[libvirt PATCH v2 31/31] NEWS: document support for external snapshot deletion

2023-01-05 Thread Pavel Hrdina
Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- NEWS.rst | 6 ++ 1 file changed, 6 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index 39f508a6ce..fecca64344 100644 --- a/NEWS.rst +++ b/NEWS.rst @@ -17,6 +17,12 @@ v9.0.0 (unreleased) * **New features** + * QEMU: implement e

[libvirt PATCH v2 25/31] qemu_snapshot: implement deletion of external snapshot

2023-01-05 Thread Pavel Hrdina
When deleting snapshot we are starting block-commit job over all disks that are part of the snapshot. This operation may fail as it writes data changes to the backing qcow2 image so we need to wait for all the disks to finish the operation and wait for correct signal from QEMU. If deleting active

[libvirt PATCH v2 16/31] qemu_snapshot: rework snapshot children deletion

2023-01-05 Thread Pavel Hrdina
This simplifies the code a bit by reusing existing parts that deletes a single snapshot. The drawback of this change is that we will now call the re-parent bits to keep the metadata in sync for every child even though it will get deleted as well. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Kr

[libvirt PATCH v2 20/31] qemu_snapshot: introduce qemuSnapshotDeleteValidate function

2023-01-05 Thread Pavel Hrdina
Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_snapshot.c | 42 ++-- 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c index 3051e5c8df..cb4e0dcb78 100644 --- a/src/qemu

[libvirt PATCH v2 22/31] qemu_snapshot: error out when deleting internal snapshot on non-active disk

2023-01-05 Thread Pavel Hrdina
Deleting internal snapshot when the currently active disk image is different than where the internal snapshot was taken doesn't work correctly. This applies to a running VM only as we are using QMP command and talking to the QEMU process that is using different disk. This works correctly when the

[libvirt PATCH v2 21/31] qemu_snapshot: refactor validation of snapshot delete

2023-01-05 Thread Pavel Hrdina
Prepare the validation function for external snapshot delete support. There is one exception when deleting `children-only` snapshots. If the snapshot tree is like this example: snap1 (external) | +- snap2 (internal) | +- snap3 (internal) |

[libvirt PATCH v2 19/31] qemu_snapshot: introduce qemuSnapshotDiscardMetadata

2023-01-05 Thread Pavel Hrdina
Extract the code deleting external snapshot metadata to separate function. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_snapshot.c | 88 +++- 1 file changed, 50 insertions(+), 38 deletions(-) diff --git a/src/qemu/qemu_snapshot.c b

[libvirt PATCH v2 12/31] storage_source: introduce virStorageSourceChainLookupBySource

2023-01-05 Thread Pavel Hrdina
Looks up disk storage source within storage source chain using storage source object instead of path to make it work with all disk types. Signed-off-by: Pavel Hrdina --- src/libvirt_private.syms | 1 + src/storage_file/storage_source.c | 39 +++ src/storage_

[libvirt PATCH v2 15/31] qemu_snapshot: introduce qemuSnapshotDeleteChildren

2023-01-05 Thread Pavel Hrdina
Extract code that deletes children of specific snapshot to separate function. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_snapshot.c | 109 --- 1 file changed, 68 insertions(+), 41 deletions(-) diff --git a/src/qemu/qemu_snapshot.

[libvirt PATCH v2 13/31] qemu_snapshot: refactor qemuSnapshotDelete

2023-01-05 Thread Pavel Hrdina
Move code around to make it clear what is called when deleting single snapshot or children snapshots. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_snapshot.c | 37 - 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/sr

[libvirt PATCH v2 14/31] qemu_snapshot: introduce qemuSnapshotDeleteSingle

2023-01-05 Thread Pavel Hrdina
Extract code that deletes single snapshot to separate function. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_snapshot.c | 47 ++-- 1 file changed, 31 insertions(+), 16 deletions(-) diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/q

[libvirt PATCH v2 07/31] qemu_monitor_json: allow configuring autofinalize for block commit

2023-01-05 Thread Pavel Hrdina
Deleting external snapshots will require configuring autofinalize to synchronize the block jobs for disks withing single snapshot in order to be able safely abort of one of the jobs fails. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_block.c| 3 ++- src/qemu/q

[libvirt PATCH v2 08/31] qemu_block: allow configuring autofinalize for block commit

2023-01-05 Thread Pavel Hrdina
External snapshots will use this to synchronize qemu block jobs. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_block.c | 9 - src/qemu/qemu_block.h | 1 + src/qemu/qemu_driver.c | 3 ++- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/src/qemu

[libvirt PATCH v2 17/31] qemu_snapshot: move snapshot discard out of qemu_domain.c

2023-01-05 Thread Pavel Hrdina
Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_domain.c | 95 +-- src/qemu/qemu_domain.h | 9 src/qemu/qemu_driver.c | 2 +- src/qemu/qemu_snapshot.c | 96 +++- src/qemu/qemu_snapshot.h

