[PATCH 0/2] Improve the validation for queues and queue_size

Han Han (2): conf/domain_validate.c: Improve the err for queue validation conf/domain_validate: Validate the disk queue_size src/conf/domain_validate.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) -- 2.41.0

[PATCH 1/2] conf/domain_validate.c: Improve the err for queue validation

Queues is supported by virtio bus, including virtio-blk and vhost-user-blk. Signed-off-by: Han Han --- src/conf/domain_validate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 16bf3b559f..e835ad33ad 100644 ---

[PATCH 2/2] conf/domain_validate: Validate the disk queue_size

Signed-off-by: Han Han --- src/conf/domain_validate.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index e835ad33ad..ad383b604e 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -788,6 +788,12 @@

[libvirt PATCH v6 09/36] qemu: query nbdkit module dir from binary

Rather than hard-coding the nbdkit module directory, query the nbdkit binary for the location to these directories. nbdkit provides a --dump-config optiont that outputs this information and can be easily parsed. We can also get the version from this output rather than executing `nbdkit --version`

[libvirt PATCH v6 29/36] schema: add configuration for host verification of ssh disks

In order to make ssh disks usable, we need to be able to validate a remote host. To do this, add a xml element for ssh disks to allow the user to specify a location for a file that contains known host keys. Implementation to follow. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa ---

[libvirt PATCH v6 02/36] qemu: Add functions for determining nbdkit availability

In future commits, we will optionally use nbdkit to serve some remote disk sources. This patch queries to see whether nbdkit is installed on the host and queries it for capabilities. The data will be used in later commits. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa ---

[libvirt PATCH v6 32/36] qemu: implement keyfile auth for ssh disks with nbdkit

For ssh disks that are served by nbdkit, we can support logging in with an ssh key file. Pass the path to the configured key file and the username to the nbdkit process. Signed-off-by: Jonathon Jongsma --- src/conf/domain_conf.c| 32 ++

[libvirt PATCH v6 07/36] qemu: use file cache for nbdkit caps

Add the virFileCache implementation for nbdkit capabilities to the qemu driver. This allows us to determine whether nbdkit is installed and which plugins are supported. it also has persistent caching and the capabilities are re-queried whenever something changes. Signed-off-by: Jonathon Jongsma

[libvirt PATCH v6 24/36] qemu: add test for authenticating a https network disk

Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- tests/qemunbdkitdata/disk-network-source-curl.args.disk1 | 4 +++- .../disk-network-source-curl.args.disk1.pipe.780 | 2 +- .../disk-network-source-curl.args.disk1.pipe.782 | 1 +

[libvirt PATCH v6 31/36] schema: add keyfile configuration for ssh disks

Authenticating via key file to an ssh server is often preferable to logging in via password. In order to support this functionality add a new xml element for ssh disks that allows the user to specify a keyfile and username. Example configuration: ... ...

[libvirt PATCH v6 20/36] qemu: pass sensitive data to nbdkit via pipe

Rather than passing passwords and cookies (which could contain passwords) to nbdkit via commandline arguments, use the alternate format that nbdkit supports where we can specify a file descriptor which nbdkit will read to get the password or cookies. Signed-off-by: Jonathon Jongsma Reviewed-by:

[libvirt PATCH v6 28/36] qemu: implement password auth for ssh disks with nbdkit

For ssh disks that are served by nbdkit, lookup the password from the configured secret and securely pass it to the nbdkit process using fd passing. Signed-off-by: Jonathon Jongsma --- src/qemu/qemu_nbdkit.c| 87 ++-

[libvirt PATCH v6 30/36] qemu: implement knownHosts for ssh disks with nbdkit

For ssh disks that are served by nbdkit, use the configured value for knownHosts and pass it to the nbdkit process. Signed-off-by: Jonathon Jongsma --- src/conf/domain_conf.c| 8 ++ src/conf/storage_source_conf.c| 1 + src/conf/storage_source_conf.h

[libvirt PATCH v6 13/36] qemu: Extract qemuDomainLogContext into a new file

This will allow us to use it for nbdkit logging in upcoming commits. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- po/POTFILES| 1 + src/qemu/meson.build | 1 + src/qemu/qemu_domain.c | 247 ++ src/qemu/qemu_domain.h

