[libvirt] [PATCH v4 2/4] tests: Extend qemu_capabilities with 'hda-output' codec

Signed-off-by: Filip Alac --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_command.c| 2 ++ tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml | 1 +

[libvirt] [PATCH v4 3/4] tests: qemu: Extends tests for 'output' codec

Signed-off-by: Filip Alac --- tests/qemustatusxml2xmldata/migration-in-params-in.xml | 1 + tests/qemustatusxml2xmldata/migration-out-nbd-in.xml| 1 + tests/qemustatusxml2xmldata/migration-out-nbd-out.xml | 1 + tests/qemustatusxml2xmldata/migration-out-params-in.xml

[libvirt] [PATCH v4 1/4] conf: Introduce codec type 'output'

Introduce 'output' codec for ich6 and ich9 sound devices, which allow us to disable line-in for guest. Available in qemu since version 0.14. Signed-off-by: Filip Alac --- docs/formatdomain.html.in | 15 --- docs/schemas/domaincommon.rng | 1 +

[libvirt] [PATCH v4 0/4] qemu: Add support for -device hda-output (disable line-in)

Add support for hda 'output' codec for ich6 and ich9 sound devices, which allow us to disable line-in for guest. 'hda-output' codec is available since 0.14 version of qemu. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1126641 v1:

Re: [libvirt] [RFC PATCH 0/9] qemu: add vhost-vsock-pci support

On Mon, May 21, 2018 at 04:46:13PM +0100, Daniel P. Berrangé wrote: On Mon, May 21, 2018 at 05:37:10PM +0200, Ján Tomko wrote: @Stefan, please take a look at the docs/ changes in patch 6 Add , mapping to vhost-vsock-pci I think it is pretty misleading to use for this, because the whole

Re: [libvirt] [PATCH 1/5] Introduce virDomainDetachDeviceAlias API

On Tue, May 22, 2018 at 13:28:45 +0200, Michal Privoznik wrote: > On 05/22/2018 08:36 AM, Peter Krempa wrote: > > On Mon, May 21, 2018 at 18:07:58 +0200, Michal Privoznik wrote: > >> When detaching a device it can be uniquely identified by its > >> alias. Instead of misusing

Re: [libvirt] [PATCH 1/5] Introduce virDomainDetachDeviceAlias API

On 05/22/2018 08:36 AM, Peter Krempa wrote: > On Mon, May 21, 2018 at 18:07:58 +0200, Michal Privoznik wrote: >> When detaching a device it can be uniquely identified by its >> alias. Instead of misusing virDomainDetachDeviceFlags which has >> the same signature introduce new function. >> >>

Re: [libvirt] [PATCH 3/3] qemu: Adapt to changed ppc64 CPU model names

On Thu, 2018-05-17 at 17:33 +0200, Jiri Denemark wrote: [...] > --- a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml > +++ b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml > @@ -25,7 +25,11 @@ > >POWER8 > This is quite suspicious - it looks like a proper CPU model, but

[libvirt] [PATCH 0/2] Add NUMA support to virshAllocpagesPagesizeCompleter

This is a follow up to my previous patch in which I added virshAllocpagesPagesizeCompleter. These patches will add support for different NUMA cells, which was tried and tested by changing default test capabilities. Roland Schulz (2): Add NUMA support to virshAllocpagesPagesizeCompleter. Edit

[libvirt] [PATCH 2/2] Edit test capabilities to contain different cell pagesizes.