[libvirt PATCH v2 11/31] qemu_blockjob: process QEMU_MONITOR_JOB_STATUS_PENDING signal

2023-01-05 Thread Pavel Hrdina
QEMU emits this signal when the job finished its work and is about to be finalized. If the job is started with autofinalize disabled the job waits for user input to finalize the job. This will be used by snapshot delete code. Signed-off-by: Pavel Hrdina --- src/qemu/qemu_backup.c | 1 + src/

[libvirt PATCH v2 05/31] qemu_block: add async domain job support to qemuBlockPivot

2023-01-05 Thread Pavel Hrdina
This will allow to use it while having async domain job active which we will use when deleting external snapshots. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_block.c | 4 +++- src/qemu/qemu_block.h | 1 + src/qemu/qemu_driver.c | 2 +- 3 files changed, 5 insertion

[libvirt PATCH v2 01/31] libvirt: introduce VIR_DOMAIN_JOB_OPERATION_SNAPSHOT_DELETE

2023-01-05 Thread Pavel Hrdina
This will be used by snapshot delete async domain job. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- include/libvirt/libvirt-domain.h | 1 + tools/virsh-domain.c | 1 + 2 files changed, 2 insertions(+) diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libv

[libvirt PATCH v2 09/31] qemu_block: introduce qemuBlockFinalize

2023-01-05 Thread Pavel Hrdina
Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_block.c | 32 src/qemu/qemu_block.h | 5 + 2 files changed, 37 insertions(+) diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c index da3a1e8557..70811aa861 100644 --- a/src/qem

[libvirt PATCH v2 04/31] qemu_block: add async domain job support to qemuBlockCommit

2023-01-05 Thread Pavel Hrdina
This will allow to use it while having async domain job active which we will use when deleting external snapshots. At the same time we will need to have the block job started as synchronous. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_block.c | 23 ++

[libvirt PATCH v2 03/31] qemu_block: move qemuDomainBlockPivot out of qemu_driver

2023-01-05 Thread Pavel Hrdina
Move the code for finishing a job in the ready state to qemu_block.c. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa --- src/qemu/qemu_block.c | 121 src/qemu/qemu_block.h | 5 ++ src/qemu/qemu_driver.c | 123 +-

[libvirt PATCH v2 06/31] qemu_monitor: introduce qemuMonitorJobFinalize

2023-01-05 Thread Pavel Hrdina
Upcoming snapshot deletion code will require that multiple commit jobs are finished in sync. To allow aborting then if one fails we will need to use manual finalization of the jobs. This commit implements the monitor code for `job-finalize`. Signed-off-by: Pavel Hrdina Reviewed-by: Peter Krempa

[libvirt PATCH v2 02/31] qemu_block: extract block commit code to separate function

2023-01-05 Thread Pavel Hrdina
Signed-off-by: Pavel Hrdina --- src/qemu/qemu_block.c | 177 + src/qemu/qemu_block.h | 9 +++ src/qemu/qemu_driver.c | 162 + 3 files changed, 187 insertions(+), 161 deletions(-) diff --git a/src/qemu/qemu_block.c b/

[libvirt PATCH v2 00/31] introduce external snapshot delete support

2023-01-05 Thread Pavel Hrdina
This implements virDomainSnapshotDelete API to support external snapshots. The support doesn't include flags VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN and VIR_DOMAIN_SNAPSHOT_DELETE_CHILDREN_ONLY as it would add more complexity and IMHO these flags should not existed at all. Gitlab repo with the patches

Re: [libvirt PATCH v2 1/1] qemu: fix vcpu clearing when multiple vcpu hotunplugs timeout

2022-11-22 Thread Peter Krempa
On Thu, Nov 17, 2022 at 21:39:58 +0530, Shaleen Bathla wrote: > ping Sorry I was sick so didn't get to this until now. > On Fri, Nov 11, 2022 at 02:54:38PM +0530, Shaleen Bathla wrote: > > Problem: > > libvirt has a 5 second timeout (generally) for hotplug/unplug > > operations which can time out

Re: [libvirt PATCH v2 1/1] qemu: fix vcpu clearing when multiple vcpu hotunplugs timeout

2022-11-17 Thread Shaleen Bathla
ping On Fri, Nov 11, 2022 at 02:54:38PM +0530, Shaleen Bathla wrote: > Problem: > libvirt has a 5 second timeout (generally) for hotplug/unplug > operations which can time out due to heavy load in guest. > > vcpu hotunplug occurs one vcpu at a time. > But, if we perform hotplug-unplug repeatedly,

[libvirt PATCH v2 1/1] qemu: fix vcpu clearing when multiple vcpu hotunplugs timeout

