Re: [libvirt] [PATCH 2/4] conf: introduce virDomainDefCheckBootOrder

2018-05-29 Thread Peter Krempa
On Mon, May 28, 2018 at 15:54:03 +0200, Ján Tomko wrote: > Move the check for boot elements into a separate function > and remove its dependency on the parser-supplied bootHash table. > > Reconstructing the hash table from the domain definition > effectively duplicates the check for duplicate boot

Re: [libvirt] [PATCH 3/4] conf: remove 'bootHash' from the post-parse infrastructure

2018-05-29 Thread Peter Krempa
On Mon, May 28, 2018 at 15:54:04 +0200, Ján Tomko wrote: > From: Peter Krempa > > As the function signature of virDomainDefPostParseInternal does not > differ from virDomainDefPostParse now, the wrapper can be dropped. > > Signed-off-by: Peter Krempa > Signed-off-by: Ján Tomko > --- > src/con

Re: [libvirt] [PATCH 4/4] conf: remove 'bootHash' completely

2018-05-29 Thread Peter Krempa
On Mon, May 28, 2018 at 15:54:05 +0200, Ján Tomko wrote: > Its only use is now to check for duplicate boot order values, > which is now also done in virDomainDefPostParseCommon. > > Remove it completely. > > Signed-off-by: Ján Tomko > --- > src/conf/domain_conf.c | 89 > ++-

Re: [libvirt] [PATCH 1/4] vmx: add VIR_DOMAIN_DEF_FEATURE_NO_BOOT_ORDER

2018-05-29 Thread Peter Krempa
On Mon, May 28, 2018 at 15:54:02 +0200, Ján Tomko wrote: > Further patches will introduce validation and a default setting > of def->os.bootDevs in postParse. > > Introduce a feature flag to opt out of this and set it in the vmx > driver. This does not clarify in any way why it is required. > >

Re: [libvirt] [PATCHv2 1/7] Introduce virDomainVsockDef

2018-05-29 Thread Peter Krempa
On Thu, May 24, 2018 at 12:39:09 +0200, Ján Tomko wrote: > A type to represent the new vsock device. > Also implement an allocation function to allow future addition > of private data. > > https://bugzilla.redhat.com/show_bug.cgi?id=1291851 > > Signed-off-by: Ján Tomko > --- > src/conf/domain_c

Re: [libvirt] [PATCHv2 2/7] Add privateData to virDomainVsockDef

2018-05-29 Thread Peter Krempa
Add 'conf:' prefix. On Thu, May 24, 2018 at 12:39:10 +0200, Ján Tomko wrote: > An object for storing driver-specific data in the vsock definition. > > https://bugzilla.redhat.com/show_bug.cgi?id=1291851 > Signed-off-by: Ján Tomko > --- > src/conf/domain_conf.c | 16 ++-- > src/conf/

Re: [libvirt] [PATCH 1/4] vmx: add VIR_DOMAIN_DEF_FEATURE_NO_BOOT_ORDER

2018-05-29 Thread Ján Tomko
On Tue, May 29, 2018 at 09:30:05AM +0200, Peter Krempa wrote: On Mon, May 28, 2018 at 15:54:02 +0200, Ján Tomko wrote: Further patches will introduce validation and a default setting of def->os.bootDevs in postParse. Introduce a feature flag to opt out of this and set it in the vmx driver. Th

Re: [libvirt] [PATCH 1/2] bhyve: add CPU topology support

2018-05-29 Thread Peter Krempa
On Mon, May 28, 2018 at 20:27:50 +0400, Roman Bogorodskiy wrote: > Recently, bhyve started supporting specifying guest CPU topology. > It looks this way: > > bhyve -c cpus=C,sockets=S,cores=C,threads=T ... > > The old behaviour with bhyve -c C, where C is a number of vCPUs, is > still supported

Re: [libvirt] [PATCH 1/4] vmx: add VIR_DOMAIN_DEF_FEATURE_NO_BOOT_ORDER

2018-05-29 Thread Peter Krempa
On Tue, May 29, 2018 at 09:48:51 +0200, Ján Tomko wrote: > On Tue, May 29, 2018 at 09:30:05AM +0200, Peter Krempa wrote: > > On Mon, May 28, 2018 at 15:54:02 +0200, Ján Tomko wrote: > > > Further patches will introduce validation and a default setting > > > of def->os.bootDevs in postParse. > > >

Re: [libvirt] [PATCH 2/4] conf: introduce virDomainDefCheckBootOrder

2018-05-29 Thread Ján Tomko
On Tue, May 29, 2018 at 09:26:51AM +0200, Peter Krempa wrote: On Mon, May 28, 2018 at 15:54:03 +0200, Ján Tomko wrote: Move the check for boot elements into a separate function and remove its dependency on the parser-supplied bootHash table. Reconstructing the hash table from the domain definit

