On Tue, Feb 02, 2021 at 16:04:08 +0100, Pavel Hrdina wrote:
> Make the function reusable by other vhost-user based devices.
Since reusability is the goal ...
>
> Signed-off-by: Pavel Hrdina
> ---
> src/qemu/qemu_validate.c | 99 +---
> 1 file changed, 51
Get rid of the 'need_release' variable.
Signed-off-by: Yi Li
---
src/qemu/qemu_hotplug.c | 10 --
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 882e5d2384..e07dba3c5e 100644
--- a/src/qemu/qemu_hotplug.c
+++
I did some test for virtio-mem with libvirt upstream version
v7.0.0-153-g5ea3ecd07d
& qemu-kvm-5.2.0-0.7.rc2.fc34.x86_64
S1. Start domain with memory device
1. Domain configuration-
10485760
1572864
1572864
...
...
524288
0
2048
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
src/hypervisor/domain_driver.c | 33 -
1 file changed, 12 insertions(+), 21 deletions(-)
diff --git a/src/hypervisor/domain_driver.c b/src/hypervisor/domain_driver.c
index 0c86fd714f..82e5587a50
This script works under two specific conditions. For each opened file,
search for all functions that has ACL calls and store them, and see
if there is a vir*DriverPtr struct declared in it. For each implementation
found, check if there is an ACL verification inside it, and error out if
none was
libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags() are mostly
equal, aside from how the virHostdevmanager pointer is retrieved and
the PCI stub driver used.
Now that the PCI stub driver verification is done early in both functions,
we can use the virDomainDriverNodeDeviceDetachFlags()
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
src/hypervisor/domain_driver.c | 31 ---
1 file changed, 12 insertions(+), 19 deletions(-)
diff --git a/src/hypervisor/domain_driver.c b/src/hypervisor/domain_driver.c
index 6ee74d6dff..c08b7d46c5
The validation of 'driverName' does not depend on any other state and can be
done right on the start of the function. We can fail earlier while avoiding
a cleanup jump.
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
src/qemu/qemu_driver.c | 41
The validation of 'driverName' does not depend on any other state and can be
done right on the start of the function. We can fail earlier while avoiding
a cleanup jump.
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
src/libxl/libxl_driver.c | 14 +++---
1 file
Next patch will use g_autoptr() with virNodeDevicePtr for cleanups.
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
src/datatypes.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/datatypes.h b/src/datatypes.h
index ade3779e43..7a88aba0df 100644
---
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
src/hypervisor/domain_driver.c | 32
1 file changed, 12 insertions(+), 20 deletions(-)
diff --git a/src/hypervisor/domain_driver.c b/src/hypervisor/domain_driver.c
index c559f94348..ea4c3c9466
changes from v1:
- added Jano's R-b in patches 1-9
- Patch 08:
* clarified why the 'Flags' suffix was kept in the helper name
- (new) Patch 10: change check-aclrules to verify ACL checks in
domain_driver.c
v1 link:
https://www.redhat.com/archives/libvir-list/2021-February/msg00065.html
libxlNodeDeviceReset() and qemuNodeDeviceReset() are mostly equal,
differing only how the virHostdevManager pointer is retrieved.
Put the common code into virDomainDriverNodeDeviceReset() to reduce
code duplication.
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
libxlNodeDeviceReAttach() and qemuNodeDeviceReAttach() are mostly equal,
differing only how the virHostdevManager pointer is retrieved.
Put the common code into virDomainDriverNodeDeviceReAttach() to reduce
code duplication.
Reviewed-by: Ján Tomko
Signed-off-by: Daniel Henrique Barboza
---
On Tue, 2 Feb 2021 08:28:52 +0100
Erik Skultety wrote:
> On Mon, Feb 01, 2021 at 04:38:56PM -0700, Alex Williamson wrote:
> > On Mon, 1 Feb 2021 16:57:44 -0600
> > Jonathon Jongsma wrote:
> >
> > > On Mon, 1 Feb 2021 11:33:08 +0100
> > > Erik Skultety wrote:
> > >
> > > > On Mon, Feb 01,
I *thought* I had tested all the combinations of manually setting
--without netcf, different versions of Fedora, etc, but apparently
not.