[libvirt PATCH v6 04/36] util: Allow virFileCache data to be any GObject

Since the libvirt documentation suggests to prefer GObject over virObject, and since virObject is a GObject, change virFileCache to allow GObjects as data. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/util/virfilecache.c | 14 -- src/util/virfilecache.h | 2 +-

[libvirt PATCH v6 18/36] qemu: include nbdkit state in private xml

Add xml to the private data for a disk source to represent the nbdkit process so that the state can be re-created if the libvirt daemon is restarted. Format: /path/to/nbdkit.pid /path/to/nbdkit.socket Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa ---

[libvirt PATCH v6 21/36] qemu: use nbdkit to serve network disks if available

For virStorageSource objects that contain an nbdkitProcess, start that nbdkit process to serve that network drive and then pass the nbdkit socket to qemu rather than sending the network url to qemu directly. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_block.c

[libvirt PATCH v6 11/36] qemu: remove unused 'mode' param from qemuDomainLogContextNew()

The only use of this function always passes QEMU_DOMAIN_LOG_CONTEXT_MODE_START. The other enum values are never used anywhere in the code. Remove them. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_domain.c | 26 +++--- src/qemu/qemu_domain.h

[libvirt PATCH v6 22/36] util: make virCommandSetSendBuffer testable

Add a private function to peek at the list of send buffers in virCommand so that it is testable Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/libvirt_private.syms | 1 + src/util/vircommand.c | 17 + src/util/vircommand.h | 8

[libvirt PATCH v6 36/36] rpm: update spec file for for nbdkit support

Require libnbd-devel when building the qemu driver, recommend nbdkit packages. Signed-off-by: Jonathon Jongsma --- libvirt.spec.in | 8 1 file changed, 8 insertions(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index 1f77cd90b7..616087e849 100644 --- a/libvirt.spec.in +++

[libvirt PATCH v6 26/36] qemu: try to connect to nbdkit early to detect errors

When using nbdkit to serve a network disk source, the nbdkit process will start and wait for an nbd connection before actually attempting to connect to the (remote) disk location. Because of this, nbdkit will not report an error until after qemu is launched and tries to read from the disk. This

[libvirt PATCH v6 05/36] qemu: implement basic virFileCache for nbdkit caps

Preparatory step for caching nbdkit capabilities. This patch implements the newData and isValid virFileCacheHandlers callback functions. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_nbdkit.c | 89 +- src/qemu/qemu_nbdkit.h

[libvirt PATCH v6 33/36] schema: add ssh-agent configuration for ssh disks

Add the ability to specify a path to a ssh-agent socket in order to use the ssh-agent to authenticate to remote ssh disks. Example configuration: ... ... Signed-off-by: Jonathon Jongsma --- docs/formatdomain.rst | 13

[libvirt PATCH v6 35/36] run: add ability to set selinux context

When running libvirt from the build directory with the 'run' script, it will run as unconfined_t. This can result in unexpected behavior when selinux is enforcing due to the fact that the selinux policies are written assuming that libvirt is running with the system_u:system_r:virtd_t context. This

[libvirt PATCH v6 25/36] qemu: Monitor nbdkit process for exit

Adds the ability to monitor the nbdkit process so that we can take action in case the child exits unexpectedly. When the nbdkit process exits, we pause the vm, restart nbdkit, and then resume the vm. This allows the vm to continue working in the event of a nbdkit failure. Eventually we may want

[libvirt PATCH v6 34/36] qemu: implement ssh-agent auth for ssh disks with nbdkit

It's not possible to use password-protected ssh keys directly with libvirt because libvirt doesn't have any way to prompt a user for the password. To accomodate password-protected key files, an administrator can add these keys to an ssh agent and then configure the domain with the path to the

[libvirt PATCH v6 27/36] schema: add password configuration for ssh disk

Right now, ssh network disks are not usable. There is some basic support in libvirt that is meant to support disk chains that have backing disks located at ssh urls, but there is no real way for a user to configure a ssh-based disk. This commit allows users to configure an ssh disk with password

