */
+void *fdt;
+uint32_t ioapic_phandle[2];
};
#define TYPE_MICROVM_MACHINE MACHINE_TYPE_NAME("microvm")
diff --git a/hw/i386/microvm-dt.c b/hw/i386/microvm-dt.c
new file mode 100644
index ..875ba9196394
--- /dev/null
+++ b/hw/i386/microvm-dt.c
@@ -0,0 +1,341 @@
+/*
+ * microvm device tree support
+ *
+ * This generates an device tree for microvm and exports it via fw_cfg
+ * as "etc/fdt" to the firmware (edk2 specifically).
+ *
+ * The use case is to allow edk2 find the pcie ecam and the virtio
+ * devices, without adding an ACPI parser, reusing the fdt parser
+ * which is needed anyway for the arm platform.
+ *
+ * Note 1: The device tree is incomplete. CPUs and memory is missing
+ * for example, those can be detected using other fw_cfg files.
+ * Also pci ecam irq routing is not there, edk2 doesn't use
+ * interrupts.
+ *
+ * Note 2: This is for firmware only. OSes should use the more
+ * complete ACPI tables for hardware discovery.
+ *
+ * --
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2 or later, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program. If not, see
[PULL 01/10] MAINTAINERS: Add myself as a reviewer for SDL audio
From: Thomas Huth I've got some experience with the SDL library, so I can help reviewing patches here. Signed-off-by: Thomas Huth Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20211030062106.46024-1-h...@tuxfamily.org> Signed-off-by: Gerd Hoffmann --- MAINTAINERS | 1 + 1 file changed, 1 insertion(+) diff --git a/MAINTAINERS b/MAINTAINERS index 310a9512ea18..99618e6d9906 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2315,6 +2315,7 @@ F: audio/paaudio.c SDL Audio backend M: Gerd Hoffmann +R: Thomas Huth S: Odd Fixes F: audio/sdlaudio.c -- 2.31.1
[PULL 06/10] ui/console: replace QEMUFIFO with Fifo8
From: Volker Rümelin
One of the two FIFO implementations QEMUFIFO and Fifo8 is
redundant. Replace QEMUFIFO with Fifo8.
Signed-off-by: Volker Rümelin
Reviewed-by: Marc-André Lureau
Message-Id: <20210916192239.18742-1-vr_q...@t-online.de>
Signed-off-by: Gerd Hoffmann
---
ui/console.c | 86
1 file changed, 20 insertions(+), 66 deletions(-)
diff --git a/ui/console.c b/ui/console.c
index eabbbc951c5f..d2433c0636d0 100644
--- a/ui/console.c
+++ b/ui/console.c
@@ -27,6 +27,7 @@
#include "hw/qdev-core.h"
#include "qapi/error.h"
#include "qapi/qapi-commands-ui.h"
+#include "qemu/fifo8.h"
#include "qemu/module.h"
#include "qemu/option.h"
#include "qemu/timer.h"
@@ -62,57 +63,6 @@ enum TTYState {
TTY_STATE_CSI,
};
-typedef struct QEMUFIFO {
-uint8_t *buf;
-int buf_size;
-int count, wptr, rptr;
-} QEMUFIFO;
-
-static int qemu_fifo_write(QEMUFIFO *f, const uint8_t *buf, int len1)
-{
-int l, len;
-
-l = f->buf_size - f->count;
-if (len1 > l)
-len1 = l;
-len = len1;
-while (len > 0) {
-l = f->buf_size - f->wptr;
-if (l > len)
-l = len;
-memcpy(f->buf + f->wptr, buf, l);
-f->wptr += l;
-if (f->wptr >= f->buf_size)
-f->wptr = 0;
-buf += l;
-len -= l;
-}
-f->count += len1;
-return len1;
-}
-
-static int qemu_fifo_read(QEMUFIFO *f, uint8_t *buf, int len1)
-{
-int l, len;
-
-if (len1 > f->count)
-len1 = f->count;
-len = len1;
-while (len > 0) {
-l = f->buf_size - f->rptr;
-if (l > len)
-l = len;
-memcpy(buf, f->buf + f->rptr, l);
-f->rptr += l;
-if (f->rptr >= f->buf_size)
-f->rptr = 0;
-buf += l;
-len -= l;
-}
-f->count -= len1;
-return len1;
-}
-
typedef enum {
GRAPHIC_CONSOLE,
TEXT_CONSOLE,
@@ -165,8 +115,7 @@ struct QemuConsole {
Chardev *chr;
/* fifo for key pressed */
-QEMUFIFO out_fifo;
-uint8_t out_fifo_buf[16];
+Fifo8 out_fifo;
QEMUTimer *kbd_timer;
CoQueue dump_queue;
@@ -1160,21 +1109,25 @@ static int vc_chr_write(Chardev *chr, const uint8_t
*buf, int len)
static void kbd_send_chars(void *opaque)
{
QemuConsole *s = opaque;
-int len;
-uint8_t buf[16];
+uint32_t len, avail;
len = qemu_chr_be_can_write(s->chr);
-if (len > s->out_fifo.count)
-len = s->out_fifo.count;
-if (len > 0) {
-if (len > sizeof(buf))
-len = sizeof(buf);
-qemu_fifo_read(>out_fifo, buf, len);
-qemu_chr_be_write(s->chr, buf, len);
+avail = fifo8_num_used(>out_fifo);
+if (len > avail) {
+len = avail;
+}
+while (len > 0) {
+const uint8_t *buf;
+uint32_t size;
+
+buf = fifo8_pop_buf(>out_fifo, len, );
+qemu_chr_be_write(s->chr, (uint8_t *)buf, size);
+len -= size;
+avail -= size;
}
/* characters are pending: we send them a bit later (XXX:
horrible, should change char device API) */
-if (s->out_fifo.count > 0) {
+if (avail > 0) {
timer_mod(s->kbd_timer, qemu_clock_get_ms(QEMU_CLOCK_REALTIME) + 1);
}
}
@@ -1185,6 +1138,7 @@ void kbd_put_keysym_console(QemuConsole *s, int keysym)
uint8_t buf[16], *q;
CharBackend *be;
int c;
+uint32_t num_free;
if (!s || (s->console_type == GRAPHIC_CONSOLE))
return;
@@ -1228,7 +1182,8 @@ void kbd_put_keysym_console(QemuConsole *s, int keysym)
}
be = s->chr->be;
if (be && be->chr_read) {
-qemu_fifo_write(>out_fifo, buf, q - buf);
+num_free = fifo8_num_free(>out_fifo);
+fifo8_push_all(>out_fifo, buf, MIN(num_free, q - buf));
kbd_send_chars(s);
}
break;
@@ -2233,8 +2188,7 @@ static void text_console_do_init(Chardev *chr,
DisplayState *ds)
int g_width = 80 * FONT_WIDTH;
int g_height = 24 * FONT_HEIGHT;
-s->out_fifo.buf = s->out_fifo_buf;
-s->out_fifo.buf_size = sizeof(s->out_fifo_buf);
+fifo8_create(>out_fifo, 16);
s->kbd_timer = timer_new_ms(QEMU_CLOCK_REALTIME, kbd_send_chars, s);
s->ds = ds;
--
2.31.1
[PULL 00/10] Misc 20211102 patches
The following changes since commit 8cb41fda78c7ebde0dd248c6afe1d336efb0de50: Merge remote-tracking branch 'remotes/philmd/tags/machine-20211101' into staging (2021-11-02 05:53:45 -0400) are available in the Git repository at: git://git.kraxel.org/qemu tags/misc-20211102-pull-request for you to fetch changes up to 58d7d4c7869cb3addb0714aa7b6bd88f2b6b7edf: usb-storage: tag usb_msd_csw as packed struct (2021-11-02 17:24:18 +0100) MAINTAINERS: audio updates microvm: device tree support console: chardev fixes misc: deprecate sga usb: fix struct usb_msd_csw Christian Schoenebeck (1): MAINTAINERS: add myself as partial audio reviewer Daniel P. Berrangé (1): hw/misc: deprecate the 'sga' device Dongwon Kim (1): ui/gtk: skip any extra draw of same guest scanout blob res Gerd Hoffmann (2): microvm: add device tree support. usb-storage: tag usb_msd_csw as packed struct Nikola Pavlica (1): ui/gtk: Update the refresh rate for gl-area too Thomas Huth (1): MAINTAINERS: Add myself as a reviewer for SDL audio Volker Rümelin (3): ui/console: replace QEMUFIFO with Fifo8 ui/console: replace kbd_timer with chr_accept_input callback ui/console: remove chardev frontend connected test hw/i386/microvm-dt.h | 8 + include/hw/i386/microvm.h | 4 + include/hw/usb/msd.h | 2 +- include/ui/console.h | 1 + hw/display/virtio-gpu-udmabuf.c| 2 +- hw/i386/microvm-dt.c | 341 + hw/i386/microvm.c | 2 + hw/misc/sga.c | 2 + ui/console.c | 109 +++-- ui/gtk-egl.c | 40 ++-- ui/gtk-gl-area.c | 52 +++-- .gitlab-ci.d/buildtest.yml | 1 - MAINTAINERS| 4 + configs/targets/i386-softmmu.mak | 1 + configs/targets/x86_64-softmmu.mak | 1 + docs/about/deprecated.rst | 10 + hw/i386/meson.build| 2 +- 17 files changed, 466 insertions(+), 116 deletions(-) create mode 100644 hw/i386/microvm-dt.h create mode 100644 hw/i386/microvm-dt.c -- 2.31.1
[PULL 02/10] MAINTAINERS: add myself as partial audio reviewer
From: Christian Schoenebeck Volunteering as reviewer for some of the audio backends; namely ALSA, CoreAudio and JACK. Signed-off-by: Christian Schoenebeck Reviewed-by: Philippe Mathieu-Daudé Message-Id: Signed-off-by: Gerd Hoffmann --- MAINTAINERS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 99618e6d9906..9ddba68701b5 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2285,11 +2285,13 @@ F: qapi/audio.json ALSA Audio backend M: Gerd Hoffmann +R: Christian Schoenebeck S: Odd Fixes F: audio/alsaaudio.c Core Audio framework backend M: Gerd Hoffmann +R: Christian Schoenebeck S: Odd Fixes F: audio/coreaudio.c @@ -2300,6 +2302,7 @@ F: audio/dsound* JACK Audio Connection Kit backend M: Gerd Hoffmann +R: Christian Schoenebeck S: Odd Fixes F: audio/jackaudio.c -- 2.31.1
[libvirt PATCH 5/7] tests: convert name-escape to use real caps
For later QEMUs than 2.11 we do FD passing for character devices.
Use both the latest capabilities and 2.11 capabilities, to catch
escaping of the chardev paths as well.