The check in libvirt.spec.in to see if the target was an older Fedora
or older RHEL would alway resolve to true, because, e.g., if {?fedora}
is undefined, then
On 2/2/21 1:35 PM, Daniel P. Berrangé wrote:
The check-aclrules.py script has some logic which looks to see if
the method contains a function call that resolves to another
public API entrypoint, as a special case.
So basically we'll need to process the hypervisor_driver.c file to
extract a
On 2/2/21 1:35 PM, Daniel P. Berrangé wrote:
On Tue, Feb 02, 2021 at 05:32:14PM +0100, Ján Tomko wrote:
On a Tuesday in 2021, Daniel P. Berrangé wrote:
On Tue, Feb 02, 2021 at 05:18:51PM +0100, Ján Tomko wrote:
On a Monday in 2021, Daniel Henrique Barboza wrote:
Signed-off-by: Peter Krempa
---
tools/virsh-secret.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c
index de32f25d64..fcfbe5fe9e 100644
--- a/tools/virsh-secret.c
+++ b/tools/virsh-secret.c
@@ -302,7 +302,6 @@ static bool
Clear the secret right after use with virSecureErase.
Signed-off-by: Peter Krempa
---
src/libxl/libxl_conf.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index cb1fd7df7d..694192e1c3 100644
---
Clear out the value using virSecureErase and free it with g_free so
that VIR_DISPOSE_N can be phased out.
Signed-off-by: Peter Krempa
---
src/storage/storage_util.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c
The module will provide functions for disposing secrets stored in
memory.
Note that for now it's implemented using memset, which is not really
secure.
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 4
src/util/meson.build | 1 +
src/util/virsecureerase.c | 44
Signed-off-by: Peter Krempa
---
src/storage/storage_backend_rbd.c | 10 +++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/storage/storage_backend_rbd.c
b/src/storage/storage_backend_rbd.c
index 1f83205dfa..007c53f7ac 100644
--- a/src/storage/storage_backend_rbd.c
+++
Users were replaced with virSecureEraseString with explicit freeing of
the memory.
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 1 -
src/util/viralloc.c | 17 -
src/util/viralloc.h | 14 --
3 files changed, 32 deletions(-)
diff --git
Signed-off-by: Peter Krempa
---
src/rpc/virnetlibsshsession.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
index 73f5e998fc..76934c7c0b 100644
--- a/src/rpc/virnetlibsshsession.c
+++
There are no users any more. The replacement is to use g_auto and
virSecureEraseString explicitly.
Signed-off-by: Peter Krempa
---
src/util/viralloc.h | 10 --
1 file changed, 10 deletions(-)
diff --git a/src/util/viralloc.h b/src/util/viralloc.h
index 0173107b87..f9387a00f9 100644
---
Signed-off-by: Peter Krempa
---
src/rpc/virnetlibsshsession.c | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/rpc/virnetlibsshsession.c b/src/rpc/virnetlibsshsession.c
index 9671a0f98d..73f5e998fc 100644
--- a/src/rpc/virnetlibsshsession.c
+++
In this instance attempting to be correct is really pointless since the
secret is formatted into another string which is not erased securely and
then put on the commandline.
Keep the secure handling for correctness.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_command.c | 4 +++-
1 file
Signed-off-by: Peter Krempa
---
src/libxl/libxl_conf.c | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index 694192e1c3..de0fd66842 100644
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -999,7 +999,7 @@
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 1 +
src/util/virsecureerase.c | 13 +
src/util/virsecureerase.h | 3 +++
3 files changed, 17 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 62a7b8f7b9..845e749bdf 100644
---
The macros are unused now and callers who care about clearing the memory
they use should use memset() appropriately.
Signed-off-by: Peter Krempa
---
src/libvirt_private.syms | 1 -
src/util/viralloc.c | 39 ++-
src/util/viralloc.h | 27
The VIR_DISPOSE* APIs will be phased out. Additionally the test isn't
really doing useful work in ensuring that the values are indeed cleared
thus there's no point in keeping it around.
Signed-off-by: Peter Krempa
---
tests/viralloctest.c | 34 --
1 file changed,
Clear the key and IV structs using virSecureErase.