[libvirt PATCH v6 17/36] qemu: split qemuDomainSecretStorageSourcePrepare

This prepares encryption secrets and authentication secrets. When we add nbdkit-backed network storage sources, we will not need to send authentication secrets to qemu, since they will be sent to nbdkit instead. So split this into two different functions. Signed-off-by: Jonathon Jongsma

[libvirt PATCH v6 00/36] Use nbdkit for http/ftp/ssh network drives in libvirt

This is the sixth version of this patch series. See https://bugzilla.redhat.com/show_bug.cgi?id=2016527 for more information about the goal, but the summary is that RHEL does not want to ship the qemu storage plugins for curl and ssh. Handling them outside of the qemu process provides several

[libvirt PATCH v6 15/36] qemu: log error output from nbdkit

log stderr and stdout from nbdkit into its own log so that nbdkit-related issues can be debugged more easily. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_nbdkit.c | 16 +++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git

[libvirt PATCH v6 19/36] util: secure erase virCommand send buffers

All users of virCommandSetSendBuffer() are using it to send sensitive data to a child process. So, since these buffers contain sensitive information, clear it with virSecureErase(). Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/util/vircommand.c | 2 ++ 1 file changed, 2

[libvirt PATCH v6 16/36] tests: add ability to test various nbdkit capabilities

Add new DO_TEST_CAPS_LATEST_NBDKIT macro to test xml2argv for various nbdkit capability scenarios. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_nbdkit.c | 20 +--- tests/qemuxml2argvtest.c | 11 +++ tests/testutilsqemu.c| 26

[libvirt PATCH v6 10/36] qemu: add functions to start and stop nbdkit

Add some helper functions to build a virCommand object and run the nbdkit process for a given virStorageSource. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_nbdkit.c | 250 + src/qemu/qemu_nbdkit.h | 10 ++ 2 files

[libvirt PATCH v6 03/36] qemu: expand nbdkit capabilities

In order to add caching of the nbdkit capabilities, we will need to compare against file modification times, etc. So look up this information when creating the nbdkit caps. Add a nbdkit_moddir build option to allow the builder to specify the location to look for nbdkit plugins and filters.

[libvirt PATCH v6 08/36] qemu: Add qemuNbdkitProcess

An object for storing information about a nbdkit process that is serving a specific virStorageSource. At the moment, this information is just stored in the private data of virStorageSource and not used at all. Future commits will use this data to actually start a nbdkit process. Signed-off-by:

[libvirt PATCH v6 23/36] tests: add tests for nbdkit invocation

We were testing the arguments that were being passed to qemu when a disk was being served by nbdkit, but the arguments used to start nbdkit itself were not testable. This adds a test to ensure that we're invoking nbdkit correctly for various disk source definitions. Signed-off-by: Jonathon

[libvirt PATCH v6 14/36] qemu: move qemuProcessReadLog() to qemuLogContext

This code can be used by the nbdkit implementation for reading back filtered log data for error reporting. Move it to qemuLogContext so that it can be shared. Renamed to qemuLogContextReadFiltered(). Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_logcontext.c | 65

[libvirt PATCH v6 06/36] qemu: implement persistent file cache for nbdkit caps

Implement the loadFile and saveFile virFileCacheHandlers callbacks so that nbdkit capabilities are cached perstistently across daemon restarts. The format and implementation is modeled on the qemu capabilities, but simplified slightly. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa

[libvirt PATCH v6 12/36] Generalize qemuDomainLogContextNew()

Allow to specify a basename for the log file so that qemuDomainLogContextNew() can be used to create log contexts for secondary loggers. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/qemu/qemu_domain.c | 5 +++-- src/qemu/qemu_domain.h | 3 ++- src/qemu/qemu_process.c | 2

[libvirt PATCH v6 01/36] schema: allow 'ssh' as a protocol for network disks

There was support in the code for parsing protocol='ssh' on network disk sources, but it was not present in the xml schema. Add this to the schema. Signed-off-by: Jonathon Jongsma Reviewed-by: Peter Krempa --- src/conf/schemas/domaincommon.rng | 1 + tests/qemublocktest.c