Signed-off-by: Ján Tomko
---
...pe.args => name-escape.x86_64-2.11.0.args} | 7 +--
.../name-escape.x86_64-latest.args| 50 +++
tests/qemuxml2argvtest.c | 15 +-
3 files changed, 56 insertions(+), 16 deletions(-)
rename tests/qemuxml2argvdata/{name-escape.args =>
name-escape.x86_64-2.11.0.args} (90%)
create mode 100644 tests/qemuxml2argvdata/name-escape.x86_64-latest.args
diff --git a/tests/qemuxml2argvdata/name-escape.args
b/tests/qemuxml2argvdata/name-escape.x86_64-2.11.0.args
similarity index 90%
rename from tests/qemuxml2argvdata/name-escape.args
rename to tests/qemuxml2argvdata/name-escape.x86_64-2.11.0.args
index eb8d9ac10a..71770dc546 100644
--- a/tests/qemuxml2argvdata/name-escape.args
+++ b/tests/qemuxml2argvdata/name-escape.x86_64-2.11.0.args
@@ -11,7 +11,7 @@ QEMU_AUDIO_DRV=spice \
-name guest=foo=1,,bar=2,debug-threads=on \
-S \
-object
secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-foo=1,,bar=2/master-key.aes
\
--machine pc,accel=tcg,usb=off,dump-guest-core=off \
+-machine pc-i440fx-2.11,accel=tcg,usb=off,dump-guest-core=off \
-m 214 \
-realtime mlock=off \
-smp 1,sockets=1,cores=1,threads=1 \
@@ -24,11 +24,11 @@ QEMU_AUDIO_DRV=spice \
-no-shutdown \
-no-acpi \
-boot strict=on \
+-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
-device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x3 \
--usb \
-device usb-ccid,id=ccid0,bus=usb.0,port=1 \
-drive
file=/dev/HostVG/QEMUGuest1,format=qcow2,if=none,id=drive-ide0-0-0,cache=none,throttling.bps-total=5000,throttling.iops-total=6000,throttling.bps-total-max=1,throttling.iops-total-max=11000,throttling.group=libvirt_iotune_group1,,foo
\
--device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \
+-device
ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1,write-cache=on
\
-device
ccid-card-emulated,backend=certificates,cert1=cert1,,foo,cert2=cert2,cert3=cert3,db=/etc/pki/nssdb,,foo,id=smartcard0,bus=ccid0.0
\
-chardev tty,id=charserial0,path=/dev/ttyS2,,foo \
-device isa-serial,chardev=charserial0,id=serial0 \
@@ -42,4 +42,5 @@ QEMU_AUDIO_DRV=spice \
-drive
file.driver=iscsi,file.portal=example.foo.org:3260,file.target=iqn.1992-01.com.example:my,,storage,file.lun=1,file.transport=tcp,if=none,format=raw,id=drive-hostdev0
\
-device
scsi-generic,drive=drive-hostdev0,id=hostdev0,bus=scsi0.0,channel=0,scsi-id=0,lun=4
\
-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 \
+-sandbox
on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
-msg timestamp=on
diff --git a/tests/qemuxml2argvdata/name-escape.x86_64-latest.args
b/tests/qemuxml2argvdata/name-escape.x86_64-latest.args
new file mode 100644
index 00..ceea515b17
--- /dev/null
+++ b/tests/qemuxml2argvdata/name-escape.x86_64-latest.args
@@ -0,0 +1,50 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/tmp/lib/domain--1-foo=1,bar=2 \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/tmp/lib/domain--1-foo=1,bar=2/.local/share \
+XDG_CACHE_HOME=/tmp/lib/domain--1-foo=1,bar=2/.cache \
+XDG_CONFIG_HOME=/tmp/lib/domain--1-foo=1,bar=2/.config \
+/usr/bin/qemu-system-i386 \
+-name guest=foo=1,,bar=2,debug-threads=on \
+-S \
+-object
'{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-foo=1,bar=2/master-key.aes"}'
\
+-machine pc,accel=tcg,usb=off,dump-guest-core=off,memory-backend=pc.ram \
+-cpu qemu64 \
+-m 214 \
+-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \
+-overcommit mem-lock=off \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-no-acpi \
+-boot strict=on \
+-device
'{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \
+-device '{"driver":"virtio-scsi-pci","id":"scsi0","bus":"pci.0","addr":"0x3"}'
\
+-device '{"driver":"usb-ccid","id":"ccid0","bus":"usb.0","port":"1"}' \
+-blockdev
'{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","cache":{"direct":true,"no-flush":false},"auto-read-only":true,"discard":"unmap"}'
\
+-blockdev
'{"node-name":"libvirt-1-format","read-only":false,"cache":{"direct":true,"no-flush":false},"driver":"qcow2","file":"libvirt-1-storage"}'
\
+-device
'{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-format","id":"ide0-0-0","bootindex":1,"write-cache":"on"}'
\
+-device
'{"driver":"ccid-card-emulated","backend":"certificates","cert1":"cert1,foo","cert2":"cert2","cert3":"cert3","db":"/etc/pki/nssdb,foo","id":"smartcard0","bus":"ccid0.0"}'
\
+-chardev tty,id=charserial0,path=/dev/ttyS2,,foo \
+-device
[libvirt PATCH 3/7] tests: qemuxml2xml: use latest caps for spice tests
Signed-off-by: Ján Tomko
---
...s-spice-auto-socket-cfg.x86_64-latest.xml} | 5 ++-
...phics-spice-auto-socket.x86_64-latest.xml} | 5 ++-
...phics-spice-compression.x86_64-latest.xml} | 5 ++-
...hics-spice-egl-headless.x86_64-latest.xml} | 5 ++-
... graphics-spice-qxl-vga.x86_64-latest.xml} | 5 ++-
...> graphics-spice-socket.x86_64-latest.xml} | 5 ++-
... graphics-spice-timeout.x86_64-latest.xml} | 2 +-
...e.xml => graphics-spice.x86_64-latest.xml} | 5 ++-
tests/qemuxml2xmltest.c | 35 +--
9 files changed, 37 insertions(+), 35 deletions(-)
rename tests/qemuxml2xmloutdata/{graphics-spice-auto-socket-cfg.xml =>
graphics-spice-auto-socket-cfg.x86_64-latest.xml} (88%)
rename tests/qemuxml2xmloutdata/{graphics-spice-auto-socket.xml =>
graphics-spice-auto-socket.x86_64-latest.xml} (88%)
rename tests/qemuxml2xmloutdata/{graphics-spice-compression.xml =>
graphics-spice-compression.x86_64-latest.xml} (91%)
rename tests/qemuxml2xmloutdata/{graphics-spice-egl-headless.xml =>
graphics-spice-egl-headless.x86_64-latest.xml} (89%)
rename tests/qemuxml2xmloutdata/{graphics-spice-qxl-vga.xml =>
graphics-spice-qxl-vga.x86_64-latest.xml} (91%)
rename tests/qemuxml2xmloutdata/{graphics-spice-socket.xml =>
graphics-spice-socket.x86_64-latest.xml} (88%)
rename tests/qemuxml2xmloutdata/{graphics-spice-timeout.xml =>
graphics-spice-timeout.x86_64-latest.xml} (98%)
rename tests/qemuxml2xmloutdata/{graphics-spice.xml =>
graphics-spice.x86_64-latest.xml} (92%)
diff --git a/tests/qemuxml2xmloutdata/graphics-spice-auto-socket-cfg.xml
b/tests/qemuxml2xmloutdata/graphics-spice-auto-socket-cfg.x86_64-latest.xml
similarity index 88%
rename from tests/qemuxml2xmloutdata/graphics-spice-auto-socket-cfg.xml
rename to
tests/qemuxml2xmloutdata/graphics-spice-auto-socket-cfg.x86_64-latest.xml
index f55c4b28a0..c6e2db610e 100644
--- a/tests/qemuxml2xmloutdata/graphics-spice-auto-socket-cfg.xml
+++ b/tests/qemuxml2xmloutdata/graphics-spice-auto-socket-cfg.x86_64-latest.xml
@@ -8,13 +8,16 @@
hvm
+
+qemu64
+
destroy
restart
destroy
/usr/bin/qemu-system-i386
-
+
diff --git a/tests/qemuxml2xmloutdata/graphics-spice-auto-socket.xml
b/tests/qemuxml2xmloutdata/graphics-spice-auto-socket.x86_64-latest.xml
similarity index 88%
rename from tests/qemuxml2xmloutdata/graphics-spice-auto-socket.xml
rename to tests/qemuxml2xmloutdata/graphics-spice-auto-socket.x86_64-latest.xml
index a2d6688ffe..50386c74ce 100644
--- a/tests/qemuxml2xmloutdata/graphics-spice-auto-socket.xml
+++ b/tests/qemuxml2xmloutdata/graphics-spice-auto-socket.x86_64-latest.xml
@@ -8,13 +8,16 @@
hvm
+
+qemu64
+
destroy
restart
destroy
/usr/bin/qemu-system-i386
-
+
diff --git a/tests/qemuxml2xmloutdata/graphics-spice-compression.xml
b/tests/qemuxml2xmloutdata/graphics-spice-compression.x86_64-latest.xml
similarity index 91%
rename from tests/qemuxml2xmloutdata/graphics-spice-compression.xml
rename to tests/qemuxml2xmloutdata/graphics-spice-compression.x86_64-latest.xml
index 385128b76a..9903efc4ed 100644
--- a/tests/qemuxml2xmloutdata/graphics-spice-compression.xml
+++ b/tests/qemuxml2xmloutdata/graphics-spice-compression.x86_64-latest.xml
@@ -8,13 +8,16 @@
hvm
+
+qemu64
+
destroy
restart
destroy
/usr/bin/qemu-system-i386
-
+
diff --git a/tests/qemuxml2xmloutdata/graphics-spice-egl-headless.xml
b/tests/qemuxml2xmloutdata/graphics-spice-egl-headless.x86_64-latest.xml
similarity index 89%
rename from tests/qemuxml2xmloutdata/graphics-spice-egl-headless.xml
rename to tests/qemuxml2xmloutdata/graphics-spice-egl-headless.x86_64-latest.xml
index edf34439e9..c9bab0de11 100644
--- a/tests/qemuxml2xmloutdata/graphics-spice-egl-headless.xml
+++ b/tests/qemuxml2xmloutdata/graphics-spice-egl-headless.x86_64-latest.xml
@@ -8,13 +8,16 @@
hvm
+
+qemu64
+
destroy
restart
destroy
/usr/bin/qemu-system-i386
-
+
diff --git a/tests/qemuxml2xmloutdata/graphics-spice-qxl-vga.xml
b/tests/qemuxml2xmloutdata/graphics-spice-qxl-vga.x86_64-latest.xml
similarity index 91%
rename from tests/qemuxml2xmloutdata/graphics-spice-qxl-vga.xml
rename to tests/qemuxml2xmloutdata/graphics-spice-qxl-vga.x86_64-latest.xml
index acd6610566..cb687cf788 100644
--- a/tests/qemuxml2xmloutdata/graphics-spice-qxl-vga.xml
+++ b/tests/qemuxml2xmloutdata/graphics-spice-qxl-vga.x86_64-latest.xml
@@ -8,13 +8,16 @@
hvm
+
+qemu64
+
destroy
restart
destroy
/usr/bin/qemu-system-i386
-
+
diff --git a/tests/qemuxml2xmloutdata/graphics-spice-socket.xml
b/tests/qemuxml2xmloutdata/graphics-spice-socket.x86_64-latest.xml
similarity index 88%
rename from tests/qemuxml2xmloutdata/graphics-spice-socket.xml
rename to
[libvirt PATCH 0/7] qemu: retire QEMU_CAPS_SPICE_UNIX
One less thing to probe via query-command-line-options
Ján Tomko (7):
tests: remove disks from spice tests
tests: qemuxml2xmltest: move graphics-spice-timeout
tests: qemuxml2xml: use latest caps for spice tests
tests: qemuxml2argv: use latest caps for spice tests
tests: convert name-escape to use real caps
qemu: always assume QEMU_CAPS_SPICE_UNIX
qemu: retire QEMU_CAPS_SPICE_UNIX
src/qemu/qemu_capabilities.c | 3 +-
src/qemu/qemu_capabilities.h | 2 +-
src/qemu/qemu_validate.c | 10 +--
.../caps_2.11.0.x86_64.xml| 1 -
.../caps_2.12.0.x86_64.xml| 1 -
.../caps_3.0.0.x86_64.xml | 1 -
.../caps_3.1.0.x86_64.xml | 1 -
.../caps_4.0.0.riscv32.xml| 1 -
.../caps_4.0.0.riscv64.xml| 1 -
.../caps_4.0.0.x86_64.xml | 1 -
.../caps_4.1.0.x86_64.xml | 1 -
.../caps_4.2.0.x86_64.xml | 1 -
.../caps_5.0.0.riscv64.xml| 1 -
.../caps_5.0.0.x86_64.xml | 1 -
.../qemucapabilitiesdata/caps_5.1.0.sparc.xml | 1 -
.../caps_5.1.0.x86_64.xml | 1 -
.../caps_5.2.0.riscv64.xml| 1 -
.../caps_5.2.0.x86_64.xml | 1 -
.../caps_6.0.0.x86_64.xml | 1 -
.../caps_6.1.0.x86_64.xml | 1 -
.../caps_6.2.0.aarch64.xml| 1 -
.../caps_6.2.0.x86_64.xml | 1 -
.../graphics-spice-agent-file-xfer.args | 34 -
...s-spice-agent-file-xfer.x86_64-latest.args | 35 +
.../graphics-spice-agent-file-xfer.xml| 5 --
.../graphics-spice-agentmouse.args| 36 -
...aphics-spice-agentmouse.x86_64-latest.args | 37 +
.../graphics-spice-agentmouse.xml | 5 --
...-spice-auto-socket-cfg.x86_64-latest.args} | 17 +++--
...hics-spice-auto-socket.x86_64-latest.args} | 17 +++--
.../graphics-spice-compression.args | 34 -
...phics-spice-compression.x86_64-latest.args | 35 +
.../graphics-spice-compression.xml| 5 --
.../graphics-spice-egl-headless.args | 34 -
...hics-spice-egl-headless.x86_64-latest.args | 35 +
.../graphics-spice-egl-headless.xml | 5 --
.../graphics-spice-invalid-egl-headless.xml | 5 --
.../graphics-spice-no-args.args | 31
.../graphics-spice-no-args.x86_64-latest.args | 34 +
.../graphics-spice-qxl-vga.args | 34 -
.../graphics-spice-qxl-vga.x86_64-latest.args | 35 +
.../graphics-spice-qxl-vga.xml| 5 --
.../qemuxml2argvdata/graphics-spice-sasl.args | 34 -
.../graphics-spice-sasl.x86_64-latest.args| 35 +
.../qemuxml2argvdata/graphics-spice-sasl.xml | 6 --
.../graphics-spice-socket.args| 30