Signed-off-by: Peter Krempa
---
src/util/vircrypto.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index d2a42d83e2..78689721c3 100644
--- a/src/util/vircrypto.c
+++
The list isn't secret which would need being disposed of. Just expand
the array and return failure when adding the NULL terminator similarly
to how we expand the list for adding devices in a loop.
Signed-off-by: Peter Krempa
---
src/libxl/libxl_conf.c | 1 -
1 file changed, 1 deletion(-)
diff
Clear out the value using virSecureErase and free it with g_free so
that VIR_DISPOSE_N can be phased out.
Signed-off-by: Peter Krempa
---
src/util/vircrypto.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index
The code pretends that it cares about clearing the secret values, but
passes the secret value to a realloc, which may copy the value somewhere
else and doesn't sanitize the original location when it does so.
Since we want to construct a string from the value, let's copy it to a
new piece of
Switch the secret value to 'g_autofree' for handling of the memory and
clear it out using virSecureErase.
Signed-off-by: Peter Krempa
---
src/storage/storage_backend_rbd.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/storage/storage_backend_rbd.c
Switch the secret value to 'g_autofree' for handling of the memory and
clear it out using virSecureErase.
Signed-off-by: Peter Krempa
---
tools/virsh-secret.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c
index
Phase out use of VIR_DISPOSE_N from the qemu driver. Use memset in the
appropriate cases.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_domain.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index
Shuffle the code around to remove the need for temporary variables and
labels for cleaning them.
Signed-off-by: Peter Krempa
---
src/rpc/virnetlibsshsession.c | 23 +--
1 file changed, 5 insertions(+), 18 deletions(-)
diff --git a/src/rpc/virnetlibsshsession.c
Convert the conditions to else if so that it's obvious that only one of
the cases will ever be used.
Signed-off-by: Peter Krempa
---
tools/virsh-secret.c | 19 +++
1 file changed, 7 insertions(+), 12 deletions(-)
diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c
index
Use a single buffer for the secret to make it easier to follow it's
lifecycle. For base64 decoding use a local temporary buffer which will
be cleared right away.
This also uses virSecureErase for clearing the bufer instead of
VIR_DISPOSE_N which is being phased out.
Signed-off-by: Peter Krempa
When virRandomBytes fails we don't get any random bytes and even if we
did they don't have to be treated as secret as they weren't used in any
way.
Add a temporary variable with automatic freeing for the secret buffer
and assign it only on success.
Signed-off-by: Peter Krempa
---
The check whether @keyfile is non-NULL is before locking @sess, but uses
the 'error' label which unlocks '@sess'.
While touching the error path, update the error message to be on one
line.
Signed-off-by: Peter Krempa
---
src/rpc/virnetlibsshsession.c | 6 ++
1 file changed, 2
The struct doesn't contain any secrets to clear before freeing and even
if it did VIR_DISPOSE_N wouldn't help as the struct contains only
pointers thus the actual memory pointing to isn't sanitized.
Just free the params array pointer and then the struct itself.
Signed-off-by: Peter Krempa
---
Patches 1-6 are pure refactors, other patches then convert handling to
the newly introduced functions.
Unfortunately quite a lot of the supposedly "secure" handling of secrets
isn't really secure as we e.g. copy the secret into another buffer which
isn't cleared properly or format it directly
On Tue, Feb 02, 2021 at 05:32:14PM +0100, Ján Tomko wrote:
> On a Tuesday in 2021, Daniel P. Berrangé wrote:
> > On Tue, Feb 02, 2021 at 05:18:51PM +0100, Ján Tomko wrote:
> > > On a Monday in 2021, Daniel Henrique Barboza wrote:
> > > > libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags()
On a Monday in 2021, Daniel Henrique Barboza wrote:
Hi,
This series reduces code duplication between qemu_driver.c and
libxl_driver.c by adding common code, related to NodeDevicePtr
driver functions, into helper functions in domain_driver.c.
No functional change was made.
