Re: [libvirt] [Qemu-devel] libvirt/QEMU/SEV interaction

On Wed, Oct 18, 2017 at 08:18:48PM +0100, Dr. David Alan Gilbert wrote: > * Michael S. Tsirkin (m...@redhat.com) wrote: > > On Fri, Sep 08, 2017 at 10:48:10AM -0500, Brijesh Singh wrote: > > > > > > 11. GO verifies the measurement and if measurement matches > > > > > then it may > > > > >

Re: [libvirt] [PATCH v6 0/9] Work around the kernel mdev uevent race in nodedev

On 10/18/2017 09:52 AM, Erik Skultety wrote: > v5 here: > https://www.redhat.com/archives/libvir-list/2017-October/msg00440.html > > Since v5: > - fixed minor nitpicks > - added 3 more patches as per reviewer's suggestion to split some of the > changes even more > - patches {2,6,7,8,9}/9 are

Re: [libvirt] [PATCH v6 5/9] nodedev: udev: Unlock the private data before setting up 'system' node

On 10/18/2017 09:52 AM, Erik Skultety wrote: > udevSetupSystemDev only needs the udev data lock to be locked because of > calling udevGetDMIData which accesses some protected structure members, > but it can do that on its own just fine, no need to hold the lock the > whole time. > >

Re: [libvirt] [PATCH 00/14] introduce virDomainSetLifecycleAction() API

On 10/16/2017 07:06 AM, Pavel Hrdina wrote: > Pavel Hrdina (14): > conf: rename lifecycle enum values to correspond with typedef keyword > conf: rename virDomainLifecycleAction enum functions > conf: introduce virDomainLifecycle enum to list all lifecycle types > conf: merge

Re: [libvirt] [PATCH 11/14] virsh: introduce set-lifecycle-action command

On 10/16/2017 07:06 AM, Pavel Hrdina wrote: > Signed-off-by: Pavel Hrdina > --- > tools/virsh-domain.c | 102 > +++ > tools/virsh.pod | 7 > 2 files changed, 109 insertions(+) > > diff --git

Re: [libvirt] [PATCH 10/14] lib: introduce virDomainSetLifecycleAction() API

On 10/16/2017 07:06 AM, Pavel Hrdina wrote: > Signed-off-by: Pavel Hrdina > --- > docs/formatdomain.html.in| 6 + > include/libvirt/libvirt-domain.h | 28 > src/conf/domain_conf.h | 19 -- > src/driver-hypervisor.h

Re: [libvirt] [Qemu-devel] libvirt/QEMU/SEV interaction

* Michael S. Tsirkin (m...@redhat.com) wrote: > On Fri, Sep 08, 2017 at 10:48:10AM -0500, Brijesh Singh wrote: > > > > > 11. GO verifies the measurement and if measurement matches then > > > > it may > > > > > give a secret blob -- which must be injected into the guest > > > > before

Re: [libvirt] [PATCH 2/6] domain: Allow 'model' attribute for ide controller.

On Wed, Oct 18, 2017 at 12:23:24PM -0400, Dawid Zamirski wrote: > On Tue, 2017-10-17 at 15:46 -0400, John Ferlan wrote: > > > > On 10/09/2017 04:49 PM, Dawid Zamirski wrote: > > > From: Dawid Zamirski > > > > > > The optional values are 'piix3', 'piix4' or 'ich6'. Those

Re: [libvirt] [PATCH 2/6] domain: Allow 'model' attribute for ide controller.