.../graphics-spice-socket.x86_64-latest.args | 33
.../graphics-spice-timeout.args | 40 --
.../graphics-spice-timeout.x86_64-latest.args | 38 ++
.../graphics-spice-timeout.xml| 13
.../graphics-spice-usb-redir.args | 38 --
...raphics-spice-usb-redir.x86_64-latest.args | 41 ++
tests/qemuxml2argvdata/graphics-spice.args| 34 -
.../graphics-spice.x86_64-latest.args | 35 +
tests/qemuxml2argvdata/graphics-spice.xml | 5 --
...pe.args => name-escape.x86_64-2.11.0.args} | 7 +-
.../name-escape.x86_64-latest.args| 50
tests/qemuxml2argvtest.c | 76 ---
...s-spice-auto-socket-cfg.x86_64-latest.xml} | 5 +-
...phics-spice-auto-socket.x86_64-latest.xml} | 5 +-
...phics-spice-compression.x86_64-latest.xml} | 11 +--
...hics-spice-egl-headless.x86_64-latest.xml} | 11 +--
... graphics-spice-qxl-vga.x86_64-latest.xml} | 11 +--
...> graphics-spice-socket.x86_64-latest.xml} | 5 +-
... graphics-spice-timeout.x86_64-latest.xml} | 15 +---
...e.xml => graphics-spice.x86_64-latest.xml} | 11 +--
tests/qemuxml2xmltest.c | 35 ++---
67 files changed, 522 insertions(+), 614 deletions(-)
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-agentmouse.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-agentmouse.x86_64-latest.args
rename tests/qemuxml2argvdata/{graphics-spice-auto-socket-cfg.args =>
graphics-spice-auto-socket-cfg.x86_64-latest.args} (50%)
rename tests/qemuxml2argvdata/{graphics-spice-auto-socket.args =>
graphics-spice-auto-socket.x86_64-latest.args} (50%)
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-compression.args
create mode
[libvirt PATCH 4/7] tests: qemuxml2argv: use latest caps for spice tests
Signed-off-by: Ján Tomko
---
.../graphics-spice-agent-file-xfer.args | 32 --
...s-spice-agent-file-xfer.x86_64-latest.args | 35 +++
.../graphics-spice-agentmouse.args| 34 ---
...aphics-spice-agentmouse.x86_64-latest.args | 37 +++
...-spice-auto-socket-cfg.x86_64-latest.args} | 17 +++---
...hics-spice-auto-socket.x86_64-latest.args} | 17 +++---
.../graphics-spice-compression.args | 32 --
...phics-spice-compression.x86_64-latest.args | 35 +++
.../graphics-spice-egl-headless.args | 32 --
...hics-spice-egl-headless.x86_64-latest.args | 35 +++
.../graphics-spice-no-args.args | 31 --
.../graphics-spice-no-args.x86_64-latest.args | 34 +++
.../graphics-spice-qxl-vga.args | 32 --
.../graphics-spice-qxl-vga.x86_64-latest.args | 35 +++
.../qemuxml2argvdata/graphics-spice-sasl.args | 32 --
.../graphics-spice-sasl.x86_64-latest.args| 35 +++
.../graphics-spice-socket.args| 30 -
.../graphics-spice-socket.x86_64-latest.args | 33 ++
.../graphics-spice-timeout.args | 36 ---
.../graphics-spice-timeout.x86_64-latest.args | 38
.../graphics-spice-usb-redir.args | 38
...raphics-spice-usb-redir.x86_64-latest.args | 41 +
tests/qemuxml2argvdata/graphics-spice.args| 32 --
.../graphics-spice.x86_64-latest.args | 35 +++
tests/qemuxml2argvtest.c | 61 ---
25 files changed, 426 insertions(+), 423 deletions(-)
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-agentmouse.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-agentmouse.x86_64-latest.args
rename tests/qemuxml2argvdata/{graphics-spice-auto-socket-cfg.args =>
graphics-spice-auto-socket-cfg.x86_64-latest.args} (50%)
rename tests/qemuxml2argvdata/{graphics-spice-auto-socket.args =>
graphics-spice-auto-socket.x86_64-latest.args} (50%)
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-compression.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-compression.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-egl-headless.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-egl-headless.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-no-args.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-no-args.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-qxl-vga.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-qxl-vga.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-sasl.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-socket.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-socket.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-timeout.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-timeout.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice-usb-redir.args
create mode 100644
tests/qemuxml2argvdata/graphics-spice-usb-redir.x86_64-latest.args
delete mode 100644 tests/qemuxml2argvdata/graphics-spice.args
create mode 100644 tests/qemuxml2argvdata/graphics-spice.x86_64-latest.args
diff --git a/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args
b/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args
deleted file mode 100644
index 5a01f17ec4..00
--- a/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args
+++ /dev/null
@@ -1,32 +0,0 @@
-LC_ALL=C \
-PATH=/bin \
-HOME=/tmp/lib/domain--1-QEMUGuest1 \
-USER=test \
-LOGNAME=test \
-XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
-XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
-XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
-QEMU_AUDIO_DRV=spice \
-/usr/bin/qemu-system-i386 \
--name guest=QEMUGuest1,debug-threads=on \
--S \
--object
secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes
\
--machine pc,accel=tcg,usb=off,dump-guest-core=off \
--m 214 \
--realtime mlock=off \
--smp 1,sockets=1,cores=1,threads=1 \
--uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
--no-user-config \
--nodefaults \
--chardev
socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server=on,wait=off
\
--mon chardev=charmonitor,id=monitor,mode=control \
--rtc base=utc \
--no-shutdown \
--no-acpi \
--boot strict=on \
--usb \
--spice
[libvirt PATCH 7/7] qemu: retire QEMU_CAPS_SPICE_UNIX
It is now unused.
Signed-off-by: Ján Tomko
---
src/qemu/qemu_capabilities.c | 3 +--
src/qemu/qemu_capabilities.h | 2 +-
tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml | 1 -
tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml | 1 -
tests/qemucapabilitiesdata/caps_4.0.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_4.1.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_4.2.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_5.0.0.riscv64.xml | 1 -
tests/qemucapabilitiesdata/caps_5.0.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_5.1.0.sparc.xml | 1 -
tests/qemucapabilitiesdata/caps_5.1.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_5.2.0.riscv64.xml | 1 -
tests/qemucapabilitiesdata/caps_5.2.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_6.0.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_6.1.0.x86_64.xml | 1 -
tests/qemucapabilitiesdata/caps_6.2.0.aarch64.xml | 1 -
tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml | 1 -
21 files changed, 2 insertions(+), 22 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 47b488213f..e4fdd9a1eb 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -382,7 +382,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
"qxl-vga.max_outputs", /* X_QEMU_CAPS_QXL_VGA_MAX_OUTPUTS */
/* 225 */
- "spice-unix", /* QEMU_CAPS_SPICE_UNIX */
+ "spice-unix", /* X_QEMU_CAPS_SPICE_UNIX */
"drive-detect-zeroes", /* QEMU_CAPS_DRIVE_DETECT_ZEROES */
"tls-creds-x509", /* X_QEMU_CAPS_OBJECT_TLS_CREDS_X509 */
"display", /* X_QEMU_CAPS_DISPLAY */
@@ -3196,7 +3196,6 @@ static struct virQEMUCapsCommandLineProps
virQEMUCapsCommandLine[] = {
{ "overcommit", NULL, QEMU_CAPS_OVERCOMMIT },
{ "sandbox", NULL, QEMU_CAPS_SECCOMP_SANDBOX },
{ "spice", "gl", QEMU_CAPS_SPICE_GL },
-{ "spice", "unix", QEMU_CAPS_SPICE_UNIX },
{ "spice", "rendernode", QEMU_CAPS_SPICE_RENDERNODE },
{ "vnc", "power-control", QEMU_CAPS_VNC_POWER_CONTROL },
{ "vnc", "audiodev", QEMU_CAPS_AUDIODEV },
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 2bca284e10..61bdbdb2ac 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -362,7 +362,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for
syntax-check */
X_QEMU_CAPS_QXL_VGA_MAX_OUTPUTS, /* -device qxl-vga,max-outputs= */
/* 225 */
-QEMU_CAPS_SPICE_UNIX, /* -spice unix */
+X_QEMU_CAPS_SPICE_UNIX, /* -spice unix */
QEMU_CAPS_DRIVE_DETECT_ZEROES, /* -drive detect-zeroes= */
X_QEMU_CAPS_OBJECT_TLS_CREDS_X509, /* -object tls-creds-x509 */
X_QEMU_CAPS_DISPLAY, /* -display */
diff --git a/tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml
b/tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml
index 559bf16766..ed9826504c 100644
--- a/tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.11.0.x86_64.xml
@@ -107,7 +107,6 @@
-
diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
index 745110142f..7f536db863 100644
--- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
@@ -105,7 +105,6 @@
-
diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml
b/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml
index 5acce281b1..24ebdf3bbf 100644
--- a/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml
@@ -106,7 +106,6 @@
-
diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml
b/tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml
index 92b3b10147..eedf55d677 100644
--- a/tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_3.1.0.x86_64.xml
@@ -106,7 +106,6 @@
-
diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml
b/tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml
index 98f1dc041c..9ae7a9260a 100644
--- a/tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml
+++ b/tests/qemucapabilitiesdata/caps_4.0.0.riscv32.xml
@@ -85,7 +85,6 @@
-
diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml
b/tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml
index 88d0219e36..cbfdf4968e 100644
--- a/tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml
+++ b/tests/qemucapabilitiesdata/caps_4.0.0.riscv64.xml
@@ -85,7 +85,6 @@
-
diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.x86_64.xml
[libvirt PATCH 6/7] qemu: always assume QEMU_CAPS_SPICE_UNIX
The presence of this capability depends on QEMU being compiled
with spice that has the SPICE_ADDR_FLAG_UNIX_ONLY constant.
It was added by spice commit 5365caeaae released in spice v0.12.6,
which is older than the spice version on our supported architectures.
Signed-off-by: Ján Tomko
---
src/qemu/qemu_validate.c | 10 +-
1 file changed, 1 insertion(+), 9 deletions(-)
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index c4384dbe8b..397eea5ede 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4037,15 +4037,6 @@ qemuValidateDomainDeviceDefSPICEGraphics(const
virDomainGraphicsDef *graphics,
}
switch (glisten->type) {
-case VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_SOCKET:
-if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SPICE_UNIX)) {
-virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("unix socket for spice graphics are not supported
"
- "with this QEMU"));
-return -1;
-}
-break;
-
case VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_ADDRESS:
case VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_NETWORK:
if (tlsPort > 0 && !cfg->spiceTLS) {
@@ -4056,6 +4047,7 @@ qemuValidateDomainDeviceDefSPICEGraphics(const
virDomainGraphicsDef *graphics,
}
break;
+case VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_SOCKET:
case VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_NONE:
break;
case VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_LAST:
--
2.31.1
[libvirt PATCH 2/7] tests: qemuxml2xmltest: move graphics-spice-timeout
Move the test closer to other graphics-spice tests.
