]> git.ipfire.org Git - thirdparty/libvirt.git/log
thirdparty/libvirt.git
4 months agoqemu: Fix error when migration with shared TPM storage is unsupported v11.4.0-rc2
Jiri Denemark [Tue, 27 May 2025 13:42:36 +0000 (15:42 +0200)] 
qemu: Fix error when migration with shared TPM storage is unsupported

The VIR_ERR_NO_SUPPORT error is supposed to be used for unsupported
driver APIs. It is incorrectly used when swtpm does not support
migration with shared storage resulting in a rather strange error
message:

    this function is not supported by the connection driver: the running
    swtpm does not support migration with shared storage

The correct VIR_ERR_OPERATION_UNSUPPORTED error code provides a much
better message:

    Operation not supported: the running swtpm does not support
    migration with shared storage

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
4 months agoNEWS: update NEWS for POWER11 support
Narayana Murty N [Wed, 28 May 2025 05:11:57 +0000 (01:11 -0400)] 
NEWS: update NEWS for POWER11 support

Update NEWS.rst with the now added POWER11 processor support

Signed-off-by: Narayana Murty N <nnmlinux@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
5 months agoNEWS: Make sure releases are separated by two blank lines
Jiri Denemark [Tue, 27 May 2025 10:58:18 +0000 (12:58 +0200)] 
NEWS: Make sure releases are separated by two blank lines

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agoNEWS: Fix virtqemud crash when resuming failed post-copy migration
Jiri Denemark [Tue, 27 May 2025 10:17:11 +0000 (12:17 +0200)] 
NEWS: Fix virtqemud crash when resuming failed post-copy migration

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agoqemu: Fix crash when resuming failed post-copy migration
Jiri Denemark [Tue, 27 May 2025 09:48:49 +0000 (11:48 +0200)] 
qemu: Fix crash when resuming failed post-copy migration

Since commit 28a06215280 (released in 11.2.0) resuming a failed
post-copy migration calls qemuProcessIncomingDefNew with fd == NULL
rather than -1. The function does not expect to be called with NULL file
descriptor and tries to dereference it causing virtqemud on the
destination host to crash.

Fixes: 28a06215280b99708ed8dc2d183f62ba7b34ccf8
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agoUpdate translation files
Weblate [Tue, 27 May 2025 08:56:18 +0000 (08:56 +0000)] 
Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/

Signed-off-by: Fedora Weblate Translation <i18n@lists.fedoraproject.org>
5 months agopo: Refresh potfile for v11.4.0 v11.4.0-rc1
Jiri Denemark [Tue, 27 May 2025 08:42:44 +0000 (10:42 +0200)] 
po: Refresh potfile for v11.4.0

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
5 months agodocs: domain: Explain supported options of 'error_policy'
Peter Krempa [Wed, 21 May 2025 15:01:21 +0000 (17:01 +0200)] 
docs: domain: Explain supported options of 'error_policy'

Explain what the individual settings actually result in. The changes
are based on the paraprhase of qemu documentation which in
'qemu-options.hx' states:

  ``werror=action,rerror=action``
      Specify which action to take on write and read errors. Valid
      actions are: "ignore" (ignore the error and try to continue),
      "stop" (pause QEMU), "report" (report the error to the guest),
      "enospc" (pause QEMU only if the host disk is full; report the
      error to the guest otherwise). The default setting is
      ``werror=enospc`` and ``rerror=report``.

Closes: https://gitlab.com/libvirt/libvirt/-/issues/138
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agoTranslated using Weblate (Georgian)
Weblate [Sun, 11 May 2025 06:24:16 +0000 (06:24 +0000)] 
Translated using Weblate (Georgian)

Currently translated at 4.2% (465 of 10918 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ka/

Signed-off-by: Weblate <noreply-mt-weblate@weblate.org>
5 months agoTranslated using Weblate (Chinese (Simplified) (zh_CN))
Poesty Li [Sun, 11 May 2025 06:24:15 +0000 (06:24 +0000)] 
Translated using Weblate (Chinese (Simplified) (zh_CN))

Currently translated at 98.2% (10730 of 10918 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/zh_CN/

Signed-off-by: Poesty Li <poesty7450@gmail.com>
5 months agoTranslated using Weblate (Korean)
김인수 [Sun, 11 May 2025 06:24:15 +0000 (06:24 +0000)] 
Translated using Weblate (Korean)

Currently translated at 100.0% (10918 of 10918 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Signed-off-by: 김인수 <simmon@nplob.com>
5 months agoqemuDomainMachineSupportsFloppy: Check for QEMU_CAPS_BUS_FLOPPY
Peter Krempa [Thu, 22 May 2025 18:49:51 +0000 (20:49 +0200)] 
qemuDomainMachineSupportsFloppy: Check for QEMU_CAPS_BUS_FLOPPY

Refuse to use floppy devices if qemu doesn't support them. Reflect that
also in capabilities. Both of the above is achieved by checking for the
QEMU_CAPS_BUS_FLOPPY in qemuDomainMachineSupportsFloppy.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemu: capabilities: Introduce QEMU_CAPS_BUS_FLOPPY
Peter Krempa [Thu, 22 May 2025 18:43:10 +0000 (20:43 +0200)] 
qemu: capabilities: Introduce QEMU_CAPS_BUS_FLOPPY

Introduce a common capability for support of floppy devices by qemu.

Floppy support can be compiled out ('FDC', 'FDC_ISA', 'FDC_SYSBUS' qemu
Kconfig options) and also isn't supported by all architectures. Add a
capability that will check for 'isa-fdc' and 'sysbus-fdc' devices and
signal that given qemu supports the floppy bus.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemu: Move floppy device support validation to validation code
Peter Krempa [Fri, 23 May 2025 14:38:32 +0000 (16:38 +0200)] 
qemu: Move floppy device support validation to validation code

Move the validation from qemuProcessStartValidateDisks to
qemuValidateDomainDeviceDefDiskFrontend and adjust the test case which
now fails a bit earlier, thus no output XML is needed.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemu: domain: Introduce qemuDomainMachineSupportsFloppy
Peter Krempa [Mon, 26 May 2025 07:27:29 +0000 (09:27 +0200)] 
qemu: domain: Introduce qemuDomainMachineSupportsFloppy

Add a helper that will collect the logic for determinin whether a VM
supports floppy disks.