On 10/18/2017 12:23 PM, Dawid Zamirski wrote: > On Tue, 2017-10-17 at 15:46 -0400, John Ferlan wrote: >> >> On 10/09/2017 04:49 PM, Dawid Zamirski wrote: >>> From: Dawid Zamirski >>> >>> The optional values are 'piix3', 'piix4' or 'ich6'. Those will be >>> needed to allow

[libvirt] [libvirt-jenkins-ci PATCH v2 2/6] guests: Introduce lcitool

This script replaces the existing Makefile, and will be extended to provide more functionality in future commits. It also takes over ownership of the Ansible vault password, which is now expected to be stored in lcitool's own config directory along with more settings that will be introduced

[libvirt] [libvirt-jenkins-ci PATCH v2 6/6] guests: Update documentation

Signed-off-by: Andrea Bolognani --- guests/README.markdown | 91 +++--- 1 file changed, 64 insertions(+), 27 deletions(-) diff --git a/guests/README.markdown b/guests/README.markdown index 4d464e1..100ca31 100644 ---

[libvirt] [libvirt-jenkins-ci PATCH v2 3/6] guests: Remove bootstrap phase

Having to bootstrap the guest as a separate phase is annoying and can be avoided by assuming the root password is well-known. This doesn't hurt security because we're going to be changing the root password with a user-provided one the first time Ansible is run; moreover, we only leave key-based

[libvirt] [libvirt-jenkins-ci PATCH v2 5/6] guests: Configure bootloaders

Both GRUB and the FreeBSD bootloader need some tweaking to make sure the OS will display boot messages and provide a login prompt on the serial console, which is useful when SSH access can't be used for whatever reason. Signed-off-by: Andrea Bolognani ---

[libvirt] [libvirt-jenkins-ci PATCH v2 1/6] guests: Rename from 'ansible'

There will be more than just Ansible playbooks in that directory pretty soon, so a more generic name is more appropriate. Signed-off-by: Andrea Bolognani --- {ansible => guests}/.gitignore | 0 {ansible => guests}/Makefile

[libvirt] [libvirt-jenkins-ci PATCH v2 0/6] Unattended guest installation and more

Changes from [v1]: * guest changes - set root password to a user-provided value - only allow key-based SSH login for root - configure serial console for emergency access - disable audio, video and USB - allocate 256 MiB for swap instead of 2 GiB - allocate 15 GiB for storage instead

[libvirt] [libvirt-jenkins-ci PATCH v2 4/6] guests: Add unattended installation support

The lcitool script can now be used to install most known guests without requiring user interaction. Signed-off-by: Andrea Bolognani --- guests/group_vars/all/install.yml | 11 +++ guests/host_vars/libvirt-centos-6/install.yml | 3 +

Re: [libvirt] [PATCH 2/6] domain: Allow 'model' attribute for ide controller.

On Tue, 2017-10-17 at 15:46 -0400, John Ferlan wrote: > > On 10/09/2017 04:49 PM, Dawid Zamirski wrote: > > From: Dawid Zamirski > > > > The optional values are 'piix3', 'piix4' or 'ich6'. Those will be > > needed to allow setting IDE controller model in VirtualBox driver.

[libvirt] libvirt not wanting to read back its own interface XML

Hi, I'm trying to give libvirt knowlegde of a VLAN interface that is configured by a different means and not by libvirt. To figure out the syntax, I created a VLAN interface through virt-manager and dumped out the XML: I then removed the Interface in virt-manager

[libvirt] [CFP] Virt & IaaS Devroom at FOSDEM18

I am excited to announce that the call for proposals is now open for the Virtualization & IaaS devroom at the upcoming FOSDEM 2018, to be hosted on February 3 and 4, 2018. This year will mark FOSDEM’s 18th anniversary as one of the longest-running free and open source software developer events,

Re: [libvirt] [PATCH 00/14] introduce virDomainSetLifecycleAction() API

On Wed, Oct 18, 2017 at 09:59:46AM -0400, John Ferlan wrote: > > > On 10/16/2017 07:06 AM, Pavel Hrdina wrote: > > Pavel Hrdina (14): > > conf: rename lifecycle enum values to correspond with typedef keyword > > conf: rename virDomainLifecycleAction enum functions > > conf: introduce

