On Wed, Jun 12, 2024 at 10:42:43AM GMT, Laine Stump wrote:
> On 6/12/24 9:18 AM, Andrea Bolognani wrote:
> > On Wed, Jun 12, 2024 at 08:42:48AM GMT, Laine Stump wrote:
> > > On 6/12/24 6:47 AM, Daniel P. Berrangé wrote:
> > > > On Wed, Jun 12, 2024 at 03:27:24AM
On Wed, Jun 12, 2024 at 08:42:48AM GMT, Laine Stump wrote:
> On 6/12/24 6:47 AM, Daniel P. Berrangé wrote:
> > On Wed, Jun 12, 2024 at 03:27:24AM -0700, Andrea Bolognani wrote:
> > > [...] I'd be extremely surprised to learn that
> > > guest network connectivity h
On Wed, Jun 12, 2024 at 09:57:15AM GMT, Daniel P. Berrangé wrote:
> On Wed, Jun 12, 2024 at 01:54:47AM -0700, Andrea Bolognani wrote:
> > Is there much of a difference between having an explicit noop backend
> > that is checked for availability after all other ones, and simply
On Tue, Jun 11, 2024 at 05:27:42PM GMT, Daniel P. Berrangé wrote:
> On Tue, Jun 11, 2024 at 08:49:42AM -0700, Andrea Bolognani wrote:
> > One additional issue with this:
> >
> > $ PATH=/usr/bin /usr/sbin/libvirtd
> > error : virNetworkLoadDriverConfig:146 : interna
On Tue, Jun 11, 2024 at 02:38:58AM GMT, Andrea Bolognani wrote:
> On Mon, Jun 10, 2024 at 09:10:08PM GMT, Roman Bogorodskiy wrote:
> > Laine Stump wrote:
> >
> > > This patch series enables libvirt to use nftables rules rather than
> > > iptables *when sett
estoring the
previous status quo. A noop backend might be the answer, but honestly
I just don't understand enough about networking to know for sure. I
thought that these firewall rules were necessary in order to give
network access to VMs, but if FreeBSD has been doing fine without
iptables so far clearly that's not the case?
[1] https://gitlab.com/libvirt/libvirt/-/issues/642
--
Andrea Bolognani / Red Hat / Virtualization
d-off-by: Christian Ehrhardt
It looks reasonable to me too, but I'd like to see someone other than
the author take it for a spin. Christian, can you please give it a
shot? Once we have your Tested-by, I'll happily throw in my
Reviewed-by and push the patch.
--
Andrea Bolognani / Red Hat / Virtualization
Everywhere we use TPM 2.0 as our default, the chances of TPM
1.2 being supported by the guest OS are very slim. Just reject
such configurations outright.
Signed-off-by: Andrea Bolognani
---
src/qemu/qemu_validate.c | 22 ---
...aarch64-tpm-wrong
unlikely
to happen for the latter.
Signed-off-by: Andrea Bolognani
---
...aarch64-virt-default-models.aarch64-latest.abi-update.args | 3 +++
.../aarch64-virt-default-models.aarch64-latest.abi-update.xml | 3 +++
.../aarch64-virt-default-models.aarch64-latest.args | 3 +++
.../aarch64-virt
that it reflects reality and we don't
have to remember to update it every time a new architecture is
introduced.
Signed-off-by: Andrea Bolognani
---
src/qemu/qemu_domain.c | 13 -
...irt-default-models.riscv64-latest.abi-update.xml | 2 +-
.../riscv64-virt
The default-models tests provide coverage for these scenarios
now.
Signed-off-by: Andrea Bolognani
Reviewed-by: Peter Krempa
---
.../aarch64-tpm.aarch64-latest.args | 34 -
.../aarch64-tpm.aarch64-latest.xml| 29
tests/qemuxmlconfdata/aarch64-tpm.xml
Changes from [v1]
* use TPM 2.0 more;
* reject TPM 1.2 more;
* add better comments to loongarch64 and s390x test cases.
