[PATCH v2] conf: virDomainMemoryDefValidate: Improve error message

An explicit limit would be more user friendly. Add the limit to error message. Before this commit: ``` error: requested size must be smaller than or equal to @size ``` Now: ``` error: requested size must be smaller than or equal to @size (8388608KiB) ``` Signed-off-by: Liu Yiding ---

Re: [PATCH] VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: Explicitly show max value in error message

Hi, Michal On 6/27/22 20:59, Michal Prívozník wrote: > On 6/27/22 10:49, Liu Yiding wrote: >> Signed-off-by: Liu Yiding > > Hey, couple of points: > > 1) the commit subject is a bit verbose/has wrong prefix. You can use git > log --oneline to view what prefix we usually use, > > 2) the

Re: [libvirt PATCH 00/28] Improve firmware autoselection

On Mon, Jun 27, 2022 at 09:04:02AM -0700, Andrea Bolognani wrote: > On Mon, Jun 27, 2022 at 11:07:35AM +0100, Daniel P. Berrangé wrote: > > On Mon, Jun 27, 2022 at 12:00:59PM +0200, Gerd Hoffmann wrote: > > > On Thu, Jun 23, 2022 at 06:14:12PM +0200, Andrea Bolognani wrote: > > > > The main

Re: [libvirt PATCH 00/28] Improve firmware autoselection

On Mon, Jun 27, 2022 at 11:07:35AM +0100, Daniel P. Berrangé wrote: > On Mon, Jun 27, 2022 at 12:00:59PM +0200, Gerd Hoffmann wrote: > > On Thu, Jun 23, 2022 at 06:14:12PM +0200, Andrea Bolognani wrote: > > > The main motivation behind this series was making it as simple as > > > possible ("one

Re: [PATCH] VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: Explicitly show max value in error message

On 6/27/22 10:49, Liu Yiding wrote: > Signed-off-by: Liu Yiding Hey, couple of points: 1) the commit subject is a bit verbose/has wrong prefix. You can use git log --oneline to view what prefix we usually use, 2) the commit message is a bit sparse. We like to document what's the scenario a

Re: [PATCH] NEWS: Document my contributions for the upcoming release

On a Monday in 2022, Michal Privoznik wrote: There are couple of features/improvements/bugfixes I contributed into the upcoming release. Include those worth mentioning in the NEWS. Signed-off-by: Michal Privoznik --- NEWS.rst | 30 ++ 1 file changed, 30 insertions(+)

[PATCH v2 9/9] qemu: Place helper processes into the same trusted group

Since the level of trust that QEMU has is the same level of trust that helper processes have there's no harm in placing all of them into the same group. Unfortunately, since these processes are started before QEMU we can't use brand new virCommand*() APIs (those are used on hotplug though) and

[PATCH v2 8/9] qemu: Enable SCHED_CORE for domains and helper processes

Despite all mitigations, side channel attacks when two processes run at two Hyper Threads of the same core are still possible. Fortunately, the Linux kernel came up with a solution: userspace can create so called trusted groups, which are sets of processes and only processes of the same group can

[PATCH v2 2/9] qemu_vhost_user_gpu: Export qemuVhostUserGPUGetPid()

In near future it will be necessary to know the PID of vhost-user-gpu process for QEMU. Export the function that does just that (qemuVhostUserGPUGetPid()). Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrangé --- src/qemu/qemu_vhost_user_gpu.c | 2 +- src/qemu/qemu_vhost_user_gpu.h

[PATCH v2 7/9] qemu_conf: Introduce a knob to set SCHED_CORE

Ideally, we would just pick the best default and users wouldn't have to intervene at all. But in some cases it may be handy to not bother with SCHED_CORE at all or place helper processes into the same group as QEMU. Introduce a knob in qemu.conf to allow users control this behaviour.

