import libvirt-8.0.0-10.module+el8.7.0+16047+746a126c

This commit is contained in:
CentOS Sources 2022-09-20 23:06:38 +00:00 committed by Stepan Oksanichenko
parent 0416f40251
commit 82adfad87e
26 changed files with 4052 additions and 1 deletions

View File

@ -0,0 +1,49 @@
From 9c2fd182a02d64004e30900c52e3fcdb550de0bd Mon Sep 17 00:00:00 2001
Message-Id: <9c2fd182a02d64004e30900c52e3fcdb550de0bd@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 22 Jun 2022 16:35:50 +0200
Subject: [PATCH] Add VIR_MIGRATE_ZEROCOPY flag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The flag can be used to enable zero-copy mechanism for migrating memory
pages.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit 8744beecb36600e773c8a8c4823db2bf4b3e262d)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Conflicts:
include/libvirt/libvirt-domain.h
- post-copy recovery not backported
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
include/libvirt/libvirt-domain.h | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
index 5f0a9b7572..792973ce2d 100644
--- a/include/libvirt/libvirt-domain.h
+++ b/include/libvirt/libvirt-domain.h
@@ -860,6 +860,14 @@ typedef enum {
*/
VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES = (1 << 18),
+ /* Use zero-copy mechanism for migrating memory pages. For QEMU/KVM this
+ * means QEMU will be temporarily allowed to lock all guest pages in host's
+ * memory, although only those that are queued for transfer will be locked
+ * at the same time.
+ *
+ * Since: 8.5.0
+ */
+ VIR_MIGRATE_ZEROCOPY = (1 << 20),
} virDomainMigrateFlags;
--
2.35.1

View File

@ -0,0 +1,52 @@
From b6c1f9ca8eb0ca8f7603ab205c7dc95b9f07b5a0 Mon Sep 17 00:00:00 2001
Message-Id: <b6c1f9ca8eb0ca8f7603ab205c7dc95b9f07b5a0@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Mon, 18 Jul 2022 16:01:20 +0200
Subject: [PATCH] RHEL: qemu_migration: Fix restoring memlock limit on
destination
Restoring memory locking limit on the destination host only makes sense
when migration succeeded as otherwise the QEMU process will be killed
anyway. Specifically if the migration fails because the process died,
touching the limit would produce rather unhelpful error message instead
of the real issue:
cannot get locked memory limit of process -1: No such file or
directory
This patch is RHEL-only caused by misplacing the call to
qemuDomainSetMaxMemLock when the "qemu_migration: Restore original
memory locking limit" upstream patch was backported to an older code
base.
https://bugzilla.redhat.com/show_bug.cgi?id=2107954
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_migration.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index db5163e993..11f87296d6 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -5895,6 +5895,8 @@ qemuMigrationDstFinish(virQEMUDriver *driver,
*/
if (inPostCopy)
g_clear_pointer(&priv->job.completed, qemuDomainJobInfoFree);
+
+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
}
qemuMigrationParamsReset(driver, vm, QEMU_ASYNC_JOB_MIGRATION_IN,
@@ -5907,7 +5909,6 @@ qemuMigrationDstFinish(virQEMUDriver *driver,
cleanup:
g_clear_pointer(&jobInfo, qemuDomainJobInfoFree);
virPortAllocatorRelease(port);
- qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
if (priv->mon)
qemuMonitorSetDomainLog(priv->mon, NULL, NULL, NULL);
VIR_FREE(priv->origname);
--
2.35.1