Use it in the capabilities code and when validating the VM definition at
startup.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agolibvirt_nss: Allocate buffer in aiforaf() dynamically
Michal Privoznik [Wed, 21 May 2025 16:14:51 +0000 (18:14 +0200)] 
libvirt_nss: Allocate buffer in aiforaf() dynamically

While we were trying to decrease stack usage of some functions,
in v9.8.0-rc1~217 we introduced a couple of internal blocks to
the aiforaf() and declared some variables inside those blocks
hoping the compiler will reuse the stack for each block. While in
general this might be a good strategy, specifically in case of
NSS_NAME(gethostbyname2) this is a terrible thing to do.

Problem is, NSS_NAME(gethostbyname2) is given a caller allocated
buffer and an address of a pointer where the resolved address is
stored. And you've probably guessed it already: upon successful
return, the pointer is set to point somewhere inside the buffer.

Now, if the buffer doesn't live long enough, which in our case it
does not (since it was left in the previous block), we should
refrain from dereferencing the resolved pointer.

Just allocate the buffer on the heap.

Fixes: 9e5f2fe4021ada74adbe34ca03be60812c91f334
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
5 months agolibvirt_nss: Allocate buffer in ERROR() dynamically
Michal Privoznik [Wed, 21 May 2025 16:14:38 +0000 (18:14 +0200)] 
libvirt_nss: Allocate buffer in ERROR() dynamically

So far, inside of the ERROR() macro there's pretty large buffer
allocated on the stack (for use by strerror_r()). Problem is,
with our current stack size limit of 2048 bytes we may come
pretty close to the limit or even overshoot it, e.g. in aiforaf()
where the function itself declares another stack allocated buffer
1024 bytes long.

Just allocate the buffer dynamically.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agolibvirt_nss: Drop needless cleanup labels
Michal Privoznik [Wed, 21 May 2025 15:43:28 +0000 (17:43 +0200)] 
libvirt_nss: Drop needless cleanup labels

After previous cleanup, some labels were rendered pointless. Drop
them.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
5 months agolibvirt_nss: Use automatic memory freeing
Michal Privoznik [Wed, 21 May 2025 15:40:22 +0000 (17:40 +0200)] 
libvirt_nss: Use automatic memory freeing

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
5 months agonss: Declare g_autofree and g_steal_pointer() macros
Michal Privoznik [Wed, 21 May 2025 15:26:01 +0000 (17:26 +0200)] 
nss: Declare g_autofree and g_steal_pointer() macros

While we do not want the nss plugin to link with anything but
necessary libs (libc and libjson-c) it can benefit from automatic
memory freeing. Instead of inventing macros with new name for
them, lets stick with g_autofree and g_steal_pointer() which we
are used to from the rest of the code. Borrow and simplify
definitions for these macros then.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
5 months agonss: Add missing includes for gai_strerror()
Michal Privoznik [Thu, 22 May 2025 07:17:16 +0000 (09:17 +0200)] 
nss: Add missing includes for gai_strerror()

There are two places where gai_strerror() is called but neither
of them includes all necessary header files as documented in its
manpage. Fortunately, both calls occur in ERROR() macro which by
default does nothing - hence we don't see any compilation errors.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
5 months agolibvirt_nss_macs: Fix type of @len in findMACsFromJSON()
Michal Privoznik [Wed, 21 May 2025 12:52:55 +0000 (14:52 +0200)] 
libvirt_nss_macs: Fix type of @len in findMACsFromJSON()

Inside of findMACsFromJSON(), the retval of
json_object_array_length() is stored in a variable that's type of
int. But the function is declared to return size_t:

  /usr/include/json-c/json_object.h:JSON_EXPORT size_t json_object_array_length(const struct json_object *obj);

Fix the type of the local variable.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
5 months agocpu_ppc64: Add POWER11 host-model support
Narayana Murty N [Tue, 13 May 2025 07:43:26 +0000 (03:43 -0400)] 
cpu_ppc64: Add POWER11 host-model support

This patch adds POWER11 CPU host-model support in libvirt's ppc64
CPU driver. With this addition, guests using CPU mode 'host-model'
can specify POWER11 as the CPU model and have libvirt handle it
correctly.

With this change, libvirt can generate correct QEMU command line using
`-machine ... max-cpu-compat=power11` when a POWER11 host-model guest is
defined. This aligns with the QEMU support for POWER11 compatibility mode
starting from version 10.0.0.

Test coverage includes:
- XML validation tests for POWER11 host model
- Negative test for invalid compatibility on POWER10 hosts
- Command line generation tests for POWER11 guests

Signed-off-by: Narayana Murty N <nnmlinux@linux.ibm.com>
Tested-By: Shivaprasad G Bhat <sbhat@linux.ibm.com>
Reviewed-By: Shivaprasad G Bhat <sbhat@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agocpu_map: Add POWER11 CPU model support
Narayana Murty N [Tue, 13 May 2025 07:43:25 +0000 (03:43 -0400)] 
cpu_map: Add POWER11 CPU model support

Add support for the POWER11 CPU model in libvirt ppc64 CPU map. This
allows libvirt to recognize and handle guests that specify POWER11 as
the target CPU model when running on recent Power systems supporting
this architecture.

The addition includes:
- A new src/cpu_map/ppc64_POWER11.xml definition file describing the
  features and flags for POWER11 CPUs.
- Updates to src/cpu_map/index.xml and build system (meson) to include
  the new model.
- Test updates to qemucapabilitiesdata and qemuxmlconfdata to reflect
  the presence of POWER11 in supported CPU models.
- Adjustments to existing test XMLs to fix CPU model expectations
  and avoid mismatches during validation against QEMU output.

With this change, users can specify <model>POWER11</model> in guest CPU
configuration and have libvirt map it correctly to the corresponding
QEMU CPU model and capabilities.

