[PATCH] apparmor: Add denied capabilities

The audit log contains the following denials from libvirtd apparmor="DENIED" operation="capable" profile="libvirtd" pid=6012 comm="daemon-init" capability=17 capname="sys_rawio" apparmor="DENIED" operation="capable" profile="libvirtd" pid=6012 comm="rpc-worker" capability=39 capname="bpf"

[PATCH 4/5] qemu: Adapt to virtio-vga-gl device

QEMU 6.1 will replace the virgl property of virtio-vga device to virtio-vga-gl device. Adapt to that update. Resolves: https://gitlab.com/libvirt/libvirt/-/issues/167 Signed-off-by: Han Han --- src/qemu/qemu_command.c | 4 1 file changed, 4 insertions(+) diff --git

[PATCH 3/5] qemu_capabilities: Add QEMU_CAPS_VIRTIO_VGA_GL

It will be used for virtio-vga-gl device later. Signed-off-by: Han Han --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + tests/qemucapabilitiesdata/caps_6.1.0.x86_64.xml | 1 + 3 files changed, 4 insertions(+) diff --git

[PATCH 1/5] qemu_capabilities: Add QEMU_CAPS_VIRTIO_GPU_GL_PCI

This flag will be used for the device virtio-gpu-gl-pci which is introduced since QEMU 6.1. Signed-off-by: Han Han --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + tests/qemucapabilitiesdata/caps_6.1.0.x86_64.xml | 1 + 3 files

[PATCH 5/5] tests: Tests for virtio-vga-gl and virtio-gpu-gl-pci device

Signed-off-by: Han Han --- .../video-virtio-vga-gpu-gl.args | 29 + .../video-virtio-vga-gpu-gl.xml | 34 +++ tests/qemuxml2argvtest.c | 6 +++ .../video-virtio-vga-gpu-gl.xml | 43 +++

[PATCH 0/5] qemu: Adapt to virtio-gpu-gl-pci and virtio-vga-gl

The virgl property of virtio-gpu-pci will be replaced by virtio-gpu-gl-pci in QEMU 6.1. Adapt to that update. Resolves: https://gitlab.com/libvirt/libvirt/-/issues/167 https://bugzilla.redhat.com/show_bug.cgi?id=1967356 Han Han (5): qemu_capabilities: Add QEMU_CAPS_VIRTIO_GPU_GL_PCI qemu:

[PATCH 2/5] qemu: Adapt to virtio-gpu-gl-pci device when available

QEMU 6.1 will add virtio-gpu-gl-pci device to replace the virgl property of virtio-gpu-pci device. Adapt to that change. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1967356 Signed-off-by: Han Han --- src/qemu/qemu_command.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-)

Re: [PATCH] apparmor: Add denied capabilities

On Mon, Jun 7, 2021 at 6:34 PM Jim Fehlig wrote: > > The audit log contains the following denials from libvirtd > > apparmor="DENIED" operation="capable" profile="libvirtd" pid=6012 > comm="daemon-init" capability=17 capname="sys_rawio" > apparmor="DENIED" operation="capable" profile="libvirtd"

[libvirt PATCH] openvswitch: don't delete existing OVS port prior to recreating same port

Connecting a tap device to an Open vSwitch is done by adding a "port" to the switch with the ovs-vsctl "add-port" command. The port will have the same name as the tap device, but it is a separate entity, and can survive beyond the destruction of the tap device (although under normal circumstances

Re: [libvirt PATCH] meson: Ask rst2html to strip comments

On 6/7/21 5:03 PM, Daniel P. Berrangé wrote: > On Mon, Jun 07, 2021 at 04:52:41PM +0200, Pavel Hrdina wrote: >> On Mon, Jun 07, 2021 at 04:39:15PM +0200, Michal Prívozník wrote: >>> On 6/4/21 2:31 PM, Andrea Bolognani wrote: They can be problematic: in particular, the rst files generated

[PATCH v2] tools: only fail validations if VIR_HOST_VALIDATE_FAIL is set

Currently `virt-host-validate` will fail whenever one of its calls fail, regardless of virHostValidateLevel set. This behaviour is not optimal and makes it not exactly reliable as a command line tool as other tools or scripts using it would have to check its output to figure out whether something

