Thanks for your review, I will fix in version 2.
发件人: Daniel Henrique Barboza
发送时间: 2020年6月16日星期二 上午2:36
收件人: Bingsong Si; libvir-list@redhat.com
主题: Re: [PATCH] network: Fix a race condition when shutdown & start vm at the
same time
On 6/11/20 6:58 AM, Bingsong Si wrote:
> when shutdown
environment:libvirt-4.3.0 qemu-kvm-ev-2.10.0 kernel-3.10.0-1062 centos7
openvswitch-2.3.1
vm network xml :
qemuProcessStart in qemu_process.c failed to start.
The first is qemu process stop(At this time, the kernel will recycle tap
device,
and the
On 6/15/20 2:04 PM, Daniel Henrique Barboza wrote:
On 6/12/20 3:18 AM, gong...@smartx.com wrote:
From: gongwei
start to failed will not remove the openvswitch port,
the port recycling in this case lets openvswitch handle it by itself
Signed-off-by: gongwei
---
Can you please elaborate
On 6/11/20 6:58 AM, Bingsong Si wrote:
when shutdown vm, the qemuProcessStop cleanup virtual interface in two steps:
s/when/When
1. qemuProcessKill kill qemu process, and vif disappeared
2. ovs-vsctl del-port from the brige
if start a vm in the middle of the two steps, the new vm will
On 6/12/20 3:18 AM, gong...@smartx.com wrote:
From: gongwei
start to failed will not remove the openvswitch port,
the port recycling in this case lets openvswitch handle it by itself
Signed-off-by: gongwei
---
Can you please elaborate on the commit message? By the commit title and
the
On 6/15/20 10:56 AM, Daniel P. Berrangé wrote:
The "virsh domcapabilities --arch ppc64" command will fail with no
error message set if qemu-system-ppc64 is not currently installed.
This is because virQEMUCapsCacheLookup() does not report any error
message if not capabilities can be obtained
If a disk is not captured by one of the intermediate checkpoints the
code would fail, but we can easily calculate the bitmaps to merge
correctly by skipping over checkpoints which don't describe the disk.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_backup.c | 24
Now that we've updated both the test data and the validator to new
semantics we can start testing again.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 12
1 file changed, 12 insertions(+)
diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c
index
Reject duplicates and other problematic bitmaps according to the new
semantics of bitmap use in libvirt.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c | 38 +++---
1 file changed, 23 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_block.c
Chaining bitmaps for checkpoints (disabling the active one and creating
a new) severely overcomplicated all operations in regards to bitmaps.
Specifically it requires us re-matching the on-disk state to the
internal metadata and in case of merging during block jobs it makes it
almost impossible
Based on the 'snapshots' example with manual tweaks to introduce
inactive, transient, inconsistent and duplicate bitmaps in various parts
of the chain to excercise detection and new validation code.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 11 +
Add test data for an image without bitmaps.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 4 ++
tests/qemublocktestdata/bitmap/empty.json | 70 +++
tests/qemublocktestdata/bitmap/empty.out | 1 +
3 files changed, 75 insertions(+)
create mode
The 'basic' case is just a single backing store layer containing the
bitmaps so we just copy the bitmaps over to the backup bitmap.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 4 +++
.../backupmerge/basic-deep-out.json | 25 +++
The algorithm is getting quite complex. Split out the lookup of range of
backing chain storage sources and bitmaps contained in them which
correspond to one checkpoint.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_backup.c | 111 ++---
1 file changed, 61
Test both 'basic' and 'snapshots' cases on shallow and deep copy modes.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 5 +
.../bitmapblockcopy/basic-deep-out.json | 144 ++
.../bitmapblockcopy/basic-shallow-out.json| 144 ++
Reuse qemuBlockGetBitmapMergeActions which allows to remove the ad-hoc
implementatio of bitmap merging for block copy.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_block.c| 113 ++-
src/qemu/qemu_blockjob.c | 40 ++
src/qemu/qemu_driver.c
They will be replaced by a different set which will test scenarios
relevant for the new semantics.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 3 -
.../bitmap/snapshots-synthetic-broken.json| 837 --
Use the new test data when calculating incremental backup operations. As
incremental backup fails with no bitmap the test code is modified to
allow testing this case too.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 19 ++-
Use test data which conforms to the new semantics which changed in the
previous patch.