Signed-off-by: Ján Tomko
---
tests/qemuxml2xmltest.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index a066c35db0..3abf58a9f4 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -415,6 +415,9 @@ mymain(void)
QEMU_CAPS_DEVICE_QXL,
QEMU_CAPS_SPICE,
QEMU_CAPS_EGL_HEADLESS);
+DO_TEST("graphics-spice-timeout",
+QEMU_CAPS_DEVICE_VGA,
+QEMU_CAPS_SPICE);
DO_TEST("graphics-egl-headless-rendernode",
QEMU_CAPS_DEVICE_CIRRUS_VGA,
@@ -766,9 +769,6 @@ mymain(void)
DO_TEST("graphics-listen-network2",
QEMU_CAPS_DEVICE_CIRRUS_VGA,
QEMU_CAPS_VNC);
-DO_TEST("graphics-spice-timeout",
-QEMU_CAPS_DEVICE_VGA,
-QEMU_CAPS_SPICE);
DO_TEST_NOCAPS("numad-auto-vcpu-no-numatune");
DO_TEST_NOCAPS("numad-auto-memory-vcpu-no-cpuset-and-placement");
DO_TEST_NOCAPS("numad-auto-memory-vcpu-cpuset");
--
2.31.1
[libvirt PATCH 1/7] tests: remove disks from spice tests
Reduce the churn in following patches. Signed-off-by: Ján Tomko --- .../graphics-spice-agent-file-xfer.args | 2 -- .../graphics-spice-agent-file-xfer.xml | 5 - .../qemuxml2argvdata/graphics-spice-agentmouse.args | 2 -- .../qemuxml2argvdata/graphics-spice-agentmouse.xml | 5 - .../graphics-spice-compression.args | 2 -- .../qemuxml2argvdata/graphics-spice-compression.xml | 5 - .../graphics-spice-egl-headless.args| 2 -- .../graphics-spice-egl-headless.xml | 5 - .../graphics-spice-invalid-egl-headless.xml | 5 - tests/qemuxml2argvdata/graphics-spice-qxl-vga.args | 2 -- tests/qemuxml2argvdata/graphics-spice-qxl-vga.xml | 5 - tests/qemuxml2argvdata/graphics-spice-sasl.args | 2 -- tests/qemuxml2argvdata/graphics-spice-sasl.xml | 6 -- tests/qemuxml2argvdata/graphics-spice-timeout.args | 4 tests/qemuxml2argvdata/graphics-spice-timeout.xml | 13 - tests/qemuxml2argvdata/graphics-spice.args | 2 -- tests/qemuxml2argvdata/graphics-spice.xml | 5 - .../graphics-spice-compression.xml | 6 -- .../graphics-spice-egl-headless.xml | 6 -- tests/qemuxml2xmloutdata/graphics-spice-qxl-vga.xml | 6 -- tests/qemuxml2xmloutdata/graphics-spice-timeout.xml | 13 - tests/qemuxml2xmloutdata/graphics-spice.xml | 6 -- 22 files changed, 109 deletions(-) diff --git a/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args b/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args index a40ecdfb64..5a01f17ec4 100644 --- a/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args +++ b/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.args @@ -25,8 +25,6 @@ QEMU_AUDIO_DRV=spice \ -no-acpi \ -boot strict=on \ -usb \ --drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \ --device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \ -spice port=5903,tls-port=5904,addr=127.0.0.1,x509-dir=/etc/pki/libvirt-spice,tls-channel=main,plaintext-channel=inputs,disable-agent-file-xfer=on,seamless-migration=on \ -device qxl-vga,id=video0,ram_size=67108864,vram_size=33554432,bus=pci.0,addr=0x2 \ -device qxl,id=video1,ram_size=67108864,vram_size=67108864,bus=pci.0,addr=0x4 \ diff --git a/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.xml b/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.xml index 2ef19b1cf9..bf1ce6bca2 100644 --- a/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.xml +++ b/tests/qemuxml2argvdata/graphics-spice-agent-file-xfer.xml @@ -14,11 +14,6 @@ destroy /usr/bin/qemu-system-i386 - - - - - diff --git a/tests/qemuxml2argvdata/graphics-spice-agentmouse.args b/tests/qemuxml2argvdata/graphics-spice-agentmouse.args index af80edd5c6..6e9aeb0878 100644 --- a/tests/qemuxml2argvdata/graphics-spice-agentmouse.args +++ b/tests/qemuxml2argvdata/graphics-spice-agentmouse.args @@ -26,8 +26,6 @@ QEMU_AUDIO_DRV=spice \ -boot strict=on \ -device virtio-serial-pci,id=virtio-serial1,bus=pci.0,addr=0xa \ -usb \ --drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \ --device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \ -chardev spicevmc,id=charchannel0,name=vdagent \ -device virtserialport,bus=virtio-serial1.0,nr=3,chardev=charchannel0,id=channel0,name=com.redhat.spice.0 \ -spice port=5903,tls-port=5904,addr=127.0.0.1,agent-mouse=off,x509-dir=/etc/pki/libvirt-spice,tls-channel=main,seamless-migration=on \ diff --git a/tests/qemuxml2argvdata/graphics-spice-agentmouse.xml b/tests/qemuxml2argvdata/graphics-spice-agentmouse.xml index f6a28d6d4c..45c65b50d0 100644 --- a/tests/qemuxml2argvdata/graphics-spice-agentmouse.xml +++ b/tests/qemuxml2argvdata/graphics-spice-agentmouse.xml @@ -13,11 +13,6 @@ destroy /usr/bin/qemu-system-i386 - - - - - diff --git a/tests/qemuxml2argvdata/graphics-spice-compression.args b/tests/qemuxml2argvdata/graphics-spice-compression.args index 4f939a7f08..fc5c8f97fb 100644 --- a/tests/qemuxml2argvdata/graphics-spice-compression.args +++ b/tests/qemuxml2argvdata/graphics-spice-compression.args @@ -25,8 +25,6 @@ QEMU_AUDIO_DRV=spice \ -no-acpi \ -boot strict=on \ -usb \ --drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \ --device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \ -spice port=5903,tls-port=5904,addr=127.0.0.1,x509-dir=/etc/pki/libvirt-spice,image-compression=auto_glz,jpeg-wan-compression=auto,zlib-glz-wan-compression=auto,playback-compression=on,streaming-video=filter,seamless-migration=on \ -device qxl-vga,id=video0,ram_size=67108864,vram_size=33554432,bus=pci.0,addr=0x2 \ -device qxl,id=video1,ram_size=67108864,vram_size=33554432,bus=pci.0,addr=0x4 \ diff
Re: Release of libvirt-7.9.0
unsubscribe -- С уважением, Илья. 01.11.2021, 15:25, "Jiri Denemark" :The 7.9.0 release of both libvirt and libvirt-python is tagged andsigned tarballs and source RPMs are available athttps://libvirt.org/sources/https://libvirt.org/sources/python/Thanks everybody who helped with this release by sending patches,reviewing, testing, or providing feedback. Your work is greatlyappreciated.* New features * Introduce virtio-mem modelNew virtio-mem model is introduced for device which is aparavirtualized mechanism of adding/removing memory to/from a VM. Use``virDomainUpdateDeviceFlags()`` API to adjust amount of memory or ``virshupdate-memory-device`` for convenience. * qemu: support disabling hotplug of devices on the pci-root controllerthe option is now supported for thepci-root controller on i440fx-based (x86 "pc") machinetypes. Thiscan be used to disable hotplug/unplug of devices from thiscontroller. The default behavior is unchanged (hotplug isallowed). * Support hotplug and hotunplug for virtiofsFilesystems backed by virtiofsd can now be hotplugged and hotunplugged. * virpcivpd: Add a PCI VPD parserA parser for the standard PCI/PCIe VPD ("I.3. VPD Definitions" in PCI 2.2+and an equivalent definition in "6.28.1 VPD Format" PCIe 4.0) was addedalong with relevant types to represent PCI VPD in memory. Thisfunctionality got added for Linux only at this point (kernels abovev2.6.26 have support for exposing VPD via sysfs). * virpci: Add PCI VPD-related helper functions to virpciIn order to utilize the PCI VPD parser, a couple of helper functions gotintroduced to check for the presence of a VPD file in the sysfs tree andto invoke the PCI VPD parser to get a list of resources representing PCIVPD contents in memory. * nodedev: Add PCI VPD capability supportSupport for serializing and deserializing PCI VPD data structures is addedfollowing the addition of the PCI VPD parser. A new PCI device capabilitycalled "vpd" is introduced holding string resources and keyword resourcesfound in PCI VPD. * qemu: Support page_per_vq for driver elementThis optional virtio attribute ``page_per_vq`` controls the layout of thenotification capabilities exposed to the guest. It is recommended for thevDPA devices. * qemu: Support librbd encryptionAdd an encryption engine ``librbd``. It will provides the image-levelencryption of librbd. It requires QEMU >= 6.1.0 and librbd >= 16.1.0.* Improvements * Use of JSON syntax with ``-device`` with upcoming QEMU-6.2Libvirt started using JSON directly with the ``-device`` commandlineparameter as it's considered the preferred stable syntax for further QEMUreleases. If any problems with the conversion are encountered pleasereport them as soon as possible.* Bug fixes * qemu: Fix problems on ``virsh domstats`` with qemu <5.2.0Libvirt v7.2.0 and later called query-dirty-rate, which was introduced inqemu-5.2.0, regardless of qemu version and failed in qemu-5.1.0. Thisrelease fixes the bug. * Don't enter endless loop when unable to accept new clients If libvirtd (or any other daemon) hit the ulimit for maximum number of open files but there are still client connections pending then libvirtd (or corresponding split daemon) would enter an endless loop from which it would never recover. This behaviour is now fixed. * qemu: Run secondary driver hooks in split daemon mode Because of a bug in implementation it may happen that hooks from secondary drivers were not called in all cases, for instance a network hook wasn't called upon removal of interface after domain shut off itself. With this release the bug is fixed.Enjoy.Jirka
[PATCH] virnetsocket: pass HOME and XDG_RUNTIME_DIR to ssh
openssh supports environment variable expansion in its ssh_config
file[1]. These two environment variables can be used to
expand paths for ssh sockets and other files.
Ex.
```
Host *
ControlMaster auto
ControlPath ${XDG_RUNTIME_DIR}/ssh-%C.ctl
IdentityAgent ${XDG_RUNTIME_DIR}/ssh-agent.socket
```
see also:
[1]
https://man7.org/linux/man-pages/man5/ssh_config.5.html#ENVIRONMENT_VARIABLES
[2] https://gitlab.com/libvirt/libvirt/-/issues/232
Signed-off-by: Дамјан Георгиевски
---
src/rpc/virnetsocket.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 943406cd64..76d8519d3a 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -852,6 +852,8 @@ int virNetSocketNewConnectSSH(const char *nodename,
cmd = virCommandNew(binary ? binary : "ssh");
virCommandAddEnvPassCommon(cmd);
+virCommandAddEnvPass(cmd, "HOME");
+virCommandAddEnvPass(cmd, "XDG_RUNTIME_DIR");
virCommandAddEnvPass(cmd, "KRB5CCNAME");
virCommandAddEnvPass(cmd, "SSH_AUTH_SOCK");
virCommandAddEnvPass(cmd, "SSH_ASKPASS");
--
2.33.1
[PATCH v2 0/1] virt-aa-helper: Remove corrupted profile
This is a v2 of the patches sent previously and hopefully makes things simpler. (previous patches subject: [PATCH 0/4] virt-aa-helper: Add new option to remove corrupted). This patch aims to address the bug reported in [1] and [2]. Bug description : Some times libvirt fails to start a vm with the following error : libvirt: error : unable to set AppArmor profile 'libvirt-b05b297f-952f-42d6-b04e-f9a13767db54' for '/usr/bin/kvm-spice': No such file or directory This happens because file /etc/apparmor.d/libvirt/libvirt- has 0 size. During the vm start-up virt-aa-helper tries to load the profile and because it is 0 it fails. When file /etc/apparmor.d/libvirt/libvirt- is removed the vm can start without problems. To address this issue this patch checks if the profile has 0 size and if this is the case it removes it. Changes with v1: I incorporated the feedback provided on v1 so the patches change as follows : Patches 1, 2 and 4 from v1 are dropped. The first patch is dropped because according to feedback provided remove_profile is not necessary and in the new version we unlink the profile directly in main(). In addition we skip calling create_profile twice by adding a boolean variable 'purged' if the profile was purged and creation occurs later on in main(). The second patch, which was adding a the option (-P) to remove the profile is dropped because currently this action happens only internally and there is no use case needed to make it available to the users of virt-aa-helper. The third patch which is the actual fix stays but modified. The forth patch which was adding a test to virt-aa-helper-test was the hardest to drop. Although, I'd like to have a test for this case, there is no apparent to make a test for this without having any side effects. The tests in virt-aa-helper-test are run with the --dryrun option and therefore no action should really happen. To test this fix, we need to create a corrupted profile and then remove it violating the dryrun. [1] https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1927519 [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890084 Ioanna Alifieraki (1): virt-aa-helper: Purge profile if corrupted src/security/virt-aa-helper.c | 20 +++- 1 file changed, 19 insertions(+), 1 deletion(-) -- 2.17.1
[PATCH v2 1/1] virt-aa-helper: Purge profile if corrupted
This commit aims to address the bug reported in [1] and [2].
If the profile is corrupted (0-size) the VM cannot be launched.
To overcome this, check if the profile exists and if it has 0 size
remove it.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890084
[2] https://bugs.launchpad.net/bugs/1927519
Signed-off-by: Ioanna Alifieraki
---
src/security/virt-aa-helper.c | 20 +++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 7c21ab9515..218e07bfb0 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -1437,6 +1437,8 @@ main(int argc, char **argv)
int rc = -1;
char *profile = NULL;
char *include_file = NULL;
+off_t size;
+bool purged = 0;
if (virGettextInitialize() < 0 ||
virErrorInitialize() < 0) {
@@ -1484,6 +1486,22 @@ main(int argc, char **argv)
if (ctl->cmd == 'c' && virFileExists(profile))
vah_error(ctl, 1, _("profile exists"));
+/*
+ * Rare cases can leave corrupted empty files behind breaking
+ * the guest. An empty file is never correct as virt-aa-helper
+ * would at least add the basic rules, therefore clean this up
+ * for a proper refresh.
+ */
+if (virFileExists(profile)) {
+size = virFileLength(profile, -1);
+if (size == 0) {
+vah_warning(_("Profile of 0 size detected, will
attempt to remove it"));
+if ((rc = parserRemove(ctl->uuid) != 0))
+vah_error(ctl, 1, _("could not remove
profile"));
+unlink(profile);
+purged = true;
+}
+}
if (ctl->append && ctl->newfile) {
if (vah_add_file(, ctl->newfile, "rwk") != 0)
goto cleanup;
@@ -1523,7 +1541,7 @@ main(int argc, char **argv)
/* create the profile from TEMPLATE */
-if (ctl->cmd == 'c') {
+if (ctl->cmd == 'c' || purged) {
char *tmp = NULL;
tmp = g_strdup_printf(" #include \n",
ctl->uuid);
--
2.17.1
Re: [PATCH v2 2/2] qemu: tpm: Extend TPM domain XML with PCR banks to activate
On 11/2/21 04:43, Marc-André Lureau wrote:
Hi
On Mon, Nov 1, 2021 at 9:23 PM Stefan Berger wrote:
Extend the TPM domain XML with an attribute active_pcr_banks that allows
a user to specify the PCR banks to activate before starting a VM. A comma-
separated list of PCR banks with the choices of sha1, sha256, sha384 and
sha512 is allowed. When the XML attribute is provided, the set of active
PCR banks is 'enforced' by running swtpm_setup before every start of the
VM. The activation requires that swtpm_setup v0.7 or later is installed
and may not have any effect otherwise.
Is this a configuration switch that the guest is expected to handle in general?
I am not sure what you mean. swtpm_setup would run with the (new)
--reconfigure option every time when the XML indicates which PCR banks
to activate. The user wouldn't have to go through the process of
changing the PCR banks.
On real hw (or ftpm), is there some bios option or equivalent to
configure the pcr banks?
Yes there typically is a menu item to let you change the PCR banks. We
have that also on UEFI, SeaBIOS, and SLOF (ppc64).