Tested with:
- QEMU 10.0.0 on POWER11 host system
- Validated with updated domain capabilities and qemu capabilities tests

Signed-off-by: Narayana Murty N <nnmlinux@linux.ibm.com>
Tested-By: Shivaprasad G Bhat <sbhat@linux.ibm.com>
Reviewed-By: Shivaprasad G Bhat <sbhat@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agotests: Add capabilities for QEMU 10.0.0 on ppc64
Narayana Murty N [Tue, 13 May 2025 07:43:24 +0000 (03:43 -0400)] 
tests: Add capabilities for QEMU 10.0.0 on ppc64

Add the qemu test capabilities xml and reply files for
QEMU v10.0.0 on ppc64. A QEMU v10.0.0 was used for generating
this data.The tests with the 'latest' suffix, which expect
the latest available CPU version from the capabilities XML,
are bumped up to the latest CPU version.

Notable changes:
   - new pseries-10 machine type
   - old machine types (2.7) dropped
   - new CPU models power11 added

Signed-off-by: Narayana Murty N <nnmlinux@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agotests: qemuhotplugtest: Set the cpu version at source for PPC64 tests
Narayana Murty N [Tue, 13 May 2025 07:43:23 +0000 (03:43 -0400)] 
tests: qemuhotplugtest: Set the cpu version at source for PPC64 tests

Commit 140ff3c5141 ("tests: qemuhotplugtest: Fix arch-specific parts of
'ppc64' test XMLs") hardcoded the CPU model as POWER9 in the test result
XMLs. However, this value actually reflects the host CPU model detected
at build or test time, and can vary depending on the machine where the
tests run.

As newer POWER CPU models (e.g., POWER10, POWER11) become common, this
requires continuous updates to the test result files to match the CPU
version detected on the host. This adds unnecessary maintenance effort.

Fix this by updating the test source domain XMLs to specify POWER9 (or
any fixed version) as the CPU model. This ensures the test result files
stay stable and do not require updates every time a newer CPU is used on
the host system.

Signed-off-by: Narayana Murty N <nnmlinux@linux.ibm.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agotests: Pin pseries-2.7 tests to the version 7.0
Narayana Murty N [Tue, 13 May 2025 07:43:22 +0000 (03:43 -0400)] 
tests: Pin pseries-2.7 tests to the version 7.0

Support for the pseries-2.7 machine type in QEMU was officially removed in
version 9.2 with qemu commit 445d3facffe8 ("ppc/spapr: remove deprecated
machine pseries-2.7"). Instead of removing related tests, they are now pinned
to the latest available capabilities version 7.0.0 to ensure continued
functionality where applicable.

Signed-off-by: Narayana Murty N <nnmlinux@linux.ibm.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agovirsh: Do not print warnings with "error:" prefix
Jiri Denemark [Thu, 22 May 2025 12:13:15 +0000 (14:13 +0200)] 
virsh: Do not print warnings with "error:" prefix

Both vshWarn and vshError are just wrappers around vshPrintStderr which
properly propagates the message level to the log, but fails to honor it
when printing on stderr.

https://issues.redhat.com/browse/RHEL-79460

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agodocs: drvbhyve: document NVRAM support
Roman Bogorodskiy [Tue, 20 May 2025 17:01:52 +0000 (19:01 +0200)] 
docs: drvbhyve: document NVRAM support

Add a couple of examples of the explicit NVRAM configuration, and also
an automatic configuration, along with `<os firmware="efi">`.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoNEWS: bhyve: document NVRAM support
Roman Bogorodskiy [Tue, 20 May 2025 16:48:12 +0000 (18:48 +0200)] 
NEWS: bhyve: document NVRAM support

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agobuild-aux: simplify grep detection on FreeBSD
Alexey Dokuchaev [Tue, 20 May 2025 17:23:52 +0000 (19:23 +0200)] 
build-aux: simplify grep detection on FreeBSD

For quite some time now FreeBSD provides its own version of the grep(1)
tool, and the GNU grep from the ports collection is available as
ggrep(1). So remove the detection code and just request ggrep.

Signed-off-by: Alexey Dokuchaev <danfe@FreeBSD.org>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuMonitorJSONMigrate: Drop 'detach' QMP option
Peter Krempa [Wed, 21 May 2025 07:59:53 +0000 (09:59 +0200)] 
qemuMonitorJSONMigrate: Drop 'detach' QMP option

The argument was always ignored by qemu [1], as of qemu-10.1 it will be
deprecated. As it was always unused/ignored we can drop it without any
extra logic.

[1] qemu docs state:

   3. The user Monitor's "detach" argument is invalid in QMP and
     should not be used.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuMonitorDumpToFd: Drop 'detach' argument
Peter Krempa [Wed, 21 May 2025 07:50:08 +0000 (09:50 +0200)] 
qemuMonitorDumpToFd: Drop 'detach' argument

The only caller always passes 'true'. We also don't want to ever use the
blocking variant as it blocks the whole monitor until dump finishes.

Hardcode it to 'true' in the monitor code.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agovirsh: domain: Annotate rest of arguments taking local existing file
Peter Krempa [Tue, 20 May 2025 13:57:02 +0000 (15:57 +0200)] 
virsh: domain: Annotate rest of arguments taking local existing file

Few arguments were missing the 'vshCompletePathLocalExisting' completer.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agovirsh: Apply empty completer to arguments where completion doesn't make sense
Peter Krempa [Tue, 20 May 2025 12:56:03 +0000 (14:56 +0200)] 
virsh: Apply empty completer to arguments where completion doesn't make sense

Few outstanding arguments were not marked with 'virshCompleteEmpty'
completer despite the fact that we can't provide any reasonable
suggestion, e.g. for the new description of a domain or for the launch
secret.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agovsh: Apply empty/local completers to global commands
Peter Krempa [Tue, 20 May 2025 12:56:03 +0000 (14:56 +0200)] 
vsh: Apply empty/local completers to global commands

Few outstanding arguments were not marked with completers
completer despite the fact that we can't provide any reasonable
suggestion (e.g 'echo' or 'complete' commands) or where we want to
complete local path ( 'cd' ).