[libvirt] [PATCH 00/10] Use better PRNG

2018-05-29 Thread Michal Privoznik
This is inspired by bug reported here [1]. Even though Eric suggested calling this Linux syscall when building without gnutls [2] I've decided to not implement it. Firstly, we build with gnuls everywhere (even Windows), secondly I see no appealing reason to special case Linux - /dev/urandom is good

[libvirt] [PATCH 02/10] virCryptoGenerateRandom: rename ret

2018-05-29 Thread Michal Privoznik
This function allocates a buffer, fills it in with random bytes and then returns it. However, the buffer is held in @buf variable, therefore having @ret variable which does not hold return value of the function is misleading. Signed-off-by: Michal Privoznik --- src/util/vircrypto.c | 10 +---

[libvirt] [PATCH 01/10] virRandomBytes: Fix return value

2018-05-29 Thread Michal Privoznik
In libvirt when a function wants to return an error code it should be a negative value. Returning a positive value (or zero) means success. But virRandomBytes() does not follow this rule. Signed-off-by: Michal Privoznik --- src/util/vircrypto.c | 4 ++-- src/util/virrandom.c | 6 +++--- src/ut

[libvirt] [PATCH 10/10] vircrypto: Drop virCryptoGenerateRandom

2018-05-29 Thread Michal Privoznik
Now that virCryptoGenerateRandom() is plain wrapper over virRandomBytes() we can drop it in favour of the latter. Signed-off-by: Michal Privoznik --- src/libvirt_private.syms | 1 - src/qemu/qemu_domain.c | 5 +++-- src/util/vircrypto.c | 18 -- src/util/vircrypto.h |

[libvirt] [PATCH 03/10] virCryptoGenerateRandom: Explain gnults error

2018-05-29 Thread Michal Privoznik
When generating random stream using gnults fails an error is reported. However, the error is not helpful as it contains only an integer error code (a negative number). Use gnutls_strerror() to turn the error code into a string explaining what went wrong. Signed-off-by: Michal Privoznik --- src/u

[libvirt] [PATCH 09/10] virUUIDGenerate don't fall back to virRandomBits

2018-05-29 Thread Michal Privoznik
If virRandomBytes() fails there is no point calling virRandomBits() because it uses virRandomBytes() internally again. Signed-off-by: Michal Privoznik --- src/util/viruuid.c | 25 +++-- 1 file changed, 3 insertions(+), 22 deletions(-) diff --git a/src/util/viruuid.c b/src/ut

[libvirt] [PATCH 07/10] virRandomBytes: Use gnutls_rnd whenever possible

2018-05-29 Thread Michal Privoznik
While /dev/urandom is not terrible source of random data gnutls_rnd is better. Prefer that one. Also, since nearly every platform we build on already has gnutls (if not all of them) this is going to be used by default. Signed-off-by: Michal Privoznik --- src/util/vircrypto.c | 20 +-

[libvirt] [PATCH 05/10] virRandomBytes: Prefer saferead over plain read

2018-05-29 Thread Michal Privoznik
Signed-off-by: Michal Privoznik --- src/util/virrandom.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/util/virrandom.c b/src/util/virrandom.c index 9597640840..ea55fe654d 100644 --- a/src/util/virrandom.c +++ b/src/util/virrandom.c @@ -182,9 +182,7 @@ virRandomBytes(

[libvirt] [PATCH 08/10] virrandom: Make virRandomBits better

2018-05-29 Thread Michal Privoznik
Now that we have strong PRNG generator implemented in virRandomBytes() let's use that instead of gnulib's random_r. Problem with the latter is in way we seed it: current UNIX time and libvirtd's PID are not that random as one might think. Imagine two hosts booting at the same time. There's a fair

[libvirt] [PATCH 04/10] virCryptoGenerateRandom: Don't allocate return buffer

2018-05-29 Thread Michal Privoznik
To unify our vir*Random() functions we need to make virCryptoGenerateRandom NOT allocate return buffer. It should just fill given buffer with random data. Signed-off-by: Michal Privoznik --- src/qemu/qemu_domain.c | 12 src/util/vircrypto.c | 29 -

[libvirt] [PATCH 06/10] virRandomBytes: Report error

2018-05-29 Thread Michal Privoznik
Instead of having each caller report error move it into the function. This way we can produce more accurate error messages too. Signed-off-by: Michal Privoznik --- src/util/vircrypto.c | 6 ++ src/util/virrandom.c | 18 +- 2 files changed, 15 insertions(+), 9 deletions(-) d

