Re: [libvirt PATCH] util: don't log error if SRIOV PF has no associated netdev

2021-03-08 Thread Laine Stump
Ahem.. Hello? Is this thing on?? :-) On 3/3/21 3:34 PM, Laine Stump wrote: ping On 2/23/21 10:35 PM, Laine Stump wrote: Some SRIOV PFs don't have a netdev associated with them (the spec apparently doesn't require it). In most cases when libvirt is dealing with an SRIOV VF, that VF must have a

Re: [PATCH] virnetdevbandwidth: Don't generate burst outside of boundaries

2021-03-08 Thread Laine Stump
On 3/5/21 6:11 AM, Michal Privoznik wrote: When generating TC rules for domain's outbound traffic, Libvirt will use the 'average' as the default for 'burst' - it's been this way since the feature introduction in v0.9.4-rc1~22. The reason is that 'average' considers 'burst' for policing. However,

Re: [PATCH] qemu: don't raise error upon interface update without for in coalesce

2021-03-08 Thread Martin Kletzander
On Thu, Mar 04, 2021 at 01:58:17PM +0100, Kristina Hanicova wrote: With this, incomplete XML without for in coalesce won't raise error as before. It will leave the coalesce parameter empty, thanks to passing it as a parameter and return an integer to indicate error state - previously it

Re: [PATCH v3 29/30] vl: QAPIfy -object

2021-03-08 Thread Eric Blake
On 3/8/21 10:54 AM, Kevin Wolf wrote: > This switches the system emulator from a QemuOpts-based parser for > -object to user_creatable_parse_str() which uses a keyval parser and > enforces the QAPI schema. > > Apart from being a cleanup, this makes non-scalar properties accessible. > > This

Re: [PATCH v3 26/30] qemu-img: Use user_creatable_process_cmdline() for --object

2021-03-08 Thread Eric Blake
On 3/8/21 10:54 AM, Kevin Wolf wrote: > This switches qemu-img from a QemuOpts-based parser for --object to > user_creatable_process_cmdline() which uses a keyval parser and enforces > the QAPI schema. > > Apart from being a cleanup, this makes non-scalar properties accessible. > >

Re: [PATCH v3 06/30] qapi/qom: Add ObjectOptions for memory-backend-*

2021-03-08 Thread Eric Blake
On 3/8/21 10:54 AM, Kevin Wolf wrote: > This adds a QAPI schema for the properties of the memory-backend-* > objects. > > HostMemPolicy has to be moved to an include file that can be used by the > storage daemon, too, because ObjectOptions must be the same in all > binaries if we don't want to

Re: [PATCH v3 04/30] qapi/qom: Add ObjectOptions for cryptodev-*

2021-03-08 Thread Eric Blake
On 3/8/21 10:54 AM, Kevin Wolf wrote: > This adds a QAPI schema for the properties of the cryptodev-* objects. > > These interfaces have some questionable aspects (cryptodev-backend is > really an abstract base class without function, and the queues option > only makes sense for

Re: [libvirt PATCH 00/17] qemu: Implement external limit manager feature

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 15:57 +, Daniel P. Berrangé wrote: > On Mon, Mar 08, 2021 at 04:32:26PM +0100, Andrea Bolognani wrote: > > On Mon, 2021-03-08 at 13:17 +, Daniel P. Berrangé wrote: > > > Since you added code to parse existing limits from /proc, I'm wondering > > > if we can just do

[PATCH v3 22/30] qom: Factor out user_creatable_process_cmdline()

2021-03-08 Thread Kevin Wolf
The implementation for --object can be shared between qemu-storage-daemon and other binaries, so move it into a function in qom/object_interfaces.c that is accessible from everywhere. This also requires moving the implementation of qmp_object_add() into a new user_creatable_add_qapi(), because

[PATCH v3 30/30] qom: Drop QemuOpts based interfaces

2021-03-08 Thread Kevin Wolf
user_creatable_add_opts() has only a single user left, which is a test case. Rewrite the test to use user_creatable_add_type() instead (which is the remaining function that doesn't require a QAPI schema) and drop the QemuOpts related functions. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa

[PATCH v3 29/30] vl: QAPIfy -object

2021-03-08 Thread Kevin Wolf
This switches the system emulator from a QemuOpts-based parser for -object to user_creatable_parse_str() which uses a keyval parser and enforces the QAPI schema. Apart from being a cleanup, this makes non-scalar properties accessible. This adopts a similar model as -blockdev uses: When parsing

[PATCH v3 28/30] qom: Add user_creatable_parse_str()

2021-03-08 Thread Kevin Wolf
The system emulator has a more complicated way of handling command line options in that it reorders options before it processes them. This means that parsing object options and creating the object happen at two different points. Split the parsing part into a separate function that can be reused by

[PATCH v3 16/30] qapi/qom: Add ObjectOptions for input-*

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the input-* objects. ui.json cannot be included in qom.json because the storage daemon can't use it, so move GrabToggleKeys to common.json. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/common.json | 12

[PATCH v3 27/30] hmp: QAPIfy object_add

2021-03-08 Thread Kevin Wolf
This switches the HMP command object_add from a QemuOpts-based parser to user_creatable_add_from_str() which uses a keyval parser and enforces the QAPI schema. Apart from being a cleanup, this makes non-scalar properties and help accessible. In order for help to be printed to the monitor instead

[PATCH v3 24/30] qemu-nbd: Use user_creatable_process_cmdline() for --object

2021-03-08 Thread Kevin Wolf
This switches qemu-nbd from a QemuOpts-based parser for --object to user_creatable_process_cmdline() which uses a keyval parser and enforces the QAPI schema. Apart from being a cleanup, this makes non-scalar properties accessible. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by:

[PATCH v3 25/30] qom: Add user_creatable_add_from_str()

2021-03-08 Thread Kevin Wolf
This is a version of user_creatable_process_cmdline() with an Error parameter that never calls exit() and is therefore usable in HMP. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- include/qom/object_interfaces.h | 16 qom/object_interfaces.c

[PATCH v3 26/30] qemu-img: Use user_creatable_process_cmdline() for --object

2021-03-08 Thread Kevin Wolf
This switches qemu-img from a QemuOpts-based parser for --object to user_creatable_process_cmdline() which uses a keyval parser and enforces the QAPI schema. Apart from being a cleanup, this makes non-scalar properties accessible. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa ---

[PATCH v3 23/30] qemu-io: Use user_creatable_process_cmdline() for --object

2021-03-08 Thread Kevin Wolf
This switches qemu-io from a QemuOpts-based parser for --object to user_creatable_process_cmdline() which uses a keyval parser and enforces the QAPI schema. Apart from being a cleanup, this makes non-scalar properties accessible. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by:

[PATCH v3 08/30] qapi/qom: Add ObjectOptions for throttle-group

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the throttle-group object. The only purpose of the x-* properties is to make the nested options in 'limits' available for a command line parser that doesn't support structs. Any parser that will use the QAPI schema will supports structs, though, so

[PATCH v3 21/30] qom: Remove user_creatable_add_dict()

2021-03-08 Thread Kevin Wolf
This function is now unused and can be removed. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- include/qom/object_interfaces.h | 18 -- qom/object_interfaces.c | 32 2 files changed, 50 deletions(-) diff

[PATCH v3 20/30] qemu-storage-daemon: Implement --object with qmp_object_add()

2021-03-08 Thread Kevin Wolf
This QAPIfies --object and ensures that QMP and the command line option behave the same. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- storage-daemon/qemu-storage-daemon.c | 21 ++--- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git

[PATCH v3 19/30] qom: Make "object" QemuOptsList optional

2021-03-08 Thread Kevin Wolf
This code is going away anyway, but for a few more commits, we'll be in a state where some binaries still use QemuOpts and others don't. If the "object" QemuOptsList doesn't even exist, we don't have to remove (or fail to remove, and therefore abort) a user creatable object from it.