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agovirsh: completer: Extract common completer methods from virsh to vsh
Peter Krempa [Tue, 20 May 2025 13:21:22 +0000 (15:21 +0200)] 
virsh: completer: Extract common completer methods from virsh to vsh

The helper methods as well as the empty completers can be useful also in
other virt shells; extract the code and rename the functions
appropriately.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agocputest: Skip more tests requiring JSON_MODELS if QEMU is disabled
Jaroslav Suchanek [Tue, 20 May 2025 13:50:24 +0000 (15:50 +0200)] 
cputest: Skip more tests requiring JSON_MODELS if QEMU is disabled

Marking more tests with JSON_MODELS_REQUIRED as these tests fail if QEMU is
disabled, typically when running tests on FreeBSD or macOS systems.

Signed-off-by: Jaroslav Suchanek <jsuchane@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
5 months agobhyve: support removing NVRAM on domain undefine
Roman Bogorodskiy [Tue, 6 May 2025 16:58:29 +0000 (18:58 +0200)] 
bhyve: support removing NVRAM on domain undefine

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agobhyve: introduce bhyveDomainDefValidate()
Roman Bogorodskiy [Wed, 7 May 2025 18:20:18 +0000 (20:20 +0200)] 
bhyve: introduce bhyveDomainDefValidate()

Add the bhyveDomainDefValidate() validation which currently checks
whether the requested NVRAM is supported.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agobhyve: firmware: try to guess NVRAM settings
Roman Bogorodskiy [Wed, 7 May 2025 18:33:21 +0000 (20:33 +0200)] 
bhyve: firmware: try to guess NVRAM settings

Extend bhyveFirmwareFillDomain() so that when we find the default edk2
firmware, also look for its matching template file, and use it as a
nvramTemplate if found.

Extend bhyvexml2argvtest to verify various NVRAM configurations.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agobhyve: generate NVRAM bhyve arguments
Roman Bogorodskiy [Wed, 7 May 2025 18:25:56 +0000 (20:25 +0200)] 
bhyve: generate NVRAM bhyve arguments

Currently, bhyve bootrom specification looks like this:

 bhyve ... -l bootrom,/path/to/firmware.fd

In addition to that, it supports specifying the VARS files using:

 -l bootrom,/path/to/firmware.fd,/path/to/my_domain_VARS.fd

Update virBhyveProcessBuildBhyveCmd() to include the VARS file if NVRAM
is specified in the domain XML.

Additionally, support copying this file from the specified template. To
do that, introduce the bhyveProcessPrepareHost() and related helpers.
They are currently not doing anything but NVRAM preparations, but should
be useful for other host-side related tasks in the future.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agobhyve: conf: introduce nvramDir
Roman Bogorodskiy [Wed, 7 May 2025 18:17:31 +0000 (20:17 +0200)] 
bhyve: conf: introduce nvramDir

As a preparation for NVRAM support, introduce nvramDir configuration
item.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemu: fd: Log information about passed file descriptor
Peter Krempa [Mon, 19 May 2025 11:37:32 +0000 (13:37 +0200)] 
qemu: fd: Log information about passed file descriptor

Log information (type, label, etc) about FDs passed to qemu via APIs
from this module.

This does "spill" the selinux library code into this module, but
acessing it via the security driver would require passing much more
context to this module. Since it's for logging only it can be easily
removed if necessary.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agodocs: backup: Hint at proper selinux labelling of the FD-passed NBD socket
Peter Krempa [Mon, 19 May 2025 13:15:35 +0000 (15:15 +0200)] 
docs: backup: Hint at proper selinux labelling of the FD-passed NBD socket

In case selinux is used on the host the socket passed to qemu needs to
be properly labelled. Add a hint to the example code.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agoqemuBackupPrepare: Actually allow 'VIR_STORAGE_NET_HOST_TRANS_FD'
Peter Krempa [Wed, 14 May 2025 15:53:13 +0000 (17:53 +0200)] 
qemuBackupPrepare: Actually allow 'VIR_STORAGE_NET_HOST_TRANS_FD'

While I've actually implemented support for FD passing the NBD server
socket in eb768a556db I managed to misplace the hunk allowing the 'FD'
transport in the validation code, rendering the whole feature useless.

Fix the validation logic to make the feature usable.

Fixes: eb768a556db75040f7b518d198a18bd0f5d6faad
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agobuild: do not use -Winline
Ján Tomko [Fri, 16 May 2025 16:54:33 +0000 (18:54 +0200)] 
build: do not use -Winline

We don't really care if a function cannot be inlined.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agobuild: prohibit inline functions in C files by syntax-check
Ján Tomko [Fri, 16 May 2025 16:50:30 +0000 (18:50 +0200)] 
build: prohibit inline functions in C files by syntax-check

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoNEWS: Mention new option '--no-pkttyagent'
Jens Schmidt [Sat, 17 May 2025 16:32:17 +0000 (18:32 +0200)] 
NEWS: Mention new option '--no-pkttyagent'

Signed-off-by: Jens Schmidt <farblos@vodafonemail.de>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirsh: Add option '--no-pkttyagent'
Jens Schmidt [Sat, 17 May 2025 16:32:16 +0000 (18:32 +0200)] 
virsh: Add option '--no-pkttyagent'

In scripts repeated execution of virsh can result in a lot of
journal noise when pkttyagent gets registered with polkitd each
time.

Closes: https://gitlab.com/libvirt/libvirt/-/issues/757
Signed-off-by: Jens Schmidt <farblos@vodafonemail.de>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agoqemuDomainRemoveInactive: Remove 'driver' argument
Peter Krempa [Thu, 15 May 2025 15:09:33 +0000 (17:09 +0200)] 
qemuDomainRemoveInactive: Remove 'driver' argument

The function can fetch it from @vm.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuProcessReconnectData: Drop 'driver' struct and clean up
Peter Krempa [Thu, 15 May 2025 15:04:50 +0000 (17:04 +0200)] 
qemuProcessReconnectData: Drop 'driver' struct and clean up

Nobody reads the struct member any more.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuProcessReconnect: Modernize local variable setup
Peter Krempa [Thu, 15 May 2025 15:00:55 +0000 (17:00 +0200)] 
qemuProcessReconnect: Modernize local variable setup

Assign local variables directly and use autofree for temproary ones.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuDomainRemoveInactiveLocked: Remove 'driver' argument
Peter Krempa [Thu, 15 May 2025 14:57:19 +0000 (16:57 +0200)] 
qemuDomainRemoveInactiveLocked: Remove 'driver' argument