[v1]
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/YZMV33UPKZRRQBN4XCCAW25IRV46LX57/
Andrea Bolognani (4):
tests: Add TPM coverage
On Mon, Jun 03, 2024 at 10:50:40AM GMT, Daniel P. Berrangé wrote:
> On Mon, May 27, 2024 at 07:31:36PM +0200, Andrea Bolognani wrote:
> > +/* TPM 1.2 does not work on certain modern architectures */
> > +if (qemuDoma
Signed-off-by: Andrea Bolognani
---
libvirt.spec.in | 16 ++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 4381dbe30c..5ca7b95e6c 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -205,6 +205,18 @@
%define
On Mon, Jun 03, 2024 at 10:57:15AM GMT, Daniel P. Berrangé wrote:
> On Tue, May 28, 2024 at 05:49:21PM +0200, Andrea Bolognani wrote:
> > +++ b/libvirt.spec.in
> > @@ -1387,6 +1387,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y'
> > %{_specdir}/libvirt.spec)
> >
On Tue, May 28, 2024 at 12:50:51PM GMT, Laine Stump wrote:
> On 5/28/24 12:31 PM, Pavel Hrdina wrote:
> > On Tue, May 28, 2024 at 05:49:19PM +0200, Andrea Bolognani wrote:
> > > + if (not firewall_backend_priority.contains('nftables') or
> > > + not firewal
Signed-off-by: Andrea Bolognani
---
libvirt.spec.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 6fb223c74a..4381dbe30c 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1387,6 +1387,7 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y
Signed-off-by: Andrea Bolognani
---
meson.build | 5 +
1 file changed, 5 insertions(+)
diff --git a/meson.build b/meson.build
index ed0e9686f8..e98ab0d5ac 100644
--- a/meson.build
+++ b/meson.build
@@ -2382,6 +2382,11 @@ misc_summary = {
'sysctl config': conf.has('WITH_SYSCTL
=iptables,nftables
Checks have been added to prevent invalid values from being
accepted.
Signed-off-by: Andrea Bolognani
---
meson.build | 16 +---
meson_options.txt| 3 +--
src/network/bridge_driver_conf.c | 6 +-
src/network/meson.build
Test pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/1308917840
See 1/3 for details.
Andrea Bolognani (3):
meson: Improve default firewall backend configuration
meson: Include firewall backend selection in summary
rpm: Configure firewall backends explicitly
libvirt.spec.in
On Tue, May 28, 2024 at 08:59:46AM GMT, Peter Krempa wrote:
> On Mon, May 27, 2024 at 19:31:34 +0200, Andrea Bolognani wrote:
> > Note that TPM supports seems to be currently missing from s390x
> > and loongarch64 QEMU builds. I'm not entirely sure whether
> >
The default-models tests provide coverage for these scenarios
now.
Signed-off-by: Andrea Bolognani
---
.../aarch64-tpm.aarch64-latest.args | 34 -
.../aarch64-tpm.aarch64-latest.xml| 29
tests/qemuxmlconfdata/aarch64-tpm.xml | 15
.../tpm
We've made similar changes for aarch64 a few years back (see
d8a1c059e0ed and previous commits), and the rationale is the
same: the architecture is new enough that TPM 2.0 predates it,
so TPM 1.2 support was never considered and will just not work.
Signed-off-by: Andrea Bolognani
---
src/qemu
, but
either way we have to skip them for now.
Signed-off-by: Andrea Bolognani
---
...aarch64-virt-default-models.aarch64-latest.abi-update.args | 3 +++
.../aarch64-virt-default-models.aarch64-latest.abi-update.xml | 3 +++
.../aarch64-virt-default-models.aarch64-latest.args | 3
Andrea Bolognani (3):
tests: Add TPM coverage to default-models tests
tests: Delete some redundant test cases
qemu: Only allow TPM 2.0 for RISC-V guests
src/qemu/qemu_domain.c| 1 +
src/qemu/qemu_validate.c | 10 +--
...aarch64-tpm-wrong
On Thu, May 16, 2024 at 10:26:28AM GMT, Daniel P. Berrangé wrote:
> On Thu, May 16, 2024 at 02:23:13AM -0700, Andrea Bolognani wrote:
> > IIUC requirements are mostly on the guest OS side, and on the host OS
> > side we just need the ssh ProxyCommand feature which would have bee
On Thu, May 16, 2024 at 10:03:02AM GMT, Daniel P. Berrangé wrote:
> On Thu, May 16, 2024 at 10:24:22AM +0200, Andrea Bolognani wrote:
> > As a general rule, we use defines for features that can only be
> > enabled on a subset of the platforms that we target, and we
> > don
The way things are implemented, installing the package not
only makes the feature available but also enables it.