[PATCH v2 6/9] virCommand: Introduce APIs for core scheduling

There are two modes of core scheduling that are handy wrt virCommand: 1) create new trusted group when executing a virCommand 2) place freshly executed virCommand into the trusted group of another process. Therefore, implement these two new operations as new APIs: virCommandSetRunAlone() and

[PATCH v2 5/9] virprocess: Core Scheduling support

Since its 5.14 release the Linux kernel allows userspace to define trusted groups of processes/threads that can run on sibling Hyper Threads (HT) at the same time. This is to mitigate side channel attacks like L1TF or MDS. If there are no tasks to fully utilize all HTs, then a HT will idle instead

[PATCH v2 4/9] qemu_virtiofs: Separate PID read code into qemuVirtioFSGetPid

In near future it will be necessary to know the PID of virtiofsd started for QEMU. Move the code into a separate function (qemuVirtioFSGetPid()) and export it in the header file. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrangé --- src/qemu/qemu_virtiofs.c | 38

[PATCH v2 1/9] qemu_dbus: Separate PID read code into qemuDBusGetPID

In near future it will be necessary to know the PID of DBus daemon started for QEMU. Move the code into a separate function (qemuDBusGetPID()) and export it in the header file. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrangé --- src/qemu/qemu_dbus.c | 42

[PATCH v2 3/9] qemu_tpm: Expose qemuTPMEmulatorGetPid()

In near future it will be necessary to know the PID of swtpm process for QEMU. Export the function that does just that (qemuTPMEmulatorGetPid()). Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrangé --- src/qemu/qemu_tpm.c | 2 +- src/qemu/qemu_tpm.h | 7 +++ 2 files changed, 8

[PATCH v2 0/9] qemu: Enable SCHED_CORE for domains and helper processes

v2 of: https://listman.redhat.com/archives/libvir-list/2022-May/230902.html While technically, the original series was "just" and RFC, it got proper review and thus I'm marking this as v2. What's still missing? = * Per Dario's suggestion, we should take vcpu pinning (and

Re: [libvirt PATCH 00/28] Improve firmware autoselection

On Mon, Jun 27, 2022 at 12:00:59PM +0200, Gerd Hoffmann wrote: > On Thu, Jun 23, 2022 at 06:14:12PM +0200, Andrea Bolognani wrote: > > The main motivation behind this series was making it as simple as > > possible ("one click") to enable Secure Boot for a VM. > > Heads up, and sort-of follow-up

Re: [libvirt PATCH 00/28] Improve firmware autoselection

On Thu, Jun 23, 2022 at 06:14:12PM +0200, Andrea Bolognani wrote: > The main motivation behind this series was making it as simple as > possible ("one click") to enable Secure Boot for a VM. Heads up, and sort-of follow-up to the recent secure boot and smm (x86) and tz (arm) discussion. We'll

[PATCH] VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: Explicitly show max value in error message

Signed-off-by: Liu Yiding --- src/conf/domain_validate.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 33b6f47159..668210cd35 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@

[PATCH] NEWS: Document my contributions for the upcoming release

There are couple of features/improvements/bugfixes I contributed into the upcoming release. Include those worth mentioning in the NEWS. Signed-off-by: Michal Privoznik --- NEWS.rst | 30 ++ 1 file changed, 30 insertions(+) diff --git a/NEWS.rst b/NEWS.rst index

Re: [PATCH] qemucapabilitiestest: Update capabilities for the 7.1 release cycle on x86_64

On 6/24/22 16:21, Peter Krempa wrote: > Update to v7.0.0-2006-g3a821c52e1 > > Notable changes: > - VFU_CLIENT_HANGUP event added > - query-stats and query-stats-schemas commands added > - 'loongarch64' arch added > - added new qom types: > - cxl-downstream > -

Entering freeze for libvirt-8.5.0

I have just tagged v8.5.0-rc1 in the repository and pushed signed tarballs and source RPMs to https://libvirt.org/sources/ Please give the release candidate some testing and in case you find a serious issue which should have a fix in the upcoming release, feel free to reply to this thread to make

Re: [libvirt PATCH] qemu_migration: Avoid mem.hard_limit > 0 check

On 6/24/22 16:33, Jiri Denemark wrote: > My original commit v8.4.0-288-gf01fc4d119 accidentally forgot to fix > both instances of the same problem. While it fixed the destination side > of migration, the source one remained broken. > > However, that commit was also wrong in saying the issue could