Re: [libvirt PATCH v3] docs: introduce stubs for new libvirt Go packages

On Mon, Jun 07, 2021 at 02:38:34PM +0100, Daniel P. Berrangé wrote: > + > +Obsolete libvirt Go Language API (no Go modules) > + > > -The `Go `__ package ``libvirt.org/libvirt-go``

Re: [libvirt PATCH] meson: Ask rst2html to strip comments

On Mon, Jun 07, 2021 at 04:52:41PM +0200, Pavel Hrdina wrote: > On Mon, Jun 07, 2021 at 04:39:15PM +0200, Michal Prívozník wrote: > > On 6/4/21 2:31 PM, Andrea Bolognani wrote: > > > [1/12] Generating virkeyname-osx.html with a meson_exe.py custom command > > > FAILED:

Re: [libvirt PATCH] meson: Ask rst2html to strip comments

On Mon, Jun 07, 2021 at 04:52:41PM +0200, Pavel Hrdina wrote: > On Mon, Jun 07, 2021 at 04:39:15PM +0200, Michal Prívozník wrote: > > On 6/4/21 2:31 PM, Andrea Bolognani wrote: > > > They can be problematic: in particular, the rst files generated > > > by keycodemapdb's keymap-gen contain things

Re: [PATCH v8 2/3] conf: Support to parse rbd namespace from source name

On Mon, Jun 07, 2021 at 16:34:39 +0200, Peter Krempa wrote: > On Wed, May 26, 2021 at 21:35:11 +0800, Han Han wrote: > > Signed-off-by: Han Han > > --- > > docs/formatdomain.rst | 16 > > src/conf/domain_conf.c | 47 +++--- > >

Re: [PATCH v8 3/3] qemu: Implement rbd namespace to the source name attribute

On Wed, May 26, 2021 at 21:35:12 +0800, Han Han wrote: > Since Nautilus ceph supports separate image namespaces within a pool for > tenant isolation and QEMU adds it as a rbd blockdev options from 5.0.0. > The source name with format "//" could be used to > access a rbd image with namespace. > >

Re: [libvirt PATCH] meson: Ask rst2html to strip comments

On Mon, Jun 07, 2021 at 04:39:15PM +0200, Michal Prívozník wrote: > On 6/4/21 2:31 PM, Andrea Bolognani wrote: > > They can be problematic: in particular, the rst files generated > > by keycodemapdb's keymap-gen contain things like > > > > To re-generate, run: > > keymap-gen --lang=rst

Re: [PATCH] ch: set driver to NULL after freeing it

On 6/4/21 5:01 PM, Daniel P. Berrangé wrote: > If the chStateInitialize method fails, we call chStateCleanup > which free's all global state. It fails to set the global > 'ch_driver' to NULL, however, so a later attempt to open the > cloud hypervisor driver will succeed and then crash attempting >

Re: [PATCH] docs: formatdomain: Document disk serial truncation status quo

On 6/4/21 2:08 PM, Peter Krempa wrote: > Disk serials are truncated arbitrarily and silently by qemu depending on > the device type and how they are configured. Since changing the current > state would lead to more regressions than we have now, document that the > truncation is arbitrary. > >

Re: [PATCH] remote: remove/annotate unused variables

On 6/4/21 5:07 PM, Daniel P. Berrangé wrote: > Fixes commit 48f66cfe3ee51baf64f06f1f89dda52af6f4d9d6 > Fixes commit fcdcf8f70cf5d6657086e2889124d0e1a7332a29 > Signed-off-by: Daniel P. Berrangé > --- > src/remote/remote_driver.c | 3 --- > src/rpc/virnetsocket.c | 2 +- > 2 files changed, 1

Re: [PATCH v8 2/3] conf: Support to parse rbd namespace from source name

On Wed, May 26, 2021 at 21:35:11 +0800, Han Han wrote: > Signed-off-by: Han Han > --- > docs/formatdomain.rst | 16 > src/conf/domain_conf.c | 47 +++--- > src/conf/storage_source_conf.c | 2 ++ > src/conf/storage_source_conf.h | 1 + >

