[PATCH 0/2] interface: Refactor code and fix old listing API when interface is unbound
Patch 1/2 removes a pointless helper in favor of making an almost identical function more universal, so that patch 2/2 then fixes all cases in one place. Peter Krempa (2): interface_udev: Replace udevNumOfInterfacesByStatus by udevListInterfacesByStatus udevListInterfacesByStatus: Don't try to return NULL names src/interface/interface_backend_udev.c | 84 +- 1 file changed, 30 insertions(+), 54 deletions(-) -- 2.44.0 ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 2/2] udevListInterfacesByStatus: Don't try to return NULL names
In case when the interface is being detached/reattached it may happen
that udev will return NULL from 'udev_device_get_sysname()'.
As the RPC code requires nonnull strings in the return array it fails to
serialize such reply:
libvirt: XML-RPC error : Unable to encode message payload
Fix this by simply ignoring such interfaces as there's nothing we can
report in such case.
A similar fix was done to 'udevConnectListAllInterfaces' in commit
2ca94317ac6.
Resolves: https://issues.redhat.com/browse/RHEL-34615
Signed-off-by: Peter Krempa
---
src/interface/interface_backend_udev.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/interface/interface_backend_udev.c
b/src/interface/interface_backend_udev.c
index 826f486049..8bb19d7764 100644
--- a/src/interface/interface_backend_udev.c
+++ b/src/interface/interface_backend_udev.c
@@ -185,6 +185,7 @@ udevListInterfacesByStatus(virConnectPtr conn,
udev_list_entry_foreach(dev_entry, devices) {
struct udev_device *dev;
const char *path;
+const char *name;
g_autoptr(virInterfaceDef) def = NULL;
/* Ensure we won't exceed the size of our array */
@@ -194,10 +195,17 @@ udevListInterfacesByStatus(virConnectPtr conn,
path = udev_list_entry_get_name(dev_entry);
dev = udev_device_new_from_syspath(udev, path);
+if (!(name = udev_device_get_sysname(dev))) {
+/* Name can be NULL in case when the interface is being unbound
+ * from the driver. The list API requires names to be present */
+VIR_DEBUG("Skipping interface '%s', name == NULL", path);
+continue;
+}
+
def = udevGetMinimalDefForDevice(dev);
if (filter(conn, def)) {
if (names)
-names[count] = g_strdup(udev_device_get_sysname(dev));
+names[count] = g_strdup(name);
count++;
}
udev_device_unref(dev);
--
2.44.0
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 1/2] interface_udev: Replace udevNumOfInterfacesByStatus by udevListInterfacesByStatus
Make the array-filling operation of udevListInterfacesByStatus optional
and replace the completely redundant udevNumOfInterfacesByStatus by it.
Further patches fixing the listing will not need to be duplicated.
Signed-off-by: Peter Krempa
---
src/interface/interface_backend_udev.c | 76 --
1 file changed, 22 insertions(+), 54 deletions(-)
diff --git a/src/interface/interface_backend_udev.c
b/src/interface/interface_backend_udev.c
index 4091483060..826f486049 100644
--- a/src/interface/interface_backend_udev.c
+++ b/src/interface/interface_backend_udev.c
@@ -137,55 +137,21 @@ udevGetDevices(struct udev *udev, virUdevStatus status)
return enumerate;
}
-static int
-udevNumOfInterfacesByStatus(virConnectPtr conn, virUdevStatus status,
-virInterfaceObjListFilter filter)
-{
-struct udev *udev = udev_ref(driver->udev);
-struct udev_enumerate *enumerate = NULL;
-struct udev_list_entry *devices;
-struct udev_list_entry *dev_entry;
-int count = 0;
-
-enumerate = udevGetDevices(udev, status);
-
-if (!enumerate) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
- _("failed to get number of %1$s interfaces on host"),
- virUdevStatusString(status));
-count = -1;
-goto cleanup;
-}
-
-/* Do the scan to load up the enumeration */
-udev_enumerate_scan_devices(enumerate);
-
-/* Get a list we can walk */
-devices = udev_enumerate_get_list_entry(enumerate);
-
-/* For each item so we can count */
-udev_list_entry_foreach(dev_entry, devices) {
-struct udev_device *dev;
-const char *path;
-g_autoptr(virInterfaceDef) def = NULL;
-
-path = udev_list_entry_get_name(dev_entry);
-dev = udev_device_new_from_syspath(udev, path);
-
-def = udevGetMinimalDefForDevice(dev);
-if (filter(conn, def))
-count++;
-udev_device_unref(dev);
-}
-
- cleanup:
-if (enumerate)
-udev_enumerate_unref(enumerate);
-udev_unref(udev);
-
-return count;
-}
+/**
+ * udevListInterfacesByStatus:
+ *
+ * @conn: connection object
+ * @names: optional pointer to array to be filled with interface names
+ * @names_len: size of @names
+ * @status: status of interfaces to be listed
+ * @filter: ACL filter function
+ *
+ * Lists interfaces with status matching @status filling them into @names (if
+ * non-NULL) and returns the number of such interfaces.
+ *
+ * In case of an error -1 is returned and no interfaces are filled into @names.
+ */
static int
udevListInterfacesByStatus(virConnectPtr conn,
char **const names,
@@ -222,7 +188,7 @@ udevListInterfacesByStatus(virConnectPtr conn,
g_autoptr(virInterfaceDef) def = NULL;
/* Ensure we won't exceed the size of our array */
-if (count >= names_len)
+if (names && count >= names_len)
break;
path = udev_list_entry_get_name(dev_entry);
@@ -230,7 +196,8 @@ udevListInterfacesByStatus(virConnectPtr conn,
def = udevGetMinimalDefForDevice(dev);
if (filter(conn, def)) {
-names[count] = g_strdup(udev_device_get_sysname(dev));
+if (names)
+names[count] = g_strdup(udev_device_get_sysname(dev));
count++;
}
udev_device_unref(dev);
@@ -242,14 +209,15 @@ udevListInterfacesByStatus(virConnectPtr conn,
return count;
}
+
static int
udevConnectNumOfInterfaces(virConnectPtr conn)
{
if (virConnectNumOfInterfacesEnsureACL(conn) < 0)
return -1;
-return udevNumOfInterfacesByStatus(conn, VIR_UDEV_IFACE_ACTIVE,
- virConnectNumOfInterfacesCheckACL);
+return udevListInterfacesByStatus(conn, NULL, 0, VIR_UDEV_IFACE_ACTIVE,
+ virConnectNumOfInterfacesCheckACL);
}
static int
@@ -271,8 +239,8 @@ udevConnectNumOfDefinedInterfaces(virConnectPtr conn)
if (virConnectNumOfDefinedInterfacesEnsureACL(conn) < 0)
return -1;
-return udevNumOfInterfacesByStatus(conn, VIR_UDEV_IFACE_INACTIVE,
-
virConnectNumOfDefinedInterfacesCheckACL);
+return udevListInterfacesByStatus(conn, NULL, 0, VIR_UDEV_IFACE_INACTIVE,
+
virConnectNumOfDefinedInterfacesCheckACL);
}
static int
--
2.44.0
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH-for-9.1 v2 2/3] migration: Remove RDMA protocol handling
On Mon, May 06, 2024 at 12:08:43PM +0200, Jinpu Wang wrote: > Hi Peter, hi Daniel, Hi, Jinpu, Thanks for sharing this test results. Sounds like a great news. What's your plan next? Would it then be worthwhile / possible moving QEMU into that direction? Would that greatly simplify rdma code as Dan mentioned? Thanks, > > On Fri, May 3, 2024 at 4:33 PM Peter Xu wrote: > > > > On Fri, May 03, 2024 at 08:40:03AM +0200, Jinpu Wang wrote: > > > I had a brief check in the rsocket changelog, there seems some > > > improvement over time, > > > might be worth revisiting this. due to socket abstraction, we can't > > > use some feature like > > > ODP, it won't be a small and easy task. > > > > It'll be good to know whether Dan's suggestion would work first, without > > rewritting everything yet so far. Not sure whether some perf test could > > help with the rsocket APIs even without QEMU's involvements (or looking for > > test data supporting / invalidate such conversions). > > > I did a quick test with iperf on 100 G environment and 40 G > environment, in summary rsocket works pretty well. > > iperf tests between 2 hosts with 40 G (IB), > first a few test with different num. of threads on top of ipoib > interface, later with preload rsocket on top of same ipoib interface. > > jw...@ps401a-914.nst:~$ iperf -p 52000 -c 10.43.3.145 > > Client connecting to 10.43.3.145, TCP port 52000 > TCP window size: 165 KByte (default) > > [ 3] local 10.43.3.146 port 55602 connected with 10.43.3.145 port 52000 > [ ID] Interval Transfer Bandwidth > [ 3] 0.-10.0001 sec 2.85 GBytes 2.44 Gbits/sec > jw...@ps401a-914.nst:~$ iperf -p 52000 -c 10.43.3.145 -P 2 > > Client connecting to 10.43.3.145, TCP port 52000 > TCP window size: 165 KByte (default) > > [ 4] local 10.43.3.146 port 39640 connected with 10.43.3.145 port 52000 > [ 3] local 10.43.3.146 port 39626 connected with 10.43.3.145 port 52000 > [ ID] Interval Transfer Bandwidth > [ 3] 0.-10.0012 sec 2.85 GBytes 2.45 Gbits/sec > [ 4] 0.-10.0026 sec 2.86 GBytes 2.45 Gbits/sec > [SUM] 0.-10.0026 sec 5.71 GBytes 4.90 Gbits/sec > [ CT] final connect times (min/avg/max/stdev) = > 0.281/0.300/0.318/0.318 ms (tot/err) = 2/0 > jw...@ps401a-914.nst:~$ iperf -p 52000 -c 10.43.3.145 -P 4 > > Client connecting to 10.43.3.145, TCP port 52000 > TCP window size: 165 KByte (default) > > [ 4] local 10.43.3.146 port 46956 connected with 10.43.3.145 port 52000 > [ 6] local 10.43.3.146 port 46978 connected with 10.43.3.145 port 52000 > [ 3] local 10.43.3.146 port 46944 connected with 10.43.3.145 port 52000 > [ 5] local 10.43.3.146 port 46962 connected with 10.43.3.145 port 52000 > [ ID] Interval Transfer Bandwidth > [ 3] 0.