qemu: Check if INTEL Trust Domain Extention support is enabled
Implement TDX check in order to generate domain feature capability
correctly in case the availability of the feature changed.
For INTEL TDX the verification is:
- checking if "/sys/module/kvm_intel/parameters/tdx" contains the
value 'Y': meaning TDX is enabled in the host kernel.
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
tools: Secure guest check for Intel in virt-host-validate
Add check in virt-host-validate for secure guest support
on x86 for Intel Trust Domain Extentions.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
Michal Privoznik [Thu, 23 Mar 2023 08:15:53 +0000 (09:15 +0100)]
meson: Report library versions in the summary
The summary() directive accepts dependency() too [1] in which
case it also prints version of the dependency found. This may
come handy when reading build process transcripts.
Currently, libattr is detected using cc.find_library() because at
historically, the library was lacking pkg-config file. But that
changed with libattr-2.4.48 (released 7+ years ago) and even
prehistoric distros have it now. Switch to dependency().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Han Han [Wed, 26 May 2021 13:35:11 +0000 (21:35 +0800)]
qemu: Add support for RBD namespace.
Since Nautilus ceph supports separate image namespaces within a pool for
tenant isolation and QEMU adds it as a rbd blockdev options from 5.0.0.
The source name with format "<pool>/<namespace>/<image>" could be used to
access a rbd image with namespace.
Closes: https://gitlab.com/libvirt/libvirt/-/issues/405 Signed-off-by: Han Han <hhan@redhat.com> Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Fri, 11 Nov 2022 14:42:52 +0000 (15:42 +0100)]
virStorageSource: Eliminate 'volume' field
While historically we've stored the 'pool' and 'image' properties of RBD
and gluster images in separate fields but they are presented in a single
field in the XML. This creates multiple points where they need to be
separated and combined.
Introduce helper 'virStorageSourceNetworkProtocolPathSplit' which will
do that at the point of use rather than everywhere in the code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Refactored the qemuDomainObjPrivateXMLParseVcpu function to use the
appropriate virXMLPropUInt function to parse unsigned integers,
avoiding unccessery string parsing operations.
Signed-off-by: Kirill Shchetiniuk <kshcheti@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Refactored the virSecretLookupParseSecret fucntion to use the
virXMLPropUUID fucntion, avoid getting the string and parsing it
later. Previously two separate error states merged into one by using
boolean NXOR operation.
Signed-off-by: Kirill Shchetiniuk <kshcheti@redhat.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Fri, 18 Jul 2025 14:07:11 +0000 (16:07 +0200)]
security_selinux: Declare internal autoptr cleanup helper for 'context_t'
The selinux headers have a 'typedef context_s_t *context_t;' definition
in the header so we declare autoptr cleanup function for 'context_s_t'
and use it instead of 'context_t' definitions.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Declare 'in'/'out' only in the bocks which use them and automatically
free them. Since cleanup section was removed we don't need a 'ret'
variable any more.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Dion Bosschieter [Wed, 16 Jul 2025 10:08:58 +0000 (12:08 +0200)]
nwfilter: Check before removing and reinserting iptable base chains
Upon VM bootstrapping (start,restore,incoming migration)
iptablesCreateBaseChainsFW is called and unconditionally deletes and
reinserts top-level firewall chain jumps (e.g. INPUT, FORWARD rules).
This briefly allows packets to continue, allowing packets through
until the base chain iptables -I commands run.
This commit ensures that the base chains are only created once per layer
(IPV4/IPV6) and checks whether the expected rules already exist using
`iptables -L`. If they do, no delete/insert operations are performed.
By checking for the existence of rules we can prevent more rules from
being created if they already exist. Possibly speeding up nwfilter by
reducing the amount of iptable commands it executes. This however is not
part of this patch.