Re: [libvirt PATCH] meson: Ask rst2html to strip comments

On 6/4/21 2:31 PM, Andrea Bolognani wrote: > They can be problematic: in particular, the rst files generated > by keycodemapdb's keymap-gen contain things like > > To re-generate, run: > keymap-gen --lang=rst --title=virkeycode-osx [...] > > which result in xsltproc later choking with > >

Re: [libvirt PATCH] docs: virtiofs: describe memfd memory backend

On 6/7/21 3:50 PM, Stefan Hajnoczi wrote: > Nowadays memfd is the most convenient memory backend for vhost-user > devices. Compared to file-backend memory and hugepages, there is no need > to worry about configuring the location of the shm directory or > allocating hugepages. > > Cc: Michal

Re: [libvirt] [PATCH 2/2] virsh: Add coredump format completion to dump command

On 6/7/21 5:14 AM, Lin Ma wrote: > Signed-off-by: Lin Ma > --- > tools/virsh-completer-domain.c | 19 +++ > tools/virsh-completer-domain.h | 5 + > tools/virsh-domain.c | 2 ++ > 3 files changed, 26 insertions(+) > > diff --git a/tools/virsh-completer-domain.h

Re: [libvirt] [PATCH 0/2] virsh: Add coredump format completion to dump

On 6/7/21 5:14 AM, Lin Ma wrote: > Lin Ma (2): > virsh: Use VIR_ENUM_* for --format argument in doDump > virsh: Add coredump format completion to dump command > > tools/virsh-completer-domain.c | 19 +++ > tools/virsh-completer-domain.h | 5 + > tools/virsh-domain.c

[libvirt PATCH] docs: virtiofs: describe memfd memory backend

Nowadays memfd is the most convenient memory backend for vhost-user devices. Compared to file-backend memory and hugepages, there is no need to worry about configuring the location of the shm directory or allocating hugepages. Cc: Michal Prívozník Cc: Ján Tomko Signed-off-by: Stefan Hajnoczi

[PATCH] docs: switch ci status page to use Go -module repos

Signed-off-by: Daniel P. Berrangé --- docs/ci.rst | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/ci.rst b/docs/ci.rst index b321a67bd9..71418d74bf 100644 --- a/docs/ci.rst +++ b/docs/ci.rst @@ -50,10 +50,10 @@ Language bindings :target:

[PATCH 0/2] Another round of CH driver fixes

*** BLURB HERE *** Michal Prívozník (2): ch_driver: Avoid driver double free virCHDriverConfig: Drop @uri member src/ch/ch_conf.c | 1 - src/ch/ch_conf.h | 1 - src/ch/ch_driver.c | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) -- 2.31.1

[PATCH 2/2] virCHDriverConfig: Drop @uri member

This member is unused (apart from only being set in virCHDriverConfigNew()), and never freed really (leading to a memleak). Signed-off-by: Michal Privoznik --- src/ch/ch_conf.c | 1 - src/ch/ch_conf.h | 1 - 2 files changed, 2 deletions(-) diff --git a/src/ch/ch_conf.c b/src/ch/ch_conf.c index

[PATCH 1/2] ch_driver: Avoid driver double free

In one of my recent patches I made chStateInitialize() return VIR_DRV_STATE_INIT_SKIPPED if CH_CMD doesn't exist. What I did not realize back then was that chStateCleanup() would be called twice. This is not a problem per-se because the function is a NOP if driver is NULL. but the problem is that

[libvirt PATCH v3] docs: introduce stubs for new libvirt Go packages

Currently we expose libvirt Go packages at libvirt.org/libvirt-go libvirt.org/libvirt-go-xml These packages have not supported Go modules historically and when we tried to introduce modules, we hit the problem that we're not using semver for versioning. The only way around this is to

Re: [PATCH v1 09/10] capabilities: Expose NUMA interconnects

On 6/4/21 2:50 PM, Martin Kletzander wrote: > On Mon, May 31, 2021 at 10:36:10AM +0200, Michal Privoznik wrote: >> Links between NUMA nodes can have different latencies and >> bandwidths. This info is newly defined in ACPI 6.2 under >> Heterogeneous Memory Attribute Table (HMAT) table. Linux