-10.0017 sec 2.85 GBytes 2.45 Gbits/sec > [ 4] 0.-10.0015 sec 2.85 GBytes 2.45 Gbits/sec > [ 5] 0.-10.0026 sec 2.85 GBytes 2.45 Gbits/sec > [ 6] 0.-10.0005 sec 2.85 GBytes 2.45 Gbits/sec > [SUM] 0.-10.0005 sec 11.4 GBytes 9.80 Gbits/sec > [ CT] final connect times (min/avg/max/stdev) = > 0.274/0.312/0.360/0.212 ms (tot/err) = 4/0 > jw...@ps401a-914.nst:~$ iperf -p 52000 -c 10.43.3.145 -P 8 > > Client connecting to 10.43.3.145, TCP port 52000 > TCP window size: 165 KByte (default) > > [ 7] local 10.43.3.146 port 35062 connected with 10.43.3.145 port 52000 > [ 6] local 10.43.3.146 port 35058 connected with 10.43.3.145 port 52000 > [ 8] local 10.43.3.146 port 35066 connected with 10.43.3.145 port 52000 > [ 9] local 10.43.3.146 port 35074 connected with 10.43.3.145 port 52000 > [ 3] local 10.43.3.146 port 35038 connected with 10.43.3.145 port 52000 > [ 12] local 10.43.3.146 port 35088 connected with 10.43.3.145 port 52000 > [ 5] local 10.43.3.146 port 35048 connected with 10.43.3.145 port 52000 > [ 4] local 10.43.3.146 port 35050 connected with 10.43.3.145 port 52000 > [ ID] Interval Transfer Bandwidth > [ 4] 0.-10.0005 sec 2.85 GBytes 2.44 Gbits/sec > [ 8] 0.-10.0011 sec 2.85 GBytes 2.45 Gbits/sec > [ 5] 0.-10. sec 2.85 GBytes 2.45 Gbits/sec > [ 12] 0.-10.0021 sec 2.85 GBytes 2.44 Gbits/sec > [ 3] 0.-10.0003 sec 2.85 GBytes 2.44 Gbits/sec > [ 7] 0.-10.0065 sec 2.50 GBytes 2.14 Gbits/sec > [ 9] 0.-10.0077 sec 2.52 GBytes 2.16 Gbits/sec > [ 6] 0.-10.0003 sec 2.85 GBytes 2.44 Gbits/sec > [SUM] 0.-10.0003 sec 22.1 GBytes 19.0 Gbits/sec > [ CT] final connect times (min/avg/max/stdev) = > 0.096/0.226/0.339/0.109 ms
Re: [PATCH-for-9.1 v2 2/3] migration: Remove RDMA protocol handling
On Mon, May 06, 2024 at 02:06:28AM +, Gonglei (Arei) wrote: > Hi, Peter Hey, Lei, Happy to see you around again after years. > RDMA features high bandwidth, low latency (in non-blocking lossless > network), and direct remote memory access by bypassing the CPU (As you > know, CPU resources are expensive for cloud vendors, which is one of the > reasons why we introduced offload cards.), which TCP does not have. It's another cost to use offload cards, v.s. preparing more cpu resources? > In some scenarios where fast live migration is needed (extremely short > interruption duration and migration duration) is very useful. To this > end, we have also developed RDMA support for multifd. Will any of you upstream that work? I'm curious how intrusive would it be when adding it to multifd, if it can keep only 5 exported functions like what rdma.h does right now it'll be pretty nice. We also want to make sure it works with arbitrary sized loads and buffers, e.g. vfio is considering to add IO loads to multifd channels too. One thing to note that the question here is not about a pure performance comparison between rdma and nics only. It's about help us make a decision on whether to drop rdma, iow, even if rdma performs well, the community still has the right to drop it if nobody can actively work and maintain it. It's just that if nics can perform as good it's more a reason to drop, unless companies can help to provide good support and work together. Thanks, -- Peter Xu ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH 0/4] Introduce SSH proxy
On 4/19/24 12:12, Michal Privoznik wrote: > *** BLURB HERE *** > > Michal Prívozník (4): > datatypes: Declare g_autoptr cleanup functions for more public objects > tools: Introduce SSH proxy > docs: Document SSH proxy > NEWS: Document SSH proxy feature > > NEWS.rst | 5 + > docs/docs.rst| 3 + > docs/meson.build | 1 + > docs/nss.rst | 7 + > docs/ssh-proxy.rst | 60 + > libvirt.spec.in | 27 +++ > meson.build | 16 +- > meson_options.txt| 2 + > po/POTFILES | 1 + > src/datatypes.h | 16 ++ > tools/meson.build| 2 + > tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in | 10 + > tools/ssh-proxy/meson.build | 25 ++ > tools/ssh-proxy/ssh-proxy.c | 233 +++ > 14 files changed, 407 insertions(+), 1 deletion(-) > create mode 100644 docs/ssh-proxy.rst > create mode 100644 tools/ssh-proxy/30-libvirt-ssh-proxy.conf.in > create mode 100644 tools/ssh-proxy/meson.build > create mode 100644 tools/ssh-proxy/ssh-proxy.c > Ping? Maybe now it's best time to get this merged and have longer test window. Michal ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH] qemu_saveimage: add zstd to supported compression formats
On 4/26/24 20:28, Adam Julis wrote: > Extend the list of supported formats, update and clarify comment > in qemu.conf.in (removed misleading sentence about the order of > compression format types). > > Signed-off-by: Adam Julis Commit message is a great place to put link to the issue you're fixing. Something like: Resolves: https://gitlab.com/libvirt/libvirt/-/issues/589 > --- > libvirt.spec.in | 1 + > src/qemu/qemu.conf.in | 7 +++ > src/qemu/qemu_saveimage.c | 2 ++ > 3 files changed, 6 insertions(+), 4 deletions(-) Reviewed-by: Michal Privoznik and merged. Will you post a follow up NEWS.rst patch pelase? Michal ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH v2 0/4] qemu: Substract isolcpus from all online affinity
On Tue, Apr 23, 2024 at 04:16:20PM +0200, Michal Privoznik wrote: > v2 of: > > https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/4V7OI5AEGYRN4GFQMQPIN4MYPJNK3NYJ/ > > diff to v1: > - Don't error out on systems where /sys/devices/system/cpu/isolated is > unavailable. > - Don't error out on systems where /sys/devices/system/cpu/isolated is > empty. > > Both of these resulted in new patches. > > Michal Prívozník (4): > virbitmap: Introduce virBitmapParseUnlimitedAllowEmpty() > virfile: Introduce virFileReadValueBitmapAllowEmpty() > virhostcpu: Introduce virHostCPUGetIsolated() > qemu: Substract isolcpus from all online affinity Reviewed-by: Pavel Hrdina signature.asc Description: PGP signature ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH v2 3/4] virhostcpu: Introduce virHostCPUGetIsolated()
On Tue, Apr 23, 2024 at 04:16:23PM +0200, Michal Privoznik wrote:
> This is a helper that parses /sys/devices/system/cpu/isolated
> into a virBitmap. It's going to be needed soon.
>
> Signed-off-by: Michal Privoznik
> ---
> src/libvirt_private.syms | 1 +
> src/util/virhostcpu.c| 31 +++
> src/util/virhostcpu.h| 1 +
> 3 files changed, 33 insertions(+)
>
> diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> index 2c7e4b45d3..0f2d5db883 100644
> --- a/src/libvirt_private.syms
> +++ b/src/libvirt_private.syms
> @@ -2504,6 +2504,7 @@ virHostCPUGetCount;
> virHostCPUGetCPUID;
> virHostCPUGetHaltPollTime;
> virHostCPUGetInfo;
> +virHostCPUGetIsolated;
> virHostCPUGetKVMMaxVCPUs;
> virHostCPUGetMap;
> virHostCPUGetMicrocodeVersion;
> diff --git a/src/util/virhostcpu.c b/src/util/virhostcpu.c
> index 01de69c0d1..b6d1db2302 100644
> --- a/src/util/virhostcpu.c
> +++ b/src/util/virhostcpu.c
> @@ -1152,6 +1152,37 @@ virHostCPUGetAvailableCPUsBitmap(void)
> }
>
>
> +/**
> + * virHostCPUGetIsolated:
> + * @isolated: returned bitmap of isolated CPUs
> + *
> + * Sets @isolated to point to a bitmap of isolated CPUs (e.g. those passed to
> + * isolcpus= kernel cmdline). If the file doesn't exist, @isolated is set to
> + * NULL and success is returned. If the file does exist but it's empty,
> + * @isolated is set to an empty bitmap an success is returned.
s/an success/and success/
> + *
> + * Returns: 0 on success,
> + * -1 otherwise (with error reported).
> + */
> +int
> +virHostCPUGetIsolated(virBitmap **isolated)
> +{
> +g_autoptr(virBitmap) bitmap = NULL;
> +int rc;
> +
> +rc = virFileReadValueBitmapAllowEmpty(, "%s/cpu/isolated",
> SYSFS_SYSTEM_PATH);
> +if (rc == -2) {
> +*isolated = NULL;
> +return 0;
> +} else if (rc < 0) {
> +return -1;
> +}
> +
> +*isolated = g_steal_pointer();
> +return 0;
> +}
signature.asc
Description: PGP signature
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH v2] qemu-options: Deprecate "-runas" and introduce "-run-with user=..." instead
On Mon, May 6, 2024 at 1:21 PM Thomas Huth wrote:
>
> The old "-runas" option has the disadvantage that it is not visible
> in the QAPI schema, so it is not available via the normal introspection
> mechanisms. We've recently introduced the "-run-with" option for exactly
> this purpose, which is meant to handle the options that affect the
> runtime behavior. Thus let's introduce a "user=..." parameter here now
> and deprecate the old "-runas" option.
No need to deprecate it, there are other shortcut options that are
just a couple lines of code to implement:
case QEMU_OPTION_watchdog_action: {
opts = qemu_opts_create(qemu_find_opts("action"),
NULL, 0, _abort);
qemu_opt_set(opts, "watchdog", optarg, _abort);
break;
However that would be a larger patch, basically moving all of the
--run-with handling to qemu_process_early_options() (and, as an aside,
setting .merge_lists = true in qemu_run_with_opts).
No objections to your patch, but also no objections to cleaning all of
--run-with; I should have caught it and proposed the shortcut options
when it was introduced or when --chroot was removed.
