Michal Privoznik [Fri, 27 Mar 2026 11:17:44 +0000 (12:17 +0100)]
hyperv: Implement virDomainGetGuestInfo()
The hyperv hypervisor also has guest agent, in fact multiple ones
[1][2]. The first one, KVP, is for storing Key-Value Pairs and in
fact it's already used by our hyperv driver when querying
domifaddr (see v12.1.0-rc1~148 for more info). Anyhow, the KVP
service is capable of more, it can provide guest OS info, guest
FQDN and others. These informations are exposed via
GuestIntrinsicExchangeItems member of the
Msvm_KvpExchangeComponent struct [3]. You may have noticed the
member is an array of strings, well those strings are in fact XML
documents. For instance:
This is a bit messy to work with, because it's not like in QEMU's
world where each type of guest info (virDomainGuestInfoTypes)
corresponds 1:1 to a guest agent command. Hence the lookupTable
in hypervGetServicesProcessOne().
NB, the original jira issue asks for exposing plain fact whether
KVP daemon is running inside the guest and this commit implements
seemingly different feature. Well, thing is, in case of QEMU
there's a domain XML part where guest agent is configured and
where we expose whether there's somebody listening inside the
guest. But in case of hyperv there's no <channel/> to be
configured as communication with KVP daemon happens through
vmbus [4]. Users are advised to call the virDomainGetGuestInfo()
API with non-zero 'types' argument and if they get an error with
VIR_ERR_AGENT_UNRESPONSIVE code then the KVP daemon is not
running.
Michal Privoznik [Tue, 24 Mar 2026 14:58:19 +0000 (15:58 +0100)]
security: Don't error out on seclabels of type='none'
Ever since of commit v1.2.13-rc1~66 the model attribute of a
<seclabel/> is validated against secdriver names enabled. In
nearly all cases this is something users want so that domain XML
does not claim to set seclabels of a model that's not enabled.
However, consider the following seclabel:
<seclabel type='none' model='selinux'/>
It tells us to not bother setting selinux labels on given domain.
A mgmt app might format this into domain XML if it sees selinux
is disabled on the host. But if that's the case, selinux driver
is not loaded and this virSecurityManagerCheckModel() doesn't
find it and reports an error.
Well, the error doesn't need to be reported as we will just
ignore selinux as each driver callback checks if relabel is false
(which it is for type='none'). This is true for other secdrivers
too.
Resolves: https://redhat.atlassian.net/browse/RHEL-156689 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Michal Privoznik [Wed, 25 Mar 2026 15:52:55 +0000 (16:52 +0100)]
security: Rewrite virSecurityManagerCheckModel() to use g_autofree
Let's use automatic memory freeing inside of
virSecurityManagerCheckModel() as it will simplify future
commits.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Michal Privoznik [Wed, 25 Mar 2026 13:45:00 +0000 (14:45 +0100)]
conf: Fix seclabel type parsing wrt default value
Prior to v7.10.0-rc1~26 seclabels defaulted to
VIR_DOMAIN_SECLABEL_DYNAMIC (type='dynamic'). But after switching
the parser to virXMLPropEnum() the type is overwritten to
VIR_DOMAIN_SECLABEL_DEFAULT because the first thing that the
helper function does is to set variable that holds the result to
zero. Switch to virXMLPropEnumDefault() to restore the previous
behavior.
Fixes: f7ff8556ad9ba8d81408e31649071941a6a849a3 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Tested-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Felix Huettner [Thu, 24 Apr 2025 14:26:32 +0000 (16:26 +0200)]
virhostcpu: Fix potential use of unallocated memory
In case of a host that has a large number of cpus offline the count of
host cpus and the last bit set in the virHostCPUGetOnlineBitmap might
diverge significantly. This can e.g. be the case when disabling smt via
/sys/devices/system/cpu/smt/control.
On the host this looks like:
```
$ cat /sys/devices/system/cpu/present
0-255
$ cat /sys/devices/system/cpu/online
0-127
```
However in this case virBitmapToData previously only allocated 16 bytes
for the output bitmap. This is becase the last set bit is on the 15th
byte.