View File

@ -0,0 +1,91 @@
From 00c5cab2b92b653edbf491d9ef60359578c3d59a Mon Sep 17 00:00:00 2001
Message-Id: <00c5cab2b92b653edbf491d9ef60359578c3d59a@dist-git>
From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 11 May 2022 16:27:18 +0200
Subject: [PATCH] conf: Move virDomainObj::originalMemlock into
qemuDomainObjPrivate
Since v1.3.0-90-gafbe1d4c56 the original value of memlock limit
is stored inside virDomainObj struct directly (under
originalMemlock member). This is needless because the value is
used only inside QEMU driver and thus can reside in
qemuDomainObjPrivate struct.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
(cherry picked from commit 75df6d2c291c48d65c1e54dd93e3d2d3cb0712e7)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/conf/domain_conf.h | 3 ---
src/qemu/qemu_domain.c | 9 +++++----
src/qemu/qemu_domain.h | 3 +++
3 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index d0d0fdc815..45976beb2b 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -3031,9 +3031,6 @@ struct _virDomainObj {
int taint;
size_t ndeprecations;
char **deprecations;
-
- unsigned long long originalMemlock; /* Original RLIMIT_MEMLOCK, zero if no
- * restore will be required later */
};
G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainObj, virObjectUnref);
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 40fe9985e6..86d673dafa 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -9269,6 +9269,7 @@ int
qemuDomainAdjustMaxMemLock(virDomainObj *vm,
bool forceVFIO)
{
+ qemuDomainObjPrivate *priv = vm->privateData;
unsigned long long currentMemLock = 0;
unsigned long long desiredMemLock = 0;
@@ -9281,8 +9282,8 @@ qemuDomainAdjustMaxMemLock(virDomainObj *vm,
/* If this is the first time adjusting the limit, save the current
* value so that we can restore it once memory locking is no longer
* required */
- if (vm->originalMemlock == 0) {
- vm->originalMemlock = currentMemLock;
+ if (priv->originalMemlock == 0) {
+ priv->originalMemlock = currentMemLock;
}
} else {
/* If the limit is already high enough, we can assume
@@ -9295,8 +9296,8 @@ qemuDomainAdjustMaxMemLock(virDomainObj *vm,
} else {
/* Once memory locking is no longer required, we can restore the
* original, usually very low, limit */
- desiredMemLock = vm->originalMemlock;
- vm->originalMemlock = 0;
+ desiredMemLock = priv->originalMemlock;
+ priv->originalMemlock = 0;
}
if (desiredMemLock > 0 &&
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index e5046367e3..e9497d20de 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -241,6 +241,9 @@ struct _qemuDomainObjPrivate {
GSList *dbusVMStateIds;
/* true if -object dbus-vmstate was added */
bool dbusVMState;
+
+ unsigned long long originalMemlock; /* Original RLIMIT_MEMLOCK, zero if no
+ * restore will be required later */
};
#define QEMU_DOMAIN_PRIVATE(vm) \
--
2.35.1

View File

@ -0,0 +1,151 @@
From 0c09e4225c511ce1b0ebe22e45962f83d5145e66 Mon Sep 17 00:00:00 2001
Message-Id: <0c09e4225c511ce1b0ebe22e45962f83d5145e66@dist-git>
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
Date: Fri, 10 Jun 2022 15:10:29 +0200
Subject: [PATCH] conf: virtiofs: add thread_pool element
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Add an element to configure the thread pool size:
...
<binary>
<thread_pool size='16'/>
</binary>
...
https://bugzilla.redhat.com/show_bug.cgi?id=2072905
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 0df2e7df80452f81edbfeb0ee355235b533346a9)
Signed-off-by: Ján Tomko <jtomko@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=2079582
---
docs/formatdomain.rst | 6 ++++++
docs/schemas/domaincommon.rng | 9 +++++++++
src/conf/domain_conf.c | 15 +++++++++++++++
src/conf/domain_conf.h | 1 +
.../qemuxml2argvdata/vhost-user-fs-fd-memory.xml | 1 +
5 files changed, 32 insertions(+)
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 17e89a0c0d..e6cf2ec083 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -3316,6 +3316,7 @@ A directory on the host that can be accessed directly from the guest.
<cache mode='always'/>
<sandbox mode='namespace'/>
<lock posix='on' flock='on'/>
+ <thread_pool size='16'/>
</binary>
<source dir='/path'/>
<target dir='mount_tag'/>
@@ -3449,6 +3450,11 @@ A directory on the host that can be accessed directly from the guest.
``chroot``, see the
`virtiofsd documentation <https://qemu.readthedocs.io/en/latest/tools/virtiofsd.html>`__
for more details. ( :since:`Since 7.2.0` )
+ Element ``thread_pool`` accepts one attribute ``size`` which defines the
+ maximum thread pool size. A value of "0" disables the pool.
+ The thread pool helps increase the number of requests in flight when used with
+ storage that has a higher latency. However, it has an overhead, and so for
+ fast, low latency filesystems, it may be best to turn it off. ( :since:`Since 8.5.0` )
``source``
The resource on the host that is being accessed in the guest. The ``name``
attribute must be used with ``type='template'``, and the ``dir`` attribute
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index c9c1529979..79c8979410 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -3064,6 +3064,15 @@
</optional>
</element>
</optional>
+ <optional>
+ <element name="thread_pool">
+ <optional>
+ <attribute name="size">
+ <data type="integer"/>
+ </attribute>
+ </optional>
+ </element>
+ </optional>
</interleave>
</element>
</define>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 92510973e6..95afd9226e 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2447,6 +2447,8 @@ virDomainFSDefNew(virDomainXMLOption *xmlopt)
ret->src = virStorageSourceNew();
+ ret->thread_pool_size = -1;
+
if (xmlopt &&
xmlopt->privateData.fsNew &&
!(ret->privateData = xmlopt->privateData.fsNew()))
@@ -9869,6 +9871,7 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
if (def->fsdriver == VIR_DOMAIN_FS_DRIVER_TYPE_VIRTIOFS) {
g_autofree char *queue_size = virXPathString("string(./driver/@queue)", ctxt);
g_autofree char *binary = virXPathString("string(./binary/@path)", ctxt);
+ g_autofree char *thread_pool_size = virXPathString("string(./binary/thread_pool/@size)", ctxt);
g_autofree char *xattr = virXPathString("string(./binary/@xattr)", ctxt);
g_autofree char *cache = virXPathString("string(./binary/cache/@mode)", ctxt);
g_autofree char *sandbox = virXPathString("string(./binary/sandbox/@mode)", ctxt);
@@ -9883,6 +9886,14 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
goto error;
}
+ if (thread_pool_size &&
+ virStrToLong_i(thread_pool_size, NULL, 10, &def->thread_pool_size) < 0) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("cannot parse thread pool size '%s' for virtiofs"),
+ queue_size);
+ goto error;
+ }
+
if (binary)
def->binary = virFileSanitizePath(binary);
@@ -24205,6 +24216,10 @@ virDomainFSDefFormat(virBuffer *buf,
}
virXMLFormatElement(&binaryBuf, "lock", &lockAttrBuf, NULL);
+
+ if (def->thread_pool_size >= 0)
+ virBufferAsprintf(&binaryBuf, "<thread_pool size='%d'/>\n", def->thread_pool_size);
+
}
virDomainVirtioOptionsFormat(&driverAttrBuf, def->virtio);
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 10af94e2e4..d0d0fdc815 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -892,6 +892,7 @@ struct _virDomainFSDef {
virTristateSwitch posix_lock;
virTristateSwitch flock;
virDomainFSSandboxMode sandbox;
+ int thread_pool_size;
virDomainVirtioOptions *virtio;
virObject *privateData;
};
diff --git a/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml b/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml
index abddf0870b..81de8c0dd7 100644
--- a/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml
+++ b/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml
@@ -32,6 +32,7 @@
<cache mode='always'/>
<sandbox mode='chroot'/>
<lock posix='off' flock='off'/>
+ <thread_pool size='16'/>
</binary>
<source dir='/path'/>
<target dir='mount_tag'/>
--
2.35.1