Re: [libvirt] [PATCH 00/14] introduce virDomainSetLifecycleAction() API

On 10/16/2017 07:06 AM, Pavel Hrdina wrote: > Pavel Hrdina (14): > conf: rename lifecycle enum values to correspond with typedef keyword > conf: rename virDomainLifecycleAction enum functions > conf: introduce virDomainLifecycle enum to list all lifecycle types > conf: merge

[libvirt] [PATCH 0/2] More hotplug cleanups

Remove some dead code. Ján Tomko (2): qemuIsMultiFunctionDevice: return early for non-PCI addresses qemu: remove pointless address validation on hot unplug src/qemu/qemu_hotplug.c | 56 - 1 file changed, 9 insertions(+), 47 deletions(-) --

[libvirt] [PATCH 1/2] qemuIsMultiFunctionDevice: return early for non-PCI addresses

There is no point in iterating over all devices if none of them could possibly match. --- src/qemu/qemu_hotplug.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 0288986d8..aebd00598 100644 ---

[libvirt] [PATCH 2/2] qemu: remove pointless address validation on hot unplug

Back in the times of using 'pci_del', unplugging a device without a PCI address was not wired up. After completely removing support for qemu without QEMU_CAPS_DEVICE, aliases are used to uniquely identify devices in all cases. Remove the pointless validation of data that was already present in

Re: [libvirt] [PATCH] virsh: domifaddr: clarify description of --full option

On 10/16/2017 02:53 AM, Chen Hanxiao wrote: > From: Chen Hanxiao > > Option --full will always display the name and MAC > address of the interface. > Both virsh help and virsh man page didn't mention that. > > Signed-off-by: Chen Hanxiao >

[libvirt] [PATCH v6 2/9] nodedev: udev: Introduce udevEventMonitorSanityCheck helper function

We need to perform a sanity check on the udev monitor before every use so that we know nothing has changed in the meantime. The reason for moving the code to a separate helper is to enhance readability and shift the focus on the important stuff within the udevEventHandleCallback handler.

[libvirt] [PATCH v6 6/9] nodedev: udev: Split udevEventHandleCallback in two functions

This patch splits udevEventHandleCallback in two (introduces udevEventHandleThread) in order to be later able to refactor the latter to actually become a normal thread which will wait some time for the kernel to create the whole sysfs tree for a device as we cannot do that in the event loop

[libvirt] [PATCH v6 7/9] nodedev: udev: Convert udevEventHandleThread to an actual thread routine

Adjust udevEventHandleThread to be a proper thread routine running in an infinite loop handling devices. The handler thread pulls all available data from the udev monitor and only then waits until a wakeup signal for new incoming data has been emitted by udevEventHandleCallback. Signed-off-by:

[libvirt] [PATCH v6 5/9] nodedev: udev: Unlock the private data before setting up 'system' node

udevSetupSystemDev only needs the udev data lock to be locked because of calling udevGetDMIData which accesses some protected structure members, but it can do that on its own just fine, no need to hold the lock the whole time. Signed-off-by: Erik Skultety ---

[libvirt] [PATCH v6 9/9] nodedev: udev: Hook up virFileWaitForAccess to work around uevent race

If we find ourselves in the situation that the 'add' uevent has been fired earlier than the sysfs tree for a device was created, we should use the best-effort approach and give kernel some predetermined amount of time, thus waiting for the attributes to be ready rather than discarding the device

[libvirt] [PATCH v6 8/9] util: Introduce virFileWaitForExists

Since we have a number of places where we workaround timing issues with devices, attributes (files in general) not being available at the time of processing them by calling usleep in a loop for a fixed number of tries, we could as well have a utility function that would do that. Therefore we won't

[libvirt] [PATCH v6 4/9] nodedev: udev: Remove driver locks from stateInitialize and stateCleanup

The driver locks are unnecessary here, since currently the cleanup is only called from the main daemon thread, so we can't race here. Moreover @devs and @privateData are self-lockable objects, so no problem there either. Signed-off-by: Erik Skultety ---