Users of virHostCPUGetMap however rely on the "cpumap" containing enough
space for all existing cpus (so they would expect 32 bytes in this case).
E.g. cmdNodeCpuMap relies on this for its output. It will then actually
read 32 bytes from the start of the "cpumap" address where in this case
the last 16 of these bytes are uninitialized.
This manifests itself in flapping outputs of "virsh nodecpumap --pretty" like:
```
$ virsh nodecpumap --pretty
CPUs present: 256
CPUs online: 128
CPU map: 0-127,192,194,202
This in turn potentially causes users of this data to report wrong cpu
counts.
Note that this only seems to happen with at least 256 physical cpus
where at least 128 are offline.
We fix this by preallocating the expected bitmap size.
Signed-off-by: Felix Huettner <felix.huettner@stackit.cloud> Reviewed-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Pavel Hrdina [Tue, 31 Mar 2026 11:24:28 +0000 (13:24 +0200)]
qemu_hotplug: Set correct iommufdState on error path
If hotplugging host device that needs to add iommufd object fails we
need to remove the iommufd object as well. We also need to update the
iommufdState otherwise hotplugging any host device with iommufd will
fail for the same VM.
Fixes: 5d16bef1a69500791be454239e3b9ac68ec53ace Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Thu, 26 Mar 2026 13:32:36 +0000 (14:32 +0100)]
hypervisor: Call virWaitForDevices() after detaching host devices
On systems with selinux enabled starting a VM with managed host device
using IOMMUFD backend can run into race-condition where both libvirt and
udev are setting selinux label on /dev/vfio/devices/vfioX device. If
udev is the last one to set selinux label starting VM fails with:
error: internal error: QEMU unexpectedly closed the monitor (vm='test'): 2026-03-26T15:47:36.620422Z qemu-kvm: -device {"driver":"vfio-pci","id":"hostdev0","iommufd":"iommufd0","fd":"20","bus":"pci.7","addr":"0x0"}: vfio hostdev0: Failed to add fd 20 to KVM VFIO device: Invalid argument
We need to wait for udev to finish processing all events.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 27 Mar 2026 08:37:42 +0000 (09:37 +0100)]
virPCIDeviceReadID: Fix use of 'virFileReadAll'
Use 'virFileReadAllQuiet' since the function doesn't want to report
errors on other code paths.
The function also assumed that the file which it reads always 7 bytes
isn't true at least in the test suite. This didn't cause a problem
because the test data had strings 6 bytes long so it didn't cause a
write beyond the end of the buffer.
Clear the newline by using strchrnul instead to find it rather than
assuming where it is.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Fri, 27 Mar 2026 08:32:07 +0000 (09:32 +0100)]
virPCIDeviceReadClass: Don't write beyond end of buffer from virFileReadAll
The returned class string from the kernel isn't guaranteed to be always
9 bytes, thus the write to the buffer could happen beyond the guaranteed
length.
Since 'virFileReadAll' already NUL-terminates the buffer just delete
the redundant overwrite.
This fixes an invalid write beyond the end of the buffer happening since 458c6a281001d51fd9796 where the returned buffer is shortened.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Thu, 26 Mar 2026 17:39:17 +0000 (18:39 +0100)]
util: file: Shrink buffer returned from 'saferead_lim' to actual size
The bufer resizing algorithm resizes the buffer in increments of the
value of the 'BUFSIZ' macro. On linux it's currently 8k. In case when
the caller wants to retain the buffer for long time with little data
read this creates massive overhead.