View File

@ -0,0 +1,60 @@
From 46f4cfe513f0f893c862dca7f02ed7d7932b2115 Mon Sep 17 00:00:00 2001
Message-Id: <46f4cfe513f0f893c862dca7f02ed7d7932b2115@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Tue, 26 Apr 2022 12:50:41 +0200
Subject: [PATCH] cpu_map: Disable cpu64-rhel* for host-model and baseline
These ancient RHEL-only CPU models should not really be used by any CPU
definition created by libvirt. We keep them just for backwards
compatibility with domains which might still be using them.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit d2e4d66be35cd04da72e5f5129a8a4da6a931505)
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/cpu_map/x86_cpu64-rhel5.xml | 2 +-
src/cpu_map/x86_cpu64-rhel6.xml | 2 +-
tests/cputestdata/x86_64-baseline-no-vendor-result.xml | 3 ++-
3 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/cpu_map/x86_cpu64-rhel5.xml b/src/cpu_map/x86_cpu64-rhel5.xml
index be6bcdb7a6..7402b7603c 100644
--- a/src/cpu_map/x86_cpu64-rhel5.xml
+++ b/src/cpu_map/x86_cpu64-rhel5.xml
@@ -1,6 +1,6 @@
<cpus>
<model name='cpu64-rhel5'>
- <decode host='on' guest='on'/>
+ <decode host='off' guest='off'/>
<feature name='apic'/>
<feature name='clflush'/>
<feature name='cmov'/>
diff --git a/src/cpu_map/x86_cpu64-rhel6.xml b/src/cpu_map/x86_cpu64-rhel6.xml
index c62b1b5575..061939c733 100644
--- a/src/cpu_map/x86_cpu64-rhel6.xml
+++ b/src/cpu_map/x86_cpu64-rhel6.xml
@@ -1,6 +1,6 @@
<cpus>
<model name='cpu64-rhel6'>
- <decode host='on' guest='on'/>
+ <decode host='off' guest='off'/>
<feature name='apic'/>
<feature name='clflush'/>
<feature name='cmov'/>
diff --git a/tests/cputestdata/x86_64-baseline-no-vendor-result.xml b/tests/cputestdata/x86_64-baseline-no-vendor-result.xml
index 00e03b2152..4b4921cf93 100644
--- a/tests/cputestdata/x86_64-baseline-no-vendor-result.xml
+++ b/tests/cputestdata/x86_64-baseline-no-vendor-result.xml
@@ -1,3 +1,4 @@
<cpu mode='custom' match='exact'>
- <model fallback='allow'>cpu64-rhel6</model>
+ <model fallback='allow'>kvm64</model>
+ <feature policy='require' name='lahf_lm'/>
</cpu>
--
2.35.1