Signed-off-by: Roland Schulz --- src/test/test_driver.c | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/test/test_driver.c b/src/test/test_driver.c index 467587b19..40c366cb8 100644 --- a/src/test/test_driver.c +++

Re: [libvirt] [libvirt-python][PATCH] event-test.py: Sync list of storage lifecycle events

On Tue, May 22, 2018 at 01:48:59PM +0200, Michal Privoznik wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1578337 > > Since libvirt 3.8.0 we have 6 events: defined, undefined, > started, stopped, created, deleted. However, the last two were > missing in a string list that translates libvirt

Re: [libvirt] [PATCH 1/1] tests: xmconfigtest: Add test for os.cmdline

It may be worth to take a look at files test-paravirt-cmdline,cmdline-bogus-extra...etc. in tests/xlconfigdata. They look they are testing the same/similiar problem. Feel free to to make v2, Thanks. 2018-05-22 1:57 GMT+02:00 Jim Fehlig : > On 05/21/2018 05:57 AM, Filip Alac

[libvirt] [libvirt-python][PATCH] event-test.py: Sync list of storage lifecycle events

https://bugzilla.redhat.com/show_bug.cgi?id=1578337 Since libvirt 3.8.0 we have 6 events: defined, undefined, started, stopped, created, deleted. However, the last two were missing in a string list that translates libvirt events (int) into human readable strings. Signed-off-by: Michal Privoznik

[libvirt] [PATCH 7/8] qemu: monitor: Drop calls to text monitor impl where possible

Drop all conditional calls which have JSON variants, now that we guarantee JSON monitor. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor.c | 297 +++- 1 file changed, 69 insertions(+), 228 deletions(-) diff --git

[libvirt] [PATCH 6/8] tests: Drop qemumonitortest

No need to test the old stuff which will not be used any more. Signed-off-by: Peter Krempa --- tests/Makefile.am | 11 +-- tests/qemumonitortest.c | 203 2 files changed, 2 insertions(+), 212 deletions(-) delete mode

[libvirt] [PATCH 5/8] qemu: monitor: Drop JSON versions of savevm/delvm/loadv

qemu did not QAPIfy these and the design and name will most probably change. The replacements will not be compatible. Drop the JSON stubs and annotate that there won't be a replacement. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor.c | 18 ++

[libvirt] [PATCH 3/8] qemu: monitor: Remove unused qemuMonitor(Add|Remove)HostNetwork

There are no callers for these. Remove them and the monitor implementations. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor.c | 66 src/qemu/qemu_monitor.h | 12 src/qemu/qemu_monitor_text.c | 54

[libvirt] [PATCH 4/8] qemu: monitor: Drop QEMU_CHECK_MONITOR_JSON... macros

Monitor is now JSON only. Drop the old cruft. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor.c | 138 ++-- 1 file changed, 63 insertions(+), 75 deletions(-) diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c

[libvirt] [PATCH 1/8] qemu: monitor: Drop fallback to text monitor for 'inject-nmi' command

The QMP version was added in qemu commit ab49ab5c488237f3656689 which is included in v1.1. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor_json.c | 10 ++ 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_monitor_json.c

[libvirt] [PATCH 0/8] qemu: Kill text/HMP monitor code

Most of the code is now dead as we support qemu 1.5 and upwards. Remove the unused bits. Peter Krempa (8): qemu: monitor: Drop fallback to text monitor for 'inject-nmi' command qemu: monitor: Drop fallback to text monitor for 'send-key' command qemu: monitor: Remove unused

Re: [libvirt] [PATCH v5 06/11] qemu: Extend QEMU with external TPM support

On 05/21/2018 06:13 PM, John Ferlan wrote: On 05/15/2018 08:26 PM, Stefan Berger wrote: Implement functions for managing the storage of the external swtpm as well as starting and stopping it. Also implement functions to use swtpm_setup, which simulates the manufacturing of a TPM, which

[libvirt] [PATCH 1/2] Add NUMA support to virshAllocpagesPagesizeCompleter.

Signed-off-by: Roland Schulz --- tools/virsh-completer.c | 15 ++- tools/virsh-host.c | 2 +- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/tools/virsh-completer.c b/tools/virsh-completer.c index 2816e7b76..21c73f048 100644 ---

[libvirt] [PATCH v4 4/4] docs: news: Describe 'output' codec

Signed-off-by: Filip Alac --- docs/news.xml | 8 1 file changed, 8 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 7d40e85..4432811 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -65,6 +65,14 @@ OpenGL accelerated rendering.