Some admins might not want that to happen, so let's make the
dependency a weak one to offer them a way out.
Signed-off-by: Andrea Bolognani
---
libvirt.spec.in | 4 ++--
1 file
having a define for it is unnecessary.
Signed-off-by: Andrea Bolognani
---
libvirt.spec.in | 15 +--
1 file changed, 1 insertion(+), 14 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 0d6f15460d..b6f9bf86f3 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -91,7
This way we can avoid repeating it twice.
Signed-off-by: Andrea Bolognani
---
libvirt.spec.in | 9 +++--
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 329b923e8f..0d6f15460d 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -810,6
The ssh-proxy feature works independently of the clients,
just like the NSS plugin does.
Moreover, ssh-proxy only works for local VMs, while clients
are routinely used to manage remote hypervisors.
Signed-off-by: Andrea Bolognani
---
libvirt.spec.in | 3 ---
1 file changed, 3 deletions
CI pipeline: https://gitlab.com/abologna/libvirt/-/pipelines/1292193155
Andrea Bolognani (4):
rpm: Drop weak dependency on ssh-proxy from client
rpm: Only Recommend ssh-proxy
rpm: Move dependency on ssh-proxy to QEMU driver
rpm: Drop with_ssh_proxy define
libvirt.spec.in | 23
nux labels.
Please do. Hopefully you'll get further than I was able to :)
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
On Thu, May 09, 2024 at 02:28:15PM GMT, Peter Krempa wrote:
> On Thu, May 02, 2024 at 19:39:41 +0200, Andrea Bolognani wrote:
> > +static bool
> > +virFileIsSharedFSOverride(const char *path,
> > + char *const *overrides)
> > +{
> > +
rcIsSafe(virDomainDef *def,
> > - virQEMUCaps *qemuCaps,
> > +qemuMigrationSrcIsSafe(virDomainObj *vm,
> > size_t nmigrate_disks,
> > const char **migrate_disks,
> > unsigned int flags)
>
> S
On Thu, May 09, 2024 at 01:58:21PM GMT, Peter Krempa wrote:
> On Thu, May 02, 2024 at 19:39:39 +0200, Andrea Bolognani wrote:
> > +# libvirt will normally prevent migration if the storage backing the VM is
> > not
> > +# on a shared filesystems. Sometimes, however, th
ends the data,
> as well as the trailing '\0' terminator.
>
> Both bugs combined mean it is sending '\0\0' as the last bytes, instead
> of '\n' which was intended. When virFileReadAll reads data from the
> pipe, it ends up adding another '\0' resulting in in a very NUL
*resulting in a very
Rev
Thanks a lot for looking into this!
Reviewed-by: Andrea Bolognani
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
On Tue, May 07, 2024 at 08:14:18PM GMT, Daniel P. Berrangé wrote:
> On Tue, May 07, 2024 at 04:56:00PM +0000, Andrea Bolognani wrote:
> > On Fri, Mar 22, 2024 at 06:56:08PM GMT, Peter Krempa wrote:
> > > +static void
> > > +testPipeFeeder(void *opaque)
> >
rchitectures?
[1]
https://buildd.debian.org/status/fetch.php?pkg=libvirt=ppc64el=10.3.0-2=1715074703=0
[2] https://koji.fedoraproject.org/koji/taskinfo?taskID=117156020
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel
rning
> * update all the distros new/old in one go
> * update glib & re-enable the warning
Is this dance really necessary? We obviously care about bisectability
of the code itself, but IMO it's fine if the CI pipeline stops making
sense for a bit in the middle of a series, as long
On Fri, May 03, 2024 at 01:49:30PM GMT, Kristina Hanicova wrote:
> Signed-off-by: Kristina Hanicova
> ---
> NEWS.rst | 5 +
> 1 file changed, 5 insertions(+)
Reviewed-by: Andrea Bolognani
and pushed. Thanks!