2022-11-11 Thread Shaleen Bathla
Problem: libvirt has a 5 second timeout (generally) for hotplug/unplug operations which can time out due to heavy load in guest. vcpu hotunplug occurs one vcpu at a time. But, if we perform hotplug-unplug repeatedly, Case 1: qemu sends multiple timedout vcpu unplug notification before libvirt proc

Re: [libvirt PATCH v2 03/24] cpu: make x86 feature alias names machine readable

2022-11-03 Thread Daniel P . Berrangé
On Thu, Nov 03, 2022 at 04:21:34PM +0100, Tim Wiederhake wrote: > On Mon, 2022-10-31 at 09:38 +, Daniel P. Berrangé wrote: > > On Fri, Oct 28, 2022 at 05:06:34PM +0200, Tim Wiederhake wrote: > > > Signed-off-by: Tim Wiederhake > > > Reviewed-by: Jiri Denemark > > > --- > > >  src/cpu_map/x86_

Re: [libvirt PATCH v2 02/24] cpu_x86: Ignore alias names

2022-11-03 Thread Tim Wiederhake
On Mon, 2022-10-31 at 09:36 +, Daniel P. Berrangé wrote: > On Fri, Oct 28, 2022 at 05:06:33PM +0200, Tim Wiederhake wrote: > > A later patch will add alias names to the feature map. Ignore them > > for now. > > > > Signed-off-by: Tim Wiederhake > > Reviewed-by: Jiri Denemark > > --- > >  src

Re: [libvirt PATCH v2 03/24] cpu: make x86 feature alias names machine readable

2022-11-03 Thread Tim Wiederhake
On Mon, 2022-10-31 at 09:38 +, Daniel P. Berrangé wrote: > On Fri, Oct 28, 2022 at 05:06:34PM +0200, Tim Wiederhake wrote: > > Signed-off-by: Tim Wiederhake > > Reviewed-by: Jiri Denemark > > --- > >  src/cpu_map/x86_features.xml | 55 +--- > > > >  1 file chan

Re: [libvirt PATCH v2 03/24] cpu: make x86 feature alias names machine readable

2022-10-31 Thread Jiri Denemark
On Mon, Oct 31, 2022 at 09:38:13 +, Daniel P. Berrangé wrote: > On Fri, Oct 28, 2022 at 05:06:34PM +0200, Tim Wiederhake wrote: > > Signed-off-by: Tim Wiederhake > > Reviewed-by: Jiri Denemark > > --- > > src/cpu_map/x86_features.xml | 55 +--- > > 1 file chan

Re: [libvirt PATCH v2 03/24] cpu: make x86 feature alias names machine readable

2022-10-31 Thread Daniel P . Berrangé
On Fri, Oct 28, 2022 at 05:06:34PM +0200, Tim Wiederhake wrote: > Signed-off-by: Tim Wiederhake > Reviewed-by: Jiri Denemark > --- > src/cpu_map/x86_features.xml | 55 +--- > 1 file changed, 38 insertions(+), 17 deletions(-) > > diff --git a/src/cpu_map/x86_featu

Re: [libvirt PATCH v2 02/24] cpu_x86: Ignore alias names

2022-10-31 Thread Daniel P . Berrangé
On Fri, Oct 28, 2022 at 05:06:33PM +0200, Tim Wiederhake wrote: > A later patch will add alias names to the feature map. Ignore them for now. > > Signed-off-by: Tim Wiederhake > Reviewed-by: Jiri Denemark > --- > src/cpu/cpu_x86.c | 10 -- > 1 file changed, 8 insertions(+), 2 deletions(

[libvirt PATCH v2 03/24] cpu: make x86 feature alias names machine readable

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 55 +--- 1 file changed, 38 insertions(+), 17 deletions(-) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 4cf3ff0804..90d0f43fc6 100644 ---

[libvirt PATCH v2 18/24] cpu_map: Add missing x86 feature "tsx-ldtrk"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index fd4d34bc78..c00308268e 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x8

[libvirt PATCH v2 24/24] cpu_map: Add missing x86 feature "vgif"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ tests/cputestdata/x86_64-cpuid-EPYC-7502-32-Core-disabled.xml | 2 +- tests/cputestdata/x86_64-cpuid-EPYC-7502-32-Core-guest.xml | 1 + tests/cputestdata/x86_

[libvirt PATCH v2 19/24] cpu_map: Add missing x86 feature "arch-lbr"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index c00308268e..c017b8ca3d 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x8

[libvirt PATCH v2 17/24] cpu_map: Add missing x86 feature "serialize"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 0db2c6a995..fd4d34bc78 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x8

[libvirt PATCH v2 14/24] cpu_map: Add missing x86 feature "pks"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml | 1 + tests/domaincapsd

[libvirt PATCH v2 20/24] cpu_map: Add missing x86 feature "xfd"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index c017b8ca3d..4bbd096f71 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x8

[libvirt PATCH v2 16/24] cpu_map: Add missing x86 feature "avx512-fp16"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 194a414fdd..0db2c6a995 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x8