If not, shouldn't this be a first-time only configuration? (and
attempts to change the value further be rejected by libvirt)
What drove this change to make this a lot more flexible than having this
a first-time only configuration was the fact that it seemed a more
user-friendly to implement it this way than checking whether the swtpm
storage directory exists already indicating that the VM had been started
before and swtpm_setup ran on first start to then either deny (storage
dir exists already) or allow (storage dir doesn't exists yet) the user
to re-configure the pcr banks by editing the domain XML. So I now allow
the user to always edit the domain XML and run 'swtpm_setup
--reconfigure' every time... We don't have configuration entries in the
XML that are 'stuck' all of a sudden and reject edits.
Michal writes in the other message:
(yes, as horrible as it sounds you can 'virsh define dom1.xml && virsh create dom2.xml'
where dom1.xml and dom2.xml have nothing in common except domain and )
If the PCR banks config in the domain XML was to 'get stuck' then it could
prevent this sequence of define/create IF the selected PCR banks were different.
Stefan
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2016599
Signed-off-by: Stefan Berger
---
docs/formatdomain.rst | 12 ++-
docs/schemas/basictypes.rng | 6 ++
docs/schemas/domaincommon.rng | 5 ++
src/conf/domain_conf.c| 21 -
src/conf/domain_conf.h| 1 +
src/qemu/qemu_tpm.c | 80 +++
src/util/virtpm.c | 1 +
src/util/virtpm.h | 1 +
tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 2 +-
.../tpm-emulator-tpm2.x86_64-latest.xml | 2 +-
10 files changed, 127 insertions(+), 4 deletions(-)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 0651975c88..8785a7a682 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -7537,7 +7537,7 @@ Example: usage of the TPM Emulator
...
-
+
@@ -7598,6 +7598,16 @@ Example: usage of the TPM Emulator
This attribute only works with the ``emulator`` backend. The accepted
values
are ``yes`` and ``no``. :since:`Since 7.0.0`
+``active_pcr_banks``
+ The ``active_pcr_banks`` attribute indicates the names of the PCR banks
+ of a TPM 2.0 to activate. A comma separated list of PCR banks' names
+ must be provided. Valid names are for example sha1, sha256, sha384, and
+ sha512. If this attribute is provided, the set of PCR banks are activated
+ before every start of a VM and this step is logged in the swtpm's log.
+ This attribute requires that swtpm_setup v0.7 or later is installed
+ and may not have any effect otherwise. This attribute only works with the
+ ``emulator`` backend. since:`Since 7.10.0`
+
``encryption``
The ``encryption`` element allows the state of a TPM emulator to be
encrypted. The ``secret`` must reference a secret object that holds the
diff --git a/docs/schemas/basictypes.rng b/docs/schemas/basictypes.rng
index a221ff6295..3bd1eebdc4 100644
--- a/docs/schemas/basictypes.rng
+++ b/docs/schemas/basictypes.rng
@@ -88,6 +88,12 @@
+
+
+ (sha1|sha256|sha384|sha512){1}(,(sha1|sha256|sha384|sha512)){0,3}
+
+
+
10
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 67df13d90d..6801673cf1 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -5331,6 +5331,11 @@
+
+
+
+
+
diff --git
Re: [PATCH] virttools-planet: update location of Cornelia's blog
On Tue, Nov 02 2021, Daniel P. Berrangé wrote: > On Tue, Nov 02, 2021 at 12:10:42PM +0100, Cornelia Huck wrote: >> Signed-off-by: Cornelia Huck >> --- >> virt-tools/config.ini | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/virt-tools/config.ini b/virt-tools/config.ini >> index f56495a26fd8..89b4e5ae6f91 100644 >> --- a/virt-tools/config.ini >> +++ b/virt-tools/config.ini >> @@ -162,7 +162,7 @@ name = Cédric Bosdonnat >> [http://www.studiopixl.com/feeds/rss] >> name = Nathan Gauër >> >> -[https://virtualpenguins.blogspot.com/feeds/posts/default] >> +[https://people.redhat.com/~cohuck/feed.xml] >> name = Cornelia Huck >> >> [http://www.otubo.net/feeds/posts/default/-/virt/?alt=rss] > > Change looks fine, but I forgot to update the instructions to > request opening a merge request now, instead of sending email. > > Could you open a MR against > >https://gitlab.com/libvirt/virttools-planet/ Done: https://gitlab.com/libvirt/virttools-planet/-/merge_requests/3
Re: [virttools-planet PATCH] Fix format in config.ini
On Tue, 2021-11-02 at 12:23 +0100, Tim Wiederhake wrote: > Signed-off-by: Tim Wiederhake > --- > virt-tools/config.ini | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/virt-tools/config.ini b/virt-tools/config.ini > index f56495a..f2ae9a4 100644 > --- a/virt-tools/config.ini > +++ b/virt-tools/config.ini > @@ -75,8 +75,8 @@ encoding = utf-8 > [https://rwmj.wordpress.com/tag/virt-tools/feed/] > name = Richard Jones > face = rjones.jpeg > -facewidth: 48 > -faceheight: 48 > +facewidth = 48 > +faceheight = 48 > > [https://www.berrange.com/topics/virt-tools/feed/] > name = Daniel Berrange Disregard that, I saw Daniel's mail about creating merge requests only after sending the mail. I opened a merge request instead: https://gitlab.com/libvirt/virttools-planet/-/merge_requests/2 Regards, Tim
[virttools-planet PATCH] Fix format in config.ini
Signed-off-by: Tim Wiederhake --- virt-tools/config.ini | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/virt-tools/config.ini b/virt-tools/config.ini index f56495a..f2ae9a4 100644 --- a/virt-tools/config.ini +++ b/virt-tools/config.ini @@ -75,8 +75,8 @@ encoding = utf-8 [https://rwmj.wordpress.com/tag/virt-tools/feed/] name = Richard Jones face = rjones.jpeg -facewidth: 48 -faceheight: 48 +facewidth = 48 +faceheight = 48 [https://www.berrange.com/topics/virt-tools/feed/] name = Daniel Berrange -- 2.31.1
Re: [PATCH] virttools-planet: update location of Cornelia's blog
On Tue, Nov 02, 2021 at 12:10:42PM +0100, Cornelia Huck wrote: > Signed-off-by: Cornelia Huck > --- > virt-tools/config.ini | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/virt-tools/config.ini b/virt-tools/config.ini > index f56495a26fd8..89b4e5ae6f91 100644 > --- a/virt-tools/config.ini > +++ b/virt-tools/config.ini > @@ -162,7 +162,7 @@ name = Cédric Bosdonnat > [http://www.studiopixl.com/feeds/rss] > name = Nathan Gauër > > -[https://virtualpenguins.blogspot.com/feeds/posts/default] > +[https://people.redhat.com/~cohuck/feed.xml] > name = Cornelia Huck > > [http://www.otubo.net/feeds/posts/default/-/virt/?alt=rss] Change looks fine, but I forgot to update the instructions to request opening a merge request now, instead of sending email. Could you open a MR against https://gitlab.com/libvirt/virttools-planet/ Regards, Daniel -- |: https://berrange.com -o-https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o-https://fstop138.berrange.com :| |: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|
[PATCH] virttools-planet: update location of Cornelia's blog
Signed-off-by: Cornelia Huck --- virt-tools/config.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virt-tools/config.ini b/virt-tools/config.ini index f56495a26fd8..89b4e5ae6f91 100644 --- a/virt-tools/config.ini +++ b/virt-tools/config.ini @@ -162,7 +162,7 @@ name = Cédric Bosdonnat [http://www.studiopixl.com/feeds/rss] name = Nathan Gauër -[https://virtualpenguins.blogspot.com/feeds/posts/default] +[https://people.redhat.com/~cohuck/feed.xml] name = Cornelia Huck [http://www.otubo.net/feeds/posts/default/-/virt/?alt=rss] -- 2.31.1
Re: [PATCH] lib: Introduce and use g_autoptr() for virInterfaceDef
On 11/2/21 10:04 AM, Tim Wiederhake wrote:
> On Mon, 2021-11-01 at 16:25 +0100, Michal Privoznik wrote:
>> There are a lot of places where we call virInterfaceDefFree()
>> explicitly. We can define autoptr cleanup macro and annotate
>> declarations with g_autoptr() and remove plenty of those explicit
>> free calls.
>>
>> Signed-off-by: Michal Privoznik
>> ---
>> src/conf/interface_conf.c | 32 -
>> src/conf/interface_conf.h | 1 +
>> src/conf/virinterfaceobj.c | 3 +-
>> src/interface/interface_backend_netcf.c | 47 ---
>> --
>> src/interface/interface_backend_udev.c | 29 +--
>> src/test/test_driver.c | 17 -
>> tests/interfacexml2xmltest.c | 17 -
>> 7 files changed, 53 insertions(+), 93 deletions(-)
>>
>> diff --git a/src/conf/interface_conf.h b/src/conf/interface_conf.h
>> index ea92e0fb31..510d83b2bf 100644
>> --- a/src/conf/interface_conf.h
>> +++ b/src/conf/interface_conf.h
>> @@ -153,6 +153,7 @@ struct _virInterfaceDef {
>>
>> void
>> virInterfaceDefFree(virInterfaceDef *def);
>> +G_DEFINE_AUTOPTR_CLEANUP_FUNC(virInterfaceDef, virInterfaceDefFree);
>>
>> virInterfaceDef *
>> virInterfaceDefParseString(const char *xmlStr,
>> diff --git a/src/conf/virinterfaceobj.c b/src/conf/virinterfaceobj.c
>> index 9439bb3d0b..ceb3ae7595 100644
>> --- a/src/conf/virinterfaceobj.c
>> +++ b/src/conf/virinterfaceobj.c
>> @@ -362,7 +362,7 @@ virInterfaceObjListCloneCb(void *payload,
>> virInterfaceObj *srcObj = payload;
>> struct _virInterfaceObjListCloneData *data = opaque;
>> char *xml = NULL;
>> - virInterfaceDef *backup = NULL;
>> + g_autoptr(virInterfaceDef) backup = NULL;
>> virInterfaceObj *obj;
>>
>> if (data->error)
>> @@ -387,7 +387,6 @@ virInterfaceObjListCloneCb(void *payload,
>> error:
>> data->error = true;
>> VIR_FREE(xml);
>> - virInterfaceDefFree(backup);
>> virObjectUnlock(srcObj);
>> return 0;
>> }
>
> I believe there is a `g_steal_pointer` or similar missing in the call
> to `virInterfaceObjListAssignDef` (not shown in patch).
Actually, there's backup = NULL; missing right after successfull return
from virInterfaceObjListAssignDef(); just like every other call has it
(which can be then reworked to clear the pointer itself - will post a
separate patch for that shortly).
But good catch, thanks!
>> diff --git a/src/interface/interface_backend_udev.c
>> b/src/interface/interface_backend_udev.c
>> index 0217f16607..8c417714e5 100644
>> --- a/src/interface/interface_backend_udev.c
>> +++ b/src/interface/interface_backend_udev.c
>> @@ -1053,7 +1045,7 @@ udevInterfaceGetXMLDesc(virInterfacePtr ifinfo,
>> unsigned int flags)
>> {
>> struct udev *udev = udev_ref(driver->udev);
>> - virInterfaceDef *ifacedef;
>> + g_autoptr(virInterfaceDef) ifacedef = NULL;
>> char *xmlstr = NULL;
>>
>> virCheckFlags(VIR_INTERFACE_XML_INACTIVE, NULL);
>> @@ -1071,8 +1063,6 @@ udevInterfaceGetXMLDesc(virInterfacePtr ifinfo,
>>
>> xmlstr = virInterfaceDefFormat(ifacedef);
>>
>> - virInterfaceDefFree(ifacedef);
>> -
>
> This used to be a memory leak if the call to
> `virInterfaceGetXMLDescEnsureACL` (not shown in the patch) failed,
> isn't it? If so, we should mention that in the commit message.
Yes, let me add it there.
>
> Otherwise:
> Reviewed-by: Tim Wiederhake
>
Pushed, thank you.
Michal
Re: [PATCH v2 2/2] qemu: tpm: Extend TPM domain XML with PCR banks to activate
On Tue, Nov 02, 2021 at 10:38:05AM +0100, Michal Prívozník wrote:
> On 11/1/21 6:23 PM, Stefan Berger wrote:
> > Extend the TPM domain XML with an attribute active_pcr_banks that allows
> > a user to specify the PCR banks to activate before starting a VM. A comma-
> > separated list of PCR banks with the choices of sha1, sha256, sha384 and
> > sha512 is allowed. When the XML attribute is provided, the set of active
> > PCR banks is 'enforced' by running swtpm_setup before every start of the
> > VM. The activation requires that swtpm_setup v0.7 or later is installed
> > and may not have any effect otherwise.
> >
> >
> >
> >
> >
> > Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2016599
> >
> > Signed-off-by: Stefan Berger
> > ---
> > docs/formatdomain.rst | 12 ++-
> > docs/schemas/basictypes.rng | 6 ++
> > docs/schemas/domaincommon.rng | 5 ++
> > src/conf/domain_conf.c| 21 -
> > src/conf/domain_conf.h| 1 +
> > src/qemu/qemu_tpm.c | 80 +++
> > src/util/virtpm.c | 1 +
> > src/util/virtpm.h | 1 +
> > tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 2 +-
> > .../tpm-emulator-tpm2.x86_64-latest.xml | 2 +-
> > 10 files changed, 127 insertions(+), 4 deletions(-)
> >
> > diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> > index 0651975c88..8785a7a682 100644
> > --- a/docs/formatdomain.rst
> > +++ b/docs/formatdomain.rst
> > @@ -7537,7 +7537,7 @@ Example: usage of the TPM Emulator
> > ...