Realloc the buffer to actual size before returning it to the user.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
==2413993== 8,193 bytes in 1 blocks are definitely lost in loss record 4,201 of 4,225
==2413993== at 0x48FC897: realloc (vg_replace_malloc.c:1804)
==2413993== by 0x4ED0B0A: g_realloc (in /usr/lib64/libglib-2.0.so.0.8600.4)
==2413993== by 0x494112B: virReallocN (viralloc.c:52)
==2413993== by 0x49684F6: saferead_lim (virfile.c:1511)
==2413993== by 0x4968C8B: virFileReadLimFD (virfile.c:1587)
==2413993== by 0x4968D2C: virFileReadAll (virfile.c:1613)
==2413993== by 0xC2CC488: virGetSecretsEncryptionKey (secret_config.c:93)
==2413993== by 0xC2CC488: virSecretDaemonConfigNew (secret_config.c:162)
==2413993== by 0xC2CADFD: secretStateInitialize (secret_driver.c:533)
==2413993== by 0x4BABC76: virStateInitialize (libvirt.c:667)
==2413993== by 0x40148D4: daemonRunStateInit (remote_daemon.c:583)
==2413993== by 0x49BB8A5: virThreadHelper (virthread.c:256)
==2413993== by 0x52DD463: start_thread (in /usr/lib64/libc.so.6)
Fixes: 1c86748cf140a8710d6d8ec3ab3a2bd10ceeac67 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
==2413993== 23 (16 direct, 7 indirect) bytes in 1 blocks are definitely lost in loss record 1,238 of 4,225
==2413993== at 0x48FC683: calloc (vg_replace_malloc.c:1678)
==2413993== by 0x4ED0A51: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.8600.4)
==2413993== by 0x49A62CF: virPortAllocatorRangeNew (virportallocator.c:104)
==2413993== by 0xEA35F27: qemuStateInitialize (qemu_driver.c:723)
==2413993== by 0x4BABC76: virStateInitialize (libvirt.c:667)
==2413993== by 0x40148D4: daemonRunStateInit (remote_daemon.c:583)
==2413993== by 0x49BB8A5: virThreadHelper (virthread.c:256)
==2413993== by 0x52DD463: start_thread (in /usr/lib64/libc.so.6)
==2413993== by 0x5360413: clone (in /usr/lib64/libc.so.6)
Fixes: 36cf50f85b9c8f3351332dc5302401e4b06176e1 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Mon, 23 Mar 2026 21:33:49 +0000 (22:33 +0100)]
qemuDomainGetBlockInfo: Add debug statement when updating disk physical size
Update of the physical size fetches it from stat()-ing the file on disk,
which is not visible in the logs so the information can't be pieced back
together as it's the case with the data fetched from the qemu monitor.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Mon, 23 Mar 2026 16:23:48 +0000 (17:23 +0100)]
qemuDomainGetStatsBlockExportDisk: Export stats also for 'dataStore'
For qcow2 disk images backed by another storage for storing the actual
blocks (the 'data-file' feature) we forgot to export stats in the bulk
stats API.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Wed, 18 Mar 2026 07:54:16 +0000 (08:54 +0100)]
qemuMigrationSrcBeginPhase: Don't call 'qemuBlockNodesEnsureActive' with offline VM
Commits 7b5566ce67b18a and f879d5f40385358 ( v11.8.0-92-gf879d5f403 )
moved around code for re-activating block backends after migration.
While previously it was done when migration failed now we do it when we
need qemu to do some block operations.
'qemuBlockNodesEnsureActive' is thus called also when 'VIR_MIGRATE_OFFLINE'
is used. This doesn't cause failure similar to previous patch only due
to a conincidence as 'qemuCaps' wasn't initialized yet and thus we
assume that QEMU doesn't support 'blockdev-set-active' and skip all
monitor code.
Make the code more robust and explicit by calling
'qemuBlockNodesEnsureActive' only on active VMs during migration.
Fixes: 7b5566ce67b18a2bebe68fdb07e046f25185f8d3 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Peter Krempa [Mon, 23 Mar 2026 21:39:58 +0000 (22:39 +0100)]
qemuMigrationSrcBeginXML: Don't call 'qemuMigrationSrcBeginPhaseBlockDirtyBitmaps' with offline VM
Commit a4f610ff3fe190058f1 made the call to
'qemuMigrationSrcBeginPhaseBlockDirtyBitmaps' inside
'qemuMigrationSrcBeginXML' unconditional. This unfortunately means that
it was called also with 'VIR_MIGRATE_OFFLINE'.