Re: [libvirt] [PATCHv2 3/7] conf: introduce element

2018-05-29 Thread Peter Krempa
On Thu, May 24, 2018 at 12:39:11 +0200, Ján Tomko wrote: > Add a new 'vsock' element for the vsock device. > The 'model' attribute is optional. > A subelement should be used to specify the guest cid, > or should be used. > > https://bugzilla.redhat.com/show_bug.cgi?id=1291851 > --- > docs/forma

Re: [libvirt] [PATCH 2/4] conf: introduce virDomainDefCheckBootOrder

2018-05-29 Thread Peter Krempa
On Tue, May 29, 2018 at 09:55:18 +0200, Ján Tomko wrote: > On Tue, May 29, 2018 at 09:26:51AM +0200, Peter Krempa wrote: > > On Mon, May 28, 2018 at 15:54:03 +0200, Ján Tomko wrote: > > > Move the check for boot elements into a separate function > > > and remove its dependency on the parser-supplie

Re: [libvirt] [PATCHv2 4/7] qemu: add private data for vsock

2018-05-29 Thread Peter Krempa
On Thu, May 24, 2018 at 12:39:12 +0200, Ján Tomko wrote: > Introduce a structure and a class that will be used to store > the private data. > > https://bugzilla.redhat.com/show_bug.cgi?id=1291851 > > Signed-off-by: Ján Tomko > --- > src/qemu/qemu_domain.c | 36 ++

Re: [libvirt] [PATCHv2 5/7] Introduce QEMU_CAPS_DEVICE_VHOST_VSOCK

2018-05-29 Thread Peter Krempa
On Thu, May 24, 2018 at 12:39:13 +0200, Ján Tomko wrote: > Add a new capability flag for vhost-vsock-device > > https://bugzilla.redhat.com/show_bug.cgi?id=1291851 > > Signed-off-by: Ján Tomko > --- ACK signature.asc Description: PGP signature -- libvir-list mailing list libvir-list@redhat.co

Re: [libvirt] [PATCH 3/4] conf: remove 'bootHash' from the post-parse infrastructure

2018-05-29 Thread Ján Tomko
On Tue, May 29, 2018 at 09:27:53AM +0200, Peter Krempa wrote: On Mon, May 28, 2018 at 15:54:04 +0200, Ján Tomko wrote: From: Peter Krempa As the function signature of virDomainDefPostParseInternal does not differ from virDomainDefPostParse now, the wrapper can be dropped. Signed-off-by: Peter

Re: [libvirt] [PATCHv2 6/7] util: create virvsock.c

2018-05-29 Thread Peter Krempa
On Thu, May 24, 2018 at 12:39:14 +0200, Ján Tomko wrote: > A file for vsock-related helper functions. > virVsockSetGuestCid to set an already-known CID, > virVsockAcquireGuestCid that will use the first available CID > > https://bugzilla.redhat.com/show_bug.cgi?id=1291851 > > Signed-off-by: Ján T

Re: [libvirt] [PATCH 07/13] qemu: Add hotpluging support for PCI devices on S390 guests

2018-05-29 Thread Cornelia Huck
On Mon, 28 May 2018 16:26:57 +0800 Xiao Feng Ren wrote: > On 5/25/2018 6:22 PM, Bjoern Walk wrote: > > Cornelia Huck [2018-05-24, 06:25PM +0200]: > >> On Thu, 24 May 2018 14:24:32 +0200 > >> Xiao Feng Ren wrote: > >> > >>> From: Yi Min Zhao > >>> > >>> This commit adds hotplug support for

Re: [libvirt] [PATCHv2 7/7] qemu: add support for vhost-vsock-pci

2018-05-29 Thread Peter Krempa
On Thu, May 24, 2018 at 12:39:15 +0200, Ján Tomko wrote: > Create a new vsock endpoint by opening /dev/vhost-vsock, > set the requested CID via ioctl (or assign a free one if auto='yes'), > pass the file descriptor to QEMU and build the command line. > > https://bugzilla.redhat.com/show_bug.cgi?id

Re: [libvirt] [PATCH v2 1/2] capabilities: Provide info about host IOMMU support

2018-05-29 Thread Erik Skultety
On Sun, May 27, 2018 at 06:29:14PM +0200, Filip Alac wrote: > Fixes: > https://bugzilla.redhat.com/show_bug.cgi?id=967231 > > Signed-off-by: Filip Alac > --- > docs/schemas/capability.rng | 11 +++ > src/conf/capabilities.c | 8 > src/conf/capabilities.h | 5 + >

Re: [libvirt] [PATCH] storage: Remove rwlocks during virStoragePoolObjListForEach