[libvirt PATCH v2 23/24] cpu_map: Add missing x86 feature "v-vmsave-vmload"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ tests/cputestdata/x86_64-cpuid-EPYC-7502-32-Core-disabled.xml | 2 +- tests/cputestdata/x86_64-cpuid-EPYC-7502-32-Core-guest.xml | 1 + tests/cputestdata/x86_

[libvirt PATCH v2 21/24] cpu_map: Add missing x86 feature "intel-pt-lip"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 5 + tests/cputestdata/x86_64-cpuid-Atom-P5362-disabled.xml | 1 + tests/cputestdata/x86_64-cpuid-Atom-P5362-guest.xml| 1 + tests/cputestdata/x86_64-cpuid-Atom-P5362-hos

[libvirt PATCH v2 13/24] cpu_map: Add missing x86 feature "bus-lock-detect"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 7275ceb097..f3c503c42e 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x8

[libvirt PATCH v2 07/24] cpu_map: Add missing x86 feature "sgx"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml| 3 +++ tests/cputestdata/x86_64-cpuid-Core-i7-7600U-disabled.xml | 2 +- tests/cputestdata/x86_64-cpuid-Core-i7-7600U-guest.xml | 1 + tests/cputestdata/x86_64-cpuid-

[libvirt PATCH v2 11/24] cpu_map: Add missing x86 feature "sgx2"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index bdada7757d..273812a5d0 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x86_features.xml @@ -414,6 +41

[libvirt PATCH v2 15/24] cpu_map: Add missing x86 feature "avx512-vp2intersect"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 4d77f4e595..194a414fdd 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x8

[libvirt PATCH v2 08/24] cpu_map: Add missing x86 feature "sgxlc"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml| 3 +++ tests/cputestdata/x86_64-cpuid-Core-i7-8700-disabled.xml| 2 +- tests/cputestdata/x86_64-cpuid-Core-i7-8700-guest.xml | 1 + tests/cputestdata/x86_64-cpuid-

[libvirt PATCH v2 22/24] cpu_map: Add missing x86 feature "avic"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 3 +++ tests/cputestdata/x86_64-cpuid-EPYC-7502-32-Core-disabled.xml | 2 +- tests/cputestdata/x86_64-cpuid-EPYC-7502-32-Core-guest.xml | 1 + tests/cputestdata/x86_

[libvirt PATCH v2 06/24] cpu_map: Add missing x86 feature alias names

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 5 + 1 file changed, 5 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 90d0f43fc6..5f17255a56 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/

[libvirt PATCH v2 09/24] cpu_map: Add missing x86 feature "sgx-exinfo"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 5 + 1 file changed, 5 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index c89bc2d112..5b9e61a3d0 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/

[libvirt PATCH v2 02/24] cpu_x86: Ignore alias names

2022-10-28 Thread Tim Wiederhake
A later patch will add alias names to the feature map. Ignore them for now. Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu/cpu_x86.c | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c index 4d2379803c..d2560

[libvirt PATCH v2 12/24] cpu_map: Add missing x86 features "sgx-..."

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/x86_features.xml | 17 + 1 file changed, 17 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 273812a5d0..7275ceb097 100644 --- a/src/cpu_map/x86_features.xml +++

[libvirt PATCH v2 10/24] cpu_map: Add missing x86 feature "sgx1"

2022-10-28 Thread Tim Wiederhake
Signed-off-by: Tim Wiederhake --- src/cpu_map/x86_features.xml | 4 1 file changed, 4 insertions(+) diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml index 5b9e61a3d0..bdada7757d 100644 --- a/src/cpu_map/x86_features.xml +++ b/src/cpu_map/x86_features.xml @@ -411,6 +4

[libvirt PATCH v2 05/24] cpu_map: Rename sync_qemu_i386.py

2022-10-28 Thread Tim Wiederhake
This makes the naming more consistent beween the two scripts synching the feature list and the model list. Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- src/cpu_map/{sync_qemu_i386.py => sync_qemu_models_i386.py} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename src/cp

[libvirt PATCH v2 00/24] Synchronize x86 cpu features from qemu

2022-10-28 Thread Tim Wiederhake
V1: https://listman.redhat.com/archives/libvir-list/2022-October/235007.html Changes since V1: * Fixed register for features "sgx1" and "sgx2". Double checked all other features, just to be sure. * Addes missing help message in sync_qemu_i386_features.py. * Merged all eax=0x12 ecx=0x01 features

[libvirt PATCH v2 04/24] cpu_map: Add script to sync from QEMU i386 cpu features

2022-10-28 Thread Tim Wiederhake
This script is intended to help in synchronizing i386 QEMU cpu feature definitions with libvirt. QEMU's attribute list for the "max-x86_64-cpu" contains non-cpu-feature items and needs to be filtered before being useful. Signed-off-by: Tim Wiederhake --- src/cpu_map/sync_qemu_features_i386.py |