> >
> >
> > -
> > +
> >
> >
> >
> > @@ -7598,6 +7598,16 @@ Example: usage of the TPM Emulator
> > This attribute only works with the ``emulator`` backend. The accepted
> > values
> > are ``yes`` and ``no``. :since:`Since 7.0.0`
> >
> > +``active_pcr_banks``
> > + The ``active_pcr_banks`` attribute indicates the names of the PCR banks
> > + of a TPM 2.0 to activate. A comma separated list of PCR banks' names
> > + must be provided. Valid names are for example sha1, sha256, sha384, and
> > + sha512. If this attribute is provided, the set of PCR banks are
> > activated
> > + before every start of a VM and this step is logged in the swtpm's log.
> > + This attribute requires that swtpm_setup v0.7 or later is installed
> > + and may not have any effect otherwise. This attribute only works with
> > the
> > + ``emulator`` backend. since:`Since 7.10.0`
> > +
> > ``encryption``
> > The ``encryption`` element allows the state of a TPM emulator to be
> > encrypted. The ``secret`` must reference a secret object that holds the
> > diff --git a/docs/schemas/basictypes.rng b/docs/schemas/basictypes.rng
> > index a221ff6295..3bd1eebdc4 100644
> > --- a/docs/schemas/basictypes.rng
> > +++ b/docs/schemas/basictypes.rng
> > @@ -88,6 +88,12 @@
> >
> >
> >
> > +
> > +
> > + > name="pattern">(sha1|sha256|sha384|sha512){1}(,(sha1|sha256|sha384|sha512)){0,3}
> > +
> > +
> > +
>
> Honestly, I'm not a big fan of comma separated lists. I think we could
> do with nested elements, repeated for each option. But I'll let others
> decide that.
Yes, the golden rule of XML design is that you should not have to write
a second parser to interpret the value of an attribute / element. Any
structure should be represented in the XML design itself.
Regards,
Daniel
--
|: https://berrange.com -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|
Re: [PATCH v2 2/2] qemu: tpm: Extend TPM domain XML with PCR banks to activate
On 11/1/21 6:23 PM, Stefan Berger wrote:
> Extend the TPM domain XML with an attribute active_pcr_banks that allows
> a user to specify the PCR banks to activate before starting a VM. A comma-
> separated list of PCR banks with the choices of sha1, sha256, sha384 and
> sha512 is allowed. When the XML attribute is provided, the set of active
> PCR banks is 'enforced' by running swtpm_setup before every start of the
> VM. The activation requires that swtpm_setup v0.7 or later is installed
> and may not have any effect otherwise.
>
>
>
>
>
> Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2016599
>
> Signed-off-by: Stefan Berger
> ---
> docs/formatdomain.rst | 12 ++-
> docs/schemas/basictypes.rng | 6 ++
> docs/schemas/domaincommon.rng | 5 ++
> src/conf/domain_conf.c| 21 -
> src/conf/domain_conf.h| 1 +
> src/qemu/qemu_tpm.c | 80 +++
> src/util/virtpm.c | 1 +
> src/util/virtpm.h | 1 +
> tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 2 +-
> .../tpm-emulator-tpm2.x86_64-latest.xml | 2 +-
> 10 files changed, 127 insertions(+), 4 deletions(-)
>
> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> index 0651975c88..8785a7a682 100644
> --- a/docs/formatdomain.rst
> +++ b/docs/formatdomain.rst
> @@ -7537,7 +7537,7 @@ Example: usage of the TPM Emulator
> ...
>
>
> -
> +
>
>
>
> @@ -7598,6 +7598,16 @@ Example: usage of the TPM Emulator
> This attribute only works with the ``emulator`` backend. The accepted
> values
> are ``yes`` and ``no``. :since:`Since 7.0.0`
>
> +``active_pcr_banks``
> + The ``active_pcr_banks`` attribute indicates the names of the PCR banks
> + of a TPM 2.0 to activate. A comma separated list of PCR banks' names
> + must be provided. Valid names are for example sha1, sha256, sha384, and
> + sha512. If this attribute is provided, the set of PCR banks are activated
> + before every start of a VM and this step is logged in the swtpm's log.
> + This attribute requires that swtpm_setup v0.7 or later is installed
> + and may not have any effect otherwise. This attribute only works with the
> + ``emulator`` backend. since:`Since 7.10.0`
> +
> ``encryption``
> The ``encryption`` element allows the state of a TPM emulator to be
> encrypted. The ``secret`` must reference a secret object that holds the
> diff --git a/docs/schemas/basictypes.rng b/docs/schemas/basictypes.rng
> index a221ff6295..3bd1eebdc4 100644
> --- a/docs/schemas/basictypes.rng
> +++ b/docs/schemas/basictypes.rng
> @@ -88,6 +88,12 @@
>
>
>
> +
> +
> + name="pattern">(sha1|sha256|sha384|sha512){1}(,(sha1|sha256|sha384|sha512)){0,3}
> +
> +
> +
Honestly, I'm not a big fan of comma separated lists. I think we could
do with nested elements, repeated for each option. But I'll let others
decide that.
>
>
>10
> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
> index 67df13d90d..6801673cf1 100644
> --- a/docs/schemas/domaincommon.rng
> +++ b/docs/schemas/domaincommon.rng
> @@ -5331,6 +5331,11 @@
>
>
>
> +
> +
> +
> +
> +
>
>
>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 4644d18120..bc8237fd0b 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -3207,6 +3207,7 @@ void virDomainTPMDefFree(virDomainTPMDef *def)
> break;
> case VIR_DOMAIN_TPM_TYPE_EMULATOR:
> virDomainChrSourceDefClear(>data.emulator.source);
> +g_free(def->data.emulator.activePcrBanks);
> g_free(def->data.emulator.storagepath);
> g_free(def->data.emulator.logfile);
> break;
> @@ -11733,7 +11734,7 @@ virDomainSmartcardDefParseXML(virDomainXMLOption
> *xmlopt,
> * Emulator state encryption is supported with the following:
> *
> *
> - *
> + *
> *
> *
> *
> @@ -11759,6 +11760,7 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
> g_autofree char *version = NULL;
> g_autofree char *secretuuid = NULL;
> g_autofree char *persistent_state = NULL;
> +g_autofree char *activePcrBanks = NULL;
> g_autofree xmlNodePtr *backends = NULL;
>
> def = g_new0(virDomainTPMDef, 1);
> @@ -11841,6 +11843,18 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
> goto error;
> }
> }
> +if (def->version == VIR_DOMAIN_TPM_VERSION_2_0) {
> +activePcrBanks = virXMLPropString(backends[0],
> "active_pcr_banks");
> +if (activePcrBanks) {
> +if (!virStringMatch(activePcrBanks,
> +
Re: [PATCH v2 1/2] qemu: Move code to add encryption options for swtpm_setup into function
On 11/1/21 6:23 PM, Stefan Berger wrote:
> Move the code that adds encryption options for the swtpm_setup command
> line into its own function.
>
> Signed-off-by: Stefan Berger
> ---
> src/qemu/qemu_tpm.c | 55 +++--
> 1 file changed, 38 insertions(+), 17 deletions(-)
>
> diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
> index 5a05273100..93cb04f49d 100644
> --- a/src/qemu/qemu_tpm.c
> +++ b/src/qemu/qemu_tpm.c
> @@ -422,6 +422,42 @@ qemuTPMCreateConfigFiles(const char *swtpm_setup)
> }
>
>
> +/*
> + * Add encryption parameters to swtpm_setup command line.
> + *
> + * @cmd: virCommand to add options to
> + * @swtpm_setup: swtpm_setup tool path
> + * @secretuuid: The secret's uuid; may be NULL
> + */
> +static int
> +qemuTPMVirCommandAddEncryption(virCommand *cmd,
> + const char *swtpm_setup,
> + const unsigned char *secretuuid)
> +{
> +int pwdfile_fd;
> +
> +if (!secretuuid)
> +return 0;
> +
> +if (!virTPMSwtpmSetupCapsGet(
> +VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) {
We can take this opportunity and move this onto a single line.
> +virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
> +_("%s does not support passing a passphrase using a file "
> + "descriptor"), swtpm_setup);
> +return -1;
> +}
> +if ((pwdfile_fd = qemuTPMSetupEncryption(secretuuid, cmd)) < 0)
> +return -1;
> +
> +virCommandAddArg(cmd, "--pwdfile-fd");
> +virCommandAddArgFormat(cmd, "%d", pwdfile_fd);
> +virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL);
> +virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
> +
> +return 0;
> +}
> +
> +
> /*
> * qemuTPMEmulatorRunSetup
> *
> @@ -495,23 +531,8 @@ qemuTPMEmulatorRunSetup(const char *storagepath,
> break;
> }
>
> -if (secretuuid) {
> -if (!virTPMSwtpmSetupCapsGet(
> -VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) {
> -virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
> -_("%s does not support passing a passphrase using a file "
> - "descriptor"), swtpm_setup);
> -return -1;
> -}
> -if ((pwdfile_fd = qemuTPMSetupEncryption(secretuuid, cmd)) < 0)
> -return -1;
> -
> -virCommandAddArg(cmd, "--pwdfile-fd");
> -virCommandAddArgFormat(cmd, "%d", pwdfile_fd);
> -virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL);
> -virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
> -pwdfile_fd = -1;
This variable is no longer needed inside this function. Its declaration
can be removed too. Yeah, gcc doesn't warn about unused variable because
it's VIR_AUTOCLOSE(). I don't know about clang.
Reviewed-by: Michal Privoznik
and pushed because this patch makes sense regardless of 2/2.
Michal
Re: Re: for rbd, how to use qmp directly to add dick
On Tue, Nov 02, 2021 at 10:26:24AM +0100, Peter Krempa wrote:
> On Tue, Nov 02, 2021 at 12:28:29 +0800, longguang.yue wrote:
>
> Firstly I'd like to ask you to follow mailing list posting netiquette
> and don't drop the mailing list on replies from the CC list. My reply
> would then not end up in the archives and the community would not be
> able to refer to it later.
>
> > i use kata on kubernetes. kata manages qemu via qmp directly.
>
> So this makes this out of scope for libvirt. A better forum to ask
> qemu-only related questions is the qemu mailing list.
>
> You can also make this a case for the Kata community to adopt usage of
> libvirt, as libvirt gives you a stable, secure and tested way to manage
> a qemu process. I think the Kata project would benefit from libvirt
> usage and could focus their efforts on adding features rather than
> reinventing what libvirt has for a long time already.
>
> > suppose secret object does not have keyid and iv, can i store base64-coded
> > ceph-auth-ring into data?
> > could you tell me a complete command to add rbd disk ? no encrypt
>
> Note that would be insecure as anybody with access to the host could
> read the commandline and know your secret.
>
> Let's rephrase your question to: "How does libvirt securely pass
> passwords to qemu on the commandline?"
>
> Libvirt uses two kinds of secrets, which both are secure when used
> properly:
>
> (Note that libvirt nowadays uses direct JSON with -object as it's
> possible starting with qemu-6.0, thus my examples will use the new
> format)
>
> 1) Secret stored in a file:
>
> -object
> '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-QEMUGuest1/master-key.aes"}'
>
> libvirt uses this format to pass the master key, which is used to
> encrypt other secrets, but any other secret can be passed this way. It's
> a bit tedious, and that's the reason why libvirt passes only the master
> key using the file.
>
> When the access permissions are set properly this way is secure.
>
> 2) Inline (base64) encrypted secrets
>
> -object
> '{"qom-type":"secret","id":"libvirt-5-storage-auth-secret0","data":"9eao5F8qtkGt+seB1HYivWIxbtwU6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw==","format":"base64"}'
>
> This secret is encrypted using the master key (as you can see above).
> When inspecting the commandline an attacker can't tell the original
> value.
>
> Theoretically when using the monitor (QMP) it's also secure to pass a
> plaintext secret, but that's tricky if the monitor traffic is logged, so
> libvirt opted to use encrypted secrets also in that case.
Yep, there is a rich history of log files compromising secret data
resulting in CVEs, so absolutely don't pass secrets in clear text
over QMP at any time for production environments.
Regards,
Daniel
--
|: https://berrange.com -o-https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-https://fstop138.berrange.com :|
|: https://entangle-photo.org-o-https://www.instagram.com/dberrange :|
Re: Re: for rbd, how to use qmp directly to add dick
On Tue, Nov 02, 2021 at 12:28:29 +0800, longguang.yue wrote:
Firstly I'd like to ask you to follow mailing list posting netiquette
and don't drop the mailing list on replies from the CC list. My reply
would then not end up in the archives and the community would not be
able to refer to it later.
> i use kata on kubernetes. kata manages qemu via qmp directly.
So this makes this out of scope for libvirt. A better forum to ask
qemu-only related questions is the qemu mailing list.
You can also make this a case for the Kata community to adopt usage of
libvirt, as libvirt gives you a stable, secure and tested way to manage
a qemu process. I think the Kata project would benefit from libvirt
usage and could focus their efforts on adding features rather than
reinventing what libvirt has for a long time already.
> suppose secret object does not have keyid and iv, can i store base64-coded
> ceph-auth-ring into data?