2018-05-29 Thread John Ferlan
ping? This resolves a hang Tks, John On 05/24/2018 03:52 PM, John Ferlan wrote: > Remove the locks since they are unnecessary and would cause > a hang for a driver reload/restart when a transient pool was > previously active as a result of the call: > > virStoragePoolUpdateInactive: > ... >

Re: [libvirt] [PATCH] storage: Add capability to use LUKS encryption for disk backend

2018-05-29 Thread John Ferlan
ping? Tks, John On 05/24/2018 07:50 PM, John Ferlan wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1560946 > > Following the model of the Logical backend, use qemu-img on > the created device to set up for LUKS encryption. > > Signed-off-by: John Ferlan > --- > > works much better wi

Re: [libvirt] [PATCH] storage: Add capability to use LUKS encryption for disk backend

2018-05-29 Thread Peter Krempa
On Thu, May 24, 2018 at 19:50:09 -0400, John Ferlan wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1560946 > > Following the model of the Logical backend, use qemu-img on > the created device to set up for LUKS encryption. > > Signed-off-by: John Ferlan > --- > > works much better with t

[libvirt] [RFC PATCH 2/2] conf: Extend cputune/cachetune to support memory bandwidth allocation

2018-05-29 Thread bing . niu
From: Bing Niu Extend current cachetune section to support memory bandwidth allocation. Add a new cachetune element llc for memory allocation. As the example below: id--- on which last level cache memory bandwidth to be set bandwidth --- the memory ban

[libvirt] [RFC PATCH 1/2] util: Add memory bandwidth support to resctrl

2018-05-29 Thread bing . niu
From: Bing Niu Add memory bandwidth allocation support basing on existing virresctrl implementation. Two new structures virResctrlInfoMB and virResctrlAllocMB are introduced. virResctrlInfoMB is used to record host system MBA supporting information, e.g., minimum bandwidth allowed, bandwidth gra

[libvirt] [RFC PATCH 0/2] Introduce RDT memory bandwidth allocation support

2018-05-29 Thread bing . niu
From: Bing Niu This series is to introduce RDT memory bandwidth allocation support by extending current virresctrl implementation. The Memory Bandwidth Allocation (MBA) feature provides indirect and approximate control over memory bandwidth available per-core. This feature provides a method to

Re: [libvirt] [PATCHv2 3/7] conf: introduce element

2018-05-29 Thread Ján Tomko
On Tue, May 29, 2018 at 10:26:20AM +0200, Peter Krempa wrote: On Thu, May 24, 2018 at 12:39:11 +0200, Ján Tomko wrote: Add a new 'vsock' element for the vsock device. The 'model' attribute is optional. A subelement should be used to specify the guest cid, or should be used. https://bugzilla.r

Re: [libvirt] [PATCH] storage: Add capability to use LUKS encryption for disk backend

2018-05-29 Thread John Ferlan
On 05/29/2018 07:02 AM, Peter Krempa wrote: > On Thu, May 24, 2018 at 19:50:09 -0400, John Ferlan wrote: >> https://bugzilla.redhat.com/show_bug.cgi?id=1560946 >> >> Following the model of the Logical backend, use qemu-img on >> the created device to set up for LUKS encryption. >> >> Signed-off-

Re: [libvirt] [PATCHv2 7/7] qemu: add support for vhost-vsock-pci

2018-05-29 Thread Ján Tomko
On Tue, May 29, 2018 at 11:16:40AM +0200, Peter Krempa wrote: On Thu, May 24, 2018 at 12:39:15 +0200, Ján Tomko wrote: Create a new vsock endpoint by opening /dev/vhost-vsock, set the requested CID via ioctl (or assign a free one if auto='yes'), pass the file descriptor to QEMU and build the com

Re: [libvirt] [PATCH] storage: Remove rwlocks during virStoragePoolObjListForEach

2018-05-29 Thread Michal Privoznik
On 05/24/2018 09:52 PM, John Ferlan wrote: > Remove the locks since they are unnecessary and would cause > a hang for a driver reload/restart when a transient pool was > previously active as a result of the call: > > virStoragePoolUpdateInactive: > ... > if (!virStoragePoolObjGetConfigFile(obj

Re: [libvirt] [PATCHv2 3/7] conf: introduce element

2018-05-29 Thread Peter Krempa
On Tue, May 29, 2018 at 13:36:51 +0200, Ján Tomko wrote: > On Tue, May 29, 2018 at 10:26:20AM +0200, Peter Krempa wrote: > > On Thu, May 24, 2018 at 12:39:11 +0200, Ján Tomko wrote: > > > Add a new 'vsock' element for the vsock device. > > > The 'model' attribute is optional. > > > A subelement sh

Re: [libvirt] [PATCH] storage: Add capability to use LUKS encryption for disk backend