[PATCH v3 18/30] qapi/qom: QAPIfy object-add

2021-03-08 Thread Kevin Wolf
This converts object-add from 'gen': false to the ObjectOptions QAPI type. As an immediate benefit, clients can now use QAPI schema introspection for user creatable QOM objects. It is also the first step towards making the QAPI schema the only external interface for the creation of user creatable

[PATCH v3 17/30] qapi/qom: Add ObjectOptions for x-remote-object

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the x-remote-object object. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/qom.json | 20 ++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/qapi/qom.json b/qapi/qom.json index

[PATCH v3 15/30] qapi/qom: Add ObjectOptions for confidential-guest-support

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the objects implementing the confidential-guest-support interface. pef-guest and s390x-pv-guest don't have any properties, so they only need to be added to the ObjectType enum without adding a new branch to ObjectOptions. Signed-off-by: Kevin Wolf

[PATCH v3 14/30] qapi/qom: Add ObjectOptions for pr-manager-helper

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the pr-manager-helper object. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/qom.json | 14 ++ 1 file changed, 14 insertions(+) diff --git a/qapi/qom.json b/qapi/qom.json index 6fe775bd83..6afac9169f

[PATCH v3 13/30] qapi/qom: Add ObjectOptions for filter-*

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the filter-* objects. Some parts of the interface (in particular NetfilterProperties.position) are very unusual for QAPI, but for now just describe the existing interface. net.json can't be included in qom.json because the storage daemon doesn't have

[PATCH v3 12/30] qapi/qom: Add ObjectOptions for colo-compare

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the colo-compare object. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/qom.json | 49 + 1 file changed, 49 insertions(+) diff --git a/qapi/qom.json

[PATCH v3 11/30] qapi/qom: Add ObjectOptions for can-*

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the can-* objects. can-bus doesn't have any properties, so it only needs to be added to the ObjectType enum without adding a new branch to ObjectOptions. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/qom.json |

[PATCH v3 10/30] qapi/qom: Add ObjectOptions for tls-*, deprecate 'loaded'

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the tls-* objects. The 'loaded' property doesn't seem to make sense as an external interface: It is automatically set to true in ucc->complete, and explicitly setting it to true earlier just means that additional options will be silently ignored. In

[PATCH v3 09/30] qapi/qom: Add ObjectOptions for secret*, deprecate 'loaded'

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the secret* objects. The 'loaded' property doesn't seem to make sense as an external interface: It is automatically set to true in ucc->complete, and explicitly setting it to true earlier just means that additional options will be silently ignored.

[PATCH v3 07/30] qapi/qom: Add ObjectOptions for rng-*, deprecate 'opened'

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the rng-* objects. The 'opened' property doesn't seem to make sense as an external interface: It is automatically set to true in ucc->complete, and explicitly setting it to true earlier just means that trying to set additional options will result in

[PATCH v3 06/30] qapi/qom: Add ObjectOptions for memory-backend-*

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the memory-backend-* objects. HostMemPolicy has to be moved to an include file that can be used by the storage daemon, too, because ObjectOptions must be the same in all binaries if we don't want to compile the whole code multiple times.

[PATCH v3 05/30] qapi/qom: Add ObjectOptions for dbus-vmstate

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the dbus-vmstate object. A list represented as a comma separated string is clearly not very QAPI-like, but for now just describe the existing interface. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/qom.json |

[PATCH v3 04/30] qapi/qom: Add ObjectOptions for cryptodev-*

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the cryptodev-* objects. These interfaces have some questionable aspects (cryptodev-backend is really an abstract base class without function, and the queues option only makes sense for cryptodev-vhost-user), but as the goal is to represent the

[PATCH v3 03/30] qapi/qom: Add ObjectOptions for authz-*

2021-03-08 Thread Kevin Wolf
This adds a QAPI schema for the properties of the authz-* objects. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/authz.json | 61 +--- qapi/qom.json| 10 +