Re: [libvirt] [PATCH 01/22] virsh: Move cpu-{baseline, compare} commands

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > Similarly to cpu-models these two commands do not operate on a domain > and should be listed in the "Host and Hypervisor" commands section. > > Signed-off-by: Jiri Denemark > --- > tools/virsh-domain.c | 223

Re: [libvirt] [PATCH 8/8] qemu: monitor: Remove dead code from text monitor

On Tue, May 22, 2018 at 02:35:48PM +0200, Peter Krempa wrote: Remove all unused functions and cleanup headers. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor_text.c | 2112 -- src/qemu/qemu_monitor_text.h | 143 --- 2 files

Re: [libvirt] [PATCH 7/8] qemu: monitor: Drop calls to text monitor impl where possible

On Tue, May 22, 2018 at 02:35:47PM +0200, Peter Krempa wrote: Drop all conditional calls which have JSON variants, now that we guarantee JSON monitor. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor.c | 297 +++- 1 file

Re: [libvirt] [PATCH 0/2] Add NUMA support to virshAllocpagesPagesizeCompleter

On 05/22/2018 11:54 AM, Roland Schulz wrote: > This is a follow up to my previous patch in which I added > virshAllocpagesPagesizeCompleter. > These patches will add support for different NUMA cells, which was tried and > tested by changing default test capabilities. > > Roland Schulz (2): >

Re: [libvirt] [PATCH 3/3] qemu: Adapt to changed ppc64 CPU model names

On Tue, 2018-05-22 at 15:46 +0200, Jiri Denemark wrote: > On Tue, May 22, 2018 at 11:02:17 +0200, Andrea Bolognani wrote: > > On Thu, 2018-05-17 at 17:33 +0200, Jiri Denemark wrote: > > [...] > > > --- a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml > > > +++

Re: [libvirt] [PATCH 00/22] New CPU related APIs

On Wed, May 16, 2018 at 10:39:19 +0200, Jiri Denemark wrote: > The current virConnectCompareCPU and virConnectBaselineCPU APIs are not > very useful because they ignore what a hypervisor can do on the current > host. This series adds two new APIs which are designed to work with > capabilities of a

Re: [libvirt] [RFC v3] external (pull) backup API

22.05.2018 01:03, Eric Blake wrote: On 05/21/2018 10:52 AM, Vladimir Sementsov-Ogievskiy wrote: 18.05.2018 01:43, Eric Blake wrote: Here's my updated counterproposal for a backup API. [...] Representing things on a timeline, when a guest is first created, there is no dirty bitmap; later,

Re: [libvirt] [jenkins-ci PATCH] guests: Fix os_version for development branches

On Wed, 2018-05-09 at 15:50 +0200, Andrea Bolognani wrote: > We currently know about three development branches: Fedora > Rawhide, Debian sid and FreeBSD -CURRENT. > > For all three, we use the name of the development branch in > the guest name; however, the value of os_version is not set >

[libvirt] [PATCH 2/8] qemu: monitor: Drop fallback to text monitor for 'send-key' command

The QMP version was added in qemu commit e4c8f004c55d9da3eae3e14 which is included in v1.3. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor_json.c | 10 ++ 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_monitor_json.c

[libvirt] [PATCH 8/8] qemu: monitor: Remove dead code from text monitor

Remove all unused functions and cleanup headers. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor_text.c | 2112 -- src/qemu/qemu_monitor_text.h | 143 --- 2 files changed, 2255 deletions(-) diff --git

Re: [libvirt] [PATCH v5 10/11] conf: Add support for choosing emulation of a TPM 2

On 05/21/2018 06:49 PM, John Ferlan wrote: On 05/15/2018 08:26 PM, Stefan Berger wrote: This patch extends the TPM's device XML with TPM 2 support. This only works for the emulator type backend and looks as follows: The swtpm process now has --tpm2 as an additional

Re: [libvirt] [PATCH v5 11/11] qemu: Add swtpm to emulator cgroup

On 05/21/2018 07:27 PM, John Ferlan wrote: On 05/15/2018 08:26 PM, Stefan Berger wrote: Add the external swtpm to the emulator cgroup so that upper limits of CPU usage can be enforced on the emulated TPM. To enable this we need to have the swtpm write its process id (pid) into a file. We then