Re: [PATCH v1 10/10] vircaps2xmltest: Introduce HMAT test case

On 6/4/21 2:50 PM, Martin Kletzander wrote: > On Mon, May 31, 2021 at 10:36:11AM +0200, Michal Privoznik wrote: >> This test was generated on a guest with the following NUMA >> configuration: >> >>    >> >>    >> >> >>    >>    >> >> >>

[libvirt PATCH 0/2] Update sync_qemu_i386.py tool for changes in QEMU

QEMU commit e11fd68996fb27c040552320f01a7d30a15a7cc1 changed a line that was used by our tool as marker. Commit 1 prepares for the change, commit 2 actually makes the required adjustment. Cheers, Tim Tim Wiederhake (2): cpu_map: sync_qemu_i386.py: Use regex to look for begin mark cpu_map:

[libvirt PATCH 2/2] cpu_map: sync_qemu_i386.py: Allow begin mark to contain `const`

This was introduced in qemu commit e11fd68996fb27c040552320f01a7d30a15a7cc1. Signed-off-by: Tim Wiederhake --- src/cpu_map/sync_qemu_i386.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cpu_map/sync_qemu_i386.py b/src/cpu_map/sync_qemu_i386.py index

[libvirt PATCH 1/2] cpu_map: sync_qemu_i386.py: Use regex to look for begin mark

Signed-off-by: Tim Wiederhake --- src/cpu_map/sync_qemu_i386.py | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/cpu_map/sync_qemu_i386.py b/src/cpu_map/sync_qemu_i386.py index 1a98fa70d7..40c7d6e969 100755 --- a/src/cpu_map/sync_qemu_i386.py +++

Re: [PATCH] tools: only fail validations if VIR_HOST_VALIDATE_FAIL is set

On Mon, Jun 7, 2021 at 10:45 AM Michal Prívozník wrote: > > On 6/6/21 12:15 PM, Fabiano Fidêncio wrote: > > Currently `virt-host-validate` will fail whenever one of its calls fail, > > regardless of virHostValidateLevel set. > > > > This behaviour is not optimal and makes it not exactly reliable

Re: [PATCH 0/3] Couple of build fixes

On 6/7/21 10:33 AM, Peter Krempa wrote: > On Mon, Jun 07, 2021 at 10:18:39 +0200, Michal Privoznik wrote: >> Here's pipeline: >> >> https://gitlab.com/MichalPrivoznik/libvirt/-/pipelines/315940894 >> >> I have not merged these yet. I'll give others a chance to fix my grammar >> :-) >> >> Michal

Re: [PATCH] tools: only fail validations if VIR_HOST_VALIDATE_FAIL is set

On 6/6/21 12:15 PM, Fabiano Fidêncio wrote: > Currently `virt-host-validate` will fail whenever one of its calls fail, > regardless of virHostValidateLevel set. > > This behaviour is not optimal and makes it not exactly reliable as a > command line tool as other tools or scripts using it would

Re: [PATCH 0/3] Couple of build fixes

On Mon, Jun 07, 2021 at 10:18:39 +0200, Michal Privoznik wrote: > Here's pipeline: > > https://gitlab.com/MichalPrivoznik/libvirt/-/pipelines/315940894 > > I have not merged these yet. I'll give others a chance to fix my grammar > :-) > > Michal Prívozník (3): > doRemoteOpen: Drop @daemonPath

[PATCH 3/3] remoteGetUNIXSocket: Complete variable rename for WIN32

In fcdcf8f70cf the remoteGetUNIXSocket() function was changed and one new variable was introduced (among other things): @env_name. However, for WIN32 case the variable changed name to @env_path which builds mingw builds. Signed-off-by: Michal Privoznik --- src/remote/remote_sockets.c | 2 +- 1

[PATCH 2/3] virnetsocket: Mark @spawnDaemonPath of virNetSocketNewConnectUNIX() unused