Attempting to enter the monitor in such case results in an error:
error: operation failed: domain is no longer running
The migration parameter allows enumerating disks selected for migration
where the hypervisor may assume that the user pre-cleared the
destination images of the block copy so that all offsets read 0x00 and
thus optimize clearing of such targets.
This patch adds the 'VIR_MIGRATE_PARAM_MIGRATE_DISKS_TARGET_ZERO'
parameter and also plumbs it for the qemu driver (mirrors plumbing for
'migrate_disks_detect_zeroes').
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
The 'target-is-zero' option of 'blockdev-mirror' allows telling qemu to
skip zeroing the mirror target if the user certifies that it's empty. It
was introduced in qemu-10.1.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Any QEMU we support requires use of NBD for disk migration which is not
supported with tunnelled migration. This is validated in
'qemuMigrationSrcBeginPhase'. Passing the list of disks to migrate is
thus pointless. Remove the argument.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 20 Mar 2026 14:12:54 +0000 (15:12 +0100)]
qemu: conf: Don't use VIR_ERR_INTERNAL_ERROR for config file parsing errors
When parsing port ranges for the port allocator VIR_ERR_INTERNAL_ERROR
is not the right error code for errors on the user-supplied numbers. Use
VIR_ERR_CONF_SYNTAX instead.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Mon, 23 Mar 2026 07:50:56 +0000 (08:50 +0100)]
qemuBuildFSStr: Properly format 'readonly' attribute
Short-form booleans are deprecated in qemu since qemu 6.0. Switch to the
proper 'readonly=on' format.
Closes: https://gitlab.com/libvirt/libvirt/-/work_items/864 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Tue, 10 Mar 2026 15:55:47 +0000 (16:55 +0100)]
scripts: dtrace2systemtap: Fix argument name extraction regex to avoid '*' in names
When commit d249170bf609d2c modified the arguments of
'virNetTLSContextNew' which has a systemtap probe defined the
'dtrace2systemtap' script was no longer to correctly generate the
definitions for it.
First problem which stemmed from mis-detecting the string array
argumment as string, which would use 'user_string' to extract it was
fixed in cb33103c4afbce681.
After that the generated probe is still not correct because it doesn't
strip all the '*' from pointers and thus for double pointers it
generates the following invalid definition:
Lucas Amaral [Mon, 23 Feb 2026 22:52:22 +0000 (19:52 -0300)]
qemu: add automatic port allocation for pull-mode backup NBD servers
Previously, users had to manually specify a TCP port when starting
a pull-mode backup with an NBD server. A TODO comment in
qemuBackupPrepare() noted this limitation and pointed toward using
virPortAllocator, as done for migration, VNC, and SPICE ports.
When a pull-mode backup is started without specifying a TCP port,
a port is now acquired automatically from the configured range via
virPortAllocatorAcquire(). The port is released when the backup
ends or if startup fails.
Signed-off-by: Lucas Amaral <lucaaamaral@gmail.com> Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Lucas Amaral [Mon, 23 Feb 2026 22:52:22 +0000 (19:52 -0300)]
qemu: conf: add setup for automatic port allocation for pull-mode backup NBD servers
Add backup_port_min and backup_port_max configuration options to
qemu.conf, defaulting to 10809-10872 (10809 is the IANA-assigned
NBD port; range of 64 matches the migration port pattern).
Signed-off-by: Lucas Amaral <lucaaamaral@gmail.com> Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Mon, 16 Mar 2026 14:29:32 +0000 (15:29 +0100)]
qemu: Implement iommufd fdgroup
When fdgroup is used for iommufd we will start QEMU with -object iommufd
even if the VM has no host device. When virDomainFDAssociate() is used
the FD libvirt is holding is closed with connection.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Fri, 13 Mar 2026 14:28:17 +0000 (15:28 +0100)]
conf: Add iommufd fdgroup support
This will allow management applications running libvirt without
necessary permissions to pass FD for /dev/iommu with per-process
locked memory accounting enabled.