Closes: https://gitlab.com/libvirt/libvirt/-/issues/784 Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Dion Bosschieter <dionbosschieter@gmail.com>
qemu: add ability to set TLS priority string with QEMU
QEMU will either use the GNUTLS default priority string of "NORMAL",
or on Fedora/RHEL related distros, "@QEMU,SYSTEM", which resolves to
a configuration in /etc/crypto-policies/back-ends/gnutls.config.
The latter gives the sysadmin the ability to change the priority
string used for GNUTLS at deployment time, either system side, or
exclusively for QEMU, avoiding the hardcoded GNUTLS defaults.
There are still some limitations to this:
* Priorities cannot be set for different areas of QEMU
functionality (migration, vnc, nbd, etc)
* Priorities are fixed at the time when QEMU first
triggers GNUTLS to load its config file, often
immediately at startup.
We recently uncovered a QEMU bug that causes crashes in live
migration with TLS-1.3, where the easiest workaround is to
change the TLS priorities. We can't change this on the running
QEMU, but fortunately it is possible to change it on the target
QEMU and the TLS handshake will make it take effect on both
src and dst.
The problem is, while fixing the immediate incoming and outgoing
live migration problems, the workaround will apply to everything
else that QEMU does for the rest of the time that process exists.
We want to make it possible to set the TLS priorities only for
the current migrations, such that if the target QEMU has a fixed
GNUTLS, it will not have its TLS priorities hobbled for the next
live migration.
To achieve this we need libvirt to be able to (optionally) set
the TLS priority string with QEMU. While live migration is the
most pressing need, the new qemu.conf parameters are wired up
for every subsystem for greater selectivity in future.
With this we can activate the GNUTLS workaround for running
QEMU processes by editting qemu.conf and restarting virtqemud,
and later undo this the same way.
Reviewed-by: Peter Krempa <pkrempa@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The bhyveload(8) command does not have a native non-interactive mode.
It means that in case of errors, e.g. invalid boot media, it
just drops into a loader prompt and waits for user input. This behaviour
makes it tricky for users to understand what's going on.
To address that, run it with the timeout(1) tool which sends SIGTERM
after a certain timeout, and then optionally sends SIGKILL if the
command keeps hanging.
These timeout values could be configured in the bhyve.conf. Setting
timeout to 0 mean that bhyveload(8) will be executed directly, without
timeout(1).
Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
bhyve: don't reset domain autostart flag on destroy
Currently, virBhyveProcessStop() uses the virDomainDeleteConfig()
helper to clean up domain status. It passes BHYVE_STATE_DIR as
a configuration dir and NULL as autostart dir, so the helper does its
job, even though it has a different purpose. However, the issue is that
it also resets the autostart (and autostartOnce) property.
This results in a situation that when a persistent domain with autostart
enabled gets destroyed, its autostart state is reported as disabled,
which is not correct.
To fix that, implement the bhyveProcessRemoveDomainStatus() which
removes the status file without side effects on the virDomainObj object.
Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com
qemu_tpm: Do not use persistent definition during pre-start checks
Commit 3451987fca7c used the persistent TPM Definition in both calls to
qemuTPMVirCommandSwtpmAddTPMState() but in one of the two cases it
might've been NULL and what's more, it is not the right definition which
should've been used. Change that to @tpm which is the current
definition. The other call does not have access to the current
definition and is only called during updating the profile. But for the
sake of fewer future mistakes, keep the other one as is because there is
no issue with calling it that way and adding logic that just skips the
extra check on NULL could mistake someone in the future.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Michal Privoznik [Wed, 18 Jun 2025 06:49:29 +0000 (08:49 +0200)]
nss: Move logging into a separate file and turn it temporarily on
Currently, when somebody wants to debug the NSS plugin, they have
to change a line in libvirt_nss.h (to enable debug printings) and
recompile the module. This may work for us, developers, but we
can not expect this from users.
For now, this turns debug printings unconditionally on. Making it
conditional on an envvar is handled in the next commit.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
nss: Promote debug message to proper error when time() fails
The difference between DEBUG() and ERROR() macros is that the
latter also prints (stringified) errno. Inside of findLease()
there's one line where time() is called which is documented as:
On error, ((time_t) -1) is returned, and errno is set to
indicate the error.