[libvirt] [PATCH v6 3/9] nodedev: udev: Convert udev private data to a lockable object

Since there's going to be a worker thread which needs to have some data protected by a lock, the whole code would just simply get unnecessary complex, since two sets of locks would be necessary, driver lock (for udev monitor and event handle) and a mutex protecting thread-local data. Given the

[libvirt] [PATCH v6 1/9] nodedev: Move privileged flag from udev private data to driver's state

Even though hal doesn't make use of it, the privileged flag is related to the daemon/driver rather than the backend actually used. While at it, get rid of some tab indentation in the driver state struct. Signed-off-by: Erik Skultety --- src/conf/virnodedeviceobj.h|

[libvirt] [PATCH v6 0/9] Work around the kernel mdev uevent race in nodedev

v5 here: https://www.redhat.com/archives/libvir-list/2017-October/msg00440.html Since v5: - fixed minor nitpicks - added 3 more patches as per reviewer's suggestion to split some of the changes even more - patches {2,6,7,8,9}/9 are without any change Erik Skultety (9): nodedev: Move privileged

Re: [libvirt] [PATCH v5 4/6] udev: Convert udevEventHandleThread to an actual thread routine

On Sun, Oct 15, 2017 at 10:23:56AM -0400, John Ferlan wrote: > > > On 10/11/2017 10:52 AM, Erik Skultety wrote: > > Adjust udevEventHandleThread to be a proper thread routine running in an > > infinite loop handling devices. The handler thread pulls all available > > data from the udev monitor and

Re: [libvirt] [PATCH v5 3/6] udev: Split udevEventHandleCallback in two functions

On Sun, Oct 15, 2017 at 10:23:52AM -0400, John Ferlan wrote: > > > On 10/11/2017 10:52 AM, Erik Skultety wrote: > > This patch splits udevEventHandleCallback in two (introduces > > udevEventHandleThread) in order to be later able to refactor the latter > > to actually become a normal thread which

Re: [libvirt] [PATCH v5 2/6] nodedev: udev: Convert udev private data to a lockable object

[...] > > +struct _udevEventData { > > +virObjectLockable parent; > > + > > struct udev_monitor *udev_monitor; > > int watch; > > bool privileged; > > }; > > Mental note - maybe the driver->privateData should change to > driver->udevEventData in _virNodeDeviceDriverState I

Re: [libvirt] [PATCH 1/6] vbox: Close media when undefining domains.

On 10/17/2017 05:28 PM, Dawid Zamirski wrote: > On Tue, 2017-10-17 at 15:44 -0400, John Ferlan wrote: >> >> On 10/09/2017 04:49 PM, Dawid Zamirski wrote: >>> From: Dawid Zamirski >>> >>> When registering a VM we call OpenMedium on each disk image which >>> adds it >>> to

[libvirt] [PATCH 4/5] qemu: Drop qemuMonitorGetMigrationCapability

The only remaining user of qemuMonitorGetMigrationCapability is our test suite. Let's replace qemuMonitorGetMigrationCapability with qemuMonitorGetMigrationCapabilities there and drop the unused function. Signed-off-by: Jiri Denemark --- src/qemu/qemu_monitor.c | 19

[libvirt] [PATCH 1/5] qemu: Create a wrapper around qemuMonitorSetCapabilities

The new function is called qemuProcessInitMonitor and it will enter/exit the monitor so that the caller doesn't have to deal with this. The goal of this patch is to simplify the code in qemuConnectMonitor which would otherwise be a bit hairy after the following patch. Signed-off-by: Jiri

[libvirt] [PATCH 2/5] qemu: Store supported migration capabilities in a bitmap

Each time we need to check whether a given migration capability is supported by QEMU, we call query-migrate-capabilities QMP command and lookup the capability in the returned list. Asking for the list of supported capabilities once when we connect to QEMU and storing the result in a bitmap is much