[libvirt PATCH v2 01/24] cpu-data.py: Allow for more than child in feature nodes

2022-10-28 Thread Tim Wiederhake
cpu-data.py assumes that all "feature" nodes have exactly one child. This assumption will no longer be true when the cpumap includes alias- names for features. Signed-off-by: Tim Wiederhake Reviewed-by: Jiri Denemark --- tests/cputestdata/cpu-data.py | 11 +++ 1 file changed, 7 insertio

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread Dov Murik
On 26/10/2022 15:51, Daniel P. Berrangé wrote: > On Wed, Oct 26, 2022 at 03:34:00PM +0300, Dov Murik wrote: >> >> >> On 26/10/2022 12:59, Daniel P. Berrangé wrote: >>> On Tue, Oct 25, 2022 at 07:38:43PM -0400, Cole Robinson wrote: On 10/19/22 6:17 AM, Daniel P. Berrangé wrote: [...] >>> R

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread Daniel P . Berrangé
On Wed, Oct 26, 2022 at 03:47:12PM +0300, Dov Murik wrote: > > > On 19/10/2022 13:17, berrange at redhat.com (Daniel P. Berrangé) wrote: > > It is possible to build OVMF for SEV with an embedded Grub that can > > fetch LUKS disk secrets. This adds support for injecting secrets in > > the required

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread Dov Murik
On 19/10/2022 13:17, berrange at redhat.com (Daniel P. Berrangé) wrote: > It is possible to build OVMF for SEV with an embedded Grub that can > fetch LUKS disk secrets. This adds support for injecting secrets in > the required format. > > Signed-off-by: Daniel P. Berrang? > --- > docs/manpage

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread Daniel P . Berrangé
On Wed, Oct 26, 2022 at 08:52:24AM -0400, James Bottomley wrote: > On Wed, 2022-10-26 at 10:59 +0100, Daniel P. Berrangé wrote: > > On Tue, Oct 25, 2022 at 07:38:43PM -0400, Cole Robinson wrote: > > > > > > This bytes([0]) NUL byte ends up in the efi_secret /sys path. > > > Dropping > > > it doesn

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread James Bottomley
On Wed, 2022-10-26 at 10:59 +0100, Daniel P. Berrangé wrote: > On Tue, Oct 25, 2022 at 07:38:43PM -0400, Cole Robinson wrote: > > On 10/19/22 6:17 AM, Daniel P. Berrangé wrote: > > > It is possible to build OVMF for SEV with an embedded Grub that > > > can fetch LUKS disk secrets. This adds support

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread Daniel P . Berrangé
On Wed, Oct 26, 2022 at 03:34:00PM +0300, Dov Murik wrote: > > > On 26/10/2022 12:59, Daniel P. Berrangé wrote: > > On Tue, Oct 25, 2022 at 07:38:43PM -0400, Cole Robinson wrote: > >> On 10/19/22 6:17 AM, Daniel P. Berrangé wrote: > >>> It is possible to build OVMF for SEV with an embedded Grub t

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread Dov Murik
On 26/10/2022 12:59, Daniel P. Berrangé wrote: > On Tue, Oct 25, 2022 at 07:38:43PM -0400, Cole Robinson wrote: >> On 10/19/22 6:17 AM, Daniel P. Berrangé wrote: >>> It is possible to build OVMF for SEV with an embedded Grub that can >>> fetch LUKS disk secrets. This adds support for injecting s

Re: [libvirt PATCH v2 04/12] tools: support validating SEV direct kernel boot measurements

2022-10-26 Thread Daniel P . Berrangé
On Wed, Oct 26, 2022 at 02:57:33PM +0300, Dov Murik wrote: > (sorry in advance for missing CCs, I tried to download the mbox from > https://listman.redhat.com/archives/libvir-list/ but it doesn't include > the To and Cc lines of the messages.) > > > On 19/10/2022 13:17, berrange at redhat.com (Da

Re: [libvirt PATCH v2 04/12] tools: support validating SEV direct kernel boot measurements

2022-10-26 Thread Dov Murik
(sorry in advance for missing CCs, I tried to download the mbox from https://listman.redhat.com/archives/libvir-list/ but it doesn't include the To and Cc lines of the messages.) On 19/10/2022 13:17, berrange at redhat.com (Daniel P. Berrangé) wrote: > When doing direct kernel boot we need to inc

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-26 Thread Daniel P . Berrangé
On Tue, Oct 25, 2022 at 07:38:43PM -0400, Cole Robinson wrote: > On 10/19/22 6:17 AM, Daniel P. Berrangé wrote: > > It is possible to build OVMF for SEV with an embedded Grub that can > > fetch LUKS disk secrets. This adds support for injecting secrets in > > the required format. > > > > Signed-of