The function can extract the value from @vm's private data.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuProcessStop: Drop 'driver' argument
Peter Krempa [Thu, 15 May 2025 14:48:44 +0000 (16:48 +0200)] 
qemuProcessStop: Drop 'driver' argument

For now it's extracted as a temporary variable but in long term it ought
to be eliminated.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuDomainRemoveInactiveCommon: Remove 'driver' argument
Peter Krempa [Thu, 15 May 2025 14:38:03 +0000 (16:38 +0200)] 
qemuDomainRemoveInactiveCommon: Remove 'driver' argument

The function can fetch it from @vm.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuSnapshotDiscardAllMetadata: Remove 'driver' argument
Peter Krempa [Thu, 15 May 2025 14:32:11 +0000 (16:32 +0200)] 
qemuSnapshotDiscardAllMetadata: Remove 'driver' argument

The function can extract it from @vm.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuCheckpointDiscardAllMetadata: Remove 'driver' argument
Peter Krempa [Thu, 15 May 2025 14:32:11 +0000 (16:32 +0200)] 
qemuCheckpointDiscardAllMetadata: Remove 'driver' argument

The function can extract it from @vm.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuExtDevicesCleanupHost: Use 'virQEMUDriverConfig' instead of 'virQEMUDriver'
Peter Krempa [Thu, 15 May 2025 14:24:29 +0000 (16:24 +0200)] 
qemuExtDevicesCleanupHost: Use 'virQEMUDriverConfig' instead of 'virQEMUDriver'

Refactor the function and all callees to use the driver config instead.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuProcessStartWithMemoryState: Rename 'snapshot' to 'internalSnapshotRevert'
Peter Krempa [Tue, 13 May 2025 17:05:31 +0000 (19:05 +0200)] 
qemuProcessStartWithMemoryState: Rename 'snapshot' to 'internalSnapshotRevert'

Make it obvious that the variable is used for internal snapshot
reversion by renaming it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuProcessStart: Rename 'snapshot' to 'internalSnapshotRevert'
Peter Krempa [Tue, 13 May 2025 17:05:31 +0000 (19:05 +0200)] 
qemuProcessStart: Rename 'snapshot' to 'internalSnapshotRevert'

Make it obvious that the variable is used for internal snapshot
reversion by renaming it. This is necessary mainly as the function
parameters are not documented, but makes it obvious also if they were.

We can also report the name of the sanpshot rather than a pointer that
says absolutely nothing to the reader.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuProcessLaunch: Rename 'snapshot' to 'internalSnapshotRevert'
Peter Krempa [Tue, 13 May 2025 17:05:31 +0000 (19:05 +0200)] 
qemuProcessLaunch: Rename 'snapshot' to 'internalSnapshotRevert'

Make it obvious that the variable is used for internal snapshot
reversion by renaming it. This is necessary mainly as the function
parameters are not documented, but makes it obvious also if they were.

We can also report the name of the sanpshot rather than a pointer that
says absolutely nothing to the reader.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuBuildCommandLine: Drop 'snapshot' argument
Peter Krempa [Tue, 13 May 2025 15:12:09 +0000 (17:12 +0200)] 
qemuBuildCommandLine: Drop 'snapshot' argument

After recent refactors that removed legacy way to revert snapshots we no
longer need to know the snapshot state during commandline build.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuSnapshotRevertInactive: Ensure all error paths handle transient domains properly
Peter Krempa [Thu, 15 May 2025 14:12:31 +0000 (16:12 +0200)] 
qemuSnapshotRevertInactive: Ensure all error paths handle transient domains properly

Only the internal snapshot code paths were able to handle transient
domains properly in case when startup of the process failed.

Unify the error paths on an 'error' label with proper handling.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuSnapshotRevertActive: Remove transient domain on failure
Peter Krempa [Thu, 15 May 2025 06:21:49 +0000 (08:21 +0200)] 
qemuSnapshotRevertActive: Remove transient domain on failure

Code paths which deal with stopping of the qemu process need extra
handling for transient definitions as they need to be removed from the
domain list when we'd be leaving them inactive.

In case of snapshot code it's on failure to revert a snapshot as we stop
the qemu process but the failure to revert may mean that the new process
will not be started.

I've observed this when I was fixing the recent bug in snapshot
reversion which left the domain in unusable state after failure to
revert:

 $ virsh list foo
 error: Requested operation is not valid: domain is not running

 $ virsh undefine foo
 error: Requested operation is not valid: cannot undefine transient domain

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoNEWS: Mention fix for internal snapshot reversion regression
Peter Krempa [Thu, 15 May 2025 08:54:18 +0000 (10:54 +0200)] 
NEWS: Mention fix for internal snapshot reversion regression

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuProcessStartWithMemoryState: Don't setup qemu for incoming migration when reverti...
Peter Krempa [Tue, 13 May 2025 17:07:20 +0000 (19:07 +0200)] 
qemuProcessStartWithMemoryState: Don't setup qemu for incoming migration when reverting internal snapshot

The memory/device state of the VM for an internal snapshot is restored
by qemu itself via a QMP command and is taken from the qcow2 image, thus
we don't actually do any form of incoming migration.

Commit 5b324c0a739fe00 which refactored the setup of the incoming
migration state didn't take the above into account and inadvertently
caused that qemu is being started with '-incoming defer' also when
libvirt would want to revert an internal snapshot.

Now when qemu expects incoming migration it doesn't activate the block
backends as that would cause locking problems and image inconsistency,
but also doesn't allow the use of the images. Since the block backends
are not activated qemu then thinks that they don't actually support
internal snapshots and reports:

  error: operation failed: load of internal snapshot 'foo1' job failed: Device 'libvirt-1-format' is writable but does not support snapshots

Due to the above bug it's not possible to revert to internal snapshots
in libvirt-11.2 and libvirt-11.3.