The virNetSocketNewConnectUNIX() function was changed in 48f66cfe3e. And its WIN32 version (which just reports an error) was updated too, but this new argument @spawnDaemonPath was not marked as unused. Signed-off-by: Michal Privoznik --- src/rpc/virnetsocket.c | 2 +- 1 file changed, 1

[PATCH 1/3] doRemoteOpen: Drop @daemonPath

The @daemonPath variable in doRemoteOpen() is no longer used after faf8354674. Remove it. Signed-off-by: Michal Privoznik --- src/remote/remote_driver.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index da672b0d00..c03c68ec30

[PATCH 0/3] Couple of build fixes

Here's pipeline: https://gitlab.com/MichalPrivoznik/libvirt/-/pipelines/315940894 I have not merged these yet. I'll give others a chance to fix my grammar :-) Michal Prívozník (3): doRemoteOpen: Drop @daemonPath virnetsocket: Mark @spawnDaemonPath of virNetSocketNewConnectUNIX() unused

[PATCH 1/2] test_driver: Implement virNodeGetSecurityModel

Signed-off-by: Luke Yue --- src/test/test_driver.c | 32 tests/virshtest.c | 2 ++ 2 files changed, 34 insertions(+) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index ea5a5005e7..2651301629 100644 --- a/src/test/test_driver.c +++

[PATCH 0/2] test_driver: Implement some Security related APIs

Luke Yue (2): test_driver: Implement virNodeGetSecurityModel test_driver: Implement virDomainGetSecurityLabel src/test/test_driver.c | 63 ++ tests/virshtest.c | 4 +++ 2 files changed, 67 insertions(+) -- 2.31.1

[PATCH 2/2] test_driver: Implement virDomainGetSecurityLabel

Signed-off-by: Luke Yue --- src/test/test_driver.c | 31 +++ tests/virshtest.c | 2 ++ 2 files changed, 33 insertions(+) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index 2651301629..611ec6d7ec 100644 --- a/src/test/test_driver.c +++

[libvirt] [PATCH 0/2] virsh: Add coredump format completion to dump

Lin Ma (2): virsh: Use VIR_ENUM_* for --format argument in doDump virsh: Add coredump format completion to dump command tools/virsh-completer-domain.c | 19 +++ tools/virsh-completer-domain.h | 5 + tools/virsh-domain.c | 28 ++--

[libvirt] [PATCH 2/2] virsh: Add coredump format completion to dump command

Signed-off-by: Lin Ma --- tools/virsh-completer-domain.c | 19 +++ tools/virsh-completer-domain.h | 5 + tools/virsh-domain.c | 2 ++ 3 files changed, 26 insertions(+) diff --git a/tools/virsh-completer-domain.c b/tools/virsh-completer-domain.c index

[libvirt] [PATCH 1/2] virsh: Use VIR_ENUM_* for --format argument in doDump

Signed-off-by: Lin Ma --- tools/virsh-domain.c | 26 -- tools/virsh-domain.h | 1 + 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index e42c4d612d..78276dd847 100644 --- a/tools/virsh-domain.c +++

[PATCH 2/2] virfile: Simplify virFindFileInPath() with g_find_program_in_path()

Signed-off-by: Luke Yue --- src/util/virfile.c | 48 +++--- 1 file changed, 3 insertions(+), 45 deletions(-) diff --git a/src/util/virfile.c b/src/util/virfile.c index 7fe357ab16..14b45f4e1b 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@

[PATCH 1/2] Replace virFileAbsPath() with g_canonicalize_filename()

Signed-off-by: Luke Yue --- src/libvirt-domain.c | 16 src/libvirt_private.syms | 1 - src/util/virfile.c | 23 +-- src/util/virfile.h | 3 --- src/util/virlog.c| 2 +- 5 files changed, 10 insertions(+), 35 deletions(-) diff --git

[PATCH v2 0/2] Replace some libvirt handling function with GLib APIs

Compared to original: - Ensure the virFindFileInPath() return an absolute path (tried to use glibcompat, failed to solve some Windows related issue) - Just remove virFileAbsPath() and use g_canonicalize_filename() instead Luke Yue (2): Replace virFileAbsPath() with