The test data was created by the same set of commands as originally in
commit 0b27b655b1bac480186ce80457113cd5dc34e6a1
Signed-off-by: Peter Krempa
---
tests/qemublocktestdata/bitmap/snapshots.json | 1382
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 3 +++
tests/qemublocktestdata/bitmapblockcopy/empty-deep-out.json| 0
tests/qemublocktestdata/bitmapblockcopy/empty-shallow-out.json | 0
3 files changed, 3 insertions(+)
create mode 100644
Outline the basics and how to integrate with externally created
overlays. Other topics will continue later.
Signed-off-by: Peter Krempa
---
docs/kbase.html.in| 3 +
docs/kbase/incrementalbackupinternals.rst | 210 ++
2 files changed, 213
In the 'basic case we have few bitmaps in only the top layer. Simulate
commit into the backing of the top layer and also 2 levels deep.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 4 +
.../bitmapblockcommit/basic-1-2 | 145 ++
In preparation to allow heterogenous backups store the 'incremental'
field per-disk and fill it by default from the per-backup field.
Having this will be important once we'll want to allow incremental
backup working while hotplugging a new disk.
Signed-off-by: Peter Krempa
---
Upcoming patches are going to rewrite and semantically modify how
bitmaps are handled during blockjobs. This is possible as incremental
backup is not yet fully enabled.
As the changes are going to be incompatible with any current test data
remove all test cases for bitmap handling during
New semantics of the bitmap handling don't need this. Remove the field
and all uses of it including the status XML.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_blockjob.c | 44 ---
src/qemu/qemu_blockjob.h | 3 --
Use test data which conforms to the new semantics which changed in the
previous patch.
The test data was created by the same set of commands as originally in
commit 9aac9d5bdab039a50de2d8c627b3a1f1578ed471
Signed-off-by: Peter Krempa
---
tests/qemublocktestdata/bitmap/basic.json | 229
Now that we've switched to the simple handling, the first thing that can
be massively simplified is checkpoint deletion. We now need to only go
through the backing chain and find the appropriately named bitmaps and
delete them, no complex lookups or merging.
Note that compared to other functions
Use the new test data for checkpoint deletion testing. This test also
requires modification of the internals to allow checking for test
failure.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 13 +++--
.../checkpointdelete/empty-out.json
Simulate commit between all the combinations of layers in the
'snapshots' case to see whether the code merges the correct bitmaps with
the correct depth of temporary bitmaps.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 14 ++
Also rename the helper struct and function.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/tests/qemublocktest.c b/tests/qemublocktest.c
index 336ff4b3ef..82297d0a8b 100644
--- a/tests/qemublocktest.c
+++
Reuse qemuBlockGetBitmapMergeActions which allows to remove the ad-hoc
iplementatio of bitmap merging for backup. The new approach is simpler
and also more robust in case some of the bitmaps break as they remove
the dependancy on the whole chain of bitmaps working.
The new approach also allows
Exercise the now arguably simpler checkpoint deletion code on the
'basic', 'snapshots', and 'synthetic' test data sets.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 18
.../checkpointdelete/basic-current-out.json | 9
Add a function which allows to merge bitmaps according to the new
semantics and will allow to replace all the specific ad-hoc functions
currently in use for 'backup', 'block commit', 'block copy' and will
also be usable in the future for 'block pull' and non-shared storage
migration.
The
The 'snapshots' case has multiple layers so we need to make sure that
the bitmaps are merged with the appropriate temporary bitmaps formatted
from the allocation bitmap for any backing chain layer above.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 4 ++
Reuse qemuBlockGetBitmapMergeActions which allows to remove the ad-hoc
implementatio of bitmap merging for block commit. The new approach is
way simpler and more robust and also allows us to get rid of the
disabling of bitmaps done prior to the start as we actually do want to
update the bitmaps in
There will be multiple places where we'll need to print nodenames from a
GSList of virStorageSource for testing purposes. Extract the code into a
function.
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 27 ++-
1 file changed, 18 insertions(+), 9 deletions(-)
Signed-off-by: Peter Krempa
---
tests/qemublocktest.c | 2 ++
tests/qemublocktestdata/bitmapblockcommit/empty | 2 ++
2 files changed, 4 insertions(+)
create mode 100644 tests/qemublocktestdata/bitmapblockcommit/empty
diff --git a/tests/qemublocktest.c
Fetch the checkpoint list for every disk specifically based on the new
per-disk 'incremental' field.