View File

@ -0,0 +1,75 @@
From 99a298a4a0575bf0072f504c4b8e4551400c44c0 Mon Sep 17 00:00:00 2001
Message-Id: <99a298a4a0575bf0072f504c4b8e4551400c44c0@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Tue, 26 Apr 2022 11:58:07 +0200
Subject: [PATCH] cpu_x86: Consolidate signature match in x86DecodeUseCandidate
Checking the signature in two different places makes no sense since the
code in between can only mark the candidate as the best option so far,
which is what the second signature match does as well.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 35ce086667e68e8f546cf36473591dd7c19c72eb)
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/cpu/cpu_x86.c | 31 ++++++++++++++-----------------
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
index 5cb9caef8a..f007487824 100644
--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
@@ -2020,15 +2020,22 @@ x86DecodeUseCandidate(virCPUx86Model *current,
}
/* Ideally we want to select a model with family/model equal to
- * family/model of the real CPU. Once we found such model, we only
+ * family/model of the real CPU and once we found such model, we only
* consider candidates with matching family/model.
*/
- if (signature &&
- virCPUx86SignaturesMatch(current->signatures, signature) &&
- !virCPUx86SignaturesMatch(candidate->signatures, signature)) {
- VIR_DEBUG("%s differs in signature from matching %s",
- cpuCandidate->model, cpuCurrent->model);
- return 0;
+ if (signature) {
+ if (virCPUx86SignaturesMatch(current->signatures, signature) &&
+ !virCPUx86SignaturesMatch(candidate->signatures, signature)) {
+ VIR_DEBUG("%s differs in signature from matching %s",
+ cpuCandidate->model, cpuCurrent->model);
+ return 0;
+ }
+
+ if (!virCPUx86SignaturesMatch(current->signatures, signature) &&
+ virCPUx86SignaturesMatch(candidate->signatures, signature)) {
+ VIR_DEBUG("%s provides matching signature", cpuCandidate->model);
+ return 1;
+ }
}
if (cpuCurrent->nfeatures > cpuCandidate->nfeatures) {
@@ -2037,16 +2044,6 @@ x86DecodeUseCandidate(virCPUx86Model *current,
return 1;
}
- /* Prefer a candidate with matching signature even though it would
- * result in longer list of features.
- */
- if (signature &&
- virCPUx86SignaturesMatch(candidate->signatures, signature) &&
- !virCPUx86SignaturesMatch(current->signatures, signature)) {
- VIR_DEBUG("%s provides matching signature", cpuCandidate->model);
- return 1;
- }
-
VIR_DEBUG("%s does not result in shorter feature list than %s",
cpuCandidate->model, cpuCurrent->model);
return 0;
--
2.35.1