Therefore, don't just print DEBUG() but ERROR() so that the cause
for the error is printed too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Jiri Denemark [Mon, 23 Jun 2025 13:37:53 +0000 (15:37 +0200)]
Introduce VIR_CONNECT_BASELINE_CPU_IGNORE_HOST flag
With this new flag virConnectHypervisorBaselineCPU can be used on any
host (rather than being limited to hosts described by individual CPUs
passed to the API). Using the flag makes the API behave similarly to the
old virConnectBaselineCPU. The main difference is the CPU definition
accepted by both APIs: the old one only accepts host CPU definition,
i.e., without 'policy' attributes as seen in the host capabilities XML.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Jiri Denemark [Mon, 23 Jun 2025 13:21:34 +0000 (15:21 +0200)]
Clarify documentation of virConnectBaselineHypervisorCPU
The API was apparently never considered for being used on a host that is
not represented in the input set of CPU definitions. The result is
limited to the set of features and CPU models known to the host's
hypervisor. This would likely not be a big issue, but thanks to a side
effect of commit v3.8.0-99-g9c9620af1d usability blockers come to play
as well. When converting CPU data (CPUID and MSR bits) to each named
model for comparison, we disable features that block usability of the
model on the current hypervisor, the rest of the features are set
according to the data without taking host capabilities into account.
Thus the process of comparing and selecting the most appropriate CPU
model for the given data is significantly influenced by the host, but it
doesn't behave as if the host CPU model was included in the input data.
The documentation tried to say the result was tied to the host's
hypervisor, but it wasn't very clear.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Thu, 17 Jul 2025 08:46:53 +0000 (10:46 +0200)]
qemu_tpm: Don't report uninitialized variable in error message
Inside to qemu_tpm.c there are three functions that use the same
pattern (qemuTPMEmulatorRunSetup(), qemuTPMEmulatorReconfigure()
and qemuTPMEmulatorUpdateProfileName()):
int exitstatus;
...
if (virCommandRun(cmd, &exitstatus) < 0 || exitstatus != 0) {
virReportError(..., exitstatus);
return -1;
}
Problem with this pattern is that if virCommandRun() fails then
exitstatus is left untouched and a garbage value is then passed
to virReportError().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Wed, 16 Jul 2025 13:28:08 +0000 (15:28 +0200)]
qemu: Report system error on failed open()
With a help from coccinelle three places were identified that
call virReportError() after failed open() (in
qemuDomainWriteMasterKeyFile(), qemuDomainMasterKeyReadFile() and
qemuProcessOpenVhostVsock()). The open() syscall does set errno
on failure so switch them to virReportSystemError() which may
shed more light into the reasons for failure.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Recent versions of bhyve support 4 com ports instead of just 2. Thus,
allow to use 4 console devices.
Also, there was a bug previously because the condition was
"if (chr->target.port > 2)", but as target.port start
with 0 and "com" ports start with 1, this condition allows com3 to be
used.
As bhyve supports 4 com ports already long enough, and all supported
FreeBSD versions include this capability, do not introduce driver
capability for that.
Add a couple of tests for that:
- A domain that uses 4 serials, 2 of type 'nmdm'
and the other 2 of type 'tcp'
- A domain that uses unsupported port, such as target.port=4 which
translates into com5.
Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Also, update domain capabilities to include the TCP console support.
Unfortunately, there's no way to detect that from the bhyve binary
before trying to start a VM, so there's no capability probing for this
feature.
Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Allow specifying zero discard granularity for block devices
That allows for disabling discard in a way that some guest
OSes (e.g. Windows) understand and do not try to trim the disk.
Resolves: https://issues.redhat.com/browse/RHEL-72006 Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
qemu_tpm: Only warn about missing locking feature on shared filesystems
The warning pollutes the logs and might give a bad impression on someone
reading them even though the locking is not always needed. This way we
at least limit the logging in unnecessary cases.
