On Wed, Sep 27, 2017 at 02:07:02PM -0400, John Ferlan wrote:
>
>
> On 09/27/2017 08:42 AM, Pavel Hrdina wrote:
> > On Wed, Sep 27, 2017 at 02:24:12PM +0200, Pavel Hrdina wrote:
> >> On Tue, Sep 26, 2017 at 05:06:37PM -0400, John Ferlan wrote:
> >>>
> >>>
> >>> On 09/18/2017 11:45 PM, Liu Qing
On Wed, Sep 27, 2017 at 04:52:17PM -0400, John Ferlan wrote:
>
>
>On 09/26/2017 03:49 AM, Chao Fan wrote:
>> The command "info migrate" of qemu outputs the dirty-pages-rate during
>> migration, but page size is different in different architectures. So
>> page size should be output to calculate
[adding gnulib]
On 09/27/2017 04:36 PM, Christian Ehrhardt wrote:
> Hi,
> there seems to be an incompatibility to the last glibc due to [1].
Gnulib needs to be updated to track the glibc changes (it looks like
that is actually under way already), then libvirt needs to pick up the
updated gnulib.
I did an in-place replacement of gnulib to the latest from gnulib upstream
but the issue stays.
So for the time being i'd assume it is not yet solved there.
On Wed, Sep 27, 2017 at 11:36 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> Hi,
> there seems to be an
Hi,
there seems to be an incompatibility to the last glibc due to [1].
Eventually this breaks gnulib unittests (and maybe more).
Debugging went from an assert, to bidngin different symbols, to changed
function names to different header resolution.
Because it expects it to behave "posixly" but
On 09/26/2017 03:49 AM, Chao Fan wrote:
> The command "info migrate" of qemu outputs the dirty-pages-rate during
> migration, but page size is different in different architectures. So
> page size should be output to calculate dirty pages in bytes.
>
> Page size is already implemented with
Forgive the top post... some of the conversation has been trimmed, but I
need to go back to first principles of SEV in order to make sure we all
have a clear understanding of what the goal is.
The goal - for BOTH guest owner and cloud provider - is to get to a VM
where ONLY the guest owner
https://bugzilla.redhat.com/show_bug.cgi?id=1475250
It's possible to define and start a pool with a '.' in the
name; however, when trying to add a volume to a domain using
the storage pool source with a name with a '.' in the name,
the domain RNG validation fails because RNG uses 'genericName'
On 09/27/2017 08:42 AM, Pavel Hrdina wrote:
> On Wed, Sep 27, 2017 at 02:24:12PM +0200, Pavel Hrdina wrote:
>> On Tue, Sep 26, 2017 at 05:06:37PM -0400, John Ferlan wrote:
>>>
>>>
>>> On 09/18/2017 11:45 PM, Liu Qing wrote:
Qcow2 small IO random write performance will drop dramatically if
On Thu, Sep 21, 2017 at 01:14:04PM -0400, Laine Stump wrote:
> On 09/19/2017 03:37 PM, Eduardo Habkost wrote:
> > Cache mode=passthrough can result in a broken cache topology if
> > the domain topology is not exactly the same as the host topology.
> > Warn about that in the documentation.
> >
> >
> On Tue, Sep 26, 2017 at 05:13:37PM +0200, Pavel Hrdina wrote:
> >The packet with passed FD has the following format:
> >
> >--
> >| len | header | payload |
> >--
> >
> >where "payload" has an additional count of FDs before the actual
On 09/27/2017 05:24 AM, Erik Skultety wrote:
> On Tue, Sep 05, 2017 at 02:42:58PM -0400, John Ferlan wrote:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1476775
>>
>> For the virsh pool-{define|create}-as command, let's allow using
>> --secret-uuid on the command line as an alternative to
v9: https://www.redhat.com/archives/libvir-list/2017-September/msg00641.html
Differences to v9:
* Patch 1:
- Clean up the wording from code review
* Patch 2: (NEW)
- Split out the formatting change for source/prototcol
* Patch 3:
- Add the parsing of the tlsFromConfig for storage
On Wed, Sep 27, 2017 at 08:39:24AM -0500, Brijesh Singh wrote:
> Hi Michael,
>
>
> On 09/26/2017 09:36 AM, Michael S. Tsirkin wrote:
>
> ...