Re: [libvirt] [PATCH 3/3] qemu: Adapt to changed ppc64 CPU model names

On Tue, May 22, 2018 at 11:02:17 +0200, Andrea Bolognani wrote: > On Thu, 2018-05-17 at 17:33 +0200, Jiri Denemark wrote: > [...] > > --- a/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml > > +++ b/tests/domaincapsschemadata/qemu_2.12.0.ppc64.xml > > @@ -25,7 +25,11 @@ > > > >POWER8

[libvirt] [RFC PATCH 3/4] qemu: domain: Forbid storage with old QCOW2 encryption

The encryption was buggy and qemu actually dropped it upstream. Forbid it for all versions since it would cause other problems too. Problems with the old encryption include weak crypto, corruption of images with blockjobs and a lot of usability problems. Replace it with a message hinting that

[libvirt] [RFC PATCH 2/4] tests: qemu: Modernize/remove qcow2 encryption from tests not related to storage

Remove the storage encryption completely from interface-server.xml as it serves no purpose there. For the user-alias test use the 'luks' encryption type for qcow to test that the names of the secret objects are generated properly. Signed-off-by: Peter Krempa ---

[libvirt] [RFC PATCH 1/4] tests: qemublock: Switch to qcow2+luks in test files

The next patch will forbid the old qcow2 encryption completely. Remove it from the tests. Signed-off-by: Peter Krempa --- .../qemublocktestdata/xml2json/file-qcow2-backing-chain-encryption.json | 2 +- .../qemublocktestdata/xml2json/file-qcow2-backing-chain-encryption.xml |

[libvirt] [RFC PATCH 0/4] qemu: Forbid old qcow2 encryption

This applies on top of the text monitor cleanup. See explanation in 3/4 for justification. Peter Krempa (4): tests: qemublock: Switch to qcow2+luks in test files tests: qemu: Modernize/remove qcow2 encryption from tests not related to storage qemu: domain: Forbid storage with old QCOW2

[libvirt] [RFC PATCH 4/4] qemu: Remove code for setting up disk passphrases

Now that the old qcow2 encryption is removed we can safely delete all this code since it's not needed any more. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor.c | 13 -- src/qemu/qemu_monitor.h | 4 -- src/qemu/qemu_monitor_json.c | 28

Re: [libvirt] [PATCH 4/8] qemu: monitor: Drop QEMU_CHECK_MONITOR_JSON... macros

On Tue, May 22, 2018 at 02:35:44PM +0200, Peter Krempa wrote: Monitor is now JSON only. Drop the old cruft. In theory, you should still be able to get a domain with a text monitor via qemu-attach. In practice, attaching to such domains seems pointless - if we don't support starting them,

Re: [libvirt] [PATCH 5/8] qemu: monitor: Drop JSON versions of savevm/delvm/loadv

s/loadv/loadvm/ On Tue, May 22, 2018 at 02:35:45PM +0200, Peter Krempa wrote: qemu did not QAPIfy these and the design and name will most probably change. The replacements will not be compatible. Drop the JSON stubs and annotate that there won't be a replacement. Signed-off-by: Peter Krempa

Re: [libvirt] [PATCH 6/8] tests: Drop qemumonitortest

On Tue, May 22, 2018 at 02:35:46PM +0200, Peter Krempa wrote: No need to test the old stuff which will not be used any more. Signed-off-by: Peter Krempa --- tests/Makefile.am | 11 +-- tests/qemumonitortest.c | 203 2

Re: [libvirt] [PATCH v3 2/4] qemu: support passing pre-opened UNIX socket listen FD

On 05/17/2018 09:40 AM, Daniel P. Berrangé wrote: > There is a race condition when spawning QEMU where libvirt has spawned > QEMU but the monitor socket is not yet open. Libvirt has to repeatedly > try to connect() to QEMU's monitor until eventually it succeeds, or > times out. We use kill() to