Paolo
> if (!os_set_runas(optarg)) {
> error_report("User \"%s\" doesn't exist"
> " (and is not :)",
> @@ -3612,6 +3617,16 @@ void qemu_init(int argc, char **argv)
> if (str) {
> os_set_chroot(str);
> }
> +str = qemu_opt_get(opts, "user");
> +if (str) {
> +if (!os_set_runas(str)) {
> +error_report("User \"%s\" doesn't exist"
> + " (and is not :)",
> + optarg);
> +exit(1);
> +}
> +}
> +
> break;
> }
> #endif /* CONFIG_POSIX */
> diff --git a/qemu-options.hx b/qemu-options.hx
> index cf61f6b863..3031479a15 100644
> --- a/qemu-options.hx
> +++ b/qemu-options.hx
> @@ -4824,7 +4824,8 @@ DEF("runas", HAS_ARG, QEMU_OPTION_runas, \
> SRST
> ``-runas user``
> Immediately before starting guest execution, drop root privileges,
> -switching to the specified user.
> +switching to the specified user. This option is deprecated, use
> +``-run-with user=...`` instead.
> ERST
>
> DEF("prom-env", HAS_ARG, QEMU_OPTION_prom_env,
> @@ -4990,13 +4991,15 @@ DEF("qtest-log", HAS_ARG, QEMU_OPTION_qtest_log, "",
> QEMU_ARCH_ALL)
>
> #ifdef CONFIG_POSIX
> DEF("run-with", HAS_ARG, QEMU_OPTION_run_with,
> -"-run-with [async-teardown=on|off][,chroot=dir]\n"
> +"-run-with [async-teardown=on|off][,chroot=dir][user=username|uid:gid]\n"
> "Set miscellaneous QEMU process lifecycle options:\n"
> "async-teardown=on enables asynchronous teardown (Linux
> only)\n"
> -"chroot=dir chroot to dir just before starting the VM\n",
> +"chroot=dir chroot to dir just before starting the VM\n"
> +"user=username switch to the specified user before
> starting the VM\n"
> +"user=uid:gid dito, but use specified user-ID and
> group-ID instead\n",
> QEMU_ARCH_ALL)
> SRST
> -``-run-with [async-teardown=on|off][,chroot=dir]``
> +``-run-with [async-teardown=on|off][,chroot=dir][user=username|uid:gid]``
> Set QEMU process lifecycle options.
>
> ``async-teardown=on`` enables asynchronous teardown. A new process called
> @@ -5013,6 +5016,10 @@ SRST
> ``chroot=dir`` can be used for doing a chroot to the specified directory
> immediately before starting the guest execution. This is especially
> useful
> in combination with -runas.
> +
> +``user=username`` or ``user=uid:gid`` can be used to drop root privileges
> +by switching to the specified user (via username) or user and group
> +(via uid:gid) immediately before starting guest execution.
> ERST
> #endif
>
> --
> 2.45.0
>M
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH v2 0/4] qemu: Substract isolcpus from all online affinity
On 4/23/24 16:16, Michal Privoznik wrote: > v2 of: > > https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/4V7OI5AEGYRN4GFQMQPIN4MYPJNK3NYJ/ > > diff to v1: > - Don't error out on systems where /sys/devices/system/cpu/isolated is > unavailable. > - Don't error out on systems where /sys/devices/system/cpu/isolated is > empty. > > Both of these resulted in new patches. > > Michal Prívozník (4): > virbitmap: Introduce virBitmapParseUnlimitedAllowEmpty() > virfile: Introduce virFileReadValueBitmapAllowEmpty() > virhostcpu: Introduce virHostCPUGetIsolated() > qemu: Substract isolcpus from all online affinity > > src/libvirt_private.syms | 3 ++ > src/qemu/qemu_process.c | 9 + > src/util/virbitmap.c | 40 +--- > src/util/virbitmap.h | 3 ++ > src/util/virfile.c | 81 ++-- > src/util/virfile.h | 2 + > src/util/virhostcpu.c| 31 +++ > src/util/virhostcpu.h| 1 + > tests/virbitmaptest.c| 40 > 9 files changed, 186 insertions(+), 24 deletions(-) > Polite ping. Michal ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH] NEWS: document qemu: ras as a new feature
On Fri, May 03, 2024 at 01:49:30PM GMT, Kristina Hanicova wrote: > Signed-off-by: Kristina Hanicova > --- > NEWS.rst | 5 + > 1 file changed, 5 insertions(+) Reviewed-by: Andrea Bolognani and pushed. Thanks! -- Andrea Bolognani / Red Hat / Virtualization ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH] vsh: Don't init history in cmdComplete()
On Sat, May 04, 2024 at 05:32:39AM GMT, Michal Privoznik wrote: > Recent rework of virshtest uncovered a subtle bug that was > dormant in now vsh but before that even in monolithic virsh. > > In vsh.c there's this vshReadlineInit() function that's supposed > to initialize readline library, i.e. set those global rl_* > pointers. But it also initializes history library. Then, when > virsh/virt-admin quits, vshReadlineDeinit() is called which > writes history into a file (ensuring the parent directory > exists). So far no problem. > > Problem arises when cmdComplete() is called (from a bash > completer, for instance). It does not guard call to > vshReadlineInit() with check for interactive shell (and it should > not), but it sets ctl->historyfile which signals to > vshReadlineDeinit() the history should be written. > > Now, no real history is written, because nothing was entered on > the stdin, but the parent directory is created nevertheless. With > recent movement in virshtest.c this means some test cases might > create virsh history file which breaks our promise of not > touching user's data in test suite. > > Resolves: https://bugs.gentoo.org/931109 > Signed-off-by: Michal Privoznik > --- > tools/vsh.c | 11 --- > 1 file changed, 8 insertions(+), 3 deletions(-) This caused FTBFS on Debian too. I was going to investigate the matter today, and seeing the fix merged already was a nice surprise! Thank you for taking care of this :) -- Andrea Bolognani / Red Hat / Virtualization ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH v2] qemu-options: Deprecate "-runas" and introduce "-run-with user=..." instead
On 6/5/24 13:20, Thomas Huth wrote: The old "-runas" option has the disadvantage that it is not visible in the QAPI schema, so it is not available via the normal introspection mechanisms. We've recently introduced the "-run-with" option for exactly this purpose, which is meant to handle the options that affect the runtime behavior. Thus let's introduce a "user=..." parameter here now and deprecate the old "-runas" option. Signed-off-by: Thomas Huth --- v2: Add missing part in qemu-options.hx as suggested by Philippe docs/about/deprecated.rst | 6 ++ system/vl.c | 15 +++ qemu-options.hx | 15 +++ 3 files changed, 32 insertions(+), 4 deletions(-) Reviewed-by: Philippe Mathieu-Daudé ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH v2] qemu-options: Deprecate "-runas" and introduce "-run-with user=..." instead
The old "-runas" option has the disadvantage that it is not visible
in the QAPI schema, so it is not available via the normal introspection
mechanisms. We've recently introduced the "-run-with" option for exactly
this purpose, which is meant to handle the options that affect the
runtime behavior. Thus let's introduce a "user=..." parameter here now
and deprecate the old "-runas" option.
Signed-off-by: Thomas Huth
---
v2: Add missing part in qemu-options.hx as suggested by Philippe
docs/about/deprecated.rst | 6 ++
system/vl.c | 15 +++
qemu-options.hx | 15 +++
3 files changed, 32 insertions(+), 4 deletions(-)
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index 3310df3274..fe69e2d44c 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -61,6 +61,12 @@ configurations (e.g. -smp drawers=1,books=1,clusters=1 for
x86 PC machine) is
marked deprecated since 9.0, users have to ensure that all the topology members
described with -smp are supported by the target machine.
+``-runas`` (since 9.1)
+--
+
+Use ``-run-with user=..`` instead.
+
+
User-mode emulator command line arguments
-
diff --git a/system/vl.c b/system/vl.c
index 7756eac81e..b031427440 100644
--- a/system/vl.c
+++ b/system/vl.c
@@ -773,6 +773,10 @@ static QemuOptsList qemu_run_with_opts = {
.name = "chroot",
.type = QEMU_OPT_STRING,
},
+{
+.name = "user",
+.type = QEMU_OPT_STRING,
+},
{ /* end of list */ }
},
};
@@ -3586,6 +3590,7 @@ void qemu_init(int argc, char **argv)
break;
#if defined(CONFIG_POSIX)
case QEMU_OPTION_runas:
+warn_report("-runas is deprecated, use '-run-with user=...'
instead");
if (!os_set_runas(optarg)) {
error_report("User \"%s\" doesn't exist"
" (and is not :)",
@@ -3612,6 +3617,16 @@ void qemu_init(int argc, char **argv)
if (str) {
os_set_chroot(str);
}
+str = qemu_opt_get(opts, "user");
+if (str) {
+if (!os_set_runas(str)) {
+error_report("User \"%s\" doesn't exist"
+ " (and is not :)",
+ optarg);
+exit(1);
+}
+}
+
break;
}
#endif /* CONFIG_POSIX */
diff --git a/qemu-options.hx b/qemu-options.hx
index cf61f6b863..3031479a15 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4824,7 +4824,8 @@ DEF("runas", HAS_ARG, QEMU_OPTION_runas, \
SRST
``-runas user``
Immediately before starting guest execution, drop root privileges,
-switching to the specified user.
+switching to the specified user. This option is deprecated, use
+``-run-with user=...`` instead.
ERST
DEF("prom-env", HAS_ARG, QEMU_OPTION_prom_env,
@@ -4990,13 +4991,15 @@ DEF("qtest-log", HAS_ARG, QEMU_OPTION_qtest_log, "",
QEMU_ARCH_ALL)
#ifdef CONFIG_POSIX
DEF("run-with", HAS_ARG, QEMU_OPTION_run_with,
-"-run-with [async-teardown=on|off][,chroot=dir]\n"
+"-run-with [async-teardown=on|off][,chroot=dir][user=username|uid:gid]\n"
"Set miscellaneous QEMU process lifecycle options:\n"
"async-teardown=on enables asynchronous teardown (Linux
only)\n"
-"chroot=dir chroot to dir just before starting the VM\n",
+"chroot=dir chroot to dir just before starting the VM\n"
+"user=username switch to the specified user before
starting the VM\n"
+"user=uid:gid dito, but use specified user-ID and group-ID
instead\n",
QEMU_ARCH_ALL)
SRST
-``-run-with [async-teardown=on|off][,chroot=dir]``
+``-run-with [async-teardown=on|off][,chroot=dir][user=username|uid:gid]``
Set QEMU process lifecycle options.