Kernel uses per-user locked memory accounting by default which may
cause error while starting multiple VMs with host devices using IOMMUFD.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Wed, 18 Mar 2026 16:59:01 +0000 (17:59 +0100)]
qemu: Implement iommufd
Ideally this should be done in qemuDomainHostdevDefPostParse but that
would require a lot of refactoring mainly due to how interface backed by
hostdev works.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Fri, 13 Mar 2026 10:57:57 +0000 (11:57 +0100)]
conf: Introduce domain iommufd element
In addition to configuring IOMMUFD for each host device add
configuration for the whole VM. This will be extended to add support for
passing FD to libvirt from management applications.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Fri, 13 Mar 2026 11:25:13 +0000 (12:25 +0100)]
src: Use virHostdevIsPCIDeviceWith* to check for IOMMUFD
Use virHostdevIsPCIDeviceWithIOMMUFD where we need to check if hostdev
is PCI device using IOMMUFD and virHostdevIsPCIDeviceWithoutIOMMUFD
where we need to check if hostdev is PCI device not using IOMMUFD.
Fixes: 7d2f91f9cb572ab95d0916bdd1a46dd198874529 Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Wed, 18 Mar 2026 11:52:05 +0000 (12:52 +0100)]
qemu: Expand call to qemuDomainNeedsVFIO
The function qemuDomainNeedsVFIO() was originally used by other parts
of qemu code to figure out if the VM needs /dev/vfio/vfio.
Later it was also used by code calculating locked memory limit for all
architectures, and after that change again and used only for PPC64.
Now it needs to be changed again due to IOMMUFD support, the
/dev/vfio/vfio device is used by QEMU only if IOMMUFD is not used
but for accounting we still need consider all PCI host devices
because if IOMMUFD is used it still requires increasing locked
memory limit.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Wed, 18 Mar 2026 10:57:43 +0000 (11:57 +0100)]
hypervisor: Fix virHostdevNeedsVFIO detection
Function virHostdevNeedsVFIO is used only in QEMU to figure out if the
host device needs access to /dev/vfio/vfio, for PCI host devices that is
true only if libvirt is not using IOMMUFD.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Michal Privoznik [Tue, 17 Mar 2026 16:20:32 +0000 (17:20 +0100)]
network: Don't enable ip_forward for VIR_NETWORK_FORWARD_OPEN
For a network that's <forward mode="open"/> there are no firewall
rules added. We should not assume that users will configure NAT,
and if they do it should be their responsibility to enable IP
forwarding too.
Resolves: https://gitlab.com/libvirt/libvirt/-/work_items/863 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
Michal Privoznik [Tue, 10 Mar 2026 15:10:13 +0000 (16:10 +0100)]
qemuhotplug: Introduce interface-network-hostdev
Inspired by commit of v12.1.0-37-g25662b3700.
We already have a test case for <interface type='hostdev'/>, but
what we are missing is <interface type='network'/> where the
network is of a <forward mode='hostdev'/>. Apparently, we had a
crasher there too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
Michal Privoznik [Wed, 11 Mar 2026 13:33:46 +0000 (14:33 +0100)]
qemuhotplugtest: Use fake drivers
Hotplugging a device may require talking to other drivers (e.g.
network), similar to when starting a domain anew
(qemuxmlconftest). Register fake drivers for future benefit of
the test.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
Michal Privoznik [Wed, 11 Mar 2026 13:33:57 +0000 (14:33 +0100)]
virnetworkportxml2xmldata: Use different PCI address in plug-hostdev-pci.xml
Inside of plug-hostdev-pci.xml there's a PCI address of an
allocated PCI device for an <interface type='network'/>.