[PATCH RFC 2/4] rpm: use %{qemu_sysemu_host_arches}

This macros reflects the architectures on which QEMU system emulators are built. Signed-off-by: Daniel P. Berrangé --- libvirt.spec.in | 27 ++- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 73a8faae6e..641ff179e7

[PATCH RFC 1/4] rpm: boilerplate to pull in qemu-srpm-macros

This package provides a few RPM macros that describe the capabilities of the QEMU build in the distro. Signed-off-by: Daniel P. Berrangé --- libvirt.spec.in | 9 + 1 file changed, 9 insertions(+) diff --git a/libvirt.spec.in b/libvirt.spec.in index 1f77cd90b7..73a8faae6e 100644 ---

[PATCH RFC 4/4] rpm: use %{qemu_sysemu_tcg_non_native}

This macro reflects whether the QEMU build enables TCG for non-native architectures. Signed-off-by: Daniel P. Berrangé --- libvirt.spec.in | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index e520def44b..e1692c7712 100644 ---

[PATCH RFC 0/4] rely on QEMU provided macros for some QEMU feature selection

We currently have various features in the RPMs selected based on what the QEMU RPM has built. If the QEMU RPM changes, then libvirt needs to change to match which is an undesirable situation. Forthcoming upstream QEMU changes will involve corresponding Fedora downstream changes. eg removal of

[PATCH RFC 3/4] rpm: use %{qemu_sysemu_kvm_arches}

This macro reflects the architectures on which KVM is available with the distro QEMU build. Signed-off-by: Daniel P. Berrangé --- libvirt.spec.in | 14 +- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index 641ff179e7..e520def44b

Re: [libvirt PATCH 0/8] rpm: Fix handling of systemd units

On Fri, Jul 14, 2023 at 05:20:16PM +0100, Daniel P. Berrangé wrote: > > > If we at least start the discussion, we can get feedback on whether the > > > idea is likely to gain traction, or there are other things we have > > > overlooked > > > > I can open an issue on the systemd side pointing to

[PATCH v2] docs: Mention vhostuser for queues and queue_size

These two attributes are supported for vhost-user-blk as well. Signed-off-by: Han Han --- Update the supported version of the queues attribute of vhost-user-blk v1: https://listman.redhat.com/archives/libvir-list/2023-July/240836.html docs/formatdomain.rst | 5 +++-- 1 file changed, 3

Re: [PATCH] storage: zfs: Use 'zfs list' to check pool status

On 7/17/23 10:58, Peter Krempa wrote: > On Mon, Jul 03, 2023 at 16:53:28 -0600, Matt Low wrote: >> The current virtStorageBackendZFSCheckPool checks for the existence of a >> path under /dev/zvol/ to determine if the pool is active. ZFS does not >> create a path under /dev/zvol/ if no ZFS volumes

Re: [PATCH] docs: Mention vhostuser for queues and queue_size

On Thu, Jul 20, 2023 at 2:56 PM Michal Prívozník wrote: > On 7/20/23 08:22, Han Han wrote: > > These two attributes are supported for vhost-user-blk as well. > > > > Signed-off-by: Han Han > > --- > > docs/formatdomain.rst | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > >

Re: [PATCH Libvirt v2 1/3] conf: Add 'virtio_discard' and 'virtio_write_zeroes' attributes

I'm sorry for the late reply, we have discussed your point of view and agree with the point, so we stop pursuing this patchset unless we find a persuasive scene that needs to disable these features. Thank Peter for the explanation of the main objection. :) Yong On Wed, Jul 19, 2023 at 6:17 PM

Re: [PATCH] docs: Mention vhostuser for queues and queue_size

On 7/20/23 08:22, Han Han wrote: > These two attributes are supported for vhost-user-blk as well. > > Signed-off-by: Han Han > --- > docs/formatdomain.rst | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst > index

[PATCH] docs: Mention vhostuser for queues and queue_size

These two attributes are supported for vhost-user-blk as well. Signed-off-by: Han Han --- docs/formatdomain.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 4af0b82569..447ab32c01 100644 --- a/docs/formatdomain.rst