``async-teardown=on`` enables asynchronous teardown. A new process called
@@ -5013,6 +5016,10 @@ SRST
``chroot=dir`` can be used for doing a chroot to the specified directory
immediately before starting the guest execution. This is especially useful
in combination with -runas.
+
+``user=username`` or ``user=uid:gid`` can be used to drop root privileges
+by switching to the specified user (via username) or user and group
+(via uid:gid) immediately before starting guest execution.
ERST
#endif
--
2.45.0
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
Re: [PATCH] vsh: Don't init history in cmdComplete()
On a Saturday in 2024, Michal Privoznik wrote: Recent rework of virshtest uncovered a subtle bug that was dormant in now vsh but before that even in monolithic virsh. In vsh.c there's this vshReadlineInit() function that's supposed to initialize readline library, i.e. set those global rl_* pointers. But it also initializes history library. Then, when virsh/virt-admin quits, vshReadlineDeinit() is called which writes history into a file (ensuring the parent directory exists). So far no problem. Problem arises when cmdComplete() is called (from a bash completer, for instance). It does not guard call to vshReadlineInit() with check for interactive shell (and it should not), but it sets ctl->historyfile which signals to vshReadlineDeinit() the history should be written. Now, no real history is written, because nothing was entered on the stdin, but the parent directory is created nevertheless. With recent movement in virshtest.c this means some test cases might create virsh history file which breaks our promise of not touching user's data in test suite. Resolves: https://bugs.gentoo.org/931109 Signed-off-by: Michal Privoznik --- tools/vsh.c | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-) Reviewed-by: Ján Tomko Jano signature.asc Description: PGP signature ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 04/13] security: Fix return types of .probe callbacks
The .probe member of virSecurityDriver struct is declared to
return virSecurityDriverStatus enum. But there are two instances
(AppArmorSecurityManagerProbe() and
virSecuritySELinuxDriverProbe()) where callbacks are defined to
return an integer. This is an undefined behavior because integer
has strictly bigger space of possible values than the enum.
Defined those aforementioned callbacks so that they return the
correct enum instead of int.
Signed-off-by: Michal Privoznik
---
src/security/security_apparmor.c | 2 +-
src/security/security_selinux.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index c1dc859751..27184aef7f 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -315,7 +315,7 @@ AppArmorSetSecurityHostLabel(virSCSIVHostDevice *dev
G_GNUC_UNUSED,
}
/* Called on libvirtd startup to see if AppArmor is available */
-static int
+static virSecurityDriverStatus
AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
{
g_autofree char *template_qemu = NULL;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index aaec34ff8b..e29f627bc2 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1039,7 +1039,7 @@ virSecuritySELinuxReserveLabel(virSecurityManager *mgr,
}
-static int
+static virSecurityDriverStatus
virSecuritySELinuxDriverProbe(const char *virtDriver)
{
if (is_selinux_enabled() <= 0)
--
2.43.2
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 13/13] ci: Introduce AlmaLinux 9
AlmaLinux 9 was released a while ago, but for some reason it's
missing in our CI. Add it there.
Signed-off-by: Michal Privoznik
---
ci/buildenv/almalinux-9.sh | 101 ++
ci/containers/almalinux-9.Dockerfile | 104 +++
ci/gitlab/builds.yml | 26 +++
ci/gitlab/containers.yml | 7 ++
ci/manifest.yml | 13
5 files changed, 251 insertions(+)
create mode 100644 ci/buildenv/almalinux-9.sh
create mode 100644 ci/containers/almalinux-9.Dockerfile
diff --git a/ci/buildenv/almalinux-9.sh b/ci/buildenv/almalinux-9.sh
new file mode 100644
index 00..f0826e1313
--- /dev/null
+++ b/ci/buildenv/almalinux-9.sh
@@ -0,0 +1,101 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+# $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+dnf update -y
+dnf install 'dnf-command(config-manager)' -y
+dnf config-manager --set-enabled -y crb
+dnf install -y epel-release
+dnf install -y \
+audit-libs-devel \
+augeas \
+bash-completion \
+ca-certificates \
+ccache \
+clang \
+clang-devel \
+cpp \
+cyrus-sasl-devel \
+device-mapper-devel \
+diffutils \
+dwarves \
+ebtables \
+firewalld-filesystem \
+fuse-devel \
+gcc \
+gettext \
+git \
+glib2-devel \
+glibc-devel \
+glibc-langpack-en \
+gnutls-devel \
+grep \
+iproute \
+iproute-tc \
+iptables \
+iscsi-initiator-utils \
+kmod \
+libacl-devel \
+libattr-devel \
+libblkid-devel \
+libcap-ng-devel \
+libcurl-devel \
+libiscsi-devel \
+libnbd-devel \
+libnl3-devel \
+libpcap-devel \
+libpciaccess-devel \
+librbd-devel \
+libselinux-devel \
+libssh-devel \
+libssh2-devel \
+libtirpc-devel \
+libwsman-devel \
+libxml2 \
+libxml2-devel \
+libxslt \
+lvm2 \
+make \
+meson \
+nfs-utils \
+ninja-build \
+numactl-devel \
+numad \
+parted-devel \
+perl-base \
+pkgconfig \
+polkit \
+python3 \
+python3-docutils \
+python3-flake8 \
+python3-pip \
+python3-pytest \
+python3-setuptools \
+python3-wheel \
+qemu-img \
+readline-devel \
+rpm-build \
+sanlock-devel \
+sed \
+systemd-devel \
+systemd-rpm-macros \
+systemtap-sdt-devel \
+wireshark-devel \
+yajl-devel
+rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED
+rpm -qa | sort > /packages.txt
+mkdir -p /usr/libexec/ccache-wrappers
+ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
+ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
+ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
+/usr/bin/pip3 install black
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
diff --git a/ci/containers/almalinux-9.Dockerfile
b/ci/containers/almalinux-9.Dockerfile
new file mode 100644
index 00..68608b12a9
--- /dev/null
+++ b/ci/containers/almalinux-9.Dockerfile
@@ -0,0 +1,104 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+# $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+FROM docker.io/library/almalinux:9
+
+RUN dnf update -y && \
+dnf install 'dnf-command(config-manager)' -y && \
+dnf config-manager --set-enabled -y crb && \
+dnf install -y epel-release && \
+dnf install -y \
+audit-libs-devel \
+augeas \
+bash-completion \
+ca-certificates \
+ccache \
+clang \
+clang-devel \
+cpp \
+cyrus-sasl-devel \
+device-mapper-devel \
+diffutils \
+dwarves \
+ebtables \
+firewalld-filesystem \
+fuse-devel \
+gcc \
+gettext \
+git \
+glib2-devel \
+glibc-devel \
+glibc-langpack-en \
+gnutls-devel \
+grep \
+iproute \
+iproute-tc \
+iptables \
+iscsi-initiator-utils \
+kmod \
+libacl-devel \
+libattr-devel \
+libblkid-devel \
+libcap-ng-devel \
+libcurl-devel \
+libiscsi-devel \
+libnbd-devel \
+libnl3-devel \
+libpcap-devel \
+libpciaccess-devel \
+librbd-devel \
+libselinux-devel \
+libssh-devel \
+libssh2-devel \
+libtirpc-devel \
+libwsman-devel \
+libxml2 \
+libxml2-devel \
+libxslt \
+lvm2 \
+
[PATCH 12/13] ci: Introduce Ubuntu 24.04
Ubuntu 24.04 was released recently. Add it to our CI.
Signed-off-by: Michal Privoznik
---
ci/buildenv/centos-stream-9.sh| 1 +
ci/buildenv/debian-12-cross-aarch64.sh| 1 +
ci/buildenv/debian-12-cross-armv6l.sh | 1 +
ci/buildenv/debian-12-cross-armv7l.sh | 1 +
ci/buildenv/debian-12-cross-i686.sh | 1 +
ci/buildenv/debian-12-cross-mips64el.sh | 1 +
ci/buildenv/debian-12-cross-mipsel.sh | 1 +
ci/buildenv/debian-12-cross-ppc64le.sh| 1 +
ci/buildenv/debian-12-cross-s390x.sh | 1 +
ci/buildenv/debian-12.sh | 1 +
ci/buildenv/debian-sid-cross-aarch64.sh | 1 +
ci/buildenv/debian-sid-cross-armv6l.sh| 1 +
ci/buildenv/debian-sid-cross-armv7l.sh| 1 +
ci/buildenv/debian-sid-cross-i686.sh | 1 +
ci/buildenv/debian-sid-cross-mips64el.sh | 1 +
ci/buildenv/debian-sid-cross-ppc64le.sh | 1 +
ci/buildenv/debian-sid-cross-s390x.sh | 1 +
ci/buildenv/debian-sid.sh | 1 +
ci/buildenv/fedora-39.sh | 1 +
ci/buildenv/fedora-40-cross-mingw32.sh| 1 +
ci/buildenv/fedora-40-cross-mingw64.sh| 1 +
ci/buildenv/fedora-40.sh | 1 +
ci/buildenv/fedora-rawhide-cross-mingw32.sh | 1 +
ci/buildenv/fedora-rawhide-cross-mingw64.sh | 1 +
ci/buildenv/fedora-rawhide.sh | 1 +
ci/buildenv/ubuntu-2404.sh| 101 +
ci/containers/centos-stream-9.Dockerfile | 1 +
.../debian-12-cross-aarch64.Dockerfile| 1 +
.../debian-12-cross-armv6l.Dockerfile | 1 +
.../debian-12-cross-armv7l.Dockerfile | 1 +
ci/containers/debian-12-cross-i686.Dockerfile | 1 +
.../debian-12-cross-mips64el.Dockerfile | 1 +
.../debian-12-cross-mipsel.Dockerfile | 1 +
.../debian-12-cross-ppc64le.Dockerfile| 1 +
.../debian-12-cross-s390x.Dockerfile | 1 +
ci/containers/debian-12.Dockerfile| 1 +
.../debian-sid-cross-aarch64.Dockerfile | 1 +
.../debian-sid-cross-armv6l.Dockerfile| 1 +
.../debian-sid-cross-armv7l.Dockerfile| 1 +
.../debian-sid-cross-i686.Dockerfile | 1 +
.../debian-sid-cross-mips64el.Dockerfile | 1 +
.../debian-sid-cross-ppc64le.Dockerfile | 1 +
.../debian-sid-cross-s390x.Dockerfile | 1 +
ci/containers/debian-sid.Dockerfile | 1 +
ci/containers/fedora-39.Dockerfile| 1 +
.../fedora-40-cross-mingw32.Dockerfile| 1 +
.../fedora-40-cross-mingw64.Dockerfile| 1 +
ci/containers/fedora-40.Dockerfile| 1 +
.../fedora-rawhide-cross-mingw32.Dockerfile | 1 +
.../fedora-rawhide-cross-mingw64.Dockerfile | 1 +
ci/containers/fedora-rawhide.Dockerfile | 1 +
ci/containers/ubuntu-2404.Dockerfile | 104 ++
ci/gitlab/builds.yml | 21 +++-
ci/gitlab/containers.yml | 7 ++
ci/lcitool/projects/libvirt.yml | 1 +
ci/manifest.yml | 4 +
56 files changed, 283 insertions(+), 5 deletions(-)
create mode 100644 ci/buildenv/ubuntu-2404.sh
create mode 100644 ci/containers/ubuntu-2404.Dockerfile
diff --git a/ci/buildenv/centos-stream-9.sh b/ci/buildenv/centos-stream-9.sh
index 8dabda22b3..c23c60e026 100644
--- a/ci/buildenv/centos-stream-9.sh
+++ b/ci/buildenv/centos-stream-9.sh
@@ -17,6 +17,7 @@ function install_buildenv() {
ca-certificates \
ccache \
clang \
+compiler-rt \
cpp \
cyrus-sasl-devel \
device-mapper-devel \
diff --git a/ci/buildenv/debian-12-cross-aarch64.sh
b/ci/buildenv/debian-12-cross-aarch64.sh
index efe5548097..5fc7e8a801 100644
--- a/ci/buildenv/debian-12-cross-aarch64.sh
+++ b/ci/buildenv/debian-12-cross-aarch64.sh
@@ -27,6 +27,7 @@ function install_buildenv() {
iproute2 \
iptables \
kmod \
+libclang-rt-dev \
libnbd-dev \
libxml2-utils \
locales \
diff --git a/ci/buildenv/debian-12-cross-armv6l.sh
b/ci/buildenv/debian-12-cross-armv6l.sh
index 0b3963f020..24d7d80380 100644
--- a/ci/buildenv/debian-12-cross-armv6l.sh
+++ b/ci/buildenv/debian-12-cross-armv6l.sh
@@ -27,6 +27,7 @@ function install_buildenv() {
iproute2 \
iptables \
kmod \
+libclang-rt-dev \
libnbd-dev \
libxml2-utils \
locales \
diff --git a/ci/buildenv/debian-12-cross-armv7l.sh
b/ci/buildenv/debian-12-cross-armv7l.sh
index bc489c342a..35738e6bb2 100644
--- a/ci/buildenv/debian-12-cross-armv7l.sh
+++ b/ci/buildenv/debian-12-cross-armv7l.sh
@@ -27,6 +27,7 @@ function install_buildenv() {
iproute2 \
iptables \
kmod \
+
[PATCH 11/13] ci: Introduce Fedora 40
Fedora 40 was released recently. Add it to our CI.