Re: [libvirt] [PATCH 00/22] New CPU related APIs

On 05/22/2018 05:33 AM, Jiri Denemark wrote: > On Wed, May 16, 2018 at 10:39:19 +0200, Jiri Denemark wrote: >> The current virConnectCompareCPU and virConnectBaselineCPU APIs are not >> very useful because they ignore what a hypervisor can do on the current >> host. This series adds two new APIs

Re: [libvirt] [PATCH 3/8] qemu: monitor: Remove unused qemuMonitor(Add|Remove)HostNetwork

On Tue, May 22, 2018 at 02:35:43PM +0200, Peter Krempa wrote: There are no callers for these. Remove them and the monitor implementations. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor.c | 66 src/qemu/qemu_monitor.h

Re: [libvirt] [PATCH 1/8] qemu: monitor: Drop fallback to text monitor for 'inject-nmi' command

On Tue, May 22, 2018 at 02:35:41PM +0200, Peter Krempa wrote: The QMP version was added in qemu commit ab49ab5c488237f3656689 which is included in v1.1. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor_json.c | 10 ++ 1 file changed, 2 insertions(+), 8

Re: [libvirt] [PATCH 2/8] qemu: monitor: Drop fallback to text monitor for 'send-key' command

On Tue, May 22, 2018 at 02:35:42PM +0200, Peter Krempa wrote: The QMP version was added in qemu commit e4c8f004c55d9da3eae3e14 which is included in v1.3. Signed-off-by: Peter Krempa --- src/qemu/qemu_monitor_json.c | 10 ++ 1 file changed, 2 insertions(+), 8

Re: [libvirt] [PATCH 2/2] Edit test capabilities to contain different cell pagesizes.

On 05/22/2018 11:54 AM, Roland Schulz wrote: > Signed-off-by: Roland Schulz > --- > src/test/test_driver.c | 11 +++ > 1 file changed, 7 insertions(+), 4 deletions(-) > This one is a bit tricky. > diff --git a/src/test/test_driver.c b/src/test/test_driver.c >

Re: [libvirt] [PATCH 1/2] Add NUMA support to virshAllocpagesPagesizeCompleter.

On 05/22/2018 11:54 AM, Roland Schulz wrote: > Signed-off-by: Roland Schulz > --- > tools/virsh-completer.c | 15 ++- > tools/virsh-host.c | 2 +- > 2 files changed, 15 insertions(+), 2 deletions(-) > > diff --git a/tools/virsh-completer.c

[libvirt] [PATCH] qemu: monitor: Remove diskSecretLookup monitor event

After the text monitor was deleted this event can't be triggered. Remove it and all the unnecessary code. Signed-off-by: Peter Krempa --- This applies on top of the text monitor removal series. I forgot to include it while splitting branches. src/qemu/qemu_monitor.c | 16

Re: [libvirt] [RFC PATCH 0/4] qemu: Forbid old qcow2 encryption

On 05/22/2018 10:04 AM, Peter Krempa wrote: > This applies on top of the text monitor cleanup. See explanation in 3/4 > for justification. > > Peter Krempa (4): > tests: qemublock: Switch to qcow2+luks in test files > tests: qemu: Modernize/remove qcow2 encryption from tests not related >

Re: [libvirt] [RFC PATCH 0/4] qemu: Forbid old qcow2 encryption

On Tue, May 22, 2018 at 10:40:39 -0400, John Ferlan wrote: > > > On 05/22/2018 10:04 AM, Peter Krempa wrote: > > This applies on top of the text monitor cleanup. See explanation in 3/4 > > for justification. > > > > Peter Krempa (4): > > tests: qemublock: Switch to qcow2+luks in test files >

Re: [libvirt] [PATCH] qemu: Deny hugepages for non-existent NUMA nodes

On 05/18/2018 07:04 AM, Michal Privoznik wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1534418 > > Just like ec982f6d929f3c23 denies hugepages for non-existent > guest NUMA nodes in case there are some nodes configured. > Unfortunately, when there are none, qemuBuildNumaArgStr() is not >