>
> > > 8. libvirt launches the guest with "-S"
> > > 9. While creating the SEV guest qemu does the following
> > > i) create encryption context using
On Wed, Sep 27, 2017 at 6:05 PM Daniel P. Berrange
wrote:
> On Tue, Sep 26, 2017 at 08:05:59PM +0300, Nir Soffer wrote:
> > We discovered that the entire python process get stuck for about 30
> > seconds when calling virDomain.getMemoryStats() if libvirt is stuck in
> >
From: Ashish Mittal
Add a new TLS X.509 certificate type - "vxhs". This will handle the
creation of a TLS certificate capability for properly configured
VxHS network block device clients.
The following describes the behavior of TLS for VxHS block device:
(1) Two
From: Ashish Mittal
Add an optional virTristateBool haveTLS to virStorageSource to
manage whether a storage source will be using TLS.
Sample XML for a VxHS disk:
Additionally add a tlsFromConfig boolean to control whether the TLS
setting was due
From: Ashish Mittal
Alter qemu command line generation in order to possibly add TLS for
a suitably configured domain.
Sample TLS args generated by libvirt -
-object tls-creds-x509,id=objvirtio-disk0_tls0,dir=/etc/pki/qemu,\
endpoint=client,verify-peer=yes \
Clean up the description a bit to make it more readable and not
appear as one long run-on paragraph.
Signed-off-by: John Ferlan
---
docs/formatdomain.html.in | 25 +
1 file changed, 17 insertions(+), 8 deletions(-)
diff --git
Introduce a function to setup any TLS needs for a disk source.
If there's a configuration or other error setting up the disk source
for TLS, then cause the domain startup to fail.
For VxHS, follow the chardevTLS model where if the src->haveTLS hasn't
been configured, then take the system/global
On Wed, Sep 27, 2017 at 05:08:51PM +0200, Peter Krempa wrote:
> On Wed, Sep 27, 2017 at 11:05:01 -0400, John Ferlan wrote:
> >
> >
> > On 09/27/2017 10:25 AM, Peter Krempa wrote:
> > > On Tue, Sep 19, 2017 at 21:32:46 -0400, John Ferlan wrote:
> > >> From: Ashish Mittal
[...]
static int
+qemuDomainAddDiskSrcTLSObject(virQEMUDriverPtr driver,
+ virDomainObjPtr vm,
+ virStorageSourcePtr src,
+ const char *srcalias)
+{
+int ret =
On Tue, Sep 26, 2017 at 12:05:02PM +0200, Peter Krempa wrote:
VM private data is cleared when the VM is turned off and also when the
VM object is being freed. Some of the clearing code was duplicated.
Extract it to a separate function.
This also removes the now unnecessary function
On Wed, Sep 27, 2017 at 11:05:01 -0400, John Ferlan wrote:
>
>
> On 09/27/2017 10:25 AM, Peter Krempa wrote:
> > On Tue, Sep 19, 2017 at 21:32:46 -0400, John Ferlan wrote:
> >> From: Ashish Mittal
> >>
> >> Alter qemu command line generation in order to possibly add
On 09/27/2017 10:25 AM, Peter Krempa wrote:
> On Tue, Sep 19, 2017 at 21:32:46 -0400, John Ferlan wrote:
>> From: Ashish Mittal
>>
>> Alter qemu command line generation in order to possibly add TLS for
>> a suitably configured domain.
>>
>> Sample TLS args generated
On Tue, Sep 26, 2017 at 08:05:59PM +0300, Nir Soffer wrote:
> We discovered that the entire python process get stuck for about 30
> seconds when calling virDomain.getMemoryStats() if libvirt is stuck in
> virConnect.getAllDomainStats() on inaccessible storage. This blocking
> cause a horrible mess
On 09/27/2017 09:21 AM, Peter Krempa wrote:
> On Tue, Sep 19, 2017 at 21:32:45 -0400, John Ferlan wrote:
>> Introduce a function to setup any TLS needs for a disk source.
>>
>> If there's a configuration or other error setting up the disk source
>> for TLS, then cause the domain startup to fail.
On Tue, Sep 26, 2017 at 05:13:37PM +0200, Pavel Hrdina wrote:
The packet with passed FD has the following format:
--
| len | header | payload |
--
where "payload" has an additional count of FDs before the actual data:
The virNWFilterIPAddrMapAddIPAddr code can consume the @addr parameter
on success when the @ifname is found in the ipAddressMap->hashTable
hash table in the call to virNWFilterVarValueAddValue; however, if
not found in the hash table, then @addr is formatted into a @val
which is stored in the
On Tue, Sep 19, 2017 at 21:32:46 -0400, John Ferlan wrote:
> From: Ashish Mittal
>
> Alter qemu command line generation in order to possibly add TLS for
> a suitably configured domain.