View File

@ -0,0 +1,272 @@
From 752c74eeae67d41e7550991cb3bbe289984ec9d3 Mon Sep 17 00:00:00 2001
Message-Id: <752c74eeae67d41e7550991cb3bbe289984ec9d3@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Fri, 29 Apr 2022 10:35:02 +0200
Subject: [PATCH] cpu_x86: Ignore enabled features for input models in
x86DecodeUseCandidate
While we don't want to aim for the shortest list of disabled features in
the baseline result (it would select a very old model), we want to do so
while looking at any of the input models for which we're trying to
compute a baseline CPU model. Given a set of input models, we always
want to take the least capable one of them (i.e., the one with shortest
list of disabled features) or a better model which is not one of the
input models.
So when considering an input model, we just check whether its list of
disabled features is shorter than the currently best one. When looking
at other models we check both enabled and disabled features while
penalizing disabled features as implemented by the previous patch.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit bb6cedd2082599323257ee0df18c93a6e0551b0b)
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/cpu/cpu_x86.c | 66 ++++++++++++-------
...4-baseline-Westmere+Nehalem-migratable.xml | 8 ++-
...86_64-baseline-Westmere+Nehalem-result.xml | 8 ++-
...-cpuid-baseline-Cooperlake+Cascadelake.xml | 13 ++--
4 files changed, 64 insertions(+), 31 deletions(-)
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
index ebcd96edb1..7b59dad8bf 100644
--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
@@ -1975,7 +1975,8 @@ virCPUx86Compare(virCPUDef *host,
static int
virCPUx86CompareCandidateFeatureList(virCPUDef *cpuCurrent,
- virCPUDef *cpuCandidate)
+ virCPUDef *cpuCandidate,
+ bool isPreferred)
{
size_t current = cpuCurrent->nfeatures;
size_t enabledCurrent = current;
@@ -2017,6 +2018,14 @@ virCPUx86CompareCandidateFeatureList(virCPUDef *cpuCurrent,
return 1;
}
+ if (isPreferred && disabled < disabledCurrent) {
+ VIR_DEBUG("%s is in the list of preferred models and provides fewer "
+ "disabled features than %s: %zu < %zu",
+ cpuCandidate->model, cpuCurrent->model,
+ disabled, disabledCurrent);
+ return 1;
+ }
+
VIR_DEBUG("%s is not better than %s: %zu (%zu, %zu) >= %zu (%zu, %zu)",
cpuCandidate->model, cpuCurrent->model,
candidate, enabled, disabled,
@@ -2039,8 +2048,10 @@ x86DecodeUseCandidate(virCPUx86Model *current,
virCPUx86Model *candidate,
virCPUDef *cpuCandidate,
uint32_t signature,
- const char *preferred)
+ const char **preferred)
{
+ bool isPreferred = false;
+
if (cpuCandidate->type == VIR_CPU_TYPE_HOST &&
!candidate->decodeHost) {
VIR_DEBUG("%s is not supposed to be used for host CPU definition",
@@ -2064,9 +2075,13 @@ x86DecodeUseCandidate(virCPUx86Model *current,
}
}
- if (preferred && STREQ(cpuCandidate->model, preferred)) {
- VIR_DEBUG("%s is the preferred model", cpuCandidate->model);
- return 2;
+ if (preferred) {
+ isPreferred = g_strv_contains(preferred, cpuCandidate->model);
+
+ if (isPreferred && !preferred[1]) {
+ VIR_DEBUG("%s is the preferred model", cpuCandidate->model);
+ return 2;
+ }
}
if (!cpuCurrent) {
@@ -2093,7 +2108,8 @@ x86DecodeUseCandidate(virCPUx86Model *current,
}
}
- return virCPUx86CompareCandidateFeatureList(cpuCurrent, cpuCandidate);
+ return virCPUx86CompareCandidateFeatureList(cpuCurrent, cpuCandidate,
+ isPreferred);
}
@@ -2136,7 +2152,7 @@ static int
x86Decode(virCPUDef *cpu,
const virCPUx86Data *cpuData,
virDomainCapsCPUModels *models,
- const char *preferred,
+ const char **preferred,
bool migratable)
{
virCPUx86Map *map;
@@ -2169,6 +2185,9 @@ x86Decode(virCPUDef *cpu,
x86DataFilterTSX(&data, vendor, map);
+ if (preferred && !preferred[0])
+ preferred = NULL;
+
/* Walk through the CPU models in reverse order to check newest
* models first.
*/
@@ -2176,16 +2195,18 @@ x86Decode(virCPUDef *cpu,
candidate = map->models[i];
if (models &&
!(hvModel = virDomainCapsCPUModelsGet(models, candidate->name))) {
- if (preferred && STREQ(candidate->name, preferred)) {
+ if (preferred &&
+ !preferred[1] &&
+ STREQ(candidate->name, preferred[0])) {
if (cpu->fallback != VIR_CPU_FALLBACK_ALLOW) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("CPU model %s is not supported by hypervisor"),
- preferred);
+ preferred[0]);
return -1;
} else {
VIR_WARN("Preferred CPU model %s not allowed by"
" hypervisor; closest supported model will be"
- " used", preferred);
+ " used", preferred[0]);
}
} else {
VIR_DEBUG("CPU model %s not allowed by hypervisor; ignoring",
@@ -2793,8 +2814,8 @@ virCPUx86Baseline(virCPUDef **cpus,
size_t i;
virCPUx86Vendor *vendor = NULL;