Signed-off-by: Michal Privoznik
---
ci/buildenv/fedora-40-cross-mingw32.sh| 77
ci/buildenv/fedora-40-cross-mingw64.sh| 77
ci/buildenv/fedora-40.sh | 98
.../fedora-40-cross-mingw32.Dockerfile| 91 +++
.../fedora-40-cross-mingw64.Dockerfile| 91 +++
ci/containers/fedora-40.Dockerfile| 110 ++
ci/gitlab/builds.yml | 40 +++
ci/gitlab/containers.yml | 22
ci/manifest.yml | 13 +++
9 files changed, 619 insertions(+)
create mode 100644 ci/buildenv/fedora-40-cross-mingw32.sh
create mode 100644 ci/buildenv/fedora-40-cross-mingw64.sh
create mode 100644 ci/buildenv/fedora-40.sh
create mode 100644 ci/containers/fedora-40-cross-mingw32.Dockerfile
create mode 100644 ci/containers/fedora-40-cross-mingw64.Dockerfile
create mode 100644 ci/containers/fedora-40.Dockerfile
diff --git a/ci/buildenv/fedora-40-cross-mingw32.sh
b/ci/buildenv/fedora-40-cross-mingw32.sh
new file mode 100644
index 00..f349d1f60d
--- /dev/null
+++ b/ci/buildenv/fedora-40-cross-mingw32.sh
@@ -0,0 +1,77 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+# $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+dnf update -y
+dnf install -y \
+augeas \
+bash-completion \
+ca-certificates \
+ccache \
+codespell \
+cpp \
+cppi \
+diffutils \
+dwarves \
+ebtables \
+firewalld-filesystem \
+gettext \
+git \
+glibc-langpack-en \
+grep \
+iproute \
+iproute-tc \
+iptables \
+iscsi-initiator-utils \
+kmod \
+libnbd-devel \
+libxml2 \
+libxslt \
+lvm2 \
+make \
+meson \
+nfs-utils \
+ninja-build \
+numad \
+perl-base \
+polkit \
+python3 \
+python3-black \
+python3-docutils \
+python3-flake8 \
+python3-pytest \
+qemu-img \
+rpm-build \
+sed \
+systemd-rpm-macros
+rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED
+dnf install -y \
+mingw32-curl \
+mingw32-dlfcn \
+mingw32-gcc \
+mingw32-gettext \
+mingw32-glib2 \
+mingw32-gnutls \
+mingw32-headers \
+mingw32-libssh2 \
+mingw32-libxml2 \
+mingw32-pkg-config \
+mingw32-portablexdr \
+mingw32-readline
+rpm -qa | sort > /packages.txt
+mkdir -p /usr/libexec/ccache-wrappers
+ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-cc
+ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-gcc
+}
+
+export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
+export LANG="en_US.UTF-8"
+export MAKE="/usr/bin/make"
+export NINJA="/usr/bin/ninja"
+export PYTHON="/usr/bin/python3"
+
+export ABI="i686-w64-mingw32"
+export MESON_OPTS="--cross-file=/usr/share/mingw/toolchain-mingw32.meson"
diff --git a/ci/buildenv/fedora-40-cross-mingw64.sh
b/ci/buildenv/fedora-40-cross-mingw64.sh
new file mode 100644
index 00..fd20ff812b
--- /dev/null
+++ b/ci/buildenv/fedora-40-cross-mingw64.sh
@@ -0,0 +1,77 @@
+# THIS FILE WAS AUTO-GENERATED
+#
+# $ lcitool manifest ci/manifest.yml
+#
+# https://gitlab.com/libvirt/libvirt-ci
+
+function install_buildenv() {
+dnf update -y
+dnf install -y \
+augeas \
+bash-completion \
+ca-certificates \
+ccache \
+codespell \
+cpp \
+cppi \
+diffutils \
+dwarves \
+ebtables \
+firewalld-filesystem \
+gettext \
+git \
+glibc-langpack-en \
+grep \
+iproute \
+iproute-tc \
+iptables \
+iscsi-initiator-utils \
+kmod \
+libnbd-devel \
+libxml2 \
+libxslt \
+lvm2 \
+make \
+meson \
+nfs-utils \
+ninja-build \
+numad \
+perl-base \
+polkit \
+python3 \
+python3-black \
+python3-docutils \
+python3-flake8 \
+python3-pytest \
+qemu-img \
+rpm-build \
+sed \
+systemd-rpm-macros
+rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED
+dnf install -y \
+mingw64-curl \
+mingw64-dlfcn \
+mingw64-gcc \
+mingw64-gettext \
+mingw64-glib2 \
+mingw64-gnutls \
+mingw64-headers \
+mingw64-libssh2 \
+mingw64-libxml2 \
+mingw64-pkg-config \
+mingw64-portablexdr \
+mingw64-readline
+rpm -qa | sort > /packages.txt
+mkdir -p /usr/libexec/ccache-wrappers
+ln -s /usr/bin/ccache
[PATCH 10/13] meson: Bump glib version to 2.58.0
Now that we don't have any distro stuck with glib-2.56.0, we can
bump the glib version. In fact, this is needed, because of
g_clear_pointer. Since v7.4.0-rc1~301 we declare at compile time
what version of glib APIs we want to use (by setting
GLIB_VERSION_MIN_REQUIRED = GLIB_VERSION_MAX_ALLOWED = 2.56.0),
regardless of actual glib version in the host.
And since we currently require glib-2.56.0 and force glib to use
APIs of that version, some newer bits are slipping from us. For
instance: regular function version of g_clear_pointer() is used
instead of a fancy macro. So what? Well, g_clear_pointer()
function typecasts passed free function to void (*)(void *) and
then calls it. Well, this triggers UBSAN, understandably. But
with glib-2.58.0 the g_clear_pointer() becomes a macro which
calls the free function directly, with no typecasting and thus no
undefined behavior.
Signed-off-by: Michal Privoznik
---
meson.build | 2 +-
src/libvirt_private.syms | 1 -
src/util/glibcompat.c| 125 ---
src/util/glibcompat.h| 10
4 files changed, 1 insertion(+), 137 deletions(-)
diff --git a/meson.build b/meson.build
index cb374ab118..583383b0d3 100644
--- a/meson.build
+++ b/meson.build
@@ -978,7 +978,7 @@ else
endif
endif
-glib_version = '2.56.0'
+glib_version = '2.58.0'
glib_dep = dependency('glib-2.0', version: '>=' + glib_version)
gobject_dep = dependency('gobject-2.0', version: '>=' + glib_version)
if host_machine.system() == 'windows'
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 3186dd6d23..214df35e87 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1848,7 +1848,6 @@ virStorageSourceUpdatePhysicalSize;
# util/glibcompat.h
-vir_g_canonicalize_filename;
vir_g_fsync;
vir_g_source_unref;
vir_g_strdup_printf;
diff --git a/src/util/glibcompat.c b/src/util/glibcompat.c
index fdc32af5e2..d8912b323b 100644
--- a/src/util/glibcompat.c
+++ b/src/util/glibcompat.c
@@ -63,136 +63,11 @@
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-#undef g_canonicalize_filename
-#undef g_hash_table_steal_extended
#undef g_fsync
#undef g_strdup_printf
#undef g_strdup_vprintf
-gchar *
-vir_g_canonicalize_filename(const gchar *filename,
-const gchar *relative_to)
-{
-#if GLIB_CHECK_VERSION(2, 58, 0)
-return g_canonicalize_filename(filename, relative_to);
-#else /* ! GLIB_CHECK_VERSION(2, 58, 0) */
-gchar *canon, *start, *p, *q;
-guint i;
-
-g_return_val_if_fail(relative_to == NULL ||
g_path_is_absolute(relative_to), NULL);
-
-if (!g_path_is_absolute(filename)) {
-gchar *cwd_allocated = NULL;
-const gchar *cwd;
-
-if (relative_to != NULL)
-cwd = relative_to;
-else
-cwd = cwd_allocated = g_get_current_dir();
-
-canon = g_build_filename(cwd, filename, NULL);
-g_free(cwd_allocated);
-} else {
-canon = g_strdup(filename);
-}
-
-start = (char *)g_path_skip_root(canon);
-
-if (start == NULL) {
-/* This shouldn't really happen, as g_get_current_dir() should
- return an absolute pathname, but bug 573843 shows this is
- not always happening */
-g_free(canon);
-return g_build_filename(G_DIR_SEPARATOR_S, filename, NULL);
-}
-
-/* POSIX allows double slashes at the start to
- * mean something special (as does windows too).