Signed-off-by: Peter Krempa
---
src/qemu/qemu_backup.c | 108 -
1 file changed, 52 insertions(+), 56 deletions(-)
diff --git a/src/qemu/qemu_backup.c
Simplify how we approach bitmap handling to increase robustness and
understanding of the code. Additionally document intricacies of how we
approach handling of bitmaps so that in cases when users decide to
do snapshots outside of libvirt they can re-create the bitmaps so that
they will still work
On Mon, Jun 15, 2020 at 04:49:30PM +0200, Boris Fiuczynski wrote:
> On 6/15/20 4:17 PM, Erik Skultety wrote:
> > On Mon, Jun 15, 2020 at 10:28:07AM +0200, Paulo de Rezende Pinatti wrote:
> > > This patch introduces a common function to verify if the
> > > availability of the so-called Secure Guest
On 15/06/20 17:46, Erik Skultety wrote:
On Mon, Jun 15, 2020 at 04:49:10PM +0200, Paulo de Rezende Pinatti wrote:
On 15/06/20 16:16, Erik Skultety wrote:
On Mon, Jun 15, 2020 at 10:28:06AM +0200, Paulo de Rezende Pinatti wrote:
Introduce two utility functions to parse a kernel command
On Mon, Jun 15, 2020 at 04:49:10PM +0200, Paulo de Rezende Pinatti wrote:
>
>
> On 15/06/20 16:16, Erik Skultety wrote:
> > On Mon, Jun 15, 2020 at 10:28:06AM +0200, Paulo de Rezende Pinatti wrote:
> > > Introduce two utility functions to parse a kernel command
> > > line string according to the
On 15/06/20 16:16, Erik Skultety wrote:
On Mon, Jun 15, 2020 at 10:28:06AM +0200, Paulo de Rezende Pinatti wrote:
Introduce two utility functions to parse a kernel command
line string according to the kernel code parsing rules in
order to enable the caller to perform operations such as
On 6/15/20 4:17 PM, Erik Skultety wrote:
On Mon, Jun 15, 2020 at 10:28:07AM +0200, Paulo de Rezende Pinatti wrote:
This patch introduces a common function to verify if the
availability of the so-called Secure Guest feature on the host
has changed in order to invalidate the qemu capabilities
On 6/15/20 4:21 PM, Erik Skultety wrote:
On Mon, Jun 15, 2020 at 10:28:10AM +0200, Paulo de Rezende Pinatti wrote:
From: Boris Fiuczynski
Add checking in virt-host-validate for secure guest support
on x86 for AMD Secure Encrypted Virtualization.
Signed-off-by: Boris Fiuczynski
Reviewed-by:
On 6/15/20 4:19 PM, Erik Skultety wrote:
On Mon, Jun 15, 2020 at 10:28:09AM +0200, Paulo de Rezende Pinatti wrote:
From: Boris Fiuczynski
Add checking in virt-host-validate for secure guest support
on s390 for IBM Secure Execution.
Signed-off-by: Boris Fiuczynski
Tested-by: Viktor
On 6/11/20 2:17 PM, Jiri Denemark wrote:
The tests in patch 2/2 would fail without the first patch.
Jiri Denemark (2):
conf: Increase cpuset length limit for CPU pinning
qemuxml2*test: Add cases for CPU pinning to large host CPU IDs
src/conf/domain_conf.h| 2 +-
On Mon, Jun 15, 2020 at 10:28:05AM +0200, Paulo de Rezende Pinatti wrote:
> This series introduces the concept of a 'Secure Guest' feature
> which covers on s390 IBM Secure Execution and on x86 AMD Secure
> Encrypted Virtualization.
>
> Besides adding documentation for IBM Secure Execution it also
On Mon, Jun 15, 2020 at 10:28:10AM +0200, Paulo de Rezende Pinatti wrote:
> From: Boris Fiuczynski
>
> Add checking in virt-host-validate for secure guest support
> on x86 for AMD Secure Encrypted Virtualization.
>
> Signed-off-by: Boris Fiuczynski
> Reviewed-by: Paulo de Rezende Pinatti
>
On Mon, Jun 15, 2020 at 10:28:09AM +0200, Paulo de Rezende Pinatti wrote:
> From: Boris Fiuczynski
>
> Add checking in virt-host-validate for secure guest support
> on s390 for IBM Secure Execution.
>
> Signed-off-by: Boris Fiuczynski
> Tested-by: Viktor Mihajlovski
> Reviewed-by: Paulo de
On Mon, Jun 15, 2020 at 10:28:08AM +0200, Paulo de Rezende Pinatti wrote:
> Implement secure guest check for AMD SEV (Secure Encrypted
> Virtualization) in order to invalidate the qemu capabilities
> cache in case the availability of the feature changed.
