> From: "Daniel P. Berrangé"
> To: Motohiro Kawahito
> Cc: libvir-list@redhat.com
> Date: 2021/07/16 00:42
> Subject: [EXTERNAL] Re: Question about skipping
virDomainDiskDefAssignAddress
>
> With the exception of paravirtualized Xen guests, this field in
> libvirt XML is *completely*
TDX guest requires some special parameters to boot, They are:
"-machine q35-*"
"pic=no"
"kernel_irqchip=split"
Signed-off-by: Zhenzhong Duan
---
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_validate.c | 11 +++
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git
When 'tdx' is used, the VM will launched with Intel TDX feature enabled.
TDX feature supports running encrypted VM (Trust Domain, TD) under the
control of KVM. A TD runs in a CPU model which protects the
confidentiality of its memory and its CPU state from other software
There is a child element
QEMU_CAPS_TDX_GUEST set means TDX supported with this qemu.
Signed-off-by: Chenyi Qiang
Signed-off-by: Zhenzhong Duan
---
src/qemu/qemu_capabilities.c | 2 ++
src/qemu/qemu_capabilities.h | 1 +
2 files changed, 3 insertions(+)
diff --git a/src/qemu/qemu_capabilities.c
Implement TDX check in order to generate domain feature capability
correctly in case the availability of the feature changed.
For INTEL TDX the verification is:
- checking if /sys/firmware/tdx_seam/vendor_id contains the
value "0x8086": meaning TDX is enabled in the host kernel.
Add a firmware descriptor support for TDVF, then libvirt can
auto match TDVF fimware with td-guest.
Signed-off-by: Zhenzhong Duan
---
docs/schemas/domaincommon.rng | 1 +
src/qemu/qemu_capabilities.c | 2 +
src/qemu/qemu_firmware.c | 101 +-
Intel TDX requires a general loader to hold its firmware TDVF.
Add new loader type VIR_DOMAIN_LOADER_TYPE_GENERIC and
VIR_DOMAIN_OS_DEF_FIRMWARE_GENERIC to support this feature.
XML looks like:
/path/to/TDVF-binary
Qemu command line looks like:
$QEMU ... \
-device
Extend qemu TDX capability to domain capabilities.
Signed-off-by: Chenyi Qiang
Signed-off-by: Zhenzhong Duan
---
docs/formatdomaincaps.html.in | 17 +
docs/schemas/domaincaps.rng| 9 +
src/conf/domain_capabilities.c | 1 +
src/conf/domain_capabilities.h | 1 +
QEMU will provides 'tdx-guest' object which is used to launch encrypted
VMs on Intel platform using TDX feature. A typical TDX guest launch
command line looks like:
$QEMU ... \
-object tdx-guest,id=tdx0,debug=on \
-machine q35,confidential-guest-support=tdx0,kvm-type=tdx
Signed-off-by:
Thanks Peter, Pavel and Daniel's comments on v1 version, now the v2 comes.
* What's TDX?
TDX stands for Trust Domain Extensions which isolates VMs from
the virtual-machine manager (VMM)/hypervisor and any other software on
the platform.
To support TDX, multiple software components, not only KVM
The XML parser (or verifier) in libvirt seems to support only Linux device
names for a disk, such as hda, sda and vda.
Can anyone let us know how libvirt supports disk device names for
non-Linux VMs?
We are developing a new hypervisor driver for a non-Linux VM, which uses a
different device
> -Original Message-
> From: Pavel Hrdina
> Sent: Wednesday, July 7, 2021 5:48 PM
> To: Huang, Haibin
> Cc: libvir-list@redhat.com; Ding, Jian-feng ; Yang,
> Lin A ; Lu, Lianhao
> Subject: Re: [libvirt][PATCH v4 0/4] Support query and use SGX
>
> On Thu, Jul 01, 2021 at 08:10:25PM
Hi Michal,
Thanks for your reply.
> On 7/15/21 8:18 AM, Yi Wang wrote:
> > From: Long YunJian
> >
> > If fscanf execute failed, qemuGetProcessInfo shuld return -1,
> > but it return 0 at the end. Zero means success for the caller,
> > so we shuld return -1 in the case of failure.
> >
...
> >
sysconfig files are owned by the admin of the host. He has the liberty
to put anything he wants into these files. This makes it difficult to
provide different defaults.
Remove the sysconfig file and place the current desired default into
the service file.
Local customizations can now go either
On Fri, Jul 16, 2021 at 12:28:42AM +0900, Motohiro Kawahito wrote:
> Hi, is there any existing way for skipping virDomainDiskDefAssignAddress
> for disk configuration?
>
> I want to send the following XML to libvirt, but I got the error
> "virDomainDiskDefAssignAddress:7642 : XML error: Unknown
Hi, is there any existing way for skipping virDomainDiskDefAssignAddress
for disk configuration?