- * So, "//" != "/", but more than two slashes
- * is treated as "/".
- */
-i = 0;
-for (p = start - 1;
- (p >= canon) &&
- G_IS_DIR_SEPARATOR(*p);
- p--)
-i++;
-if (i > 2) {
-i -= 1;
-start -= i;
-memmove(start, start+i, strlen(start+i) + 1);
-}
-
-/* Make sure we're using the canonical dir separator */
-p++;
-while (p < start && G_IS_DIR_SEPARATOR(*p))
-*p++ = G_DIR_SEPARATOR;
-
-p = start;
-while (*p != 0) {
-if (p[0] == '.' && (p[1] == 0 || G_IS_DIR_SEPARATOR(p[1]))) {
-memmove(p, p+1, strlen(p+1)+1);
-} else if (p[0] == '.' && p[1] == '.' &&
- (p[2] == 0 || G_IS_DIR_SEPARATOR(p[2]))) {
-q = p + 2;
-/* Skip previous separator */
-p = p - 2;
-if (p < start)
-p = start;
-while (p > start && !G_IS_DIR_SEPARATOR(*p))
-p--;
-if (G_IS_DIR_SEPARATOR(*p))
-*p++ = G_DIR_SEPARATOR;
-memmove(p, q, strlen(q)+1);
-} else {
-/* Skip until next separator */
-while (*p != 0 && !G_IS_DIR_SEPARATOR(*p))
-p++;
-
-if (*p != 0) {
-/* Canonicalize one separator */
-*p++ = G_DIR_SEPARATOR;
-}
-}
-
-/* Remove additional separators */
-q = p;
-while (*q &&
[PATCH 09/13] ci: Drop AlmaLinux 8
By the time of release, it's going to be more than two years
since AlmaLinux 9 was released and per our support policy,
AlmaLinux 8 (the previous major release) will be not supported.
Remove it from our CI testing.
Signed-off-by: Michal Privoznik
---
ci/buildenv/almalinux-8.sh | 103 --
ci/containers/almalinux-8.Dockerfile | 106 ---
ci/gitlab/builds.yml | 26 ---
ci/gitlab/containers.yml | 7 --
ci/manifest.yml | 13
5 files changed, 255 deletions(-)
delete mode 100644 ci/buildenv/almalinux-8.sh
delete mode 100644 ci/containers/almalinux-8.Dockerfile
diff --git a/ci/buildenv/almalinux-8.sh b/ci/buildenv/almalinux-8.sh
deleted file mode 100644
index a962576414..00
--- a/ci/buildenv/almalinux-8.sh
+++ /dev/null
@@ -1,103 +0,0 @@
-# THIS FILE WAS AUTO-GENERATED
-#
-# $ lcitool manifest ci/manifest.yml
-#
-# https://gitlab.com/libvirt/libvirt-ci
-
-function install_buildenv() {
-dnf update -y
-dnf install 'dnf-command(config-manager)' -y
-dnf config-manager --set-enabled -y powertools
-dnf install -y centos-release-advanced-virtualization
-dnf install -y epel-release
-dnf install -y \
-audit-libs-devel \
-augeas \
-bash-completion \
-ca-certificates \
-ccache \
-clang \
-cpp \
-cyrus-sasl-devel \
-device-mapper-devel \
-diffutils \
-dwarves \
-ebtables \
-firewalld-filesystem \
-fuse-devel \
-gcc \
-gettext \
-git \
-glib2-devel \
-glibc-devel \
-glibc-langpack-en \
-glusterfs-api-devel \
-gnutls-devel \
-grep \
-iproute \
-iproute-tc \
-iptables \
-iscsi-initiator-utils \
-kmod \
-libacl-devel \
-libattr-devel \
-libblkid-devel \
-libcap-ng-devel \
-libcurl-devel \
-libiscsi-devel \
-libnbd-devel \
-libnl3-devel \
-libpcap-devel \
-libpciaccess-devel \
-librbd-devel \
-libselinux-devel \
-libssh-devel \
-libssh2-devel \
-libtirpc-devel \
-libwsman-devel \
-libxml2 \
-libxml2-devel \
-libxslt \
-lvm2 \
-make \
-meson \
-netcf-devel \
-nfs-utils \
-ninja-build \
-numactl-devel \
-numad \
-parted-devel \
-perl \
-pkgconfig \
-polkit \
-python3 \
-python3-docutils \
-python3-flake8 \
-python3-pip \
-python3-pytest \
-python3-setuptools \
-python3-wheel \
-qemu-img \
-readline-devel \
-rpm-build \
-sanlock-devel \
-sed \
-systemd-devel \
-systemd-rpm-macros \
-systemtap-sdt-devel \
-wireshark-devel \
-yajl-devel
-rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED
-rpm -qa | sort > /packages.txt
-mkdir -p /usr/libexec/ccache-wrappers
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
-/usr/bin/pip3 install black
-}
-
-export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
-export LANG="en_US.UTF-8"
-export MAKE="/usr/bin/make"
-export NINJA="/usr/bin/ninja"
-export PYTHON="/usr/bin/python3"
diff --git a/ci/containers/almalinux-8.Dockerfile
b/ci/containers/almalinux-8.Dockerfile
deleted file mode 100644
index af8a7b24d4..00
--- a/ci/containers/almalinux-8.Dockerfile
+++ /dev/null
@@ -1,106 +0,0 @@
-# THIS FILE WAS AUTO-GENERATED
-#
-# $ lcitool manifest ci/manifest.yml
-#
-# https://gitlab.com/libvirt/libvirt-ci
-
-FROM docker.io/library/almalinux:8
-
-RUN dnf update -y && \
-dnf install 'dnf-command(config-manager)' -y && \
-dnf config-manager --set-enabled -y powertools && \
-dnf install -y centos-release-advanced-virtualization && \
-dnf install -y epel-release && \
-dnf install -y \
-audit-libs-devel \
-augeas \
-bash-completion \
-ca-certificates \
-ccache \
-clang \
-cpp \
-cyrus-sasl-devel \
-device-mapper-devel \
-diffutils \
-dwarves \
-ebtables \
-firewalld-filesystem \
-fuse-devel \
-gcc \
-gettext \
-git \
-glib2-devel \
-glibc-devel \
-glibc-langpack-en \
-glusterfs-api-devel \
-gnutls-devel \
-grep \
-iproute \
-iproute-tc \
-iptables \
-iscsi-initiator-utils \
-kmod \
-libacl-devel \
-libattr-devel \
-libblkid-devel \
-libcap-ng-devel \
-libcurl-devel \
-libiscsi-devel \
-libnbd-devel \
-
[PATCH 08/13] ci: Drop Ubuntu 20.04
It's now more than two years since Ubuntu 22.04 was released and
per our support policy, Ubuntu 20.04 (the previous major release)
is now not supported. Remove it from our CI testing.
Signed-off-by: Michal Privoznik
---
ci/buildenv/ubuntu-2004.sh | 103 --
ci/containers/ubuntu-2004.Dockerfile | 107 ---
ci/gitlab/builds.yml | 28 ++-
ci/gitlab/containers.yml | 21 ++
ci/manifest.yml | 8 --
5 files changed, 14 insertions(+), 253 deletions(-)
delete mode 100644 ci/buildenv/ubuntu-2004.sh
delete mode 100644 ci/containers/ubuntu-2004.Dockerfile
diff --git a/ci/buildenv/ubuntu-2004.sh b/ci/buildenv/ubuntu-2004.sh
deleted file mode 100644
index e001fcf012..00
--- a/ci/buildenv/ubuntu-2004.sh
+++ /dev/null
@@ -1,103 +0,0 @@
-# THIS FILE WAS AUTO-GENERATED
-#
-# $ lcitool manifest ci/manifest.yml
-#
-# https://gitlab.com/libvirt/libvirt-ci
-
-function install_buildenv() {
-export DEBIAN_FRONTEND=noninteractive
-apt-get update
-apt-get dist-upgrade -y
-apt-get install --no-install-recommends -y \
-augeas-lenses \
-augeas-tools \
-bash-completion \
-black \
-ca-certificates \
-ccache \
-clang \
-codespell \
-cpp \
-diffutils \
-dwarves \
-ebtables \
-flake8 \
-gcc \
-gettext \
-git \
-grep \
-iproute2 \
-iptables \
-kmod \
-libacl1-dev \
-libapparmor-dev \
-libattr1-dev \
-libaudit-dev \
-libblkid-dev \
-libc6-dev \
-libcap-ng-dev \
-libcurl4-gnutls-dev \
-libdevmapper-dev \
-libfuse-dev \
-libglib2.0-dev \
-libglusterfs-dev \
-libgnutls28-dev \
-libiscsi-dev \
-libnetcf-dev \
-libnl-3-dev \
-libnl-route-3-dev \
-libnuma-dev \
-libopenwsman-dev \
-libparted-dev \
-libpcap0.8-dev \
-libpciaccess-dev \
-librbd-dev \
-libreadline-dev \
-libsanlock-dev \
-libsasl2-dev \
-libselinux1-dev \
-libssh-dev \
-libssh2-1-dev \
-libtirpc-dev \
-libudev-dev \
-libxen-dev \
-libxml2-dev \
-libxml2-utils \
-libyajl-dev \
-locales \
-lvm2 \
-make \
-nfs-common \
-ninja-build \
-numad \
-open-iscsi \
-perl-base \
-pkgconf \
-policykit-1 \
-python3 \
-python3-docutils \
-python3-pip \
-python3-pytest \
-python3-setuptools \
-python3-wheel \
-qemu-utils \
-sed \
-systemtap-sdt-dev \
-wireshark-dev \
-xsltproc
-sed -Ei 's,^# (en_US\.UTF-8 .*)$,\1,' /etc/locale.gen
-dpkg-reconfigure locales
-rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED
-dpkg-query --showformat '${Package}_${Version}_${Architecture}\n' --show >
/packages.txt
-mkdir -p /usr/libexec/ccache-wrappers
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
-/usr/bin/pip3 install meson==0.56.0
-}
-
-export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
-export LANG="en_US.UTF-8"
-export MAKE="/usr/bin/make"
-export NINJA="/usr/bin/ninja"
-export PYTHON="/usr/bin/python3"
diff --git a/ci/containers/ubuntu-2004.Dockerfile
b/ci/containers/ubuntu-2004.Dockerfile
deleted file mode 100644
index b43b85873e..00
--- a/ci/containers/ubuntu-2004.Dockerfile
+++ /dev/null
@@ -1,107 +0,0 @@
-# THIS FILE WAS AUTO-GENERATED
-#
-# $ lcitool manifest ci/manifest.yml
-#
-# https://gitlab.com/libvirt/libvirt-ci
-
-FROM docker.io/library/ubuntu:20.04
-
-RUN export DEBIAN_FRONTEND=noninteractive && \
-apt-get update && \
-apt-get install -y eatmydata && \
-eatmydata apt-get dist-upgrade -y && \
-eatmydata apt-get install --no-install-recommends -y \
- augeas-lenses \
- augeas-tools \
- bash-completion \
- black \
- ca-certificates \
- ccache \
- clang \
- codespell \
- cpp \
- diffutils \
- dwarves \
- ebtables \
- flake8 \
- gcc \
- gettext \
- git \
[PATCH 07/13] ci: Drop Fedora 38
Since Fedora 40 was released recently, Fedora 38 is now
unsupported. Remove it from our CI.