Currently, there's some made up address. But this specific file
is going to be used from qemuhotplugtest soon and as such it
needs an PCI address that virpcimock creates. Switch it to
0000:06:12.2.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
Michal Privoznik [Tue, 10 Mar 2026 18:42:12 +0000 (19:42 +0100)]
qemuxmlconftest: Separate fake drivers into a separate file
One of the tests that qemuxmlconftest does is generate cmd line
for given domain XML. This process might involve talking to other
drivers (secret/storage/nwfilter/network). To produce predictable
output the test comes with fake implementation of APIs of those
drivers. Well, move that implementation into a separate file so
that it can be reused by other tests (notably, qemuhotplugtest is
going to use it).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
Michal Privoznik [Tue, 10 Mar 2026 16:05:12 +0000 (17:05 +0100)]
tests: Drop WITH_QEMU from qemu specific tests binaries/libraries
Inside of tests/meson.build there is a section that builds QEMU
related tests conditionally (for instance
qemudomaincheckpointxml2xmltest). It makes no sense to have the
same check inside source file. Or even provide alternative
implementation for cases when building without QEMU
(EXIT_AM_SKIP). When building without QEMU driver the test is not
even compiled, so EXIT_AM_SKIP is dead code.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
Michal Privoznik [Thu, 29 Jan 2026 14:10:06 +0000 (15:10 +0100)]
networkxmlconftest: s/fail/cleanup/
Inside of testCompareXMLtoXMLFiles() the 'fail' label is used in
both successful and error runs. If that's the case, our coding
standard mandates the label to be named 'cleanup'. Change it.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Michal Privoznik [Fri, 30 Jan 2026 14:47:19 +0000 (15:47 +0100)]
src: Drop NULL check before calling virBufferEscapeString()
There's no need to check if any of the three arguments passed to
virBufferEscapeString() is NULL as the function does so itself.
Well, in a few places we're comparing the last argument against
NULL. Drop the comparison then.
Generated using the following spatch:
@@
expression X, Y, E;
@@
- if (E) virBufferEscapeString(X, Y, E);
+ virBufferEscapeString(X, Y, E);
@@
expression X, Y, E;
@@
- if (E) {
virBufferEscapeString(X, Y, E);
- }
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Jonathon Jongsma [Wed, 11 Feb 2026 22:25:51 +0000 (16:25 -0600)]
hyperv: Implement domainSnapshotLookupByName()
Unfortunately Hyper-V does not enforce any uniqueness constraints on
snapshot names (called ElementName in Hyper-V). So it's possible for
multiple snapshots of the same domain to have identical ElementNames.
Since libvirt uses the domain and snapshot name as a unique key to
reference a snapshot, we can't use the hyperv ElementName as the
snapshot name in libvirt.
So instead I've decided to use the InstanceId of the snapshot as the
snapshot name and use the ElementName as the snapshot description. This
results in a worse user experience (since the snapshot names end up
being something like "Microsoft:$(UUID)"), but guarantees that we will
be able to uniquely reference every snapshot.
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Xiaotian Feng [Wed, 25 Feb 2026 07:48:21 +0000 (07:48 +0000)]
qemu: Enable AMD IOMMU XTSUP by default
Add QEMU_CAPS_AMD_IOMMU_XTSUP capability and enable xtsup
by default for AMD IOMMU when a Q35 domain has >255 vCPUs,
similar to Intel EIM auto-enable logic. Also ensure intremap is
turned on when required.
Signed-off-by: Xiaotian Feng <xiaotian.feng@amd.com> Reviewed-by: Ankit Soni <Ankit.Soni@amd.com> Tested-by: Ankit Soni <Ankit.Soni@amd.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Xiaotian Feng [Wed, 25 Feb 2026 07:48:20 +0000 (07:48 +0000)]
conf: support >255 vcpu w/ amd-iommu xtsup
Rename QEMU_MAX_VCPUS_WITHOUT_EIM to QEMU_MAX_VCPUS_WITHOUT_X2APIC to
clarify the limit is tied to APIC ID width.
Validation now accepts either:
- intel-iommu with eim='on', or
- amd-iommu with xtsup='on'
for guests with more than 255 vCPUs on x86/q35.
Update error messages to mention x2APIC mode instead of extended
interrupt mode. This reflects that AMD platforms can satisfy the same
requirement via xtsup property on amd-iommu.
Signed-off-by: Xiaotian Feng <xiaotian.feng@amd.com> Reviewed-by: Ankit Soni <Ankit.Soni@amd.com> Tested-by: Ankit Soni <Ankit.Soni@amd.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
projects / thirdparty / libvirt.git / log