bool outputVendor = true;
- const char *modelName;
- bool matchingNames = true;
+ g_autofree char **modelNames = NULL;
+ size_t namesLen = 0;
g_autoptr(virCPUData) featData = NULL;
if (!(map = virCPUx86GetMap()))
@@ -2816,19 +2837,17 @@ virCPUx86Baseline(virCPUDef **cpus,
return NULL;
}
- modelName = cpus[0]->model;
+ modelNames = g_new0(char *, ncpus + 1);
+ if (cpus[0]->model)
+ modelNames[namesLen++] = cpus[0]->model;
+
for (i = 1; i < ncpus; i++) {
g_autoptr(virCPUx86Model) model = NULL;
const char *vn = NULL;
- if (matchingNames && cpus[i]->model) {
- if (!modelName) {
- modelName = cpus[i]->model;
- } else if (STRNEQ(modelName, cpus[i]->model)) {
- modelName = NULL;
- matchingNames = false;
- }
- }
+ if (cpus[i]->model &&
+ !g_strv_contains((const char **) modelNames, cpus[i]->model))
+ modelNames[namesLen++] = cpus[i]->model;
if (!(model = x86ModelFromCPU(cpus[i], map, -1)))
return NULL;
@@ -2891,10 +2910,11 @@ virCPUx86Baseline(virCPUDef **cpus,
virCPUx86DataAddItem(&base_model->data, &vendor->data) < 0)
return NULL;
- if (x86Decode(cpu, &base_model->data, models, modelName, migratable) < 0)
+ if (x86Decode(cpu, &base_model->data, models,
+ (const char **) modelNames, migratable) < 0)
return NULL;
- if (STREQ_NULLABLE(cpu->model, modelName))
+ if (namesLen == 1 && STREQ(cpu->model, modelNames[0]))
cpu->fallback = VIR_CPU_FALLBACK_FORBID;
if (!outputVendor)
diff --git a/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-migratable.xml b/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-migratable.xml
index 775a27de2e..f5846b1619 100644
--- a/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-migratable.xml
+++ b/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-migratable.xml
@@ -1,10 +1,14 @@
<cpu mode='custom' match='exact'>
- <model fallback='allow'>SandyBridge</model>
+ <model fallback='allow'>Westmere</model>
<vendor>Intel</vendor>
<feature policy='require' name='vme'/>
<feature policy='require' name='ss'/>
+ <feature policy='require' name='pclmuldq'/>
<feature policy='require' name='pcid'/>
+ <feature policy='require' name='x2apic'/>
+ <feature policy='require' name='tsc-deadline'/>
+ <feature policy='require' name='xsave'/>
<feature policy='require' name='osxsave'/>
+ <feature policy='require' name='avx'/>
<feature policy='require' name='hypervisor'/>
- <feature policy='disable' name='rdtscp'/>
</cpu>
diff --git a/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-result.xml b/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-result.xml
index cafca97d62..166833276c 100644
--- a/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-result.xml
+++ b/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-result.xml
@@ -1,11 +1,15 @@
<cpu mode='custom' match='exact'>
- <model fallback='allow'>SandyBridge</model>
+ <model fallback='allow'>Westmere</model>
<vendor>Intel</vendor>
<feature policy='require' name='vme'/>
<feature policy='require' name='ss'/>
+ <feature policy='require' name='pclmuldq'/>
<feature policy='require' name='pcid'/>
+ <feature policy='require' name='x2apic'/>
+ <feature policy='require' name='tsc-deadline'/>
+ <feature policy='require' name='xsave'/>
<feature policy='require' name='osxsave'/>
+ <feature policy='require' name='avx'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='invtsc'/>
- <feature policy='disable' name='rdtscp'/>
</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml
index 46c32c996f..ecac749b97 100644
--- a/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml
@@ -1,17 +1,22 @@
<cpu mode='custom' match='exact'>
- <model fallback='allow'>Cooperlake</model>
+ <model fallback='allow'>Cascadelake-Server</model>
<vendor>Intel</vendor>
<feature policy='require' name='ss'/>
<feature policy='require' name='vmx'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='tsc_adjust'/>
- <feature policy='require' name='mpx'/>
<feature policy='require' name='umip'/>
+ <feature policy='require' name='pku'/>
<feature policy='require' name='md-clear'/>
+ <feature policy='require' name='stibp'/>
+ <feature policy='require' name='arch-capabilities'/>
<feature policy='require' name='xsaves'/>
<feature policy='require' name='ibpb'/>
<feature policy='require' name='amd-ssbd'/>
+ <feature policy='require' name='rdctl-no'/>
+ <feature policy='require' name='ibrs-all'/>
+ <feature policy='require' name='skip-l1dfl-vmentry'/>
+ <feature policy='require' name='mds-no'/>
+ <feature policy='require' name='pschange-mc-no'/>
<feature policy='require' name='tsx-ctrl'/>
- <feature policy='disable' name='avx512-bf16'/>
- <feature policy='disable' name='taa-no'/>
</cpu>
--
2.35.1