2018-05-29 Thread Peter Krempa
On Tue, May 29, 2018 at 07:49:50 -0400, John Ferlan wrote: > > > On 05/29/2018 07:02 AM, Peter Krempa wrote: > > On Thu, May 24, 2018 at 19:50:09 -0400, John Ferlan wrote: > >> https://bugzilla.redhat.com/show_bug.cgi?id=1560946 > >> > >> Following the model of the Logical backend, use qemu-img o

[libvirt] [PATCH v2] storage: Add capability to use LUKS encryption for disk backend

2018-05-29 Thread John Ferlan
https://bugzilla.redhat.com/show_bug.cgi?id=1560946 Similar to the the Logical backend, use qemu-img on the created disk partition device to set up for LUKS encryption. Secret mgmt for the device can be complicated by a reboot possibly changing the path to the device if the infrastructure changes.

[libvirt] [PATCH v3] qemu: add support for vhost-vsock-pci

2018-05-29 Thread Ján Tomko
Create a new vsock endpoint by opening /dev/vhost-vsock, set the requested CID via ioctl (or assign a free one if auto='yes'), pass the file descriptor to QEMU and build the command line. https://bugzilla.redhat.com/show_bug.cgi?id=1291851 Signed-off-by: Ján Tomko --- Rebased version with all the

Re: [libvirt] [GSoC] Design ideas for implementing cleanup attribute

2018-05-29 Thread Pavel Hrdina
On Mon, May 28, 2018 at 09:40:41PM +0530, Sukrit Bhatnagar wrote: > On 28 May 2018 at 13:54, Pavel Hrdina wrote: > > On Mon, May 28, 2018 at 01:04:28PM +0530, Sukrit Bhatnagar wrote: > >> On 25 May 2018 at 16:20, Pavel Hrdina wrote: > >> > On Fri, May 25, 2018 at 12:06:50PM +0200, Andrea Bolognan

Re: [libvirt] [PATCH v3] qemu: add support for vhost-vsock-pci

2018-05-29 Thread Peter Krempa
On Tue, May 29, 2018 at 14:53:14 +0200, Ján Tomko wrote: > Create a new vsock endpoint by opening /dev/vhost-vsock, > set the requested CID via ioctl (or assign a free one if auto='yes'), > pass the file descriptor to QEMU and build the command line. > > https://bugzilla.redhat.com/show_bug.cgi?id

Re: [libvirt] [PATCH v2] storage: Add capability to use LUKS encryption for disk backend

2018-05-29 Thread Peter Krempa
On Tue, May 29, 2018 at 08:53:06 -0400, John Ferlan wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1560946 > > Similar to the the Logical backend, use qemu-img on the created > disk partition device to set up for LUKS encryption. Secret mgmt > for the device can be complicated by a reboot po

Re: [libvirt] [libvirt-users] virRandomBits - not very random

2018-05-29 Thread Martin Kletzander
On Fri, May 25, 2018 at 09:37:44AM -0500, Eric Blake wrote: On 05/25/2018 09:17 AM, Michal Privoznik wrote: We should probably seed it with data from /dev/urandom, and/or the new Linux getrandom() syscall (or BSD equivalent). I'm not quite sure that right after reboot there's going to be enou

Re: [libvirt] [PATCH 08/10] virrandom: Make virRandomBits better

2018-05-29 Thread Martin Kletzander
On Tue, May 29, 2018 at 10:24:44AM +0200, Michal Privoznik wrote: Now that we have strong PRNG generator implemented in virRandomBytes() let's use that instead of gnulib's random_r. Problem with the latter is in way we seed it: current UNIX time and libvirtd's PID are not that random as one migh

Re: [libvirt] [libvirt-users] virRandomBits - not very random

2018-05-29 Thread Michal Privoznik
On 05/29/2018 03:38 PM, Martin Kletzander wrote: > On Fri, May 25, 2018 at 09:37:44AM -0500, Eric Blake wrote: >> On 05/25/2018 09:17 AM, Michal Privoznik wrote: >> > We should probably seed it with data from /dev/urandom, and/or the new > Linux getrandom() syscall (or BSD equivalent). >>>

Re: [libvirt] [libvirt-users] virRandomBits - not very random

2018-05-29 Thread John Ferlan
On 05/29/2018 09:44 AM, Michal Privoznik wrote: > On 05/29/2018 03:38 PM, Martin Kletzander wrote: >> On Fri, May 25, 2018 at 09:37:44AM -0500, Eric Blake wrote: >>> On 05/25/2018 09:17 AM, Michal Privoznik wrote: >>> >> We should probably seed it with data from /dev/urandom, and/or the new