--
Andrea Bolognani / Red Hat / Vi
t;
> Resolves: https://bugs.gentoo.org/931109
> Signed-off-by: Michal Privoznik
> ---
> tools/vsh.c | 11 ---
> 1 file changed, 8 insertions(+), 3 deletions(-)
This caused FTBFS on Debian too. I was going to investigate the
matter today, and seeing the fix merged already was a
On Thu, May 02, 2024 at 12:16:32PM GMT, Andrea Bolognani wrote:
> On Thu, Apr 18, 2024 at 01:17:34PM GMT, Stefan Berger wrote:
> > On 4/17/24 09:29, Andrea Bolognani wrote:
> > > +static bool
> > > +virFileIsSharedFSOverride(const char *path,
> > > +
of it.
Note that with this change the list is propagated all the way
through, but its contents are still ignored, so the behavior
remains the same for now.
Signed-off-by: Andrea Bolognani
Reviewed-by: Stefan Berger
---
src/lxc/lxc_controller.c | 3 +-
src/lxc/lxc_driver.c | 2
for disks and other types of persistent
storage such as NVRAM files, which always get relabeled.
Signed-off-by: Andrea Bolognani
Reviewed-by: Stefan Berger
---
src/qemu/qemu_tpm.c | 11 ++-
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/src/qemu/qemu_tpm.c b/src/qemu
If the local admin has explicitly declared that a certain
filesystem is to be considered shared, we should treat it as
such.
Signed-off-by: Andrea Bolognani
Reviewed-by: Stefan Berger
---
src/util/virfile.c | 42 +-
1 file changed, 41 insertions(+), 1
As explained in the comment, this can help in scenarios where
a shared filesystem can't be detected as such by libvirt, by
giving the admin the opportunity to provide this information
manually.
Signed-off-by: Andrea Bolognani
---
src/qemu/libvirtd_qemu.aug | 3 +++
src/qemu
Signed-off-by: Andrea Bolognani
Reviewed-by: Stefan Berger
---
src/security/security_selinux.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index aaec34ff8b..a4915dbc89 100644
--- a/src/security
] https://issues.redhat.com/browse/CNV-39370
Andrea Bolognani (5):
security: Fix alignment
qemu: Introduce shared_filesystems configuration option
qemu: Propagate shared_filesystems
utils: Use overrides in virFileIsSharedFS()
qemu: Always set labels for TPM state
src/lxc/lxc_controller.c
On Thu, Apr 18, 2024 at 01:17:34PM GMT, Stefan Berger wrote:
> On 4/17/24 09:29, Andrea Bolognani wrote:
> > +static bool
> > +virFileIsSharedFSOverride(const char *path,
> > + char *const *overrides)
> > +{
> > +g_autofree char *dirpat
On Wed, Apr 17, 2024 at 03:16:18PM GMT, Stefan Berger wrote:
> On 4/17/24 09:29, Andrea Bolognani wrote:
> > +#shared_filesystems = [
> > +# "/path/to/images",
> > +# "/path/to/nvram",
> > +# "/path/to/swtpm"
> > +#]
>
> May b
10.3.0` (QEMU/KVM and ARM virt guests only)
Of course this will need updating since 10.3.0 has already entered
freeze.
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an
_armv7l.xml | 1 +
> 9 files changed, 10 insertions(+)
Reviewed-by: Andrea Bolognani
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
o start
> > such guest. Even though the feature might already be off by default.
>
> I prefer this one. Don't see any point in toggling a feature that:
> 1) was not even present in the QEMU they're using
> 2) is currently off by default and possibly will be for some time.