Re: [libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-25 Thread Cole Robinson
On 10/19/22 6:17 AM, Daniel P. Berrangé wrote: > It is possible to build OVMF for SEV with an embedded Grub that can > fetch LUKS disk secrets. This adds support for injecting secrets in > the required format. > > Signed-off-by: Daniel P. Berrangé > --- > diff --git a/tools/virt-qemu-sev-validat

Re: [libvirt PATCH v2 00/12] tools: provide virt-qemu-sev-validate for SEV(-ES) launch attestation

2022-10-25 Thread Cole Robinson
On 10/19/22 6:17 AM, Daniel P. Berrangé wrote: > The libvirt QEMU driver provides all the functionality required for > launching a guest on AMD SEV(-ES) platforms, with a configuration > that enables attestation of the launch measurement. The documentation > for how to actually perform an attestati

Re: [libvirt PATCH v2] Revert "cgroup/LXC: Do not condition availability of v2 by controllers"

2022-10-25 Thread Daniel P . Berrangé
On Tue, Oct 25, 2022 at 02:35:00PM +0200, Pavel Hrdina wrote: > On Tue, Oct 25, 2022 at 01:13:44PM +0100, Daniel P. Berrangé wrote: > > On Tue, Oct 25, 2022 at 01:46:22PM +0200, Michal Prívozník wrote: > > > On 10/25/22 13:43, Pavel Hrdina wrote: > > > > This reverts commit e49313b54ed2a149c71f9073

Re: [libvirt PATCH v2] Revert "cgroup/LXC: Do not condition availability of v2 by controllers"

2022-10-25 Thread Pavel Hrdina
On Tue, Oct 25, 2022 at 01:13:44PM +0100, Daniel P. Berrangé wrote: > On Tue, Oct 25, 2022 at 01:46:22PM +0200, Michal Prívozník wrote: > > On 10/25/22 13:43, Pavel Hrdina wrote: > > > This reverts commit e49313b54ed2a149c71f9073659222742ff3ffb0. > > > This reverts commit a0f37232b9c4296ca16955cc62

Re: [libvirt PATCH v2] Revert "cgroup/LXC: Do not condition availability of v2 by controllers"

2022-10-25 Thread Daniel P . Berrangé
On Tue, Oct 25, 2022 at 01:46:22PM +0200, Michal Prívozník wrote: > On 10/25/22 13:43, Pavel Hrdina wrote: > > This reverts commit e49313b54ed2a149c71f9073659222742ff3ffb0. > > This reverts commit a0f37232b9c4296ca16955cc625f75eb848ace39. > > > > Revert them together to not break build. > > > > T

Re: [libvirt PATCH v2] Revert "cgroup/LXC: Do not condition availability of v2 by controllers"

2022-10-25 Thread Michal Prívozník
On 10/25/22 13:43, Pavel Hrdina wrote: > This reverts commit e49313b54ed2a149c71f9073659222742ff3ffb0. > This reverts commit a0f37232b9c4296ca16955cc625f75eb848ace39. > > Revert them together to not break build. > > This fix of the issue is incorrect and breaks usage of other controllers > in hyb

[libvirt PATCH v2] Revert "cgroup/LXC: Do not condition availability of v2 by controllers"

2022-10-25 Thread Pavel Hrdina
This reverts commit e49313b54ed2a149c71f9073659222742ff3ffb0. This reverts commit a0f37232b9c4296ca16955cc625f75eb848ace39. Revert them together to not break build. This fix of the issue is incorrect and breaks usage of other controllers in hybrid mode that systemd creates, specifically usage of

[libvirt PATCH v2 08/12] tools: load CPU count and CPU SKU from libvirt

2022-10-19 Thread Daniel P . Berrangé
When validating a SEV-ES guest, we need to know the CPU count and VMSA state. We can get the CPU count directly from libvirt's guest info. The VMSA state can be constructed automatically if we query the CPU SKU from host capabilities XML. Neither of these is secure, however, so this behaviour is re

[libvirt PATCH v2 11/12] scripts: add systemtap script for capturing SEV-ES VMSA

2022-10-19 Thread Daniel P . Berrangé
In general we expect to be able to construct a SEV-ES VMSA blob from knowledge about the AMD achitectural CPU register defaults, KVM setup and QEMU setup. If any of this unexpectedly changes, figuring out what's wrong could be horrible. This systemtap script demonstrates how to capture the real VMS

[libvirt PATCH v2 10/12] docs/kbase: describe attestation for SEV guests

2022-10-19 Thread Daniel P . Berrangé
Expand the SEV guest kbase guide with information about how to configure a SEV/SEV-ES guest when attestation is required, and mention the use of virt-qemu-sev-validate as a way to confirm it. Signed-off-by: Daniel P. Berrangé --- docs/kbase/launch_security_sev.rst | 105 +