> could you tell me a complete command to add rbd disk ? no encrypt
Note that would be insecure as anybody with access to the host could
read the commandline and know your secret.
Let's rephrase your question to: "How does libvirt securely pass
passwords to qemu on the commandline?"
Libvirt uses two kinds of secrets, which both are secure when used
properly:
(Note that libvirt nowadays uses direct JSON with -object as it's
possible starting with qemu-6.0, thus my examples will use the new
format)
1) Secret stored in a file:
-object
'{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-QEMUGuest1/master-key.aes"}'
libvirt uses this format to pass the master key, which is used to
encrypt other secrets, but any other secret can be passed this way. It's
a bit tedious, and that's the reason why libvirt passes only the master
key using the file.
When the access permissions are set properly this way is secure.
2) Inline (base64) encrypted secrets
-object
'{"qom-type":"secret","id":"libvirt-5-storage-auth-secret0","data":"9eao5F8qtkGt+seB1HYivWIxbtwU6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1","keyid":"masterKey0","iv":"AAECAwQFBgcICQoLDA0ODw==","format":"base64"}'
This secret is encrypted using the master key (as you can see above).
When inspecting the commandline an attacker can't tell the original
value.
Theoretically when using the monitor (QMP) it's also secure to pass a
plaintext secret, but that's tricky if the monitor traffic is logged, so
libvirt opted to use encrypted secrets also in that case.
For any other use please refer to the qemu documentation:
https://gitlab.com/qemu-project/qemu/-/blob/master/qapi/crypto.json#L386
The above direct link describes how to use the secret object.
(I'm deliberately not showing the insecure usage so that it's not
getting copied around).
Re: [PATCH 2/9] qapi: Mark unstable QMP parts with feature 'unstable'
Am 29.10.2021 um 15:07 hat Eric Blake geschrieben:
> On Mon, Oct 25, 2021 at 07:25:25AM +0200, Markus Armbruster wrote:
> > Add special feature 'unstable' everywhere the name starts with 'x-',
> > except for InputBarrierProperties member x-origin and
> > MemoryBackendProperties member x-use-canonical-path-for-ramblock-id,
> > because these two are actually stable.
> >
> > Signed-off-by: Markus Armbruster
> > ---
> > @@ -2495,27 +2508,57 @@
> > #
> > # Properties for throttle-group objects.
> > #
> > -# The options starting with x- are aliases for the same key without x- in
> > -# the @limits object. As indicated by the x- prefix, this is not a stable
> > -# interface and may be removed or changed incompatibly in the future. Use
> > -# @limits for a supported stable interface.
> > -#
> > # @limits: limits to apply for this throttle group
> > #
> > +# Features:
> > +# @unstable: All members starting with x- are aliases for the same key
> > +#without x- in the @limits object. This is not a stable
> > +#interface and may be removed or changed incompatibly in
> > +#the future. Use @limits for a supported stable
> > +#interface.
> > +#
> > # Since: 2.11
> > ##
> > { 'struct': 'ThrottleGroupProperties',
> >'data': { '*limits': 'ThrottleLimits',
> > -'*x-iops-total' : 'int', '*x-iops-total-max' : 'int',
>
> > +'*x-iops-total': { 'type': 'int',
> > + 'features': [ 'unstable' ] },
>
> This struct has been around since 381bd74 (v6.0); but was not listed
> as deprecated at the time. Do we still need it in 6.2, or have we
> gone enough release cycles with the saner naming without x- that we
> could drop this? But that is a question independent of this patch.
There is no reason any more to use the x- options, and I think libvirt
never used them anyway.
I actually have a commit in my QAPI object branch that removes these
properties, but I think it still broke some tests.
Anyway, something for a separate patch.
Kevin
Re: [PATCH] lib: Introduce and use g_autoptr() for virInterfaceDef
On Mon, 2021-11-01 at 16:25 +0100, Michal Privoznik wrote:
> There are a lot of places where we call virInterfaceDefFree()
> explicitly. We can define autoptr cleanup macro and annotate
> declarations with g_autoptr() and remove plenty of those explicit
> free calls.
>
> Signed-off-by: Michal Privoznik
> ---
> src/conf/interface_conf.c | 32 -
> src/conf/interface_conf.h | 1 +
> src/conf/virinterfaceobj.c | 3 +-
> src/interface/interface_backend_netcf.c | 47 ---
> --
> src/interface/interface_backend_udev.c | 29 +--
> src/test/test_driver.c | 17 -
> tests/interfacexml2xmltest.c | 17 -
> 7 files changed, 53 insertions(+), 93 deletions(-)
>
> diff --git a/src/conf/interface_conf.c b/src/conf/interface_conf.c
> index b45dc37379..f2b3804bec 100644
> --- a/src/conf/interface_conf.c
> +++ b/src/conf/interface_conf.c
> @@ -679,7 +679,7 @@ static virInterfaceDef *
> virInterfaceDefParseXML(xmlXPathContextPtr ctxt,
> int parentIfType)
> {
> - virInterfaceDef *def;
> + g_autoptr(virInterfaceDef) def = NULL;
> int type;
> char *tmp;
> VIR_XPATH_NODE_AUTORESTORE(ctxt)
> @@ -716,28 +716,28 @@ virInterfaceDefParseXML(xmlXPathContextPtr
> ctxt,
> virReportError(VIR_ERR_XML_ERROR,
> _("interface has unsupported type '%s'"),
> virInterfaceTypeToString(type));
> - goto error;
> + return NULL;
> }
> def->type = type;
>
> if (virInterfaceDefParseName(def, ctxt) < 0)
> - goto error;
> + return NULL;
>
> if (parentIfType == VIR_INTERFACE_TYPE_LAST) {
> /* only recognize these in toplevel bond interfaces */
> if (virInterfaceDefParseStartMode(def, ctxt) < 0)
> - goto error;
> + return NULL;
> if (virInterfaceDefParseMtu(def, ctxt) < 0)
> - goto error;
> + return NULL;
> if (virInterfaceDefParseIfAdressing(def, ctxt) < 0)
> - goto error;
> + return NULL;
> }
>
> if (type != VIR_INTERFACE_TYPE_BRIDGE) {
> /* link status makes no sense for a bridge */
> lnk = virXPathNode("./link", ctxt);
> if (lnk && virInterfaceLinkParseXML(lnk, >lnk) < 0)
> - goto error;
> + return NULL;
> }
>
> switch (type) {
> @@ -751,11 +751,11 @@ virInterfaceDefParseXML(xmlXPathContextPtr
> ctxt,
> if (!(bridge = virXPathNode("./bridge[1]", ctxt))) {
> virReportError(VIR_ERR_XML_ERROR,
> "%s", _("bridge interface misses the
> bridge element"));
> - goto error;
> + return NULL;
> }
> ctxt->node = bridge;
> if (virInterfaceDefParseBridge(def, ctxt) < 0)
> - goto error;
> + return NULL;
> break;
> }
> case VIR_INTERFACE_TYPE_BOND: {
> @@ -764,11 +764,11 @@ virInterfaceDefParseXML(xmlXPathContextPtr
> ctxt,
> if (!(bond = virXPathNode("./bond[1]", ctxt))) {
> virReportError(VIR_ERR_XML_ERROR,
> "%s", _("bond interface misses the
> bond element"));
> - goto error;
> + return NULL;
> }
> ctxt->node = bond;
> if (virInterfaceDefParseBond(def, ctxt) < 0)
> - goto error;
> + return NULL;
> break;
> }
> case VIR_INTERFACE_TYPE_VLAN: {
> @@ -777,21 +777,17 @@ virInterfaceDefParseXML(xmlXPathContextPtr
> ctxt,
> if (!(vlan = virXPathNode("./vlan[1]", ctxt))) {
> virReportError(VIR_ERR_XML_ERROR,
> "%s", _("vlan interface misses the
> vlan element"));
> - goto error;
> + return NULL;
> }
> ctxt->node = vlan;
> if (virInterfaceDefParseVlan(def, ctxt) < 0)
> - goto error;
> + return NULL;
> break;
> }
>
> }
>
> - return def;
> -
> - error:
> - virInterfaceDefFree(def);
> - return NULL;
> + return g_steal_pointer();
> }
>
>
> diff --git a/src/conf/interface_conf.h b/src/conf/interface_conf.h
> index ea92e0fb31..510d83b2bf 100644
> --- a/src/conf/interface_conf.h
> +++ b/src/conf/interface_conf.h
> @@ -153,6 +153,7 @@ struct _virInterfaceDef {
>
> void
> virInterfaceDefFree(virInterfaceDef *def);
> +G_DEFINE_AUTOPTR_CLEANUP_FUNC(virInterfaceDef, virInterfaceDefFree);
>
> virInterfaceDef *
> virInterfaceDefParseString(const char *xmlStr,
> diff --git a/src/conf/virinterfaceobj.c b/src/conf/virinterfaceobj.c
> index 9439bb3d0b..ceb3ae7595 100644
> --- a/src/conf/virinterfaceobj.c
> +++ b/src/conf/virinterfaceobj.c
>
Re: [PATCH v2 2/2] qemu: tpm: Extend TPM domain XML with PCR banks to activate
Hi
On Mon, Nov 1, 2021 at 9:23 PM Stefan Berger wrote:
>
> Extend the TPM domain XML with an attribute active_pcr_banks that allows
> a user to specify the PCR banks to activate before starting a VM. A comma-
> separated list of PCR banks with the choices of sha1, sha256, sha384 and
> sha512 is allowed. When the XML attribute is provided, the set of active
> PCR banks is 'enforced' by running swtpm_setup before every start of the
> VM. The activation requires that swtpm_setup v0.7 or later is installed
> and may not have any effect otherwise.
>
Is this a configuration switch that the guest is expected to handle in general?
On real hw (or ftpm), is there some bios option or equivalent to
configure the pcr banks?
If not, shouldn't this be a first-time only configuration? (and
attempts to change the value further be rejected by libvirt)
>
>
>
>
> Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2016599
>
> Signed-off-by: Stefan Berger
> ---
> docs/formatdomain.rst | 12 ++-
> docs/schemas/basictypes.rng | 6 ++
> docs/schemas/domaincommon.rng | 5 ++
> src/conf/domain_conf.c| 21 -
> src/conf/domain_conf.h| 1 +
> src/qemu/qemu_tpm.c | 80 +++
> src/util/virtpm.c | 1 +
> src/util/virtpm.h | 1 +
> tests/qemuxml2argvdata/tpm-emulator-tpm2.xml | 2 +-
> .../tpm-emulator-tpm2.x86_64-latest.xml | 2 +-
> 10 files changed, 127 insertions(+), 4 deletions(-)
>
> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> index 0651975c88..8785a7a682 100644
> --- a/docs/formatdomain.rst
> +++ b/docs/formatdomain.rst
> @@ -7537,7 +7537,7 @@ Example: usage of the TPM Emulator
> ...
>
>
> -
> +
>
>
>
> @@ -7598,6 +7598,16 @@ Example: usage of the TPM Emulator
> This attribute only works with the ``emulator`` backend. The accepted
> values
> are ``yes`` and ``no``. :since:`Since 7.0.0`
>
> +``active_pcr_banks``
> + The ``active_pcr_banks`` attribute indicates the names of the PCR banks
> + of a TPM 2.0 to activate. A comma separated list of PCR banks' names
> + must be provided. Valid names are for example sha1, sha256, sha384, and
> + sha512. If this attribute is provided, the set of PCR banks are activated
> + before every start of a VM and this step is logged in the swtpm's log.