Daniel Henrique
On a Tuesday in 2021, Daniel P. Berrangé wrote:
On Tue, Feb 02, 2021 at 05:18:51PM +0100, Ján Tomko wrote:
On a Monday in 2021, Daniel Henrique Barboza wrote:
> libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags() are mostly
> equal, aside from how the virHostdevmanager pointer is
On Tue, Feb 02, 2021 at 05:18:51PM +0100, Ján Tomko wrote:
> On a Monday in 2021, Daniel Henrique Barboza wrote:
> > libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags() are mostly
> > equal, aside from how the virHostdevmanager pointer is retrieved and
> > the PCI stub driver used.
> >
>
On a Monday in 2021, Daniel Henrique Barboza wrote:
libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags() are mostly
equal, aside from how the virHostdevmanager pointer is retrieved and
the PCI stub driver used.
Now that the PCI stub driver verification is done early in both functions,
On a Tuesday in 2021, Pavel Hrdina wrote:
Pavel Hrdina (6):
qemu_alias: introduce qemuDomainGetVhostUserAlias helper
qemu_validate: move and refactor
qemuValidateDomainDefVirtioFSSharedMemory
docs: introduces new vhostuser disk type
conf: implement support for vhostuser disk
On a Tuesday in 2021, Pavel Hrdina wrote:
Signed-off-by: Pavel Hrdina
---
src/qemu/qemu_alias.c | 6 ++
src/qemu/qemu_alias.h | 2 ++
src/qemu/qemu_command.c | 8 +---
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index
Signed-off-by: Pavel Hrdina
---
We need to find a better way to validate different combinations of XML
elements and attributes.
src/conf/domain_conf.c| 85
src/conf/domain_validate.c| 187 ++
src/conf/storage_source_conf.c
Signed-off-by: Pavel Hrdina
---
docs/formatdomain.rst | 32 ++--
docs/schemas/domaincommon.rng | 19 +++
2 files changed, 49 insertions(+), 2 deletions(-)
diff --git
Signed-off-by: Pavel Hrdina
---
src/qemu/qemu_capabilities.c | 4
src/qemu/qemu_capabilities.h | 3 +++
tests/qemucapabilitiesdata/caps_2.12.0.aarch64.xml | 1 +
tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 +
Implements QEMU support for vhost-user-blk together with live
hotplug/unplug.
Signed-off-by: Pavel Hrdina
---
src/qemu/qemu_block.c | 16
src/qemu/qemu_block.h | 5 +
src/qemu/qemu_command.c | 91 +--
Pavel Hrdina (6):
qemu_alias: introduce qemuDomainGetVhostUserAlias helper
qemu_validate: move and refactor
qemuValidateDomainDefVirtioFSSharedMemory
docs: introduces new vhostuser disk type
conf: implement support for vhostuser disk
qemu_capabilities: introduce vhost-user-blk
Signed-off-by: Pavel Hrdina
---
src/qemu/qemu_alias.c | 6 ++
src/qemu/qemu_alias.h | 2 ++
src/qemu/qemu_command.c | 8 +---
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index b3492d6e85..57b56b9ded 100644
---
Make the function reusable by other vhost-user based devices.
Signed-off-by: Pavel Hrdina
---
src/qemu/qemu_validate.c | 99 +---
1 file changed, 51 insertions(+), 48 deletions(-)
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index
Queued.
Pass the parameter clock rt to qemu to ensure that the
virtual machine is not synchronized with the host time
Signed-off-by: gongwei
---
docs/formatdomain.rst | 2 +-
docs/schemas/domaincommon.rng | 1 +
src/conf/domain_conf.c |
On Tue, 2021-02-02 at 14:59 +0100, Peter Krempa wrote:
> On Mon, Feb 01, 2021 at 12:28:00 +0100, Tim Wiederhake wrote:
> > Signed-off-by: Tim Wiederhake
> > ---
> > tests/commandhelper.c | 42 ++-
> > ---
> > 1 file changed, 22 insertions(+), 20 deletions(-)
>
On Mon, Feb 01, 2021 at 12:28:00 +0100, Tim Wiederhake wrote:
> Signed-off-by: Tim Wiederhake
> ---
> tests/commandhelper.c | 42 ++
> 1 file changed, 22 insertions(+), 20 deletions(-)
>
> diff --git a/tests/commandhelper.c b/tests/commandhelper.c
> index
On Fri, Jan 22, 2021 at 13:50:21 +0100, Michal Privoznik wrote:
> Technically, this is another version of:
>
> https://www.redhat.com/archives/libvir-list/2020-December/msg00199.html
>
> But since virtio-pmem part is pushed now, I've reworked virtio-mem a bit
> and sending it as a new series.