Signed-off-by: Michal Privoznik
---
ci/buildenv/fedora-38-cross-mingw32.sh| 77
ci/buildenv/fedora-38-cross-mingw64.sh| 77
ci/buildenv/fedora-38.sh | 98
.../fedora-38-cross-mingw32.Dockerfile| 91 ---
.../fedora-38-cross-mingw64.Dockerfile| 91 ---
ci/containers/fedora-38.Dockerfile| 110 --
ci/gitlab/builds.yml | 40 ---
ci/gitlab/containers.yml | 22
ci/integration.yml| 24
ci/manifest.yml | 13 ---
10 files changed, 643 deletions(-)
delete mode 100644 ci/buildenv/fedora-38-cross-mingw32.sh
delete mode 100644 ci/buildenv/fedora-38-cross-mingw64.sh
delete mode 100644 ci/buildenv/fedora-38.sh
delete mode 100644 ci/containers/fedora-38-cross-mingw32.Dockerfile
delete mode 100644 ci/containers/fedora-38-cross-mingw64.Dockerfile
delete mode 100644 ci/containers/fedora-38.Dockerfile
diff --git a/ci/buildenv/fedora-38-cross-mingw32.sh
b/ci/buildenv/fedora-38-cross-mingw32.sh
deleted file mode 100644
index f349d1f60d..00
--- a/ci/buildenv/fedora-38-cross-mingw32.sh
+++ /dev/null
@@ -1,77 +0,0 @@
-# THIS FILE WAS AUTO-GENERATED
-#
-# $ lcitool manifest ci/manifest.yml
-#
-# https://gitlab.com/libvirt/libvirt-ci
-
-function install_buildenv() {
-dnf update -y
-dnf install -y \
-augeas \
-bash-completion \
-ca-certificates \
-ccache \
-codespell \
-cpp \
-cppi \
-diffutils \
-dwarves \
-ebtables \
-firewalld-filesystem \
-gettext \
-git \
-glibc-langpack-en \
-grep \
-iproute \
-iproute-tc \
-iptables \
-iscsi-initiator-utils \
-kmod \
-libnbd-devel \
-libxml2 \
-libxslt \
-lvm2 \
-make \
-meson \
-nfs-utils \
-ninja-build \
-numad \
-perl-base \
-polkit \
-python3 \
-python3-black \
-python3-docutils \
-python3-flake8 \
-python3-pytest \
-qemu-img \
-rpm-build \
-sed \
-systemd-rpm-macros
-rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED
-dnf install -y \
-mingw32-curl \
-mingw32-dlfcn \
-mingw32-gcc \
-mingw32-gettext \
-mingw32-glib2 \
-mingw32-gnutls \
-mingw32-headers \
-mingw32-libssh2 \
-mingw32-libxml2 \
-mingw32-pkg-config \
-mingw32-portablexdr \
-mingw32-readline
-rpm -qa | sort > /packages.txt
-mkdir -p /usr/libexec/ccache-wrappers
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-cc
-ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/i686-w64-mingw32-gcc
-}
-
-export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers"
-export LANG="en_US.UTF-8"
-export MAKE="/usr/bin/make"
-export NINJA="/usr/bin/ninja"
-export PYTHON="/usr/bin/python3"
-
-export ABI="i686-w64-mingw32"
-export MESON_OPTS="--cross-file=/usr/share/mingw/toolchain-mingw32.meson"
diff --git a/ci/buildenv/fedora-38-cross-mingw64.sh
b/ci/buildenv/fedora-38-cross-mingw64.sh
deleted file mode 100644
index fd20ff812b..00
--- a/ci/buildenv/fedora-38-cross-mingw64.sh
+++ /dev/null
@@ -1,77 +0,0 @@
-# THIS FILE WAS AUTO-GENERATED
-#
-# $ lcitool manifest ci/manifest.yml
-#
-# https://gitlab.com/libvirt/libvirt-ci
-
-function install_buildenv() {
-dnf update -y
-dnf install -y \
-augeas \
-bash-completion \
-ca-certificates \
-ccache \
-codespell \
-cpp \
-cppi \
-diffutils \
-dwarves \
-ebtables \
-firewalld-filesystem \
-gettext \
-git \
-glibc-langpack-en \
-grep \
-iproute \
-iproute-tc \
-iptables \
-iscsi-initiator-utils \
-kmod \
-libnbd-devel \
-libxml2 \
-libxslt \
-lvm2 \
-make \
-meson \
-nfs-utils \
-ninja-build \
-numad \
-perl-base \
-polkit \
-python3 \
-python3-black \
-python3-docutils \
-python3-flake8 \
-python3-pytest \
-qemu-img \
-rpm-build \
-sed \
-systemd-rpm-macros
-rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED
-dnf install -y \
-mingw64-curl \
-mingw64-dlfcn \
-mingw64-gcc \
-mingw64-gettext \
-mingw64-glib2 \
-mingw64-gnutls \
-mingw64-headers \
-mingw64-libssh2 \
-mingw64-libxml2 \
-mingw64-pkg-config \
-mingw64-portablexdr \
-mingw64-readline
-rpm
[PATCH 05/13] meson: Disable -fsanitize=function
Strictly speaking, xdrproc_t is declared as following:
typedef bool_t (*xdrproc_t)(XDR *, ...);
But our rpcgen generates properly typed functions, e.g.:
bool_t xdr_virNetMessageError(XDR *xdrs, virNetMessageError *objp)
Now, these functions of ours are passed around as callbacks (via
an argument of xdrproc_t type), for instance in
virNetMessageEncodePayload(). But these two types are strictly
different. We silence the compiler by typecasting the callbacks
when passing them, but strictly speaking - calling such callback
later, when a function of xdrproc_t is expected is an undefined
behavior.
Ideally, we would fix our rpcgen to generate proper function
headers, but: a) my brain is too small to do that, and b) we
would lose compiler protection if an xdr_*() function is called
directly but argument of a wrong type is passed.
Silence UBSAN for now.
Signed-off-by: Michal Privoznik
---
meson.build | 13 +
1 file changed, 13 insertions(+)
diff --git a/meson.build b/meson.build
index e8b0094b91..cb374ab118 100644
--- a/meson.build
+++ b/meson.build
@@ -438,6 +438,19 @@ if cc.get_id() == 'clang'
cc_flags += [ '-fsemantic-interposition' ]
endif
+if get_option('b_sanitize') != 'none'
+ # This is needed because of xdrproc_t. It's declared as a pointer to a
+ # function with variable arguments. But for catching type related problems at
+ # compile time, our rpcgen generates functions with proper types, say:
+ #
+ #bool_t xdr_TestEnum(XDR *, TestEnum *);
+ #
+ # But passing xdr_TestEnum as a callback where xdrproc_t type is expected is
+ # undefined behavior. Yet, we want the comfort of compile time checks, so
+ # just disable the sanitizer warning for now. It's a big hammer though.
+ cc_flags += [ '-fno-sanitize=function' ]
+endif
+
supported_cc_flags = []
if get_option('warning_level') == '2'
supported_cc_flags = cc.get_supported_arguments(cc_flags)
--
2.43.2
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 06/13] gitlab-ci: Move website_job to Fedora 39
Currently, our website job depends on almalinux-8 container. Well, AlmaLinux 8 is going to be dropped soon. Therefore, switch the job to something newer. Fedora 39 was chosen by a roll of dice. Signed-off-by: Michal Privoznik --- .gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b879b88f74..da94332910 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -67,7 +67,7 @@ include: website_job: extends: .gitlab_native_build_job needs: -- job: x86_64-almalinux-8-container +- job: x86_64-fedora-39-container optional: true script: - source ci/jobs.sh @@ -83,8 +83,8 @@ website_job: paths: - website variables: -NAME: almalinux-8 -TARGET_BASE_IMAGE: docker.io/library/almalinux:8 +NAME: fedora-39 +TARGET_BASE_IMAGE: registry.fedoraproject.org/fedora:39 # On push to master publish the website from 'website_job' via gitlab pages pages: -- 2.43.2 ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 03/13] testutilsqemu: Don't leak struct testQemuArgs::vdpafds
Allocated in testQemuInfoSetArgs(), the vdpafds member of testQemuArgs is never freed. Signed-off-by: Michal Privoznik --- tests/testutilsqemu.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c index 9c12a165b1..d70850cb5d 100644 --- a/tests/testutilsqemu.c +++ b/tests/testutilsqemu.c @@ -966,6 +966,7 @@ testQemuInfoFree(testQemuInfo *info) g_clear_pointer(>args.fakeCapsAdd, virBitmapFree); g_clear_pointer(>args.fakeCapsDel, virBitmapFree); g_clear_pointer(>args.fds, g_hash_table_unref); +g_clear_pointer(>args.vdpafds, g_hash_table_unref); g_clear_object(>nbdkitCaps); g_clear_pointer(>args.fakeNbdkitCaps, virBitmapFree); g_free(info); -- 2.43.2 ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 02/13] qemuxml2argvmock: Drop link time dependency on qemuFDPassDirectNew()
While Linux linker has no trouble resolving the symbols, valgrind
does. It has probably something to do with the fact that we don't
tell what symbols to export from mock libraries. Anyway, just
resolve the symbol at runtime.