Re: [libvirt] [PATCH 0/2] qemu: probe for -sandbox support

On 05/18/2018 09:03 AM, Ján Tomko wrote: > There is a patch proposal on qemu-devel that removes the -sandbox > option completely without CONFIG_SECCOMP: > http://lists.nongnu.org/archive/html/qemu-devel/2018-05/msg03312.html > > Now that we assume query-command-line-options support, we can

Re: [libvirt] [REPOSTv2 PATCH v3 0/6] Add support for VM Generation ID (vmgenid)

Ping? Or do I need to repost yet again? Tks, John On 05/17/2018 08:42 AM, John Ferlan wrote: > Second reposting of: > > https://www.redhat.com/archives/libvir-list/2018-May/msg00813.html > > To update patches with more conflicts for patch 2 (capabilities) and > patch 6 (news) > > Cover

Re: [libvirt] [PATCH 10/15] qemu: domain: Extract parsing of NBD status XML

On 05/18/2018 07:29 AM, Peter Krempa wrote: > Extract the NBD portion of the 'job' status XML element parser into a > separate function. > > Signed-off-by: Peter Krempa > --- > src/qemu/qemu_domain.c | 61 > -- > 1 file

Re: [libvirt] [PATCH 00/15] qemu: Implement non-shared storage migration via TLS (blockdev-add saga)

On 05/18/2018 07:28 AM, Peter Krempa wrote: > Implement the non-shared storage migration when TLS is enabled. This is > done by using blockdev-add to add the NBD endpoint with the TLS > environment alias configured properly. > > Peter Krempa (15): > qemu: block: Don't nest storage layer

Re: [libvirt] [PATCH 11/15] qemu: domain: Add private data for NBD migration storage source definition

On 05/18/2018 07:29 AM, Peter Krempa wrote: > Allow saving various aspects necessary to do NBD migration via blockdev > by storing a 'virStorageSource' in the disk private data meant to store > the NBD target of migration. Along with this add code to parse and > format it into the status XML. >

[libvirt] [PATCH 07/12] qemu: Add support for external swtpm TPM emulator

This patch adds support for an external swtpm TPM emulator. The XML for this type of TPM looks as follows: The XML will currently only start a TPM 1.2. Upon first start, libvirt will run `swtpm_setup`, which will simulate the manufacturing of a TPM and create certificates for it and

Re: [libvirt] [PATCH 05/22] Improve documentation of virConnectGetCPUModelNames

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > Signed-off-by: Jiri Denemark > --- > src/libvirt-host.c | 8 +++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/src/libvirt-host.c b/src/libvirt-host.c > index 76087badd8..ed689b9ec2 100644 > ---

Re: [libvirt] [PATCH 06/22] vshExtractCPUDefXML: Accept domain capabilities XML

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > The domain capabilities XML contains host CPU model tailored to a > specific hypervisor and since it's enclosed in > element rather then the required it's impossible to directly use > the host CPU model as an input to, e.g., cpu-compare command. To

[libvirt] [PATCH 11/12] qemu: Add swtpm to emulator cgroup

Add the external swtpm to the emulator cgroup so that upper limits of CPU usage can be enforced on the emulated TPM. To enable this we need to have the swtpm write its process id (pid) into a file. We then read it from the file to configure the emulator cgroup. The PID file is created in

[libvirt] [PATCH 12/12] news: Update news with new TPM emulator feature

Signed-off-by: Stefan Berger --- docs/news.xml | 9 + 1 file changed, 9 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 7d40e85b9a..43a7ca48b6 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -54,6 +54,15 @@ a QEMU virtual machine.