I agr
On Thu, Apr 18, 2024 at 06:29:53PM +0100, Daniel P. Berrangé wrote:
> On Wed, Mar 20, 2024 at 09:10:48AM -0700, Andrea Bolognani wrote:
> > On Wed, Mar 20, 2024 at 10:18:39AM -0400, Stefan Berger wrote:
> > > On 3/20/24 08:23, Peter Krempa wrote:
> > > >
On Wed, Mar 20, 2024 at 09:10:48AM -0700, Andrea Bolognani wrote:
> On Wed, Mar 20, 2024 at 10:18:39AM -0400, Stefan Berger wrote:
> > On 3/20/24 08:23, Peter Krempa wrote:
> > > Did you consider the case when the migration fails and the VM will be
> > > restored to r
On Tue, Mar 26, 2024 at 08:54:03AM -0700, Andrea Bolognani wrote:
> On Wed, Mar 20, 2024 at 08:43:24AM -0700, Andrea Bolognani wrote:
> > On Wed, Mar 20, 2024 at 12:37:37PM +0100, Peter Krempa wrote:
> > > On Wed, Mar 20, 2024 at 10:19:11 +0100, Andrea Bolognani wrote:
of it.
Note that with this change the list is propagated all the way
through, but its contents are still ignored, so the behavior
remains the same for now.
Signed-off-by: Andrea Bolognani
---
src/lxc/lxc_controller.c | 3 +-
src/lxc/lxc_driver.c | 2 +-
src/lxc/lxc_process.c
for disks and other types of persistent
storage such as NVRAM files, which always get relabeled.
Signed-off-by: Andrea Bolognani
---
src/qemu/qemu_tpm.c | 11 ++-
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index cdf4bfbad2
As explained in the comment, this can help in scenarios where
a shared filesystem can't be detected as such by libvirt, by
giving the admin the opportunity to provide this information
manually.
Signed-off-by: Andrea Bolognani
---
src/qemu/libvirtd_qemu.aug | 3 +++
src/qemu
If the local admin has explicitly declared that a certain
filesystem is to be considered shared, we should treat it as
such.
Signed-off-by: Andrea Bolognani
---
src/util/virfile.c | 42 +-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/src
Signed-off-by: Andrea Bolognani
---
src/security/security_selinux.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index aaec34ff8b..a4915dbc89 100644
--- a/src/security/security_selinux.c
+++ b/src
://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/MMKVR54LD3SDG5CMSXUECV7I57LMJJTH/
[1] https://issues.redhat.com/browse/CNV-34322
[2] https://issues.redhat.com/browse/CNV-39370
Andrea Bolognani (5):
security: Fix alignment
qemu: Introduce shared_filesystems configuration option
s:driver", modelName,
>"i:chassis_nr", pciopts->chassisNr,
> + "P:mem-reserve", pciopts->memReserve *
> 1024,
I thought this couldn't possibly work correctly at first, but then I
looked up what "
/qemu_validate.c | 25 +
> 1 file changed, 25 insertions(+)
Reviewed-by: Andrea Bolognani
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
show_bug.cgi?id=1408810
and was concerned that whatever you implemented here might rule out
potentially implementing that in the future, or having to resort to
some hacks. But since the parser will reject memReserve='0', we can
still decide to relax things in the future and permit ioReserve='0'
w
our
best efforts.
Try to put this sentiment into words; to further carry the
message, also include a tasteful ASCII rendition of our
sorrow.
Signed-off-by: Andrea Bolognani
---
tools/virsh-console.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/tools/virsh-console.c b
'
Escape character is ^] (Ctrl + ])
error: internal error: cannot find character device
The initial message is misleading. Change things so that it's
only printed if we actually successfully connected to the VM
console.
Signed-off-by: Andrea Bolognani
---
tools/virsh-console.c | 19
*** APRIL BLURBS ***
Andrea Bolognani (2):
virsh: Show 'connected to console' message later
virsh: Display more empathy towards inconsolable VMs :(
tools/virsh-console.c | 24 +---
tools/virsh-domain.c | 7 ---
2 files changed, 17 insertions(+), 14 deletions
works now.
> +
> + * virt-admin: Fix segfault when libvirtd dies
> +
> +Now, `virt-admin` no longer crashes when `libvirtd` unexpectedly closes
> +the connection.
I'd just drop the initial "Now," here.