I want to send the following XML to libvirt, but I got the error
"virDomainDiskDefAssignAddress:7642 : XML error: Unknown disk name '0A80'
and no address specified".
According to the
On 7/7/21 11:29 PM, Jonathon Jongsma wrote:
Allow the tree view with --all so that we can see all inactive mdevs in
a tree structure nested under their parent devices.
Signed-off-by: Jonathon Jongsma
Reviewed-by: Shalini Chellathurai Saroja
--
Kind regards
Shalini Chellathurai Saroja
On 7/7/21 11:29 PM, Jonathon Jongsma wrote:
Inactive mdevs were simply formatting their parent name as the value
received from mdevctl rather than looking up the libvirt nodedev name of
the parent device. This resulted in a parent value of e.g.
':5b:00.0' instead of 'pci__5b_00_0'.
On 2021/7/14 22:17, Michal Prívozník wrote:
> On 7/14/21 2:28 PM, Yang Fei wrote:
>> Add helper function virGetCpuHaltPollTime and virGetDebugFsKvmValue
>> to obtain the halt polling time. If system mount debugfs, and the
>> kernel support halt polling time statistic, it will work.
>>
>>
On 2021/7/14 22:17, Michal Prívozník wrote:
> On 7/14/21 2:28 PM, Yang Fei wrote:
>> This function is used to obtain the halt polling time. The kernel
>> provides statistics about haltpollsuccess.time and
>> haltpollfail.time. We add it in domstats, so that we can use
>> command 'virsh domstats
On 2021/7/14 22:17, Michal Prívozník wrote:
> On 7/14/21 2:28 PM, Yang Fei wrote:
>> Move virGetCgroupValueRaw from vircgroup.c, so that we can call
>> it more appropriately at any where. And change it to a more
>> generic name virGetValueRaw.
>> Replace virGetCgroupValueRaw by virGetValueRaw
On 7/15/21 2:04 PM, Martin Kletzander wrote:
Some whitespaces were wrong and one debug message was confusing to newcomers.
Martin Kletzander (2):
util: Make one debug message nicer
whitespace clean-ups
docs/schemas/capability.rng| 10 +-
On 7/15/21 2:16 PM, Martin Kletzander wrote:
On Wed, Jul 14, 2021 at 06:40:57PM +0200, Boris Fiuczynski wrote:
Commit e9b534905f4 introduced an error when parsing an empty list
returned from mdevctl.
This occurs e.g. if nodedev-undefine is used to undefine the last
defined mdev which cuases
On 7/14/21 6:40 PM, Boris Fiuczynski wrote:
Commit e9b534905f4 introduced an error when parsing an empty list
returned from mdevctl.
This occurs e.g. if nodedev-undefine is used to undefine the last
defined mdev which cuases the following error messages
libvirtd[33143]: internal error:
On 7/15/21 2:18 PM, Kristina Hanicova wrote:
> virt-manager needs to know if memfd memory source type is supported in
> order to use virtiofs.
>
> Regarding:
> https://listman.redhat.com/archives/virt-tools-list/2021-July/msg0.html
>
> Kristina Hanicova (2):
> conf: domcaps: Report
>
On Thu, Jul 15, 2021 at 02:04:22PM +0200, Martin Kletzander wrote:
> Some whitespaces were wrong and one debug message was confusing to newcomers.
>
> Martin Kletzander (2):
> util: Make one debug message nicer
> whitespace clean-ups
Reviewed-by: Andrea Bolognani
--
Andrea Bolognani / Red
We need to report via domcapabilities if specifying shared memory
is supported without hugepages or numa config in order to find
out if domain has suitable setup to make virtiofs work.
The solution is to report source types of memory backing to
determine if memfd is a valid option.
Signed-off-by:
Signed-off-by: Kristina Hanicova
---
src/qemu/qemu_capabilities.c | 22 +++
src/qemu/qemu_capabilities.h | 3 +++
.../domaincapsdata/qemu_2.11.0-q35.x86_64.xml | 6 +
.../domaincapsdata/qemu_2.11.0-tcg.x86_64.xml | 6 +
virt-manager needs to know if memfd memory source type is supported in
order to use virtiofs.
Regarding:
https://listman.redhat.com/archives/virt-tools-list/2021-July/msg0.html
Kristina Hanicova (2):
conf: domcaps: Report
qemu: capabilities: fill in domcaps
On Wed, Jul 14, 2021 at 06:40:57PM +0200, Boris Fiuczynski wrote:
Commit e9b534905f4 introduced an error when parsing an empty list
returned from mdevctl.
This occurs e.g. if nodedev-undefine is used to undefine the last
defined mdev which cuases the following error messages
causes
This was bothering someone as the debug message looked like there was an issue
despite it being just a debug message. Change it to what is actually happening
and why the name is being skipped.