[PATCH v3 02/30] qapi/qom: Add ObjectOptions for iothread

2021-03-08 Thread Kevin Wolf
Add an ObjectOptions union that will eventually describe the options of all user creatable object types. As unions can't exist without any branches, also add the first object type. This adds a QAPI schema for the properties of the iothread object. Signed-off-by: Kevin Wolf Acked-by: Peter

[PATCH v3 00/30] qapi/qom: QAPIfy --object and object-add

2021-03-08 Thread Kevin Wolf
This series adds a QAPI type for the properties of all user creatable QOM types and finally makes the --object command line option (in all binaries) and the object-add monitor commands (in QMP and HMP) use the new ObjectOptions union. This change improves things in more than just one way: 1.

[PATCH v3 01/30] qapi/qom: Drop deprecated 'props' from object-add

2021-03-08 Thread Kevin Wolf
The option has been deprecated in QEMU 5.0, remove it. Signed-off-by: Kevin Wolf Acked-by: Peter Krempa Reviewed-by: Eric Blake --- qapi/qom.json| 6 +- docs/system/deprecated.rst | 5 - docs/system/removed-features.rst | 5 + qom/qom-qmp-cmds.c

Re: [PATCH 00/14] deprecations: remove many old deprecations

2021-03-08 Thread Stefan Hajnoczi
On Wed, Feb 24, 2021 at 04:21:13PM +0100, Philippe Mathieu-Daudé wrote: > On 2/24/21 3:38 PM, Peter Maydell wrote: > > On Wed, 24 Feb 2021 at 13:21, Daniel P. Berrangé > > wrote: > >> > >> The following features have been deprecated for well over the 2 > >> release cycle we promise > >> > >>

Re: [libvirt PATCH 00/17] qemu: Implement external limit manager feature

2021-03-08 Thread Daniel P . Berrangé
On Mon, Mar 08, 2021 at 04:32:26PM +0100, Andrea Bolognani wrote: > On Mon, 2021-03-08 at 13:17 +, Daniel P. Berrangé wrote: > > On Mon, Mar 08, 2021 at 02:11:56PM +0100, Andrea Bolognani wrote: > > > The reason why VFIO device assignment is currently not completely > > > broken in KubeVirt is

Re: [libvirt PATCH 00/17] qemu: Implement external limit manager feature

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 13:17 +, Daniel P. Berrangé wrote: > On Mon, Mar 08, 2021 at 02:11:56PM +0100, Andrea Bolognani wrote: > > The reason why VFIO device assignment is currently not completely > > broken in KubeVirt is that, when the QEMU process is initially > > started, we set the memory

Re: [libvirt PATCH 12/17] util: Try to get limits from /proc

2021-03-08 Thread Daniel P . Berrangé
On Mon, Mar 08, 2021 at 04:21:16PM +0100, Andrea Bolognani wrote: > On Mon, 2021-03-08 at 10:50 +, Daniel P. Berrangé wrote: > > On Fri, Mar 05, 2021 at 08:13:59PM +0100, Andrea Bolognani wrote: > > > +if (!(label = virProcessLimitResourceToLabel(resource))) { > > > +

Re: [libvirt PATCH 12/17] util: Try to get limits from /proc

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 10:50 +, Daniel P. Berrangé wrote: > On Fri, Mar 05, 2021 at 08:13:59PM +0100, Andrea Bolognani wrote: > > +if (!(label = virProcessLimitResourceToLabel(resource))) { > > +virReportError(VIR_ERR_INTERNAL_ERROR, > > + _("Unknown resource

Re: [libvirt PATCH 15/17] qemu: Add external_limit_manager config knob

2021-03-08 Thread Michal Privoznik
On 3/8/21 11:52 AM, Daniel P. Berrangé wrote: On Fri, Mar 05, 2021 at 08:14:02PM +0100, Andrea Bolognani wrote: This will be useful when libvirtd is running in a containerized environment with limited capabilities, and in order to make things like VFIO device assignment still work an external