[libvirt] [PATCH 5/5] qemu: Enhance debug message in qemuMonitorSetMigrationCapability

Signed-off-by: Jiri Denemark --- src/qemu/qemu_monitor.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 55b123e5f5..64efb89e83 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@

[libvirt] [PATCH 0/5] qemu: Improve the way we handle migration capabilities

Jiri Denemark (5): qemu: Create a wrapper around qemuMonitorSetCapabilities qemu: Store supported migration capabilities in a bitmap qemu: Use bitmap with migration capabilities qemu: Drop qemuMonitorGetMigrationCapability qemu: Enhance debug message in qemuMonitorSetMigrationCapability

[libvirt] [PATCH 3/5] qemu: Use bitmap with migration capabilities

All calls to qemuMonitorGetMigrationCapability in QEMU driver are replaced with qemuMigrationCapsGet. Signed-off-by: Jiri Denemark --- src/qemu/qemu_domain.c| 7 +++ src/qemu/qemu_driver.c| 32 +--- src/qemu/qemu_migration.c | 45

Re: [libvirt] [PATCH 1/3] daemon: finish threads on close

On 18.10.2017 14:17, John Ferlan wrote: > [...] > >> So I can split this patch to 2 and clear servers hash table as you >> suggusted instead of tossing virThreadPoolFree and add 2 extra >> patches to make referencing at virNetDaemonAddServerPostExec straight. >> This will take almost no time

Re: [libvirt] [PATCH 1/3] daemon: finish threads on close

[...] > So I can split this patch to 2 and clear servers hash table as you > suggusted instead of tossing virThreadPoolFree and add 2 extra > patches to make referencing at virNetDaemonAddServerPostExec straight. > This will take almost no time thus let's move to the other parts of the > series.

Re: [libvirt] [PATCH 1/2] maint: Replace tabs with spaces in all source files in repo

On Tue, Oct 17, 2017 at 05:24:30PM +0200, Erik Skultety wrote: So we have a syntax-check rule to catch all tab indents but it naturally can't catch tab spacing, i.e. as a delimiter. This patch is a result of running 'vim -en +retab +wq' (using tabstop=8 softtabstop=4 shiftwidth=4 expandtab) on

Re: [libvirt] [PATCH 2/2] maint: Remove not-so-much informative block commentaries

On Tue, Oct 17, 2017 at 05:24:31PM +0200, Erik Skultety wrote: There were a bunch of commentary blocks that were literally useless in terms of describing what the code following them does, since most of them were documenting "the obvious" or it just wouldn't help at all. Signed-off-by: Erik

[libvirt] [PATCH 1/2] Increase default file handle limits for virtlogd

The initial assumption was ~2 files per guest, but some common setups like Openstack drive up to 4 files per guest. E.g. on Arm where the following XML leads to 4 file handles: With that in mind and the target to support 4k guests by

[libvirt] [PATCH 0/2] Further Increase default file handle limits

In 27cd7635 new default limits were set: Author: Daniel P. Berrange Date: Wed Mar 15 16:51:51 2017 + Increase default file handle limits for daemons But I faced some constraints with these values and think it is time to reconsider the defaults to only have to

[libvirt] [PATCH 2/2] Increase default file handle limits for virtlockd

The assumption so far was an average of 4 disks per guest. But some architectures, like s390x, still often use plenty of smaller disks. To include those in the considerations an assumption of an average of 10 disks is more reasonable. Signed-off-by: Christian Ehrhardt

Re: [libvirt] [PATCH 1/3] daemon: finish threads on close

On 17.10.2017 15:34, John Ferlan wrote: > > > On 10/17/2017 03:40 AM, Nikolay Shirokovskiy wrote: >> >> >> On 16.10.2017 15:47, John Ferlan wrote: >>> >>> >>> On 09/27/2017 08:45 AM, Nikolay Shirokovskiy wrote: Current daemon shutdown can cause crashes. The problem is that threads