Fixes: 5b324c0a739fe00cbec209219db4488742492112
Resolves: https://issues.redhat.com/browse/RHEL-88747
Closes: https://gitlab.com/libvirt/libvirt/-/issues/771
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agocpu_x86: Do not inline cpuidCall()
Fabio Estevam [Fri, 16 May 2025 11:56:22 +0000 (08:56 -0300)] 
cpu_x86: Do not inline cpuidCall()

The following build error is observed when the DEBUG_BUILD variable
is enabled in OpenEmbedded:

src/cpu/cpu_x86.c: In function 'cpuidSetLeaf4':
src/cpu/cpu_x86.c:2563:1: error: inlining failed in call to 'cpuidCall': function not considered for inlining [-Werror=inline]
 2563 | cpuidCall(virCPUx86CPUID *cpuid)
      | ^~~~~~~~~

Remove the 'inline' specifier to avoid the problem.

Reported-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agospec: Bump min_fedora
Michal Privoznik [Thu, 15 May 2025 12:51:51 +0000 (14:51 +0200)] 
spec: Bump min_fedora

Fedora 40 is now officially at end of life [1]. The minimal
version we aim to support upstream is thus Fedora 41. Reflect
this in the spec file.

1: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/thread/XCUBN7NR7LXFFSA3IJDRTGHC7K4CXARV/

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agospec: Bump min_rhel
Michal Privoznik [Thu, 15 May 2025 12:48:23 +0000 (14:48 +0200)] 
spec: Bump min_rhel

RHEL-8 is out of our support scope. The minimal version we aim to
support upstream is RHEL-9. Reflect this in the spec file.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agoci: refresh with 'lcitool manifest'
Michal Privoznik [Thu, 15 May 2025 12:09:09 +0000 (14:09 +0200)] 
ci: refresh with 'lcitool manifest'

- Add Fedora 42
- Remove EOL Fedora 40
- Switch mingw from Fedora 41 to Fedora 42

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agotests: Add pcihole64 test for virt machine
Matthew R. Ochs [Thu, 15 May 2025 14:48:53 +0000 (07:48 -0700)] 
tests: Add pcihole64 test for virt machine

Add a pcihole64 test for the aarch64 virt machine that verifies the
value is propagated to the highmem-mmio-size virt machine parameter.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Matthew R. Ochs <mochs@nvidia.com>
5 months agoqemu: Add command line support for PCI high memory MMIO size
Matthew R. Ochs [Thu, 15 May 2025 14:48:47 +0000 (07:48 -0700)] 
qemu: Add command line support for PCI high memory MMIO size

Add support for generating QEMU command line with PCI high memory MMIO size:
    - Add highmem-mmio-size to machine command line generation using
      size conveyed through pcihole64
    - Add validation for aarch64/virt machine type requirement
    - Add capability check for QEMU support

This enables configuring the PCI high memory MMIO window size
for aarch64 virt machine types using the existing pcihole64
element.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Matthew R. Ochs <mochs@nvidia.com>
5 months agoqemu: Add capability for PCI high memory MMIO size
Matthew R. Ochs [Thu, 15 May 2025 14:48:41 +0000 (07:48 -0700)] 
qemu: Add capability for PCI high memory MMIO size

Add QEMU capability for PCI high memory MMIO size configuration:
- Add QEMU_CAPS_MACHINE_VIRT_HIGHMEM_MMIO_SIZE capability
- Add capability to virt machine properties
- Add highmem-mmio-size virt machine property to aarch64 qemu
      10.0.0 capabilities

This allows detecting support for the highmem-mmio-size virt machine
property in QEMU.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Matthew R. Ochs <mochs@nvidia.com>
5 months agoch: Support RNG device
Stefan Kober [Fri, 16 May 2025 07:57:30 +0000 (09:57 +0200)] 
ch: Support RNG device

Cloud Hypervisor supports virtio-rng devices and the configuration of
the randomness source (e.g. /dev/random or /dev/urandom).

This commit adds support for configuring the RNG device via libvirt for
the ch driver.

Signed-off-by: Stefan Kober <stefan.kober@cyberus-technology.de>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agorpc: Add the {repoll,retry} logic in virNetClientSetTLSSession
Hyman Huang [Thu, 15 May 2025 01:07:41 +0000 (09:07 +0800)] 
rpc: Add the {repoll,retry} logic in virNetClientSetTLSSession

As advised by the GNU TLS, the caller should attempt again
if the gnutls_record_{recv,send} return EAGAIN or EINTR;
check the following link to view the details:
https://www.gnutls.org/manual/html_node/Data-transfer-and-termination.html

virNetClientSetTLSSession failed to handle EINTR/EGAIN,
though EGAIN seems like it ought to be unlikely given that
the caller waited for G_IO_IN.

Add the {repoll, retry} logic to handle EINTR/EGAIN that
may happen theoretically. This may reduce the likelihood
that the upper application receives the following error
message utmostly when it calls the virConnectOpenAuth API:
Unable to read TLS confirmation: Resource temporarily unavailable

Note that in order to fully avoid the mentioned problem, the
upper application should retry virConnectOpenAuth.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Hyman Huang <yong.huang@smartx.com>
5 months agosrc: Fix retval of some functions declared to return an int
Michal Privoznik [Wed, 14 May 2025 14:14:39 +0000 (16:14 +0200)] 
src: Fix retval of some functions declared to return an int

There are couple of functions (virCHDomainPrepareHostdevPCI(),
qemuDomainPrepareHostdevPCI(),
virStorageBackendRBDSetAllocation(), virCommandHandshakeChild())
that are declared to return an integer, but in fact return a
boolean. This may lead to incorrect behaviour. Fix their retvals.