Re: [libvirt] [PATCH] virtlockd: acquire locks on re-exec

2018-05-29 Thread Matthew Richardson
> Locks held by virtlockd are dropped on re-exec. > > virtlockd 94306 POSIX 5.4G WRITE 0 0 0 /tmp/test.qcow2 > virtlockd 94306 POSIX 5B WRITE 0 0 0 /run/virtlockd.pid > virtlockd 94306 POSIX 5B WRITE 0 0 0 /run/virtlockd.pid > > Acquire locks in PostExecResta

Re: [libvirt] [PATCH 2/2] docs: news: Add entry about iommu_support

2018-05-29 Thread Michal Privoznik
On 05/25/2018 12:39 PM, Filip Alac wrote: > Signed-off-by: Filip Alac > --- > docs/news.xml | 8 > 1 file changed, 8 insertions(+) > > diff --git a/docs/news.xml b/docs/news.xml > index 693d4a373..babf13379 100644 > --- a/docs/news.xml > +++ b/docs/news.xml > @@ -93,6 +93,14 @@ >

Re: [libvirt] [PATCH 1/2] capabilities: Provide info about host IOMMU support

2018-05-29 Thread Michal Privoznik
On 05/25/2018 12:39 PM, Filip Alac wrote: > Fixes: > https://bugzilla.redhat.com/show_bug.cgi?id=967231 > > Signed-off-by: Filip Alac > --- > docs/schemas/capability.rng | 11 +++ > src/conf/capabilities.c | 8 > src/conf/capabilities.h | 5 + > src/libvirt_priv

Re: [libvirt] [PATCH v6 1/9] qemu: provide support to query the SEV capability

2018-05-29 Thread Brijesh Singh
On 05/28/2018 02:25 AM, Erik Skultety wrote: On Wed, May 23, 2018 at 04:18:26PM -0500, Brijesh Singh wrote: QEMU version >= 2.12 provides support for launching an encrypted VMs on AMD x86 platform using Secure Encrypted Virtualization (SEV) feature. This patch adds support to query the SEV ca

Re: [libvirt] [PATCH 00/22] New CPU related APIs

2018-05-29 Thread Jiri Denemark
Hi Chris, > The new hypervisor specific compare and baseline commands seem to depend on > qemuCaps being pre-populated with model data that is specific to a hypervisor > instance. > > How do we make sure the qemuCaps are pre-populated with cpu model data for > any > arbitrary hypervisor (with

Re: [libvirt] [PATCH 00/22] New CPU related APIs

2018-05-29 Thread Collin Walling
On 05/28/2018 03:44 PM, Chris Venteicher wrote: > Quoting Jiri Denemark (2018-05-28 09:19:51) >> On Wed, May 16, 2018 at 10:39:19 +0200, Jiri Denemark wrote: >>> The current virConnectCompareCPU and virConnectBaselineCPU APIs are not >>> very useful because they ignore what a hypervisor can do on t

Re: [libvirt] [PATCH v2] storage: Add capability to use LUKS encryption for disk backend

2018-05-29 Thread John Ferlan
On 05/29/2018 09:34 AM, Peter Krempa wrote: > On Tue, May 29, 2018 at 08:53:06 -0400, John Ferlan wrote: >> https://bugzilla.redhat.com/show_bug.cgi?id=1560946 >> >> Similar to the the Logical backend, use qemu-img on the created >> disk partition device to set up for LUKS encryption. Secret mgm

[libvirt] [PATCH] conf: Introduce align for hostmem-file

2018-05-29 Thread Jie Wang
QEMU has add the 'align' option to 'memory-backend-file'. Expose this option to users by new element align. Signed-off-by: Jie Wang --- docs/formatdomain.html.in | 18 +++ docs/schemas/domaincommon.rng | 7 +++ src/conf/domain_conf.c

Re: [libvirt] [Qemu-devel] [PATCH v7 1/3] qmp: adding 'wakeup-suspend-support' in query-target

2018-05-29 Thread Eduardo Habkost
On Mon, May 28, 2018 at 09:23:54AM +0200, Markus Armbruster wrote: > Eduardo Habkost writes: [...] > > [1] Doing a: > > $ git grep 'STR.*machine, "' > > on libvirt source is enough to find some code demonstrating where > > query-machines is already lacking today: [...] > How can we get from this

Re: [libvirt] [PATCH 1/2] bhyve: add CPU topology support

2018-05-29 Thread Roman Bogorodskiy
Peter Krempa wrote: > On Mon, May 28, 2018 at 20:27:50 +0400, Roman Bogorodskiy wrote: > > Recently, bhyve started supporting specifying guest CPU topology. > > It looks this way: > > > > bhyve -c cpus=C,sockets=S,cores=C,threads=T ... > > > > The old behaviour with bhyve -c C, where C is a