>
> For AMD SEV the verification consists
On Mon, Jun 15, 2020 at 10:28:07AM +0200, Paulo de Rezende Pinatti wrote:
> This patch introduces a common function to verify if the
> availability of the so-called Secure Guest feature on the host
> has changed in order to invalidate the qemu capabilities cache.
> It can be used as an entry point
On Mon, Jun 15, 2020 at 10:28:06AM +0200, Paulo de Rezende Pinatti wrote:
> Introduce two utility functions to parse a kernel command
> line string according to the kernel code parsing rules in
> order to enable the caller to perform operations such as
> verifying whether certain argument=value
The "virsh domcapabilities --arch ppc64" command will fail with no
error message set if qemu-system-ppc64 is not currently installed.
This is because virQEMUCapsCacheLookup() does not report any error
message if not capabilities can be obtained from the cache. Almost
all methods calling this
On Mon, Jun 15, 2020 at 02:46:42PM +0200, Michal Privoznik wrote:
> On 6/15/20 2:06 PM, Peter Krempa wrote:
> > On Mon, Jun 15, 2020 at 13:32:34 +0200, Michal Privoznik wrote:
> > > This is a demo of the problem. Set up two NATed networks with
> > > dnsmasq and start a domain with two interfaces,
On 6/15/20 2:06 PM, Peter Krempa wrote:
On Mon, Jun 15, 2020 at 13:32:34 +0200, Michal Privoznik wrote:
This is a demo of the problem. Set up two NATed networks with
dnsmasq and start a domain with two interfaces, one from each
network. Only one network will report DHCP lease in 'virsh
On Thu, Jun 11, 2020 at 01:01:41PM -0300, Daniel Henrique Barboza wrote:
> Hi,
>
> While investigating a 'virsh numatune' behavior in Power 9 guests I came
> across this doubt and couldn't find a direct answer.
>
> numad role, as far as [1] goes, is automatic NUMA affinity only. As far as
>
On Mon, Jun 15, 2020 at 11:59:16AM +0200, Andrea Bolognani wrote:
> The repository is now obsolete, and it never had GitLab CI support
> anyway.
>
> Signed-off-by: Andrea Bolognani
> ---
> docs/ci.rst | 5 -
> 1 file changed, 5 deletions(-)
Reviewed-by: Daniel P. Berrangé
Regards,
On Mon, Jun 15, 2020 at 11:39:50AM +0200, Andrea Bolognani wrote:
> The contents of this repository are no longer used, so briefly
> explain why that is the case and point interested people in the
> right direction.
>
> Signed-off-by: Andrea Bolognani
> ---
> README.md | 51
On Mon, Jun 15, 2020 at 13:32:34 +0200, Michal Privoznik wrote:
> This is a demo of the problem. Set up two NATed networks with
> dnsmasq and start a domain with two interfaces, one from each
> network. Only one network will report DHCP lease in 'virsh
> net-dhcp-leases'.
>
> Signed-off-by:
On a DHCP transaction, dnsmasq runs our leases helper which
updates corresponding JSON files. While one dnsmasq won't run the
leaseshelper in parallel, two dnsmasqs (from two distinct
networks) might. To avoid corrupting JSON file, the leaseshelper
acquires PID file first. Well, the way it's
This is a demo of the problem. Set up two NATed networks with
dnsmasq and start a domain with two interfaces, one from each
network. Only one network will report DHCP lease in 'virsh
net-dhcp-leases'.
Signed-off-by: Michal Privoznik
---
src/network/leaseshelper.c | 2 ++
1 file changed, 2
Some functions or code paths that may fail don't report error
(e.g. when acquiring PID file fails) leading to a silent quit
of the leaseshelper. This makes it super hard for us and users
to debug what is happening. Fortunately, dnsmasq captures both
stdout and stderr so we can write an error
Patch 1/3 is for demonstration purposes only. The rest patches actual
problem.I was also thinking of making the PID file per bridge, i.e.
include bridge name in the name (e.g. /var/run/virbr0_leaseshelper.pid)
to decrease pressure on the single PID file. However, DHCP transactions
are not that
On Mon, Jun 01, 2020 at 12:44:17 +0100, Daniel P. Berrangé wrote:
> There are many different settings that required to config a KVM guest
> for real time, low latency workoads. The documentation included here is
> based on guidance developed & tested by the Red Hat KVM real time team.