Resolves: https://issues.redhat.com/browse/RHEL-80155 Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
qemu_tpm: Extract per-TPM functionality from qemuTPMDomainHasSharedStorage
This way we can do the check for a particular TPM also elsewhere in the
code, especially in places where we're dealing with only one TPM. The
semantics is changed a little bit in a way that the function will check
all the TPMs as opposed to stopping on the first one which is of the
emulator type, but since a domain can currently only have one of these
it was not an issue.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
The function deals with the whole domain and the part that handles one
TPM will be useful elsewhere and hence extracted later. This rename
makes it possible for the new function to use the original name of this
renamed one.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
We have virFileCanonicalizePath() which calls realpath() but
also is present in our mocks (in contrast to realpath()).
Introduce a syntax-check rule to enforce use of our wrapper.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Refactored the virDomainHostdevSubsysMediatedDevDefParseXML function
to use virXMLPropUUID fuction instead of getting a string and parsing
it later.
Due to parsing function change the missing uuid error reporter and
message were changed and changed error message was also reflected in
tests' outputs.
Signed-off-by: Kirill Shchetiniuk <kshcheti@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 8 Jul 2025 13:53:31 +0000 (15:53 +0200)]
schema: Schema validate host '<sysinfo>' XML test documents
Introduce schema for the host '<sysinfo>' output XMLs and validate our
test data against the schema.
This requires introduction of schema for '<processor>' and
'<memory_device>' elements which are not supported when sysinfo is set
explicitly for a domian definition.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 8 Jul 2025 13:54:27 +0000 (15:54 +0200)]
conf: schemas: Split out common parts of 'sysinfo' schema
Extract the common bits of the domain definition <sysinfo> schema which
will be also later reused to construct schema for the host <sysinfo> top
level element.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
virdevmapper: Always use device name for finding targets
DM_TABLE_DEPS expects a device name in dm_ioctl.name. In one of the
cases, full path of the device was getting returned causing the ioctl
call to fail with `ENXIO (No such device or address)`.
Also rename the function and variable names to better reflect that we
are dealing with DM device names and not paths.
Peter Krempa [Mon, 7 Jul 2025 06:38:03 +0000 (08:38 +0200)]
nwfilter: Remove 'qemu-announce-self' example
The example allows packets sent by qemu after migration with broken
protocol ID. The proper self announce is handled via
'qemu-announce-self-rarp'.
The qemu bug was addressed by f8778a7785d530515b0db39 (released as
v0.13.0). As we no longer support such old qemus, and allowing broken
packets makes no sense. Remove the rule and make it into an alias of
'qemu-announce-self-rarp' to preserve compatibility. Adjust the existing
examples to use only the proper rule.t
Closes: https://gitlab.com/libvirt/libvirt/-/issues/792 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Notable changes:
- machine types:
- added 10.1 machines
- dropped old machine types up to '4.1' (oldest supported is now '4.2)
- new devices 'vfio-iommu-user', 'vfio-user-pci'
- new qom types 'tdx-guest' (including additions to GUEST_CRAS* events
etc), 'ram-block-attributes'
- CPU stuff:
- new models: 'EPYC-Turin-x86_64-cpu',
- new model versions: 'EPYC-Genoa-v2-x86_64-cpu', 'EPYC-Milan-v3-x86_64-cpu'
'EPYC-Rome-v5-x86_64-cpu', 'EPYC-v5-x86_64-cpu'
- new flags: 'fs-gs-base-ns', 'prefetchi', 'its-no msr-imm'
- keep-alive options added to all types using 'inet' socket addreses
- Some platform specific QMP commands are now reported on all
platforms:
- 'query-gic-capabilities'
- 'query-cpu-model-baseline'
- 'query-cpu-model-comparison',
- 'dump-skeys'
- 'set-cpu-topology' (unstable)
- 'query-s390x-cpu-polarization' and corresponding 'CPU_POLARIZATION_CHANGE' event (unstable)
- blockdev stuff:
- blockdev-backup 'on-cbw-error' property added
- blockdev-mirror 'target-is-zero' property added
- deprecated commands: 'block-job-complete', 'block-job-dismiss',
'block-job-finalize', 'block-job-pause',
'block-job-resume'
- 'dpofua' parameter of scsi disks was now enabled by default
- 'migrate-extra' flag of 'virtio-net' removed
- virtio devices gained 'sriov-pf' parameter
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Fri, 4 Jul 2025 07:55:14 +0000 (09:55 +0200)]
qemuxmlconftest: x86_64: Bump 'firmware*' test cases to 'pc-q35-10.0'
New qemu is deprecating 'pc-q35-4.0-machine', update to the latest
released machine type.