Re: [libvirt] [PATCH] vfio/pci: Default display option to "off"

2018-05-29 Thread Alex Williamson
[Cc +Erik,libvirt] Sorry, should have cc'd libvirt with this initially since display support is under development. I think "off" is the better compatibility option, but perhaps the damage is done since it was the 2.12 default. Thanks, Alex On Tue, 29 May 2018 09:18:10 -0600 Alex Williamson wr

Re: [libvirt] [PATCH v6 0/9] x86: Secure Encrypted Virtualization (AMD)

2018-05-29 Thread Brijesh Singh
On 05/28/2018 05:06 AM, Erik Skultety wrote: On Wed, May 23, 2018 at 04:18:25PM -0500, Brijesh Singh wrote: This patch series provides support for launching an encrypted guest using AMD's new Secure Encrypted Virtualization (SEV) feature. SEV is an extension to the AMD-V architecture which

[libvirt] [PATCH] storage: Add specific check for LUKS encryption support

2018-05-29 Thread John Ferlan
Modify virStorageBackendLogicalLVCreate to ensure if encryption is requested that only type LUKS is supported; otherwise, error. Signed-off-by: John Ferlan --- src/storage/storage_backend_logical.c | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/storage/storage

Re: [libvirt] [PATCH v6 2/9] qemu: introduce SEV feature in hypervisor capabilities

2018-05-29 Thread Brijesh Singh
On 05/28/2018 05:28 AM, Erik Skultety wrote: On Wed, May 23, 2018 at 04:18:27PM -0500, Brijesh Singh wrote: Extend hypervisor capabilities to include sev feature. When available, hypervisor supports launching an encrypted VM on AMD platform. The sev feature tag provides additional details lik

Re: [libvirt] [PATCH v6 3/9] conf: introduce launch-security element in domain

2018-05-29 Thread Brijesh Singh
On 05/28/2018 05:57 AM, Erik Skultety wrote: On Wed, May 23, 2018 at 04:18:28PM -0500, Brijesh Singh wrote: The launch-security element can be used to define the security model to use when launching a domain. Currently we support 'sev'. When 'sev' is used, the VM will be launched with AMD SE

[libvirt] [PATCH v2 1/2] bhyve: add CPU topology support

2018-05-29 Thread Roman Bogorodskiy
Recently, bhyve started supporting specifying guest CPU topology. It looks this way: bhyve -c cpus=C,sockets=S,cores=C,threads=T ... The old behaviour with bhyve -c C, where C is a number of vCPUs, is still supported. So if we have CPU topology in the domain XML, use the new syntax, otherwise

[libvirt] [PATCH v2 2/2] docs: bhyve: document guest CPU topology feature

2018-05-29 Thread Roman Bogorodskiy
Signed-off-by: Roman Bogorodskiy --- docs/drvbhyve.html.in | 16 docs/news.xml | 9 + 2 files changed, 25 insertions(+) diff --git a/docs/drvbhyve.html.in b/docs/drvbhyve.html.in index 5b5513d3df..78a291c6bb 100644 --- a/docs/drvbhyve.html.in +++ b/docs/drvbhyve

[libvirt] [PATCH v2 0/2] bhyve: add CPU topology support

2018-05-29 Thread Roman Bogorodskiy
Changes since v1: - Added a check that nvcpus == sockets * cores * threads and a test for that. Roman Bogorodskiy (2): bhyve: add CPU topology support docs: bhyve: document guest CPU topology feature docs/drvbhyve.html.in | 16 docs/news.xml

[libvirt] Entering freeze for libvirt-4.4.0

2018-05-29 Thread Daniel Veillard
Done, I tagged RC1 in git and pushed shigned tarball and rpms to the usual place: ftp://libvirt.org/libvirt/ This seems to work fine with my limited testing, as usual before a release it would be good to get more testing scope, especially with other OSes and platforms. ci.centos.org see

Re: [libvirt] [PATCH 00/22] New CPU related APIs

2018-05-29 Thread Chris Venteicher
Quoting Jiri Denemark (2018-05-29 09:34:02) > Hi Chris, > > > The new hypervisor specific compare and baseline commands seem to depend on > > qemuCaps being pre-populated with model data that is specific to a > > hypervisor > > instance. > > > > How do we make sure the qemuCaps are pre-populat

Re: [libvirt] [PATCH 01/10] virRandomBytes: Fix return value

2018-05-29 Thread Eric Blake
On 05/29/2018 03:24 AM, Michal Privoznik wrote: In libvirt when a function wants to return an error code it should be a negative value. Returning a positive value (or zero) means success. But virRandomBytes() does not follow this rule. Signed-off-by: Michal Privoznik --- src/util/vircrypto.c