>
On Fri, Jan 22, 2021 at 13:50:31 +0100, Michal Privoznik wrote:
> New 'update-memory' command is introduced which aims on making it
> user friendly to change device. So far I just need to
> change so I'm introducing --requested-size only; but
> the idea is that this is extensible for other cases
On Fri, Jan 22, 2021 at 13:50:30 +0100, Michal Privoznik wrote:
> Just like we are recalculating the amount of guest memory on
> BALLOON_CHANGE and on reconnect to the monitor, we should include
> the actual size of virtio-mem too.
>
> Signed-off-by: Michal Privoznik
> ---
>
On Fri, Jan 22, 2021 at 13:50:29 +0100, Michal Privoznik wrote:
> If the QEMU driver restarts it loses the track of the actual size
> of virtio-mem (because it's runtime type of information and thus
> not stored in XML) and therefore, we have to refresh it when
> reconnecting to the domain
[...]
A side note, do we get this event e.g. on VM reset? If no we need to
wire up the reset of 'actual' size in such case as it would wrongly
suggest that the VM is using it and it may not even get to loading the
driver.
QEMU fires the event whenever the value changes - including during
On Fri, Jan 22, 2021 at 13:50:28 +0100, Michal Privoznik wrote:
> As advertised in previous commit, this event is delivered to us
> when virtio-mem module changes the allocation inside the guest.
> It comes with one attribute - size - which holds the new size of
> the virtio-mem (well, allocated
On Fri, Jan 22, 2021 at 13:50:27 +0100, Michal Privoznik wrote:
> As advertised in one of previous commits, we want' to be able to
> change 'requested-size' attribute of virtio-mem on the fly. This
> commit does exactly that. Changing anything else is checked for
> and forbidden.
>
> Once guest
On Fri, Jan 22, 2021 at 13:50:24 +0100, Michal Privoznik wrote:
> This commit introduces a new capability that reflects virtio-mem-pci
> device support in QEMU:
>
> QEMU_CAPS_DEVICE_VIRTIO_MEM_PCI, /* -device virtio-mem-pci */
>
> The virtio-mem-pci device was introduced in QEMU 5.1.
>
>
On Fri, Jan 22, 2021 at 13:50:25 +0100, Michal Privoznik wrote:
> The virtio-mem is paravirtualized mechanism of adding/removing
> memory to/from a VM. A virtio-mem-pci device is split into blocks
> of equal size which are then exposed (all or only a requested
> portion of them) to the guest
On Tue, Feb 02, 2021 at 12:25:40AM -0500, Laine Stump wrote:
> On 2/1/21 5:23 AM, Daniel P. Berrangé wrote:
> > On Mon, Feb 01, 2021 at 11:20:04AM +0100, Peter Krempa wrote:
> > > On Mon, Feb 01, 2021 at 10:09:25 +, Daniel Berrange wrote:
> > > > On Mon, Feb 01, 2021 at 11:05:15AM +0100, Peter
On 2/2/21 1:48 AM, Matt Coleman wrote:
This patchset makes the following changes to the Hyper-V driver:
* enable XML parsing and creation of serial ports and NICs
* implement several networking APIs
* implement screenshots
Changes since v1:
* simplified hypervDomainDefParseSerial based on
On 2/2/21 1:48 AM, Matt Coleman wrote:
Co-authored-by: Sri Ramanujam
Signed-off-by: Matt Coleman
---
src/hyperv/hyperv_driver.c| 61 +++
src/hyperv/hyperv_wmi.c | 10 +
src/hyperv/hyperv_wmi.h | 4 ++
On 2/1/21 12:29 PM, Daniel Henrique Barboza wrote:
On 1/22/21 9:28 AM, Michal Privoznik wrote:
What code tries to achieve is that if no flags were provided to
either 'setmem' or 'setmaxmem' commands then the old (no flags)
API is called to be able to communicate with older daemons.
Well, the
77 matches
Mail list logo