Re: [PATCH v2 00/12] qemu: Prepare for QAPIfied object-add

2021-03-08 Thread Peter Krempa
On Wed, Feb 24, 2021 at 16:57:54 +0100, Peter Krempa wrote: > QEMU plans to QAPIfy object add. This series prepares for the API change > (drop of 'props' wrapper for the object) and adds testing based on our > qemuxml2argv test data which forces the output to JSON and validates it > agains the

Re: [libvirt PATCH 12/17] util: Try to get limits from /proc

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 11:30 +0100, Michal Privoznik wrote: > On 3/5/21 8:13 PM, Andrea Bolognani wrote: > > +if (!STRPREFIX(line, label)) > > +continue; > > + > > +line += strlen(label); > > Or if (!(line = STRSKIP(line, label)) continue; Oh, I didn't know that

[PATCH v1] tests: Adjust libxlxml2domconfigtest to work with Xen < 4.8

2021-03-08 Thread Olaf Hering
Commit fcdc387410fadfb066b95395c5b5d2a6a16f7066 used a libxl API which is only available since Xen 4.8. Due to lack of a specific guard for this API change, reuse another guard from libxl.h. Signed-off-by: Olaf Hering --- tests/libxlxml2domconfigtest.c | 6 ++ 1 file changed, 6

Re: [libvirt PATCH 11/17] tests: Mock virProcessGetMaxMemLock()

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 11:31 +0100, Michal Privoznik wrote: > On 3/5/21 8:13 PM, Andrea Bolognani wrote: > > +int > > +virProcessGetMaxMemLock(pid_t pid G_GNUC_UNUSED, unsigned long long *bytes > > G_GNUC_UNUSED) > > Ehm, probably coffee hadn't kicked in? Because I can see @bytes used .. > > >

Re: [libvirt PATCH 02/17] util: Simplify stubs

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 11:31 +0100, Michal Privoznik wrote: > On 3/5/21 8:13 PM, Andrea Bolognani wrote: > > Calling a stub should always result in ENOSYS being raised, > > regardless of what arguments are passed to it. > > > > Signed-off-by: Andrea Bolognani > > --- > > src/util/virprocess.c |

Re: [libvirt PATCH 00/17] qemu: Implement external limit manager feature

2021-03-08 Thread Daniel P . Berrangé
On Mon, Mar 08, 2021 at 02:11:56PM +0100, Andrea Bolognani wrote: > On Mon, 2021-03-08 at 10:54 +, Daniel P. Berrangé wrote: > > On Fri, Mar 05, 2021 at 08:13:47PM +0100, Andrea Bolognani wrote: > > > This feature has been requested by KubeVirt developers and will make > > > it possible for

Re: [libvirt PATCH 00/17] qemu: Implement external limit manager feature

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 10:54 +, Daniel P. Berrangé wrote: > On Fri, Mar 05, 2021 at 08:13:47PM +0100, Andrea Bolognani wrote: > > This feature has been requested by KubeVirt developers and will make > > it possible for them to make some VFIO-related features, such as > > migration and hotplug,

Re: [libvirt PATCH 2/2] docs: stop mentioning insecure / broken SASL mechanisms

2021-03-08 Thread Erik Skultety
... > > +**Note:** the SASL ``passwd.db`` file stores passwords in clear text, so > +care should be taken not to let its contents be disclosed to unauthorized > +users. Can we make ^hits all bold to make it more visible? Reviewed-by: Erik Skultety

Re: [libvirt PATCH 1/2] docs: convert auth page into RST format

2021-03-08 Thread Erik Skultety
On Thu, Mar 04, 2021 at 06:10:12PM +, Daniel P. Berrangé wrote: > Signed-off-by: Daniel P. Berrangé > --- > docs/auth.html.in | 368 -- > docs/auth.rst | 350 +++ > docs/meson.build | 2 +- > 3 files