Signed-off-by: Martin Kletzander
---
src/util/virresctrl.c | 2 +-
1 file changed, 1 insertion(+), 1
Some whitespaces were wrong and one debug message was confusing to newcomers.
Martin Kletzander (2):
util: Make one debug message nicer
whitespace clean-ups
docs/schemas/capability.rng| 10 +-
src/conf/capabilities.c| 2 +-
Signed-off-by: Martin Kletzander
---
docs/schemas/capability.rng| 10 +-
src/conf/capabilities.c| 2 +-
src/util/virresctrl.c | 2 +-
.../vircaps-x86_64-resctrl-fake-feature.xml| 4
On 7/15/21 8:18 AM, Yi Wang wrote:
> From: Long YunJian
>
> If fscanf execute failed, qemuGetProcessInfo shuld return -1,
> but it return 0 at the end. Zero means success for the caller,
> so we shuld return -1 in the case of failure.
>
> Signed-off-by: Long YunJian
> Signed-off-by: Yi Wang
>
On Wed, Jul 14, 2021 at 05:30:26PM +0100, Daniel P. Berrangé wrote:
> All the python packages got renamed from py37- to py38-
>
> Signed-off-by: Daniel P. Berrangé
> ---
> ci/cirrus/freebsd-12.vars | 4 ++--
> ci/cirrus/freebsd-13.vars | 4 ++--
> ci/cirrus/freebsd-current.vars | 4
On 7/14/21 4:46 PM, Kristina Hanicova wrote:
> This is v2 of:
> https://listman.redhat.com/archives/libvir-list/2021-July/msg00129.html
>
> Changes since v1 (suggested by Michal and Jano):
> * change of int variable to one-word bool
> * isolate changes outside of qemu to separate patch
> *
On 7/14/21 6:30 PM, Daniel P. Berrangé wrote:
> All the python packages got renamed from py37- to py38-
>
> Signed-off-by: Daniel P. Berrangé
> ---
> ci/cirrus/freebsd-12.vars | 4 ++--
> ci/cirrus/freebsd-13.vars | 4 ++--
> ci/cirrus/freebsd-current.vars | 4 ++--
>
On 7/14/21 4:46 PM, Kristina Hanicova wrote:
> If the attempt to attach a device failed, we erased the
> unattached device from the namespace. This resulted in erasing an
> already attached device in case of a duplicate. We need to check
> for existing file in the namespace in order to determine
On 7/14/21 4:46 PM, Kristina Hanicova wrote:
> Signed-off-by: Kristina Hanicova
> ---
> src/qemu/qemu_namespace.c | 16 +---
> 1 file changed, 13 insertions(+), 3 deletions(-)
>
> diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
> index 98495e8ef8..eb048a2faa
From: Lin Yang
1024
---
docs/schemas/domaincommon.rng | 62 +---
src/conf/domain_conf.c| 128 ++
src/conf/domain_conf.h| 10 +++
src/conf/virconftypes.h | 3 +
4 files changed, 149 insertions(+), 54 deletions(-)
1.Add SGX feature in domain capabilities
2.Get sgx capabilities by query-sgx-capabilities
3.Transfer the B to KB for epc_size
4.Delete sgx1 and sgx2
Signed-off-by: Haibin Huang
---
docs/schemas/domaincaps.rng| 20 +
src/conf/domain_capabilities.c | 29 +++
Signed-off-by: Haibin Huang
---
.../launch-security-sgx.xml | 20 ++
tests/genericxml2xmltest.c| 1 +
.../launch-security-sgx.x86_64-5.1.0.args | 40 +++
.../qemuxml2argvdata/launch-security-sgx.xml | 34
Signed-off-by: Haibin Huang
---
docs/formatdomain.rst | 28 +++-
1 file changed, 27 insertions(+), 1 deletion(-)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 218f0c1718..d7319133ac 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@
This patch series provides support for enabling Intel's Software Guard
Extensions (SGX) feature in guest VM.
Giving the SGX support in QEMU is still pending for reviewing, this
patch series is not submmited for code review, but only describe the
SGX enabling solution design that contains
From: Lin Yang
According to the result parsing from xml, add the argument of
SGX EPC memory backend into QEMU command line:
-object memory-backend-epc,id=mem1,size=K,prealloc \
-sgx-epc id=epc1,memdev=mem1
---
src/qemu/qemu_command.c | 23 +++
1 file changed, 23
From: Long YunJian
If fscanf execute failed, qemuGetProcessInfo shuld return -1,
but it return 0 at the end. Zero means success for the caller,
so we shuld return -1 in the case of failure.
Signed-off-by: Long YunJian
Signed-off-by: Yi Wang
---
src/qemu/qemu_driver.c | 8 ++--
1 file
46 matches
Mail list logo