[libvirt] [PATCH 01/12] conf: Add support for external swtpm TPM emulator to domain XML

This patch adds support for an external swtpm TPM emulator. The XML for this type of TPM looks as follows: The XML will currently only define a TPM 1.2. Extend the documentation. Add a test case testing the XML parser and formatter. Signed-off-by: Stefan Berger

[libvirt] [PATCH 05/12] qemu: Extend qemu_conf with tpm-emulator support

Extend qemu_conf with user and group for running the tpm-emulator and add directories to the configuration for the locations of the log, state, and socket of the tpm-emulator. Also add these new directories to the QEMU Makefile.inc.am and the RPM spec file libvirt.spec.in. Signed-off-by: Stefan

Re: [libvirt] [PATCH 03/22] virsh: Enhance documentation of cpu-compare command

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > Signed-off-by: Jiri Denemark > --- > tools/virsh.pod | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/tools/virsh.pod b/tools/virsh.pod > index 929958a953..5f72e11dec 100644 > --- a/tools/virsh.pod >

Re: [libvirt] [PATCH 04/22] virsh: Enhance documentation of cpu-models command

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > Signed-off-by: Jiri Denemark > --- > tools/virsh.pod | 8 +++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/tools/virsh.pod b/tools/virsh.pod > index 5f72e11dec..5fc8201893 100644 > ---

[libvirt] [PATCH 06/12] qemu: Extend QEMU with external TPM support

Implement functions for managing the storage of the external swtpm as well as starting and stopping it. Also implement functions to use swtpm_setup, which simulates the manufacturing of a TPM, which includes creation of certificates for the device. Further, the external TPM needs storage on the

[libvirt] [PATCH 04/12] security: Add DAC and SELinux security for tpm-emulator

Extend the DAC and SELinux modules with support for the tpm-emulator. We label the Unix socket that QEMU connects to after starting swtmp with DAC and SELinux labels. We do not have to restore the labels in this case since the tpm-emulator will remove the Unix socket when it terminates.

[libvirt] [PATCH 00/12] Add support for TPM emulator

This series of patches adds support for the TPM emulator backend that is available in QEMU and based on swtpm + libtpms. It allows to attach a TPM 1.2 or 2 to a QEMU VM. sVirt labels are used for labeling the swtpm process, its Unix socket, and log file with the same label that the QEMU process

[libvirt] [PATCH 09/12] security: Label the external swtpm with SELinux labels

In this patch we label the swtpm process with SELinux labels. We give it the same label as the QEMU process has. We label its state directory and files as well. We restore the old security labels once the swtpm has terminated. The file and process labels now look as follows: Directory:

[libvirt] [PATCH 08/12] tests: Add test cases for external swtpm TPM emulator

This patch adds extensions to existing test cases and specific test cases for the tpm-emulator. Signed-off-by: Stefan Berger Reviewed-by: John Ferlan --- .../tpm-emulator.x86_64-latest.args| 33 ++

[libvirt] [PATCH 10/12] conf: Add support for choosing emulation of a TPM 2

This patch extends the TPM's device XML with TPM 2 support. This only works for the emulator type backend and looks as follows: The swtpm process now has --tpm2 as an additional parameter: system_u:system_r:svirt_t:s0:c597,c632 tss 18477 11.8 0.0 28364 3868 ? Rs

[libvirt] [PATCH 02/12] qemu: Extend QEMU capabilities with 'tpm-emulator'

Extend the QEMU capabilities with tpm-emulator support. Signed-off-by: Stefan Berger Reviewed-by: John Ferlan --- src/qemu/qemu_capabilities.c | 5 + src/qemu/qemu_capabilities.h | 1 +

Re: [libvirt] [PATCH 08/22] Introduce virConnectCompareHypervisorCPU public API

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > This new API compares the given CPU description with the CPU the > specified hypervisor is able to provide on the host. It is a more useful > version of virConnectCompareCPU, which compares the CPU definition with > the host CPU without considering

Re: [libvirt] [PATCH 10/22] virsh: Introduce new hypervisor-cpu-compare command

I've applied and looked at the patches up to this point. Things are looking good thus far. Will give them another once-over tomorrow and continue with the rest of the patches. -- Respectfully, - Collin Walling -- libvir-list mailing list libvir-list@redhat.com

Re: [libvirt] [PATCH 02/22] virsh: Extract common code from cmdCPU{Compare, Baseline}