Signed-off-by: Michal Privoznik
---
tests/qemuxml2argvmock.c | 8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/tests/qemuxml2argvmock.c b/tests/qemuxml2argvmock.c
index 9cc97199c4..7bcad7284d 100644
--- a/tests/qemuxml2argvmock.c
+++ b/tests/qemuxml2argvmock.c
@@ -40,6 +40,8 @@
#define VIR_FROM_THIS VIR_FROM_NONE
+static qemuFDPassDirect * (*real_qemuFDPassDirectNew)(const char *name, int
*fd);
+
long virGetSystemPageSize(void)
{
return 4096;
@@ -212,6 +214,10 @@ qemuInterfaceOpenVhostNet(virDomainObj *vm G_GNUC_UNUSED,
size_t vhostfdSize = net->driver.virtio.queues;
size_t i;
+if (!real_qemuFDPassDirectNew) {
+VIR_MOCK_REAL_INIT(qemuFDPassDirectNew);
+}
+
if (!vhostfdSize)
vhostfdSize = 1;
@@ -222,7 +228,7 @@ qemuInterfaceOpenVhostNet(virDomainObj *vm G_GNUC_UNUSED,
g_autofree char *name = g_strdup_printf("vhostfd-%s%zu",
net->info.alias, i);
int fd = STDERR_FILENO + 42 + i;
-netpriv->vhostfds = g_slist_prepend(netpriv->vhostfds,
qemuFDPassDirectNew(name, ));
+netpriv->vhostfds = g_slist_prepend(netpriv->vhostfds,
real_qemuFDPassDirectNew(name, ));
}
netpriv->vhostfds = g_slist_reverse(netpriv->vhostfds);
--
2.43.2
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 01/13] domaincapsmock: Drop link time dependency on virQEMUCapsGet()
While Linux linker has no trouble resolving the symbols, valgrind
does. It has probably something to do with the fact that we don't
tell what symbols to export from mock libraries. Anyway, just
resolve the symbol at runtime.
Signed-off-by: Michal Privoznik
---
tests/domaincapsmock.c | 13 -
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/tests/domaincapsmock.c b/tests/domaincapsmock.c
index 6ae0c4ad45..73ff992ebd 100644
--- a/tests/domaincapsmock.c
+++ b/tests/domaincapsmock.c
@@ -49,16 +49,19 @@ virHostCPUGetPhysAddrSize(const virArch hostArch,
#if WITH_QEMU
static bool (*real_virQEMUCapsGetKVMSupportsSecureGuest)(virQEMUCaps
*qemuCaps);
+static bool (*real_virQEMUCapsGet)(virQEMUCaps *qemuCaps, virQEMUCapsFlags
flag);
bool
virQEMUCapsGetKVMSupportsSecureGuest(virQEMUCaps *qemuCaps)
{
-if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPORT)
&&
-virQEMUCapsGet(qemuCaps, QEMU_CAPS_S390_PV_GUEST))
-return true;
-
-if (!real_virQEMUCapsGetKVMSupportsSecureGuest)
+if (!real_virQEMUCapsGet) {
+VIR_MOCK_REAL_INIT(virQEMUCapsGet);
VIR_MOCK_REAL_INIT(virQEMUCapsGetKVMSupportsSecureGuest);
+}
+
+if (real_virQEMUCapsGet(qemuCaps,
QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPORT) &&
+real_virQEMUCapsGet(qemuCaps, QEMU_CAPS_S390_PV_GUEST))
+return true;
return real_virQEMUCapsGetKVMSupportsSecureGuest(qemuCaps);
}
--
2.43.2
___
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-le...@lists.libvirt.org
[PATCH 00/13] Big CI update (and some bug fixes)
There's a lot happening here, but I did not find a way to split this any
better. It all started with me wanting to switch from Ubuntu 20.04 to
24.04 and resulted in this.
Firstly, Ubuntu 24.04 started to complain about a few things:
1) ASAN wasn't working (some missing .a archive). Fix is pending:
https://gitlab.com/libvirt/libvirt-ci/-/merge_requests/482
2) ASAN was complaining about some memleaks in qemuxmlconftest. When I
tried to run the test locally under valgrind I found out I can't.
This resulted in the first two patches. Mind you, after this, there
are still some tests which are unable to run under valgrind (do NOT
forget --trace-children=yes if the test binary uses mocks). Well,
they may get fixes later. Firstly, I need to understand what really
bother valgrind.
3) UBSAN complained about some undefined behavior. This was the hardest
to make sense out of, for me. But part of the fix is bumping glib so
yay! I guess.
And, since I'm dropping AlmaLinux 8, we get to generate website on
something newer.
Finally, green pipeline with these patches applied:
https://gitlab.com/MichalPrivoznik/libvirt/-/pipelines/1279666864
Michal Prívozník (13):
domaincapsmock: Drop link time dependency on virQEMUCapsGet()
qemuxml2argvmock: Drop link time dependency on qemuFDPassDirectNew()
testutilsqemu: Don't leak struct testQemuArgs::vdpafds
security: Fix return types of .probe callbacks
meson: Disable -fsanitize=function
gitlab-ci: Move website_job to Fedora 39
ci: Drop Fedora 38
ci: Drop Ubuntu 20.04
ci: Drop AlmaLinux 8
meson: Bump glib version to 2.58.0
ci: Introduce Fedora 40
ci: Introduce Ubuntu 24.04
ci: Introduce AlmaLinux 9
.gitlab-ci.yml| 6 +-
.../{almalinux-8.sh => almalinux-9.sh}| 8 +-
ci/buildenv/centos-stream-9.sh| 1 +
ci/buildenv/debian-12-cross-aarch64.sh| 1 +
ci/buildenv/debian-12-cross-armv6l.sh | 1 +
ci/buildenv/debian-12-cross-armv7l.sh | 1 +
ci/buildenv/debian-12-cross-i686.sh | 1 +
ci/buildenv/debian-12-cross-mips64el.sh | 1 +
ci/buildenv/debian-12-cross-mipsel.sh | 1 +
ci/buildenv/debian-12-cross-ppc64le.sh| 1 +
ci/buildenv/debian-12-cross-s390x.sh | 1 +
ci/buildenv/debian-12.sh | 1 +
ci/buildenv/debian-sid-cross-aarch64.sh | 1 +
ci/buildenv/debian-sid-cross-armv6l.sh| 1 +
ci/buildenv/debian-sid-cross-armv7l.sh| 1 +
ci/buildenv/debian-sid-cross-i686.sh | 1 +
ci/buildenv/debian-sid-cross-mips64el.sh | 1 +
ci/buildenv/debian-sid-cross-ppc64le.sh | 1 +
ci/buildenv/debian-sid-cross-s390x.sh | 1 +
ci/buildenv/debian-sid.sh | 1 +
ci/buildenv/fedora-39.sh | 1 +
...-mingw32.sh => fedora-40-cross-mingw32.sh} | 1 +
...-mingw64.sh => fedora-40-cross-mingw64.sh} | 1 +
ci/buildenv/{fedora-38.sh => fedora-40.sh}| 1 +
ci/buildenv/fedora-rawhide-cross-mingw32.sh | 1 +
ci/buildenv/fedora-rawhide-cross-mingw64.sh | 1 +
ci/buildenv/fedora-rawhide.sh | 1 +
.../{ubuntu-2004.sh => ubuntu-2404.sh}| 8 +-
...ux-8.Dockerfile => almalinux-9.Dockerfile} | 10 +-
ci/containers/centos-stream-9.Dockerfile | 1 +
.../debian-12-cross-aarch64.Dockerfile| 1 +
.../debian-12-cross-armv6l.Dockerfile | 1 +
.../debian-12-cross-armv7l.Dockerfile | 1 +
ci/containers/debian-12-cross-i686.Dockerfile | 1 +
.../debian-12-cross-mips64el.Dockerfile | 1 +
.../debian-12-cross-mipsel.Dockerfile | 1 +
.../debian-12-cross-ppc64le.Dockerfile| 1 +
.../debian-12-cross-s390x.Dockerfile | 1 +
ci/containers/debian-12.Dockerfile| 1 +
.../debian-sid-cross-aarch64.Dockerfile | 1 +
.../debian-sid-cross-armv6l.Dockerfile| 1 +
.../debian-sid-cross-armv7l.Dockerfile| 1 +
.../debian-sid-cross-i686.Dockerfile | 1 +
.../debian-sid-cross-mips64el.Dockerfile | 1 +
.../debian-sid-cross-ppc64le.Dockerfile | 1 +
.../debian-sid-cross-s390x.Dockerfile | 1 +
ci/containers/debian-sid.Dockerfile | 1 +
ci/containers/fedora-39.Dockerfile| 1 +
...ile => fedora-40-cross-mingw32.Dockerfile} | 3 +-
...ile => fedora-40-cross-mingw64.Dockerfile} | 3 +-
...ora-38.Dockerfile => fedora-40.Dockerfile} | 3 +-
.../fedora-rawhide-cross-mingw32.Dockerfile | 1 +
.../fedora-rawhide-cross-mingw64.Dockerfile | 1 +
ci/containers/fedora-rawhide.Dockerfile | 1 +
...2004.Dockerfile => ubuntu-2404.Dockerfile} | 11 +-
ci/gitlab/builds.yml | 113
ci/gitlab/containers.yml | 54
ci/integration.yml| 24
ci/lcitool/projects/libvirt.yml | 1 +
Re: [PATCH] hyperv: prevent potential NULL dereference
On a Friday in 2024, Kristina Hanicova wrote: On Fri, May 3, 2024 at 11:43 AM Oleg Sviridov wrote: Return value of a function 'virDomainChrDefNew' is dereferenced at hyperv_driver.c without checking for NULL, which can lead to NULL dereference immediatly after. *immediately Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Oleg Sviridov --- src/hyperv/hyperv_driver.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Reviewed-by: Kristína Hanicová Now pushed. Jano signature.asc Description: PGP signature ___ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-le...@lists.libvirt.org