> + This attribute requires that swtpm_setup v0.7 or later is installed
> + and may not have any effect otherwise. This attribute only works with the
> + ``emulator`` backend. since:`Since 7.10.0`
> +
> ``encryption``
> The ``encryption`` element allows the state of a TPM emulator to be
> encrypted. The ``secret`` must reference a secret object that holds the
> diff --git a/docs/schemas/basictypes.rng b/docs/schemas/basictypes.rng
> index a221ff6295..3bd1eebdc4 100644
> --- a/docs/schemas/basictypes.rng
> +++ b/docs/schemas/basictypes.rng
> @@ -88,6 +88,12 @@
>
>
>
> +
> +
> + name="pattern">(sha1|sha256|sha384|sha512){1}(,(sha1|sha256|sha384|sha512)){0,3}
> +
> +
> +
>
>
>10
> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
> index 67df13d90d..6801673cf1 100644
> --- a/docs/schemas/domaincommon.rng
> +++ b/docs/schemas/domaincommon.rng
> @@ -5331,6 +5331,11 @@
>
>
>
> +
> +
> +
> +
> +
>
>
>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 4644d18120..bc8237fd0b 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -3207,6 +3207,7 @@ void virDomainTPMDefFree(virDomainTPMDef *def)
> break;
> case VIR_DOMAIN_TPM_TYPE_EMULATOR:
> virDomainChrSourceDefClear(>data.emulator.source);
> +g_free(def->data.emulator.activePcrBanks);
> g_free(def->data.emulator.storagepath);
> g_free(def->data.emulator.logfile);
> break;
> @@ -11733,7 +11734,7 @@ virDomainSmartcardDefParseXML(virDomainXMLOption
> *xmlopt,
> * Emulator state encryption is supported with the following:
> *
> *
> - *
> + *
> *
> *
> *
> @@ -11759,6 +11760,7 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
> g_autofree char *version = NULL;
> g_autofree char *secretuuid = NULL;
> g_autofree char *persistent_state = NULL;
> +g_autofree char *activePcrBanks = NULL;
> g_autofree xmlNodePtr *backends = NULL;
>
> def = g_new0(virDomainTPMDef, 1);
> @@ -11841,6 +11843,18 @@ virDomainTPMDefParseXML(virDomainXMLOption *xmlopt,
> goto error;
> }
> }
> +if (def->version == VIR_DOMAIN_TPM_VERSION_2_0) {
> +activePcrBanks =
答复: [PATCH 1/1] virsh: inherit qos from network definition when attaching an interface
Hi Michal, Thank you for the explanation. I misunderstood the setting QoS on the bridge and interfaces. I will try to use ovs-vsctl to set up bandwidth when using an OVS bridge. --- Best Regards, Jinsheng Zhang -邮件原件- 发件人: Michal Prívozník [mailto:mpriv...@redhat.com] 发送时间: 2021年11月1日 23:56 收件人: jx8zjs; libvir-list@redhat.com 抄送: Norman Shen(申嘉童); Jinsheng Zhang (张金生)-云服务集团 主题: Re: [PATCH 1/1] virsh: inherit qos from network definition when attaching an interface On 11/1/21 8:52 AM, jx8zjs wrote: > Fix bug 1826168: bridge type network with ovs bridge can start with > Qos setting which do not take any effect > > Resolves:https://bugzilla.redhat.com/show_bug.cgi?id=1826168 > Signed-off-by: jx8zjs > --- > tools/virsh-domain.c | 34 +++--- > 1 file changed, 31 insertions(+), 3 deletions(-) I don't think this is right. The bug is about setting QoS on the bridge itself not TAP devices plugged into it. From the bug, this is the QoS setting: And this is the resulting tc setting: # tc qdisc show dev virbr0 qdisc htb 1: root refcnt 2 r2q 10 default 0x2 direct_packets_stat 0 direct_qlen 1000 qdisc sfq 2: parent 1:2 limit 127p quantum 1514b depth 127 divisor 1024 perturb 10sec qdisc ingress : parent :fff1 # tc class show dev virbr0 class htb 1:1 root rate 8Mbit ceil 40Mbit burst 1600b cburst 1600b class htb 1:2 parent 1:1 leaf 2: prio 0 rate 8Mbit ceil 40Mbit burst 5Mb cburst 1600b # tc filter show dev virbr0 filter parent 1: protocol all pref 1 fw chain 0 filter parent 1: protocol all pref 1 fw chain 0 handle 0x1 classid :1 # tc filter show dev virbr0 ingress filter parent : protocol all pref 49152 u32 chain 0 filter parent : protocol all pref 49152 u32 chain 0 fh 800: ht divisor 1 filter parent : protocol all pref 49152 u32 chain 0 fh 800::800 order 2048 key ht 800 bkt 0 flowid :1 not_in_hw match / at 0 police 0x1 rate 1024Kbit burst 256Kb mtu 64Kb action drop overhead 0b ref 1 bind 1 what this does is when there's an from this network (without its own QoS) in a guest, it is rate limited by default. Moreover, if there are two interfaces, with no QoS set, then they share the same rate, which means in this case that they both share 1mbps bandwidth. It does NOT mean that each has its own 1mbps bandwidth to spare. The only way to achieve this behaviour is to set QoS on the bridge itself and not individual interfaces. Michal
Re: [PATCH v2 1/2] qemu: Move code to add encryption options for swtpm_setup into function
On Mon, Nov 1, 2021 at 9:23 PM Stefan Berger wrote:
>
> Move the code that adds encryption options for the swtpm_setup command
> line into its own function.
>
> Signed-off-by: Stefan Berger
Reviewed-by: Marc-André Lureau
> ---
> src/qemu/qemu_tpm.c | 55 +++--
> 1 file changed, 38 insertions(+), 17 deletions(-)
>
> diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
> index 5a05273100..93cb04f49d 100644
> --- a/src/qemu/qemu_tpm.c
> +++ b/src/qemu/qemu_tpm.c
> @@ -422,6 +422,42 @@ qemuTPMCreateConfigFiles(const char *swtpm_setup)
> }
>
>
> +/*
> + * Add encryption parameters to swtpm_setup command line.
> + *
> + * @cmd: virCommand to add options to
> + * @swtpm_setup: swtpm_setup tool path
> + * @secretuuid: The secret's uuid; may be NULL
> + */
> +static int
> +qemuTPMVirCommandAddEncryption(virCommand *cmd,
> + const char *swtpm_setup,
> + const unsigned char *secretuuid)
> +{
> +int pwdfile_fd;
> +
> +if (!secretuuid)
> +return 0;
> +
> +if (!virTPMSwtpmSetupCapsGet(
> +VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) {
> +virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
> +_("%s does not support passing a passphrase using a file "
> + "descriptor"), swtpm_setup);
> +return -1;
> +}
> +if ((pwdfile_fd = qemuTPMSetupEncryption(secretuuid, cmd)) < 0)
> +return -1;
> +
> +virCommandAddArg(cmd, "--pwdfile-fd");
> +virCommandAddArgFormat(cmd, "%d", pwdfile_fd);
> +virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL);
> +virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
> +
> +return 0;
> +}
> +
> +
> /*
> * qemuTPMEmulatorRunSetup
> *
> @@ -495,23 +531,8 @@ qemuTPMEmulatorRunSetup(const char *storagepath,
> break;
> }
>
> -if (secretuuid) {
> -if (!virTPMSwtpmSetupCapsGet(
> -VIR_TPM_SWTPM_SETUP_FEATURE_CMDARG_PWDFILE_FD)) {
> -virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED,
> -_("%s does not support passing a passphrase using a file "
> - "descriptor"), swtpm_setup);
> -return -1;
> -}
> -if ((pwdfile_fd = qemuTPMSetupEncryption(secretuuid, cmd)) < 0)
> -return -1;
> -
> -virCommandAddArg(cmd, "--pwdfile-fd");
> -virCommandAddArgFormat(cmd, "%d", pwdfile_fd);
> -virCommandAddArgList(cmd, "--cipher", "aes-256-cbc", NULL);
> -virCommandPassFD(cmd, pwdfile_fd, VIR_COMMAND_PASS_FD_CLOSE_PARENT);
> -pwdfile_fd = -1;
> -}
> +if (qemuTPMVirCommandAddEncryption(cmd, swtpm_setup, secretuuid) < 0)
> +return -1;
>
> if (!incomingMigration) {
> virCommandAddArgList(cmd,
> --
> 2.31.1
>
Re: [PATCH 1/2] tests: qemu: use domain type 'kvm' for kvm-features-off
On 11/2/21 7:27 AM, zhenwei pi wrote: > KVM features off test cases should be tested for a KVM domain, so > keep align kvm-features-off test with kvm-features except KVM > features on/off. > > Signed-off-by: zhenwei pi > --- > tests/qemuxml2argvdata/kvm-features-off.args | 4 ++-- > tests/qemuxml2argvdata/kvm-features-off.xml | 5 +++-- > tests/qemuxml2xmloutdata/kvm-features-off.xml | 7 +++ > 3 files changed, 8 insertions(+), 8 deletions(-) Reviewed-by: Michal Privoznik Michal
Re: [PATCH 2/2] tests: qemu: add kvm-pv-ipi off test
On 11/2/21 7:27 AM, zhenwei pi wrote: > Since b2757b697e29fa86972a4638a5879dccc8add2ad > (qemu: support kvm-pv-ipi off), libvirt supports xml definition like: > > > > > > > > Add test case for this feature. > > Signed-off-by: zhenwei pi > --- > tests/qemuxml2argvdata/kvm-features-off.args | 2 +- > tests/qemuxml2argvdata/kvm-features-off.xml | 1 + > tests/qemuxml2argvdata/kvm-features.xml | 1 + > tests/qemuxml2xmloutdata/kvm-features-off.xml | 1 + > tests/qemuxml2xmloutdata/kvm-features.xml | 1 + > 5 files changed, 5 insertions(+), 1 deletion(-) Reviewed-by: Michal Privoznik Michal
[PATCH 2/2] tests: qemu: add kvm-pv-ipi off test
Since b2757b697e29fa86972a4638a5879dccc8add2ad (qemu: support kvm-pv-ipi off), libvirt supports xml definition like: Add test case for this feature. Signed-off-by: zhenwei pi --- tests/qemuxml2argvdata/kvm-features-off.args | 2 +- tests/qemuxml2argvdata/kvm-features-off.xml | 1 + tests/qemuxml2argvdata/kvm-features.xml | 1 + tests/qemuxml2xmloutdata/kvm-features-off.xml | 1 + tests/qemuxml2xmloutdata/kvm-features.xml | 1 + 5 files changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/qemuxml2argvdata/kvm-features-off.args b/tests/qemuxml2argvdata/kvm-features-off.args index f7133bc0c3..f9962f68e7 100644 --- a/tests/qemuxml2argvdata/kvm-features-off.args +++ b/tests/qemuxml2argvdata/kvm-features-off.args @@ -12,7 +12,7 @@ QEMU_AUDIO_DRV=none \ -S \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ -machine pc,accel=kvm,usb=off,dump-guest-core=off \ --cpu host \ +-cpu host,kvm-pv-ipi=off \ -m 214 \ -realtime mlock=off \ -smp 6,sockets=6,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/kvm-features-off.xml b/tests/qemuxml2argvdata/kvm-features-off.xml index 7871698f06..a1004a206b 100644 --- a/tests/qemuxml2argvdata/kvm-features-off.xml +++ b/tests/qemuxml2argvdata/kvm-features-off.xml @@ -14,6 +14,7 @@ + diff --git a/tests/qemuxml2argvdata/kvm-features.xml b/tests/qemuxml2argvdata/kvm-features.xml index a5159254c6..51229a6c37 100644 --- a/tests/qemuxml2argvdata/kvm-features.xml +++ b/tests/qemuxml2argvdata/kvm-features.xml @@ -14,6 +14,7 @@ + diff --git a/tests/qemuxml2xmloutdata/kvm-features-off.xml b/tests/qemuxml2xmloutdata/kvm-features-off.xml index 9c176190a5..52a0ef0065 100644 --- a/tests/qemuxml2xmloutdata/kvm-features-off.xml +++ b/tests/qemuxml2xmloutdata/kvm-features-off.xml @@ -14,6 +14,7 @@ + diff --git a/tests/qemuxml2xmloutdata/kvm-features.xml b/tests/qemuxml2xmloutdata/kvm-features.xml index 88ee48c873..72e66fcbf5 100644 --- a/tests/qemuxml2xmloutdata/kvm-features.xml +++ b/tests/qemuxml2xmloutdata/kvm-features.xml @@ -14,6 +14,7 @@ + -- 2.25.1
[PATCH 1/2] tests: qemu: use domain type 'kvm' for kvm-features-off
KVM features off test cases should be tested for a KVM domain, so keep align kvm-features-off test with kvm-features except KVM features on/off. Signed-off-by: zhenwei pi --- tests/qemuxml2argvdata/kvm-features-off.args | 4 ++-- tests/qemuxml2argvdata/kvm-features-off.xml | 5 +++-- tests/qemuxml2xmloutdata/kvm-features-off.xml | 7 +++ 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/qemuxml2argvdata/kvm-features-off.args b/tests/qemuxml2argvdata/kvm-features-off.args index f6f13495e6..f7133bc0c3 100644 --- a/tests/qemuxml2argvdata/kvm-features-off.args +++ b/tests/qemuxml2argvdata/kvm-features-off.args @@ -11,7 +11,8 @@ QEMU_AUDIO_DRV=none \ -name guest=QEMUGuest1,debug-threads=on \ -S \ -object secret,id=masterKey0,format=raw,file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ --machine pc,accel=tcg,usb=off,dump-guest-core=off \ +-machine pc,accel=kvm,usb=off,dump-guest-core=off \ +-cpu host \ -m 214 \ -realtime mlock=off \ -smp 6,sockets=6,cores=1,threads=1 \ @@ -25,5 +26,4 @@ QEMU_AUDIO_DRV=none \ -no-shutdown \ -boot strict=on \ -usb \ --device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x2 \ -msg timestamp=on diff --git a/tests/qemuxml2argvdata/kvm-features-off.xml b/tests/qemuxml2argvdata/kvm-features-off.xml index d63a573239..7871698f06 100644 --- a/tests/qemuxml2argvdata/kvm-features-off.xml +++ b/tests/qemuxml2argvdata/kvm-features-off.xml @@ -1,4 +1,4 @@ - + QEMUGuest1 c7a5fdbd-edaf-9455-926a-d65c16db1809 219100 @@ -16,6 +16,7 @@ + destroy restart @@ -26,6 +27,6 @@ - + diff --git a/tests/qemuxml2xmloutdata/kvm-features-off.xml b/tests/qemuxml2xmloutdata/kvm-features-off.xml index f2e9407ac9..9c176190a5 100644 --- a/tests/qemuxml2xmloutdata/kvm-features-off.xml +++ b/tests/qemuxml2xmloutdata/kvm-features-off.xml @@ -1,4 +1,4 @@ - + QEMUGuest1 c7a5fdbd-edaf-9455-926a-d65c16db1809 219100 @@ -16,6 +16,7 @@ + destroy restart @@ -29,8 +30,6 @@ - - - + -- 2.25.1