>
> Sample TLS args generated by libvirt -
>
> -object
On Wed, Sep 27, 2017 at 15:27:15 +0200, Peter Krempa wrote:
> On Wed, Sep 27, 2017 at 09:12:06 -0400, John Ferlan wrote:
> >
> >
> > On 09/27/2017 08:43 AM, Peter Krempa wrote:
> > > On Tue, Sep 19, 2017 at 21:32:43 -0400, John Ferlan wrote:
> > >> From: Ashish Mittal
On 09/27/2017 09:34 AM, Erik Skultety wrote:
> On Wed, Sep 27, 2017 at 08:06:42AM -0400, John Ferlan wrote:
>>
>> $subj:
>>
>> nwfilter: Fix memory leak in learnIPAddressThread
>>
>> On 09/26/2017 09:01 PM, ZhiPeng Lu wrote:
>>> In learnIPAddressThread()the @inetaddr may be leaked.
>>>
>>
>>
On 09/27/2017 09:02 AM, Peter Krempa wrote:
> On Tue, Sep 19, 2017 at 21:32:44 -0400, John Ferlan wrote:
>> From: Ashish Mittal
>>
>> Add an optional virTristateBool haveTLS to virStorageSource to
>> manage whether a storage source will be using TLS.
>>
>> Sample XML
Hi Michael,
On 09/26/2017 09:36 AM, Michael S. Tsirkin wrote:
...
8. libvirt launches the guest with "-S"
9. While creating the SEV guest qemu does the following
i) create encryption context using GO's DH, session-info and guest policy
(LAUNCH_START)
ii) encrypts the guest bios
Let's close agent and qemu monitors. This should trigger
any API calls awaiting response to finish eventually.
---
src/qemu/qemu_driver.c | 39 +++
1 file changed, 39 insertions(+)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index
It is convinient to have closed state for qemu monitor. I'm going
to use it on daemon shutdown. We can use fd to check for this state.
Now we don't need to set lastError on qemuMonitorClose as the error will
be reported explicitly by qemuMonitorSend.
Let's report VIR_ERR_OPERATION_INVALID
On Tue, Sep 19, 2017 at 21:32:45 -0400, John Ferlan wrote:
> Introduce a function to setup any TLS needs for a disk source.
>
> If there's a configuration or other error setting up the disk source
> for TLS, then cause the domain startup to fail.
>
> For VxHS, follow the chardevTLS model where
Signed-off-by: Erik Skultety
---
Pushed as trivial.
docs/formatdomain.html.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 9ce4620c6..fce1f3b03 100644
--- a/docs/formatdomain.html.in
+++
On Tue, Sep 19, 2017 at 21:32:44 -0400, John Ferlan wrote:
> From: Ashish Mittal
>
> Add an optional virTristateBool haveTLS to virStorageSource to
> manage whether a storage source will be using TLS.
>
> Sample XML for a VxHS disk:
>
>
>
>tls='yes'>
>
>
Libvirtd termination can crash. One can use [2] patch to trigger it. Call
domstats function and send TERM to libvirtd. You'd probably see stacktrace [1].
The problem is that threads with clients requests are joined after drivers
cleanup. This patch series address this issue.
[1] Crash stacktrace
On Wed, Sep 27, 2017 at 08:06:42AM -0400, John Ferlan wrote:
>
> $subj:
>
> nwfilter: Fix memory leak in learnIPAddressThread
>
> On 09/26/2017 09:01 PM, ZhiPeng Lu wrote:
> > In learnIPAddressThread()the @inetaddr may be leaked.