This diff was generated using the following semantic patch:

  @@
  identifier foo;
  @@

  int foo(...) {
      <+...
  (
  -   return true;
  +   return 0;
  |
  -   return false;
  +   return -1;
  )
      ...+>
  }

Each function and its callers were then inspected to see what
retvals are expected.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirsh-pool.c: Fix return type of virshBuildPoolXML()
Michal Privoznik [Wed, 14 May 2025 13:48:40 +0000 (15:48 +0200)] 
virsh-pool.c: Fix return type of virshBuildPoolXML()

The virshBuildPoolXML() function is declared to return an int but
in fact its return type is a boolean. Even its both callers
(cmdPoolCreateAs() and cmdPoolDefineAs()) treat its retval as a
boolean. Switch the return type from integer to boolean.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirnetdevvlan: Fix return type of virNetDevVlanEqual()
Michal Privoznik [Wed, 14 May 2025 13:46:16 +0000 (15:46 +0200)] 
virnetdevvlan: Fix return type of virNetDevVlanEqual()

The virNetDevVlanEqual() function is declared to return an int
but in fact its return type is a boolean. Even its only caller
(qemuDomainChangeNet()) treats its retval as a boolean. Switch
the return type from integer to boolean.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agostorage_backend_rbd.C: Fix return type of a volStorageBackendRBDUseFastDiff() stub
Michal Privoznik [Wed, 14 May 2025 13:40:40 +0000 (15:40 +0200)] 
storage_backend_rbd.C: Fix return type of a volStorageBackendRBDUseFastDiff() stub

Inside of storage_backend.c there are two implementations of
volStorageBackendRBDUseFastDiff() function: one when librbd is
new enough and one when it isn't. The former returns a bool, but
the latter is declared to return an int despite it returning a
boolean. Fix the latter.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agoqemu_process: Fix return type of qemuDomainHasHotpluggableStartupVcpus()
Michal Privoznik [Wed, 14 May 2025 13:40:18 +0000 (15:40 +0200)] 
qemu_process: Fix return type of qemuDomainHasHotpluggableStartupVcpus()

The qemuDomainHasHotpluggableStartupVcpus() function is declared
to return an int but in fact its return type is a boolean. Even
its only caller (qemuProcessLaunch()) treats its retval as a
boolean. Switch the return type from integer to boolean.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agonwfilter: Fix return type of virNWFilterCanApplyBasicRules callback
Michal Privoznik [Wed, 14 May 2025 13:35:01 +0000 (15:35 +0200)] 
nwfilter: Fix return type of virNWFilterCanApplyBasicRules callback

The virNWFilterCanApplyBasicRules() callback returns an int but
in fact its return type is a boolean. Even its only
implementation (ebiptablesCanApplyBasicRules()) returns a
boolean. Switch the return type from integer to boolean.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agostorage_backend_rbd.c: Make virStorageBackendRBDSetAllocation() stub report an error
Michal Privoznik [Wed, 14 May 2025 13:51:18 +0000 (15:51 +0200)] 
storage_backend_rbd.c: Make virStorageBackendRBDSetAllocation() stub report an error

Inside of storage_backend_rbd.c there are two implementations of
virStorageBackendRBDSetAllocation(). One reports an error on
failure, so the stub implementation should report an error too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirDomainNetDefCheckABIStability: Consider virtio 'queues' ABI
Peter Krempa [Tue, 13 May 2025 12:03:48 +0000 (14:03 +0200)] 
virDomainNetDefCheckABIStability: Consider virtio 'queues' ABI

While the queue count itself is not a guest visible property, libvirt
uses it to calculate the 'vectors' property of the 'virtio-net' device
which is ABI.

Since we don't expose control of 'vectors' explicitly, consider 'queues'
ABI.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
5 months agovirNetDevTapCreate: Use error message hinting to multiqueue use only when opening...
Peter Krempa [Tue, 13 May 2025 11:44:27 +0000 (13:44 +0200)] 
virNetDevTapCreate: Use error message hinting to multiqueue use only when opening multiple queues

Due to a logic bug the error message mentioning multi queue operation
would be emitted also when a single queue would be opened on an
externally managed tap device.

Adjust the condition to trigger only when multiple queues are in use.

Fixes: f6fb097e11a
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
5 months agodocs: man: Document '--once' for 'virsh autostart'
Peter Krempa [Mon, 5 May 2025 14:39:25 +0000 (16:39 +0200)] 
docs: man: Document '--once' for 'virsh autostart'

Document the '--once' option and how it combines with the setting
without '--once'.

Resolves: https://issues.redhat.com/browse/RHEL-89414
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agoAPI: Clarify behaviour of autostart vs autostart once
Peter Krempa [Mon, 5 May 2025 14:33:32 +0000 (16:33 +0200)] 
API: Clarify behaviour of autostart vs autostart once

If either of the autostart settings is enabled the VM will be
autostarted. Attempt to clarify that.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
5 months agoqemuDomainPrepareHostdevPCI: Simplify error messages
Peter Krempa [Mon, 12 May 2025 13:21:07 +0000 (15:21 +0200)] 
qemuDomainPrepareHostdevPCI: Simplify error messages

Rework the error reporting. Unify on one message about device assignment
modes not supported by the qemu driver and move and reword the messages
for VFIO device assignment.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agoqemuDomainPrepareHostdevPCI: Fix return values after conversion from bool to int
Peter Krempa [Mon, 12 May 2025 13:06:32 +0000 (15:06 +0200)] 
qemuDomainPrepareHostdevPCI: Fix return values after conversion from bool to int

Historically when the code was in 'qemuHostdevPreparePCIDevicesCheckSupport'
the function returned bools. Later it was refactored and moved to
'qemuDomainPrepareHostdevPCI' the return values were not changed.

Thus the function now returned '-1', 'false', and 'true'. Callers
checked for '-1' only so the few cases forbidding legacy device
passthrough were no longer causing fatal errors.

Fixes: 3b87709c768480e085556e06bd8d08f62270d42d
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
5 months agovirnetdevtap: Fix memory leak in virNetDevTapReattachBridge
QiangWei Zhang [Tue, 6 May 2025 10:33:01 +0000 (18:33 +0800)] 
virnetdevtap: Fix memory leak in virNetDevTapReattachBridge

Variable 'master' needs to be free because it will be reassigned in
virNetDevOpenvswitchInterfaceGetMaster().