Re: [libvirt PATCH 15/17] qemu: Add external_limit_manager config knob

2021-03-08 Thread Daniel P . Berrangé
On Mon, Mar 08, 2021 at 01:56:15PM +0100, Andrea Bolognani wrote: > On Mon, 2021-03-08 at 10:52 +, Daniel P. Berrangé wrote: > > On Fri, Mar 05, 2021 at 08:14:02PM +0100, Andrea Bolognani wrote: > > > +# If enabled, libvirt will not attempt to change process limits (as > > > +# configured with

Re: [libvirt PATCH 15/17] qemu: Add external_limit_manager config knob

2021-03-08 Thread Andrea Bolognani
On Mon, 2021-03-08 at 10:52 +, Daniel P. Berrangé wrote: > On Fri, Mar 05, 2021 at 08:14:02PM +0100, Andrea Bolognani wrote: > > +# If enabled, libvirt will not attempt to change process limits (as > > +# configured with the max_processes, max_files and max_core settings > > +# below) itself

Re: [PATCH v2 1/3] fdc: Drop deprecated floppy configuration

2021-03-08 Thread Daniel P . Berrangé
On Fri, Mar 05, 2021 at 09:06:45AM +0100, Markus Armbruster wrote: > Markus Armbruster writes: > > > Daniel P. Berrangé writes: > > > >> On Thu, Mar 04, 2021 at 11:00:57AM +0100, Markus Armbruster wrote: > >>> Drop the crap deprecated in commit 4a27a638e7 "fdc: Deprecate > >>> configuring

Re: [libvirt PATCH 0/2] docs: less docs for insecure SASL mechanisms

2021-03-08 Thread Daniel P . Berrangé
On Mon, Mar 08, 2021 at 12:00:03PM +0100, Erik Skultety wrote: > On Mon, Mar 08, 2021 at 10:41:55AM +, Daniel P. Berrangé wrote: > > On Fri, Mar 05, 2021 at 08:02:49AM +0100, Erik Skultety wrote: > > > On Thu, Mar 04, 2021 at 06:10:11PM +, Daniel P. Berrangé wrote: > > > > GSSAPI and

Re: [libvirt PATCH 0/2] docs: less docs for insecure SASL mechanisms

2021-03-08 Thread Erik Skultety
On Mon, Mar 08, 2021 at 10:41:55AM +, Daniel P. Berrangé wrote: > On Fri, Mar 05, 2021 at 08:02:49AM +0100, Erik Skultety wrote: > > On Thu, Mar 04, 2021 at 06:10:11PM +, Daniel P. Berrangé wrote: > > > GSSAPI and SCRAM-SHA-256 are the only two SASL mechanisms we > > > especially want

Re: [PATCH] virDevMapperGetTargetsImpl: Use correct length when copying into dm.name

2021-03-08 Thread Daniel P . Berrangé
On Mon, Mar 08, 2021 at 09:14:18AM +0100, Michal Privoznik wrote: > For reasons unknown, when rewriting this code and dropping > libdevmapper I've mistakenly used incorrect length of dm.name. In > linux/dm-ioctl.h the dm_ioctl struct is defined as follows: > > #define DM_NAME_LEN 128 > >

Re: [libvirt PATCH 00/17] qemu: Implement external limit manager feature

2021-03-08 Thread Daniel P . Berrangé
On Fri, Mar 05, 2021 at 08:13:47PM +0100, Andrea Bolognani wrote: > This feature has been requested by KubeVirt developers and will make > it possible for them to make some VFIO-related features, such as > migration and hotplug, work correctly. > >

Re: [libvirt PATCH 15/17] qemu: Add external_limit_manager config knob

2021-03-08 Thread Daniel P . Berrangé
On Fri, Mar 05, 2021 at 08:14:02PM +0100, Andrea Bolognani wrote: > This will be useful when libvirtd is running in a containerized > environment with limited capabilities, and in order to make > things like VFIO device assignment still work an external > privileged process changes the limits from

Re: [libvirt PATCH 12/17] util: Try to get limits from /proc

2021-03-08 Thread Daniel P . Berrangé
On Fri, Mar 05, 2021 at 08:13:59PM +0100, Andrea Bolognani wrote: > Calling prlimit() requires elevated privileges, specifically > CAP_SYS_RESOURCE, and getrlimit() only works for the current > process which is too limiting for our needs; /proc/$pid/limits, > on the other hand, can be read by any