[libvirt PATCH v2 03/12] tools: load guest config from libvirt

2022-10-19 Thread Daniel P . Berrangé
Accept information about a connection to libvirt and a guest on the command line. Talk to libvirt to obtain the running guest state and automatically detect as much configuration as possible. It will refuse to use a libvirt connection that is thought to be local to the current machine, as running

[libvirt PATCH v2 12/12] docs/manpages: add checklist of problems for SEV attestation

2022-10-19 Thread Daniel P . Berrangé
Despite efforts to make the virt-qemu-sev-validate tool friendly, it is a certainty that almost everyone who tries it will hit false negative results, getting a failure despite the VM being trustworthy. Diagnosing these problems is no easy matter, especially for those not familiar with SEV/SEV-ES

[libvirt PATCH v2 09/12] tools: support generating SEV secret injection tables

2022-10-19 Thread Daniel P . Berrangé
It is possible to build OVMF for SEV with an embedded Grub that can fetch LUKS disk secrets. This adds support for injecting secrets in the required format. Signed-off-by: Daniel P. Berrangé --- docs/manpages/virt-qemu-sev-validate.rst | 66 ++ tools/virt-qemu-sev-validate |

[libvirt PATCH v2 06/12] tools: support validating SEV-ES initial vCPU state measurements

2022-10-19 Thread Daniel P . Berrangé
With the SEV-ES policy the VMSA state of each vCPU must be included in the measured data. The VMSA state can be generated using the 'sevctl' tool, by telling it a QEMU VMSA is required, and passing the hypevisor's CPU SKU (family, model, stepping). Signed-off-by: Daniel P. Berrangé --- docs/manp

[libvirt PATCH v2 05/12] tools: load direct kernel config from libvirt

2022-10-19 Thread Daniel P . Berrangé
When connected to libvirt we can validate that the guest configuration has the kernel hashes property enabled, otherwise including the kernel GUID table in our expected measurements is not likely to match the actual measurement. When running locally we can also automatically detect the kernel/init

[libvirt PATCH v2 07/12] tools: support automatically constructing SEV-ES vCPU state

2022-10-19 Thread Daniel P . Berrangé
The VMSA files contain the expected CPU register state for the VM. Their content varies based on a few pieces of the stack - AMD CPU architectural initial state - KVM hypervisor VM CPU initialization - QEMU userspace VM CPU initialization - AMD CPU SKU (family/model/stepping) The first th

[libvirt PATCH v2 02/12] tools: support validating SEV firmware boot measurements

2022-10-19 Thread Daniel P . Berrangé
The virt-qemu-sev-validate program will compare a reported SEV/SEV-ES domain launch measurement, to a computed launch measurement. This determines whether the domain has been tampered with during launch. This initial implementation requires all inputs to be provided explicitly, and as such can run

[libvirt PATCH v2 01/12] build-aux: only forbid gethostname in C files

2022-10-19 Thread Daniel P . Berrangé
This function is fine to use in other languages Signed-off-by: Daniel P. Berrangé --- build-aux/syntax-check.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/build-aux/syntax-check.mk b/build-aux/syntax-check.mk index e35c2be734..8dc7495c45 100644 --- a/build-aux/syntax-check.mk +++ b/buil

[libvirt PATCH v2 04/12] tools: support validating SEV direct kernel boot measurements

2022-10-19 Thread Daniel P . Berrangé
When doing direct kernel boot we need to include the kernel, initrd and cmdline in the measurement. Signed-off-by: Daniel P. Berrangé --- docs/manpages/virt-qemu-sev-validate.rst | 43 ++ tools/virt-qemu-sev-validate | 102 ++- 2 files changed, 144 insert

[libvirt PATCH v2 00/12] tools: provide virt-qemu-sev-validate for SEV(-ES) launch attestation

2022-10-19 Thread Daniel P . Berrangé
The libvirt QEMU driver provides all the functionality required for launching a guest on AMD SEV(-ES) platforms, with a configuration that enables attestation of the launch measurement. The documentation for how to actually perform an attestation is severely lacking and not suitable for mere mortal

Re: [libvirt PATCH v2] Add basically RISC-V support

2022-10-13 Thread Michal Prívozník
On 9/28/22 10:54, Yu Gu wrote: > This patch provides basic support for the RISC-V architecture, so > libvirt can run in RISC-V machine. > > Signed-off-by: Yu Gu > --- > po/POTFILES | 1 + > src/cpu/cpu.c | 2 + > src/cpu/cpu.h | 2 + >

Re: [libvirt PATCH v2 0/2] conf: fix handling of missing CPU cache info in sysfs

2022-10-11 Thread Ján Tomko
On a Tuesday in 2022, Daniel P. Berrangé wrote: Changed in v2: - Introduce g_autoptr support for virCapsHostCacheBank struct Daniel P. Berrangé (2): conf: define autoptr func for virCapsHostCacheBankFree conf: skip resource cache init if sysfs files are missing src/conf/capabilities.c | 90 +