The leaked stack:
Direct leak of 11 byte(s) in 1 object(s) allocated from:
    #0 0x7f7dad8ba6df in __interceptor_malloc (/lib64/libasan.so.8+0xba6df)
    #1 0x7f7dad715728 in g_malloc (/lib64/libglib-2.0.so.0+0x60728)
    #2 0x7f7dad72d8b2 in g_strdup (/lib64/libglib-2.0.so.0+0x788b2)
    #3 0x7f7dacb63088 in g_strdup_inline /usr/include/glib-2.0/glib/gstrfuncs.h:321
    #4 0x7f7dacb63088 in virNetDevGetName ../src/util/virnetdev.c:823
    #5 0x7f7dacb63886 in virNetDevGetMaster ../src/util/virnetdev.c:909
    #6 0x7f7dacb90288 in virNetDevTapReattachBridge ../src/util/virnetdevtap.c:527
    #7 0x7f7dacd5cd67 in virDomainNetNotifyActualDevice ../src/conf/domain_conf.c:30505
    #8 0x7f7da3a10bc3 in qemuProcessNotifyNets ../src/qemu/qemu_process.c:3290
    #9 0x7f7da3a375c6 in qemuProcessReconnect ../src/qemu/qemu_process.c:9211
    #10 0x7f7dacc0cc53 in virThreadHelper ../src/util/virthread.c:256
    #11 0x7f7dac2875d4 in start_thread (/lib64/libc.so.6+0x875d4)
    #12 0x7f7dac3091bb in __GI___clone3 (/lib64/libc.so.6+0x1091bb)

Fixes: de938b92c9d3a47647164aa643c20d2fc96cd2bc
Signed-off-by: QiangWei Zhang <zhang.qiangwei@zte.com.cn>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirnetlink: Split virNetlinkBridgeVlanFilterSet()
Michal Privoznik [Mon, 12 May 2025 13:00:04 +0000 (15:00 +0200)] 
virnetlink: Split virNetlinkBridgeVlanFilterSet()

Currently, virNetlinkBridgeVlanFilterSet() takes @cmd as the
second argument where either RTM_SETLINK or RTM_DELLINK is
expected. Both of these constants come from linux/rtnetlink.h and
thus are undefined when building without netlink. This design
also clashes with the whole point of virnetlink: to offload
netlink dependency onto a single file.

Therefore, drop the argument, turn
virNetlinkBridgeVlanFilterSet() into just setter, effectively,
and introduce virNetlinkBridgeVlanFilterDel() for the case when
RTM_DELLINK would be passed as @cmd.

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/770
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirnetdevbridge: Include virnetlink.h more often
Michal Privoznik [Mon, 12 May 2025 12:29:21 +0000 (14:29 +0200)] 
virnetdevbridge: Include virnetlink.h more often

The whole point of virnetlink.h is that it hides away the build
time dependency on netlink. It wraps netlink functions in our
functions which then have a stub implementation in case netlink
support was disabled.

Though, netlink is still Linux specific, so keep it in the
'#ifdef __linux__` block to cause a compilation error should
anybody try to use any of the wrapped functions on non-Linux.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirnetdevbridge.c: Fix comments in virNetDevBridgeSetupVlans()
Michal Privoznik [Mon, 12 May 2025 12:27:58 +0000 (14:27 +0200)] 
virnetdevbridge.c: Fix comments in virNetDevBridgeSetupVlans()

We still use C89 style of comments. Fix C99 style of comments
used in virNetDevBridgeSetupVlans().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agovirnetlink: Provide stub for virNetlinkBridgeVlanFilterSet()
Michal Privoznik [Mon, 12 May 2025 12:28:42 +0000 (14:28 +0200)] 
virnetlink: Provide stub for virNetlinkBridgeVlanFilterSet()

In virnetlink.c there are two sections: the first one when
building WITH_LIBNL support, the other that provides stubs for
functions declared in the corresponding header file when building
without netlink support. But the stub implementation for
virNetlinkBridgeVlanFilterSet() was missing.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agorpm: disable zfs on Fedora >= 43
Daniel P. Berrangé [Thu, 8 May 2025 10:16:30 +0000 (11:16 +0100)] 
rpm: disable zfs on Fedora >= 43

The zfs-fuse package has been dead upstream for a long time and is
now retired in Fedora rawhide.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
5 months agotests: Add capabilities for QEMU 10.0.0 on aarch64
Matthew R. Ochs [Wed, 7 May 2025 23:38:46 +0000 (16:38 -0700)] 
tests: Add capabilities for QEMU 10.0.0 on aarch64

Notable differences:

  * various machine types, notably vexpress-a9, have stopped
    accepting user-specified CPU models in QEMU 9.0;

  * the command line for raw devices is slightly different
    as libvirt now skips the 'raw' format driver blockdev.

Signed-off-by: Matthew R. Ochs <mochs@nvidia.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agotests: Use collie instead of borzoi for aarch64 tests
Andrea Bolognani [Thu, 27 Feb 2025 10:35:07 +0000 (11:35 +0100)] 
tests: Use collie instead of borzoi for aarch64 tests

The borzoi machine type was dropped in QEMU 9.2.0, so let's
use a different machine type with no ACPI support and no
implicit USB controller instead.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agoqemu_capabilities: Fetch caps for virtio-mem-ccw too
Michal Privoznik [Wed, 7 May 2025 12:32:52 +0000 (14:32 +0200)] 
qemu_capabilities: Fetch caps for virtio-mem-ccw too

While with upstream QEMU it's impossible to have virtio-mem-ccw and not
have virtio-mem-pci, in RHEL the QEMU's build system is patched to make
that possible. But this breaks our assumption when fetching
capabilities.

Well, just do what we are already doing in this situation (e.g.
"virtio-blk-pci"/"virtio-blk-ccw" & virQEMUCapsDevicePropsVirtioBlk, or
"virtio-scsi-pci"/"virtio-net-ccw" & virQEMUCapsDevicePropsVirtioSCSI):
fetch the same set of props for both devices.

Resolves: https://issues.redhat.com/browse/RHEL-87528
Resolves: https://issues.redhat.com/browse/RHEL-87532

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
5 months agoci: refresh with 'lcitool manifest'
Daniel P. Berrangé [Fri, 2 May 2025 08:29:08 +0000 (09:29 +0100)] 
ci: refresh with 'lcitool manifest'

This removes librbd from 32-bit arches on debian sid, which no longer
exists.

Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
5 months agodocs: hooks: Document when shutoff-reason argument was introduced
Michal Privoznik [Mon, 5 May 2025 08:51:52 +0000 (10:51 +0200)] 
docs: hooks: Document when shutoff-reason argument was introduced

Introduced in v10.5.0-rc1~52, qemu and lxc hook scripts are
executed with additional argument: shutoff reason. But wording of
our docs make it looks like it's been that way forever. Make it
clear this is `recent` feature.

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/766
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>