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,73 @@
From 3d7a4041d31e403dc9e762b34f7faf36f7f20a28 Mon Sep 17 00:00:00 2001
Message-Id: <3d7a4041d31e403dc9e762b34f7faf36f7f20a28@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Tue, 26 Apr 2022 15:02:51 +0200
Subject: [PATCH] cpu_x86: Refactor feature list comparison in
x86DecodeUseCandidate
It will become more complicated and so it deserves to be separated into
a new function.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 1d6ca40ac23c039abc4392b668f256d0eda33280)
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/cpu/cpu_x86.c | 31 ++++++++++++++++++++++---------
1 file changed, 22 insertions(+), 9 deletions(-)
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
index f007487824..81c2441b8b 100644
--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
@@ -1970,6 +1970,27 @@ virCPUx86Compare(virCPUDef *host,
}
+static int
+virCPUx86CompareCandidateFeatureList(virCPUDef *cpuCurrent,
+ virCPUDef *cpuCandidate)
+{
+ size_t current = cpuCurrent->nfeatures;
+ size_t candidate = cpuCandidate->nfeatures;
+
+ if (candidate < current) {
+ VIR_DEBUG("%s is better than %s: %zu < %zu",
+ cpuCandidate->model, cpuCurrent->model,
+ candidate, current);
+ return 1;
+ }
+
+ VIR_DEBUG("%s is not better than %s: %zu >= %zu",
+ cpuCandidate->model, cpuCurrent->model,
+ candidate, current);
+ return 0;
+}
+
+
/*
* Checks whether a candidate model is a better fit for the CPU data than the
* current model.
@@ -2038,15 +2059,7 @@ x86DecodeUseCandidate(virCPUx86Model *current,
}
}
- if (cpuCurrent->nfeatures > cpuCandidate->nfeatures) {
- VIR_DEBUG("%s results in shorter feature list than %s",
- cpuCandidate->model, cpuCurrent->model);
- return 1;
- }
-
- VIR_DEBUG("%s does not result in shorter feature list than %s",
- cpuCandidate->model, cpuCurrent->model);
- return 0;
+ return virCPUx86CompareCandidateFeatureList(cpuCurrent, cpuCandidate);
}
--
2.35.1