Re: [libvirt PATCH 0/2] docs: less docs for insecure SASL mechanisms

2021-03-08 Thread Daniel P . Berrangé
On Fri, Mar 05, 2021 at 08:02:49AM +0100, Erik Skultety wrote: > On Thu, Mar 04, 2021 at 06:10:11PM +, Daniel P. Berrangé wrote: > > GSSAPI and SCRAM-SHA-256 are the only two SASL mechanisms we > > especially want people to be using. Even the latter is a little > > questionable due to storing

Re: [libvirt PATCH 02/17] util: Simplify stubs

2021-03-08 Thread Michal Privoznik
On 3/5/21 8:13 PM, Andrea Bolognani wrote: Calling a stub should always result in ENOSYS being raised, regardless of what arguments are passed to it. Signed-off-by: Andrea Bolognani --- src/util/virprocess.c | 22 ++ 1 file changed, 6 insertions(+), 16 deletions(-)

Re: [libvirt PATCH 11/17] tests: Mock virProcessGetMaxMemLock()

2021-03-08 Thread Michal Privoznik
On 3/5/21 8:13 PM, Andrea Bolognani wrote: Up until now we've implicitly relied on the fact that failures reported from this function were simply ignored, but that's about to change and so we need a proper mock. Signed-off-by: Andrea Bolognani --- src/util/virprocess.h | 2 +-

Re: [libvirt PATCH 12/17] util: Try to get limits from /proc

2021-03-08 Thread Michal Privoznik
On 3/5/21 8:13 PM, Andrea Bolognani wrote: Calling prlimit() requires elevated privileges, specifically CAP_SYS_RESOURCE, and getrlimit() only works for the current process which is too limiting for our needs; /proc/$pid/limits, on the other hand, can be read by any process, so implement parsing

Re: [libvirt PATCH 04/17] util: Introduce virProcess{Get,Set}Limit()

2021-03-08 Thread Michal Privoznik
On 3/5/21 8:13 PM, Andrea Bolognani wrote: These functions abstract part of the existing logic, which is the same in all virProcessSetMax*() functions, and changes it so that which underlying syscall is used depends on their availability rather than on the context in which they are called: since

Re: [libvirt PATCH 16/17] qemu: Wire up external limit manager

2021-03-08 Thread Michal Privoznik
On 3/5/21 8:14 PM, Andrea Bolognani wrote: When the config knob is enabled, we simply skip the part where limits are set; for the memory locking limit, which can change dynamically over the lifetime of the guest, we still make sure that the external process has set it correctly and error out if

Re: [libvirt PATCH 00/17] qemu: Implement external limit manager feature

2021-03-08 Thread Michal Privoznik
On 3/5/21 8:13 PM, Andrea Bolognani wrote: This feature has been requested by KubeVirt developers and will make it possible for them to make some VFIO-related features, such as migration and hotplug, work correctly. https://bugzilla.redhat.com/show_bug.cgi?id=1916346 The first part of the

Re: [libvirt PATCH 15/17] qemu: Add external_limit_manager config knob

2021-03-08 Thread Michal Privoznik
On 3/5/21 8:14 PM, Andrea Bolognani wrote: This will be useful when libvirtd is running in a containerized environment with limited capabilities, and in order to make things like VFIO device assignment still work an external privileged process changes the limits from outside of the container.

[PATCH] virDevMapperGetTargetsImpl: Use correct length when copying into dm.name

2021-03-08 Thread Michal Privoznik
For reasons unknown, when rewriting this code and dropping libdevmapper I've mistakenly used incorrect length of dm.name. In linux/dm-ioctl.h the dm_ioctl struct is defined as follows: #define DM_NAME_LEN 128 struct dm_ioctl { ... char name[DM_NAME_LEN]; /* device name */ ...