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > Both cpu-compare and cpu-baseline commands accept more that just CPU > definition XML(s). For users' convenience they are able to extract the > CPU definition(s) even from domain XML or capabilities XML. The main > differences between the two commands

[libvirt] [PATCH 03/12] util: Implement virFileChownFiles()

Implement virFileChownFiles() which changes file ownership of all files in a given directory. Signed-off-by: Stefan Berger Reviewed-by: John Ferlan --- src/libvirt_private.syms | 1 + src/util/virfile.c | 55

Re: [libvirt] [PATCH 07/22] qemu_capabilities: Introduce virQEMUCapsCacheLookupDefault

On 05/16/2018 04:39 AM, Jiri Denemark wrote: > virConnectGetDomainCapabilities needs to lookup QEMU capabilities > matching a specified binary, architecture, virt type, and machine type > while using default values when any of the parameters are not provided > by the user. Let's extract the lookup

Re: [libvirt] [PATCH 4/5] qemu: Implement virDomainDetachDeviceAlias

On Mon, May 21, 2018 at 18:08:01 +0200, Michal Privoznik wrote: > Signed-off-by: Michal Privoznik > --- > src/qemu/qemu_driver.c | 41 + > 1 file changed, 41 insertions(+) > > diff --git a/src/qemu/qemu_driver.c

Re: [libvirt] [PATCH 1/5] Introduce virDomainDetachDeviceAlias API

On Mon, May 21, 2018 at 18:07:58 +0200, Michal Privoznik wrote: > When detaching a device it can be uniquely identified by its > alias. Instead of misusing virDomainDetachDeviceFlags which has > the same signature introduce new function. > > Signed-off-by: Michal Privoznik >

Re: [libvirt] [PATCH 0/2] cpu: speculative store buffer bypass mitigation (CVE-2018-3639)

On Mon, May 21, 2018 at 23:05:06 +0100, Daniel P. Berrangé wrote: > This provides the libvirt part of the mitigations for the speculative > store buffer bypass vulnerabilities on the x86 platform[1], and is > the companion of the kernel patches merged in: > > >

Re: [libvirt] [PATCH 5/5] virsh: Expose virDomainDetachDeviceAlias

On Mon, May 21, 2018 at 18:08:02 +0200, Michal Privoznik wrote: > Signed-off-by: Michal Privoznik > --- > tools/virsh-domain.c | 79 > > tools/virsh.pod | 15 ++ > 2 files changed, 94 insertions(+) > > diff

[libvirt] [jenkins-ci PATCH v3 1/3] jobs: Enable parallel make everywhere

A few jobs were running serial make for no apparent reason. Since all Makefiles have been tested and found to work just fine even with parallel execution, make sure that's what's used everywhere. Signed-off-by: Andrea Bolognani --- projects/osinfo-db.yaml | 6 +++--- 1

[libvirt] [jenkins-ci PATCH v3 3/3] jobs: Drop explicit parallel make usage

It's enabled by default through $MAKEFLAGS now, so enabling it explicitly in jobs is entirely unnecessary. Signed-off-by: Andrea Bolognani --- jobs/autotools.yaml | 10 +- jobs/defaults.yaml | 1 - projects/libvirt.yaml | 4 ++-- projects/osinfo-db.yaml

[libvirt] [jenkins-ci PATCH v3 2/3] guests: Set MAKEFLAGS for out-of-the-box parallel make

We know all jobs are compatible with parallel make, and we also know exactly how many vCPUs guests have, since we created them in the first place: that allows us to default to parallel make instead of making it opt-in. The main advantage of doing this is that it will make life more convenient for

[libvirt] [jenkins-ci PATCH v3 0/3] Enable out-of-the-box parallel make

Changes from [v2]: * now that libvirt-perl uses Module::Build and ExtUtils::MakeMaker support has been dropped, we don't need to special case any job, so revert back to [v1] and rebase on top of master because the original series doesn't apply anymore. Changes from [v1]: * turns out some