Throughout, you need to use ``reStructuredText preformatte
On Tue, Mar 26, 2024 at 01:15:41PM -0400, Stefan Berger wrote:
> On 3/26/24 12:38, Andrea Bolognani wrote:
> > On Tue, Mar 26, 2024 at 12:04:21PM -0400, Stefan Berger wrote:
> > > On 3/26/24 11:54, Andrea Bolognani wrote:
> > > > The issue is that, when remembe
On Wed, Mar 20, 2024 at 01:10:00PM +0100, Peter Krempa wrote:
> On Wed, Mar 20, 2024 at 10:19:12 +0100, Andrea Bolognani wrote:
> > @@ -1355,7 +1363,7 @@ virSecurityManagerMetadataLock(virSecurityManager
> > *mgr G_GNUC_UNUSED,
> > }
On Tue, Mar 26, 2024 at 12:04:21PM -0400, Stefan Berger wrote:
>
>
> On 3/26/24 11:54, Andrea Bolognani wrote:
> > On Wed, Mar 20, 2024 at 08:43:24AM -0700, Andrea Bolognani wrote:
> > > On Wed, Mar 20, 2024 at 12:37:37PM +0100, Peter Krempa wrote:
> > > > On
On Wed, Mar 20, 2024 at 08:43:24AM -0700, Andrea Bolognani wrote:
> On Wed, Mar 20, 2024 at 12:37:37PM +0100, Peter Krempa wrote:
> > On Wed, Mar 20, 2024 at 10:19:11 +0100, Andrea Bolognani wrote:
> > > +# libvirt will normally prevent migration if the stor
Plus a random fix.
Andrea Bolognani (2):
NEWS: Fix spacing
NEWS: Mention loongarch64 guest support
NEWS.rst | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
--
2.44.0
___
Devel mailing list -- devel@lists.libvirt.org
Signed-off-by: Andrea Bolognani
---
NEWS.rst | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/NEWS.rst b/NEWS.rst
index ff98a47577..ec2fadaae8 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -16,11 +16,12 @@ v10.2.0 (unreleased)
* **Removed features**
* **New features
Signed-off-by: Andrea Bolognani
---
NEWS.rst | 7 +++
1 file changed, 7 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index ec2fadaae8..ef9e312698 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -29,6 +29,13 @@ v10.2.0 (unreleased)
guest can access files on this driver through the Media
plement the method of getting host info for loongarch
> Add test script for loongarch
Everything looks great.
Reviewed-by: Andrea Bolognani
and pushed. Thank you for your patience!
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
On Wed, Mar 20, 2024 at 10:18:39AM -0400, Stefan Berger wrote:
> On 3/20/24 08:23, Peter Krempa wrote:
> > On Wed, Mar 20, 2024 at 10:19:14 +0100, Andrea Bolognani wrote:
> > > Consider the case in which one host (mig-one) exports its
> > > local filesystem /sr
On Wed, Mar 20, 2024 at 10:07:11AM -0400, Stefan Berger wrote:
> On 3/20/24 05:19, Andrea Bolognani wrote:
> > + * qemu: Add ``shared_filesystems`` configuration option
> > +
> > +This option can be used to configure libvirt so that migration between
> > two
&
ot
used locally.
In the more general case, there's really nothing preventing people
from creating a similar setup outside of KubeVirt with Portworx. As
you rightfully point out, there are some drawbacks to the approach
but it's not necessarily an invalid one per se.
[1]
https://github.com/lib
On Wed, Mar 20, 2024 at 12:37:37PM +0100, Peter Krempa wrote:
> On Wed, Mar 20, 2024 at 10:19:11 +0100, Andrea Bolognani wrote:
> > +# libvirt will normally prevent migration if the storage backing the VM is
> > not
> > +# on a shared filesystems. Sometimes, however, th
If the filesystem wasn't determined to be a shared one via the
type check, try comparing it with the additional paths that
have been configured by the local admin.
Signed-off-by: Andrea Bolognani
---
src/util/virfile.c | 86 ++
1 file changed, 72
Each one only has a single, trivial caller.