> >
>
> Changing this to:
>
> Don't leak @inetaddr within the done:
On Wed, Sep 27, 2017 at 09:12:06 -0400, John Ferlan wrote:
>
>
> On 09/27/2017 08:43 AM, Peter Krempa wrote:
> > On Tue, Sep 19, 2017 at 21:32:43 -0400, John Ferlan wrote:
> >> From: Ashish Mittal
> >>
> >> Add a new TLS X.509 certificate type - "vxhs". This will
On 09/27/2017 08:43 AM, Peter Krempa wrote:
> On Tue, Sep 19, 2017 at 21:32:43 -0400, John Ferlan wrote:
>> From: Ashish Mittal
>>
>> Add a new TLS X.509 certificate type - "vxhs". This will handle the
>> creation of a TLS certificate capability for properly
On Tue, Sep 19, 2017 at 21:32:43 -0400, John Ferlan wrote:
> From: Ashish Mittal
>
> Add a new TLS X.509 certificate type - "vxhs". This will handle the
> creation of a TLS certificate capability for properly configured
> VxHS network block device clients.
>
> The
On Tue, Sep 26, 2017 at 06:44:55PM -0400, John Ferlan wrote:
On 09/25/2017 11:46 AM, Ján Tomko wrote:
We have been trying to implement the ALLOCATE flag to mean
Is this the colloquial "we"? ;-)
We believe so.
"the volume should be fully allocated after the resize".
commit id
Current daemon shutdown can cause crashes. The problem is that threads
serving client request are joined on daemon dispose after drivers already
cleaned up. But this threads typically uses drivers and thus crashes come.
We need to join threads before virStateCleanup. virNetDaemonClose is
a good
On Tue, Sep 26, 2017 at 09:30:17PM +0200, Jeroen Simonetti wrote:
> Signed-off-by: Jeroen Simonetti
> ---
> domain.go | 22 ++
> domain_test.go | 41 +
> 2 files changed, 55 insertions(+), 8 deletions(-)
NB, please try to keep the commit message first lin at 72 chars
or less, and then have a blank line, before writing the rest of
the commit message.
I'll fix this one up when pushing.
On Tue, Sep 26, 2017 at 10:12:35AM +0800, zhenwei.pi wrote:
> Signed-off-by: zhenwei.pi
Currently we don't do it. Therefore we accept senseless
combinations of models and buses they are attached to.
Moreover, diag288 watchdog is exclusive to s390(x).
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_domain.c | 51
v3 of:
https://www.redhat.com/archives/libvir-list/2017-September/msg00974.html
diff to v2:
- Peter's review worked int
- Dropped audit patch
- More check on watchdog device
Michal Privoznik (3):
qemuDomainDeviceDefValidate: Validate watchdog
qemu: hot-plug of watchdog
qemu: hot-unplug of
On Wed, Sep 27, 2017 at 02:24:12PM +0200, Pavel Hrdina wrote:
> On Tue, Sep 26, 2017 at 05:06:37PM -0400, John Ferlan wrote:
> >
> >
> > On 09/18/2017 11:45 PM, Liu Qing wrote:
> > > Qcow2 small IO random write performance will drop dramatically if the l2
> > > cache table could not cover the
$subj:
nwfilter: Fix memory leak in learnIPAddressThread
On 09/26/2017 09:01 PM, ZhiPeng Lu wrote:
> In learnIPAddressThread()the @inetaddr may be leaked.
>
Changing this to:
Don't leak @inetaddr within the done: processing when attempting
to instantiate the filter.
> Signed-off-by:
https://bugzilla.redhat.com/show_bug.cgi?id=1447169
Since domain can have at most one watchdog it simplifies things a
bit. However, since we must be able to set the watchdog action as
well, new monitor command needs to be used.
Signed-off-by: Michal Privoznik
---
On Tue, Sep 26, 2017 at 05:06:37PM -0400, John Ferlan wrote:
>
>
> On 09/18/2017 11:45 PM, Liu Qing wrote:
> > Qcow2 small IO random write performance will drop dramatically if the l2
> > cache table could not cover the whole disk. This will be a lot of l2
> > cache table RW operations if cache
https://bugzilla.redhat.com/show_bug.cgi?id=1447169
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_driver.c | 4 +-
src/qemu/qemu_hotplug.c| 67 ++
src/qemu/qemu_hotplug.h
@subj:
nwfilter: Fix memory leak in virNWFilterIPAddrMapAddIPAddr
On 09/27/2017 04:53 AM, ZhiPeng Lu wrote:
> In virNWFilterIPAddrMapAddIPAddr the @val may be leaked.
Which alters this to be:
If virNWFilterHashTablePut fails, then the @val was leaked.
>
> Signed-off-by: ZhiPeng Lu
* Michael S. Tsirkin (m...@redhat.com) wrote:
> On Fri, Sep 08, 2017 at 06:57:30AM -0500, Brijesh Singh wrote:
> > Hi All,
>
> Sorry if below comment doesn't make sense, I might be misunderstanding
> something basic about SEV. Also sorry about the delay, I've been on
> vacation.