Re: [libvirt] [PATCH 02/10] virCryptoGenerateRandom: rename ret

2018-05-29 Thread Eric Blake
On 05/29/2018 03:24 AM, Michal Privoznik wrote: This function allocates a buffer, fills it in with random bytes and then returns it. However, the buffer is held in @buf variable, therefore having @ret variable which does not hold return value of the function is misleading. Signed-off-by: Michal

Re: [libvirt] [PATCH 00/10] Use better PRNG

2018-05-29 Thread Eric Blake
On 05/29/2018 03:24 AM, Michal Privoznik wrote: This is inspired by bug reported here [1]. Even though Eric suggested calling this Linux syscall when building without gnutls [2] I've decided to not implement it. Firstly, we build with gnuls everywhere (even Windows), secondly I see no appealing r

Re: [libvirt] [PATCH 08/10] virrandom: Make virRandomBits better

2018-05-29 Thread Eric Blake
On 05/29/2018 03:24 AM, Michal Privoznik wrote: Now that we have strong PRNG generator implemented in virRandomBytes() let's use that instead of gnulib's random_r. Problem with the latter is in way we seed it: current UNIX time and libvirtd's PID are not that random as one might think. Imagine t

[libvirt] [RFC 1/4] add macros for implementing automatic cleanup functionality

2018-05-29 Thread Sukrit Bhatnagar
New macros are added to src/util/viralloc.h which help in adding cleanup attribute to variable declarations. Signed-off-by: Sukrit Bhatnagar --- src/util/viralloc.h | 69 + 1 file changed, 69 insertions(+) diff --git a/src/util/viralloc.h b/sr

[libvirt] [RFC 0/4] add automatic cleanup functionality in some files

2018-05-29 Thread Sukrit Bhatnagar
This series of patches aim at augmenting our discussion about the design for implementing the cleanup attribute. A set of macros have been added at the end of viralloc.h A few files have been modified to use the newly created macros. Sukrit Bhatnagar (4): add macros for implementing automatic c

[libvirt] [RFC 3/4] add automatic cleanup support in src/util/virauthconfig.c

2018-05-29 Thread Sukrit Bhatnagar
Modifiy code to use cleanup macros where required. Signed-off-by: Sukrit Bhatnagar --- src/util/virauthconfig.c | 34 -- 1 file changed, 12 insertions(+), 22 deletions(-) diff --git a/src/util/virauthconfig.c b/src/util/virauthconfig.c index 91c9c0c..66f7f7e 1006

[libvirt] [RFC 4/4] add automatic cleanup support in src/util/virauth.c

2018-05-29 Thread Sukrit Bhatnagar
Define a new cleanup function for virAuthConfigPtr in src/util/virauthconfig.h. Modifiy code to use cleanup macros where required. Signed-off-by: Sukrit Bhatnagar --- src/util/virauth.c | 66 ++-- src/util/virauthconfig.h | 3 +++ 2 files change

[libvirt] [RFC 2/4] add automatic cleanup support in src/util/virarptable.c

2018-05-29 Thread Sukrit Bhatnagar
Modifiy code to use cleanup macros where required. Signed-off-by: Sukrit Bhatnagar --- src/util/virarptable.c | 9 ++--- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/src/util/virarptable.c b/src/util/virarptable.c index c0e90dc..f53a479 100644 --- a/src/util/virarptable.c ++

[libvirt] [PATCH] spec: Fix permissions of nwfilter XMLs

2018-05-29 Thread Jiri Denemark
The nwfilter XMLs in /etc are defined as %ghost in the spec file, which means rpm will not install them, but it will record its existence and permissions in the database. During installation the files are copied in a %post scriptlet from /usr/share/libvirt/nwfilter, but once libvirtd is restarted,

Re: [libvirt] [PATCH] virtlockd: acquire locks on re-exec

2018-05-29 Thread Jim Fehlig
On 05/28/2018 04:34 AM, Matthew Richardson wrote: Locks held by virtlockd are dropped on re-exec. virtlockd 94306 POSIX 5.4G WRITE 0 0 0 /tmp/test.qcow2 virtlockd 94306 POSIX 5B WRITE 0 0 0 /run/virtlockd.pid virtlockd 94306 POSIX 5B WRITE 0 0 0 /run/virtl

Re: [libvirt] [PATCH 04/10] virCryptoGenerateRandom: Don't allocate return buffer

2018-05-29 Thread Eric Blake
On 05/29/2018 03:24 AM, Michal Privoznik wrote: To unify our vir*Random() functions we need to make virCryptoGenerateRandom NOT allocate return buffer. It should just fill given buffer with random data. Signed-off-by: Michal Privoznik --- src/qemu/qemu_domain.c | 12 src/util/