Apart from the previous cases where we could use the aliased machine
type, the firmware auto-selection doesn't work properly for the
unexpanded 'q35' alias and thus we need to use a real machine type here.
Outside of tests a real machine type would be filled anyways, the use of
the alias happens only inside our '-latest' test suite.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Fri, 4 Jul 2025 07:55:14 +0000 (09:55 +0200)]
qemuxmlconftest: x86_64: Bump 'firmware*' test cases to 'pc-i440fx-10.0'
New qemu is deprecating 'pc-i440fx-4.0-machine', update to the latest
released machine type.
Apart from the previous cases where we could use the aliased machine
type, the firmware auto-selection doesn't work properly for the
unexpanded 'pc' alias and thus we need to use a real machine type here.
Outside of tests a real machine type would be filled anyways, the use of
the alias happens only inside our '-latest' test suite.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Tue, 1 Jul 2025 11:46:59 +0000 (13:46 +0200)]
kbase: tlscerts: Drop 'encryption_key' feature request
As TLS 1.3 performs key exchange separately from the algorithm used to
verify authenticity, the certificates for libvirt's use of TLS don't
need to require the 'encryption_key' feature any more.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Mon, 30 Jun 2025 17:19:42 +0000 (19:19 +0200)]
tls: Don't require 'keyEncipherment' to be enabled altoghther
Key encipherment is required only for RSA key exchange algorithm. With
TLS 1.3 this is not even used as RSA is used only for authentication.
Since we can't really check when it's required ahead of time drop the
check completely. GnuTLS will moan if it will not be able to use RSA
key exchange.
In commit 11867b0224a2 I tried to relax the check for some eliptic
curve algorithm that explicitly forbid it. Based on the above the proper
solution is to completely remove it.
Resolves: https://issues.redhat.com/browse/RHEL-100711 Fixes: 11867b0224a2b8dc34755ff0ace446b6842df1c1 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 1 Jul 2025 15:19:46 +0000 (17:19 +0200)]
virDomainDriverAutoShutdown: Refactor selection logic for VMs
Decide separately and record what shutdown modes are to be applied on
given VM object rather than spreading out the logic through the code.
This centralization simplifies the conditions in the worker functions
and also:
- provides easy way to check if the auto-shutdown code will be acting
on domain object (will be used to fix attempt to auto-restore of
VMs which were not selected to be acted on
- will simplify further work where the desired shutdown action will be
picked per-VM
This refactor also fixes a bug where if restoring of the state is
applied also on VMs that are not selected for action based on current
logic.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Thu, 3 Jul 2025 12:18:46 +0000 (14:18 +0200)]
virDomainDriverAutoShutdownDoSave: Don't attempt to save transient VMs
Commit 84bb136c31e added code that intended to skip the save of
transient domains but did so only in the setup part where we pause the
VMS. The second loop that actually attempts to save the VM was not
modified so we'd still try saving them:
Jul 03 14:15:13 andariel virtqemud[247210]: auto-shutdown: unable to perform managed save of 'cd3': Requested operation is not valid: cannot do managed save for transient domain
Fixes: 84bb136c31e Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
projects / thirdparty / libvirt.git / log