>
>
> > (sorry
Hi,
just a ping to ask if anybody could take a look to review this set of
smaller changes?
On Wed, Sep 20, 2017 at 4:59 PM, Christian Ehrhardt <
christian.ehrha...@canonical.com> wrote:
> Hi,
> this was mostly created by clearing old libvirt bugs in Ubuntu.
> USB passthrough so far often used
On Tue, Sep 26, 2017 at 16:39:54 -0400, John Ferlan wrote:
> On 09/25/2017 10:25 AM, Peter Krempa wrote:
> > Some values we read from the qemu monitor may be changed with the actual
> > state by the incomming migration. This means that we should refresh
>
> s/incomming/incoming
>
> > certain
On Wed, Sep 27, 2017 at 09:33:17 +0200, Michal Privoznik wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=1447169
>
> Signed-off-by: Michal Privoznik
> ---
> src/qemu/qemu_driver.c | 4 +-
> src/qemu/qemu_hotplug.c
On 09/27/2017 10:41 AM, Peter Krempa wrote:
> On Wed, Sep 27, 2017 at 09:33:15 +0200, Michal Privoznik wrote:
>> Signed-off-by: Michal Privoznik
>> ---
>> src/conf/domain_audit.c | 46 ++
>> src/conf/domain_audit.h | 5 +
>>
On Wed, Sep 27, 2017 at 09:33:16 +0200, Michal Privoznik wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=1447169
>
> Once again, since domain can have at most one watchdog it
again? You are mentioning it the first time in this series.
> simplifies things a bit. However, since we must be
On Tue, Sep 05, 2017 at 02:42:58PM -0400, John Ferlan wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=1476775
>
> For the virsh pool-{define|create}-as command, let's allow using
> --secret-uuid on the command line as an alternative to --secret-usage,
> but ensure that they are mutually
On Wed, Sep 27, 2017 at 11:10:31 +0200, Michal Privoznik wrote:
> On 09/27/2017 10:41 AM, Peter Krempa wrote:
> > On Wed, Sep 27, 2017 at 09:33:15 +0200, Michal Privoznik wrote:
> >> Signed-off-by: Michal Privoznik
> >> ---
> >> src/conf/domain_audit.c | 46
> >>
On Wed, Sep 27, 2017 at 09:33:15 +0200, Michal Privoznik wrote:
> Signed-off-by: Michal Privoznik
> ---
> src/conf/domain_audit.c | 46 ++
> src/conf/domain_audit.h | 5 +
> src/libvirt_private.syms | 1 +
> 3 files
On Tue, Sep 26, 2017 at 05:14:58PM +0200, Pavel Hrdina wrote:
> On Wed, Sep 20, 2017 at 04:01:14PM +0200, Pavel Hrdina wrote:
> > This reverts commit edaf4ebe95a5995585c8ab7bc5b92887286d4431.
> >
> > This uses "reconnect" as attribute for element, but we already
> > have a element for element
Signed-off-by: Michal Privoznik
---
src/conf/domain_audit.c | 46 ++
src/conf/domain_audit.h | 5 +
src/libvirt_private.syms | 1 +
3 files changed, 52 insertions(+)
diff --git a/src/conf/domain_audit.c
v2 of:
https://www.redhat.com/archives/libvir-list/2017-September/msg00078.html
diff to v1:
- John's review worked in (mostly).
- Added auditing (patch 1/3)
Michal Privoznik (3):
audit: Audit information about watchdog devices
qemu: hot-plug of watchdog
qemu: hot-unplug of watchdog
https://bugzilla.redhat.com/show_bug.cgi?id=1447169
Signed-off-by: Michal Privoznik
---
src/qemu/qemu_driver.c | 4 +-
src/qemu/qemu_hotplug.c| 61 ++
src/qemu/qemu_hotplug.h
https://bugzilla.redhat.com/show_bug.cgi?id=1447169
Once again, since domain can have at most one watchdog it
simplifies things a bit. However, since we must be able to set
the watchdog action as well, new monitor command needs to be
used.
Signed-off-by: Michal Privoznik
Hi Peter,
Do let me know if there's anything else I can help with on setting up the
VxHS devices for testing.
Thanks,
Ashish
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
71 matches
Mail list logo