Re: [libvirt PATCH v2 0/2] conf: fix handling of missing CPU cache info in sysfs

2022-10-11 Thread Alex Bennée
Daniel P. Berrangé writes: > Changed in v2: > > - Introduce g_autoptr support for virCapsHostCacheBank struct > > Daniel P. Berrangé (2): > conf: define autoptr func for virCapsHostCacheBankFree > conf: skip resource cache init if sysfs files are missing > > src/conf/capabilities.c | 90 +

[libvirt PATCH v2 2/2] conf: skip resource cache init if sysfs files are missing

2022-10-11 Thread Daniel P . Berrangé
On aarch64 the 'id' file is not present for CPU cache information in sysfs. This causes the local stateful hypervisor drivers to fail to initialize capabilities: virStateInitialize:657 : Initialisation of cloud-hypervisor state driver failed: no error The 'no error' is because the 'virFileReadVa

[libvirt PATCH v2 1/2] conf: define autoptr func for virCapsHostCacheBankFree

2022-10-11 Thread Daniel P . Berrangé
This lets us simplify the cleanup paths when populating the host cache bank information in capabilities XML. Signed-off-by: Daniel P. Berrangé --- src/conf/capabilities.c | 34 ++ src/conf/capabilities.h | 3 +++ 2 files changed, 17 insertions(+), 20 deletions(-)

[libvirt PATCH v2 0/2] conf: fix handling of missing CPU cache info in sysfs

2022-10-11 Thread Daniel P . Berrangé
Changed in v2: - Introduce g_autoptr support for virCapsHostCacheBank struct Daniel P. Berrangé (2): conf: define autoptr func for virCapsHostCacheBankFree conf: skip resource cache init if sysfs files are missing src/conf/capabilities.c | 90 + src/

Re: [libvirt PATCH v2 12/14] virsh: Add --model option for hypervisor-cpu-baseline

2022-10-10 Thread Ján Tomko
On a Friday in 2022, Jiri Denemark wrote: This option can be used as a shortcut for creating a single XML with just a CPU model name and no features: $ virsh hypervisor-cpu-baseline --model Skylake-Server Skylake-Server Signed-off-by: Ji

Re: [libvirt PATCH v2 09/14] docs: Enhance documentation of CPU models in domain caps

2022-10-10 Thread Ján Tomko
On a Friday in 2022, Jiri Denemark wrote: Signed-off-by: Jiri Denemark --- Notes: Version 2: - new patch docs/formatdomaincaps.rst | 18 ++ 1 file changed, 14 insertions(+), 4 deletions(-) Reviewed-by: Ján Tomko Jano

Re: [libvirt PATCH v2 14/14] NEWS: Document CPU reporting improvements

2022-10-10 Thread Ján Tomko
On a Friday in 2022, Jiri Denemark wrote: Signed-off-by: Jiri Denemark --- Notes: Version 2: - patch 10/11 from v1 and the corresponding section in NEWS dropped - mention --model for virsh hypervisor-cpu-baseline - mention CPU blockers translation bug - mention docs improvements

Re: [libvirt PATCH v2 13/14] virsh: Add completer for hypervisor-cpu-baseline --model

2022-10-10 Thread Ján Tomko
On a Friday in 2022, Jiri Denemark wrote: Signed-off-by: Jiri Denemark --- Notes: Version 2: - new patch tools/virsh-completer-host.c | 50 tools/virsh-completer-host.h | 5 tools/virsh-host.c | 1 + 3 files changed, 56 insertions(+)

Re: [libvirt PATCH v2 11/14] qemu_capabilities: Translate CPU blockers

2022-10-10 Thread Ján Tomko
On a Friday in 2022, Jiri Denemark wrote: Since commit "cpu_x86: Disable blockers from unusable CPU models" (v3.8.0-99-g9c9620af1d) we explicitly disable CPU features reported by QEMU as usability blockers for a particular CPU model when creating baseline or host-model CPU definition. When QEMU c

Re: [libvirt PATCH v2 10/14] Document specifics of virConnectBaselineHypervisorCPU

2022-10-10 Thread Ján Tomko
On a Friday in 2022, Jiri Denemark wrote: The API can be used to get usability blockers for an unusable CPU model, which is not obvious. Let's explicitly document this behavior as it is now mentioned in the documentation of domain capabilities XML. Signed-off-by: Jiri Denemark --- Notes: Ve

[libvirt PATCH v2 13/14] virsh: Add completer for hypervisor-cpu-baseline --model

2022-10-07 Thread Jiri Denemark
Signed-off-by: Jiri Denemark --- Notes: Version 2: - new patch tools/virsh-completer-host.c | 50 tools/virsh-completer-host.h | 5 tools/virsh-host.c | 1 + 3 files changed, 56 insertions(+) diff --git a/tools/virsh-completer-host.

<    1   2   3   4   5   6   7   8   9   10   >