>
>
On Thu, Jun 11, 2020 at 13:44:46 +0200, Michal Privoznik wrote:
> *** BLURB HERE ***
>
> Michal PrÃvoznÃk (2):
> util: Move virIsDevMapperDevice() to virdevmapper.c
> virDevMapperGetTargetsImpl: Check for dm major properly
>
> src/libvirt_private.syms | 2 +-
>
The repository is now obsolete, and it never had GitLab CI support
anyway.
Signed-off-by: Andrea Bolognani
---
docs/ci.rst | 5 -
1 file changed, 5 deletions(-)
diff --git a/docs/ci.rst b/docs/ci.rst
index 2a8788d0d7..2e88e06b1b 100644
--- a/docs/ci.rst
+++ b/docs/ci.rst
@@ -138,11 +138,6
The contents of this repository are no longer used, so briefly
explain why that is the case and point interested people in the
right direction.
Signed-off-by: Andrea Bolognani
---
README.md | 51 ---
README.rst | 12
2 files changed,
As of
https://gitlab.com/libvirt/libvirt/-/commit/95abbdc432133b9ae4a76d15251d64b5893717e6
libvirt uses the GitLab container registry for its CI, so we no
longer need to build these on Quay.
Signed-off-by: Andrea Bolognani
---
Pushed under the Dockerfile refresh rule.
On Mon, Jun 15, 2020 at 02:20:33AM +, liangpeng (H) wrote:
> Hello everyone,
> There are lots of undefined symbols in
> /usr/lib64/libvirt/storage-backend/libvirt_storage_backend_*.so. For example,
>
> # ldd -r /usr/lib64/libvirt/storage-backend/libvirt_storage_backend_fs.so
>
From: gongwei
start to failed will not remove the openvswitch port,
the port recycling in this case lets openvswitch handle it by itself
Signed-off-by: gongwei
---
src/qemu/qemu_process.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_process.c
Hello everyone,
There are lots of undefined symbols in
/usr/lib64/libvirt/storage-backend/libvirt_storage_backend_*.so. For example,
# ldd -r /usr/lib64/libvirt/storage-backend/libvirt_storage_backend_fs.so
linux-vdso.so.1 (0x97901000)
...
libgpg-error.so.0 =>
This patch introduces a common function to verify if the
availability of the so-called Secure Guest feature on the host
has changed in order to invalidate the qemu capabilities cache.
It can be used as an entry point for verification on different
architectures.
For s390 the verification consists
From: Boris Fiuczynski
Add checking in virt-host-validate for secure guest support
on x86 for AMD Secure Encrypted Virtualization.
Signed-off-by: Boris Fiuczynski
Reviewed-by: Paulo de Rezende Pinatti
Reviewed-by: Bjoern Walk
Reviewed-by: Erik Skultety
---
tools/virt-host-validate-common.c
From: Viktor Mihajlovski
Protected virtualization/IBM Secure Execution for Linux protects
guest memory and state from the host.
Add some basic information about technology and a brief guide
on setting up secure guests with libvirt.
Signed-off-by: Viktor Mihajlovski
Signed-off-by: Boris
From: Boris Fiuczynski
Update document with changes in qemu capability caching and the added
secure guest support checking for AMD SEV in virt-host-validate.
Signed-off-by: Boris Fiuczynski
Reviewed-by: Erik Skultety
---
docs/kbase/launch_security_sev.rst | 9 ++---
1 file changed, 6
Introduce two utility functions to parse a kernel command
line string according to the kernel code parsing rules in
order to enable the caller to perform operations such as
verifying whether certain argument=value combinations are
present or retrieving an argument's value.
Signed-off-by: Paulo de
From: Boris Fiuczynski
Add checking in virt-host-validate for secure guest support
on s390 for IBM Secure Execution.
Signed-off-by: Boris Fiuczynski
Tested-by: Viktor Mihajlovski
Reviewed-by: Paulo de Rezende Pinatti
Reviewed-by: Bjoern Walk
Reviewed-by: Erik Skultety
---
Implement secure guest check for AMD SEV (Secure Encrypted
Virtualization) in order to invalidate the qemu capabilities
cache in case the availability of the feature changed.
For AMD SEV the verification consists of:
- checking if /sys/module/kvm_amd/parameters/sev contains the
value '1':
This series introduces the concept of a 'Secure Guest' feature
which covers on s390 IBM Secure Execution and on x86 AMD Secure
Encrypted Virtualization.
Besides adding documentation for IBM Secure Execution it also adds
checks during validation of the qemu capabilities cache.
These checks per
80 matches
Mail list logo