Signed-off-by: Andrea Bolognani
---
src/security/security_dac.c | 21 -
src/security/security_selinux.c | 21 -
2 files changed, 8 insertions(+), 34 deletions(-)
diff --git a/src/security/security_dac.c b
for disks and other types of persistent
storage such as NVRAM files, which always get relabeled.
Signed-off-by: Andrea Bolognani
---
src/qemu/qemu_tpm.c | 11 ++-
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c
index f1b4283a70
Signed-off-by: Andrea Bolognani
---
NEWS.rst | 7 +++
1 file changed, 7 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 489201d3fc..7e17043c2a 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -17,6 +17,13 @@ v10.2.0 (unreleased)
* **New features**
+ * qemu: Add ``shared_filesystems
of it.
Note that with this change the list is propagated all the way
through, but its contents are still ignored, so the behavior
remains the same for now.
Signed-off-by: Andrea Bolognani
---
src/lxc/lxc_controller.c | 2 +-
src/lxc/lxc_driver.c | 2 +-
src/lxc/lxc_process.c
Current entries should always be listed before obsolete ones.
Signed-off-by: Andrea Bolognani
---
src/qemu/libvirtd_qemu.aug | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
index 43485b43fb..2b6526538f 100644
As explained in the comment, this can help in scenarios where
a shared filesystem can't be detected as such by libvirt, by
giving the admin the opportunity to provide this information
manually.
Signed-off-by: Andrea Bolognani
---
src/qemu/libvirtd_qemu.aug | 3 +++
src/qemu
://issues.redhat.com/browse/CNV-39370
Andrea Bolognani (10):
security: Fix alignment
security: Fix name for _virSecurityDACChardevCallbackData
security: Drop virSecurity(DAC|SELinux)RestoreImageLabelSingle()
security: Drop virSecurity(DAC|SELinux)SetImageLabelRelative()
qemu: Tweak augeas
Signed-off-by: Andrea Bolognani
---
src/security/security_manager.c | 14 +++---
src/security/security_manager.h | 16
2 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index afd41f1c20
It was clearly copied over from the SELinux driver without
updating its name in the process.
Signed-off-by: Andrea Bolognani
---
src/security/security_dac.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
The single caller for each function passes the same value
for @src and @parent, which means that we don't really need
the additional API.
Signed-off-by: Andrea Bolognani
---
src/security/security_dac.c | 19 +--
src/security/security_selinux.c | 19 +--
2
On Tue, Mar 19, 2024 at 05:45:10PM +0100, Michal Prívozník wrote:
> On 2/27/24 19:30, Andrea Bolognani wrote:
> > This applies on top of [1]. Test pipeline: [2]
> >
> > Upon further investigation, I have determined that not only
> > we are unintentionally using the Li
or the qemu_user and
qemu_group meson options, which have been around forever and can take
arbitrary values.
At the very least, installing this file needs to be gated behind a
meson option that is off by default. A more complete solution that
integrates properly with the existing facilities will requ
On Fri, Mar 08, 2024 at 10:47:12AM +0100, Michal Prívozník wrote:
> On 2/28/24 13:40, Andrea Bolognani wrote:
> > On Wed, Feb 28, 2024 at 12:37:54PM +0100, Michal Prívozník wrote:
> >> On 2/27/24 19:30, Andrea Bolognani wrote:
> >>> This applies on top of [1]. Test
> +
> +
This test is about default devices, so the ACPI feature doesn't need
to be included. Same thing for the default-models test.
The test coverage you've introduced is pretty good overall, but
there's one notable blind spot: firmware handling. Thankfully, since
I have recently add
QEMU_CAPS_SCSI_LSI))
return VIR_DOMAIN_CONTROLLER_MODEL_SCSI_LSILOGIC;
--
Andrea Bolognani / Red Hat / Virtualization
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
u/firmware/50-edk2-loongarch64.json");
DO_PARSE_TEST("usr/share/qemu/firmware/50-edk2-ovmf-4m-qcow2-x64-nosb.json");
DO_PARSE_TEST("usr/share/qemu/firmware/50-edk2-ovmf-x64-microvm.json");
DO_PARSE_TEST("usr/share/qemu/firmware/51-edk2-aarch64-raw.json&
1 - 100 of 498 matches
Mail list logo