View File

@ -0,0 +1,498 @@
From b37a398da4323407de24d19afac937eac80170cc Mon Sep 17 00:00:00 2001
Message-Id: <b37a398da4323407de24d19afac937eac80170cc@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Thu, 21 Apr 2022 18:25:15 +0200
Subject: [PATCH] cputest: Add some real world baseline tests
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 63d633b9a4fc42da7e2acaf45501914607d968a5)
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
tests/cputest.c | 118 +++++++++++++++---
...id-baseline-Broadwell-IBRS+Cascadelake.xml | 11 ++
..._64-cpuid-baseline-Cascadelake+Icelake.xml | 14 +++
...puid-baseline-Cascadelake+Skylake-IBRS.xml | 12 ++
..._64-cpuid-baseline-Cascadelake+Skylake.xml | 8 ++
...-cpuid-baseline-Cooperlake+Cascadelake.xml | 17 +++
...6_64-cpuid-baseline-Cooperlake+Icelake.xml | 14 +++
.../x86_64-cpuid-baseline-EPYC+Rome.xml | 13 ++
.../x86_64-cpuid-baseline-Haswell+Skylake.xml | 14 +++
...-baseline-Haswell-noTSX-IBRS+Broadwell.xml | 14 +++
...seline-Haswell-noTSX-IBRS+Skylake-IBRS.xml | 14 +++
...id-baseline-Haswell-noTSX-IBRS+Skylake.xml | 14 +++
.../x86_64-cpuid-baseline-Ryzen+Rome.xml | 13 ++
...4-cpuid-baseline-Skylake-Client+Server.xml | 9 ++
14 files changed, 271 insertions(+), 14 deletions(-)
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Broadwell-IBRS+Cascadelake.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Icelake.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake-IBRS.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Icelake.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-EPYC+Rome.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Haswell+Skylake.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Broadwell.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake-IBRS.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Ryzen+Rome.xml
create mode 100644 tests/cputestdata/x86_64-cpuid-baseline-Skylake-Client+Server.xml
diff --git a/tests/cputest.c b/tests/cputest.c
index b939e20718..b39ec7e18b 100644
--- a/tests/cputest.c
+++ b/tests/cputest.c
@@ -58,6 +58,8 @@ struct data {
const char *name;
virDomainCapsCPUModels *models;
const char *modelsName;
+ const char **cpus;
+ int ncpus;
unsigned int flags;
int result;
};
@@ -561,6 +563,60 @@ cpuTestCPUID(bool guest, const void *arg)
}
+static int
+cpuTestCPUIDBaseline(const void *arg)
+{
+ const struct data *data = arg;
+ int ret = -1;
+ virCPUDef **cpus = NULL;
+ virCPUDef *baseline = NULL;
+ g_autofree char *result = NULL;
+ size_t i;
+
+ cpus = g_new0(virCPUDef *, data->ncpus);
+ for (i = 0; i < data->ncpus; i++) {
+ g_autofree char *name = NULL;
+
+ name = g_strdup_printf("cpuid-%s-json", data->cpus[i]);
+ if (!(cpus[i] = cpuTestLoadXML(data->arch, name)))
+ goto cleanup;
+ }
+
+ baseline = virCPUBaseline(data->arch, cpus, data->ncpus, NULL, NULL, false);
+ if (!baseline)
+ goto cleanup;
+
+ result = g_strdup_printf("cpuid-baseline-%s", data->name);
+
+ if (cpuTestCompareXML(data->arch, baseline, result) < 0)
+ goto cleanup;
+
+ for (i = 0; i < data->ncpus; i++) {
+ virCPUCompareResult cmp;
+
+ cmp = virCPUCompare(data->arch, cpus[i], baseline, false);
+ if (cmp != VIR_CPU_COMPARE_SUPERSET &&
+ cmp != VIR_CPU_COMPARE_IDENTICAL) {
+ VIR_TEST_VERBOSE("\nbaseline CPU is incompatible with CPU %zu", i);
+ VIR_TEST_VERBOSE("%74s", "... ");
+ ret = -1;
+ goto cleanup;
+ }
+ }
+
+ ret = 0;
+
+ cleanup:
+ if (cpus) {
+ for (i = 0; i < data->ncpus; i++)
+ virCPUDefFree(cpus[i]);
+ VIR_FREE(cpus);
+ }
+ virCPUDefFree(baseline);
+ return ret;
+}
+
+
static int
cpuTestHostCPUID(const void *arg)
{
@@ -888,13 +944,13 @@ mymain(void)
goto cleanup;
}
-#define DO_TEST(arch, api, name, host, cpu, \
+#define DO_TEST(arch, api, name, host, cpu, cpus, ncpus, \
models, flags, result) \
do { \
struct data data = { \
arch, host, cpu, models, \
models == NULL ? NULL : #models, \
- flags, result \
+ cpus, ncpus, flags, result \
}; \
g_autofree char *testLabel = NULL; \
\
@@ -907,12 +963,12 @@ mymain(void)
#define DO_TEST_COMPARE(arch, host, cpu, result) \
DO_TEST(arch, cpuTestCompare, \
host "/" cpu " (" #result ")", \
- host, cpu, NULL, 0, result)
+ host, cpu, NULL, 0, NULL, 0, result)
#define DO_TEST_UPDATE_ONLY(arch, host, cpu) \
DO_TEST(arch, cpuTestUpdate, \
cpu " on " host, \
- host, cpu, NULL, 0, 0)
+ host, cpu, NULL, 0, NULL, 0, 0)
#define DO_TEST_UPDATE(arch, host, cpu, result) \
do { \
@@ -930,31 +986,31 @@ mymain(void)
suffix = " (migratable)"; \
label = g_strdup_printf("%s%s", name, suffix); \
DO_TEST(arch, cpuTestBaseline, label, NULL, \
- "baseline-" name, NULL, flags, result); \
+ "baseline-" name, NULL, 0, NULL, flags, result); \
} while (0)
#define DO_TEST_HASFEATURE(arch, host, feature, result) \
DO_TEST(arch, cpuTestHasFeature, \
host "/" feature " (" #result ")", \
- host, feature, NULL, 0, result)
+ host, feature, NULL, 0, NULL, 0, result)
#define DO_TEST_GUESTCPU(arch, host, cpu, models, result) \
DO_TEST(arch, cpuTestGuestCPU, \
host "/" cpu " (" #models ")", \
- host, cpu, models, 0, result)
+ host, cpu, NULL, 0, models, 0, result)
#if WITH_QEMU
# define DO_TEST_JSON(arch, host, json) \
do { \
if (json == JSON_MODELS) { \
DO_TEST(arch, cpuTestGuestCPUID, host, host, \
- NULL, NULL, 0, 0); \
+ NULL, NULL, 0, NULL, 0, 0); \
} \
if (json != JSON_NONE) { \
DO_TEST(arch, cpuTestJSONCPUID, host, host, \
- NULL, NULL, json, 0); \
+ NULL, NULL, 0, NULL, json, 0); \
DO_TEST(arch, cpuTestJSONSignature, host, host, \
- NULL, NULL, 0, 0); \
+ NULL, NULL, 0, NULL, 0, 0); \
} \
} while (0)
#else
@@ -964,18 +1020,26 @@ mymain(void)
#define DO_TEST_CPUID(arch, host, json) \
do { \
DO_TEST(arch, cpuTestHostCPUID, host, host, \
- NULL, NULL, 0, 0); \
+ NULL, NULL, 0, NULL, 0, 0); \
DO_TEST(arch, cpuTestGuestCPUID, host, host, \
- NULL, NULL, json, 0); \
+ NULL, NULL, 0, NULL, json, 0); \
DO_TEST(arch, cpuTestCPUIDSignature, host, host, \
- NULL, NULL, 0, 0); \
+ NULL, NULL, 0, NULL, 0, 0); \
DO_TEST_JSON(arch, host, json); \
if (json != JSON_NONE) { \
DO_TEST(arch, cpuTestUpdateLive, host, host, \
- NULL, NULL, json, 0); \
+ NULL, NULL, 0, NULL, json, 0); \
} \
} while (0)
+#define DO_TEST_CPUID_BASELINE(arch, label, cpu1, cpu2) \
+ do { \
+ const char *cpus[] = {cpu1, cpu2}; \
+ DO_TEST(arch, cpuTestCPUIDBaseline, \
+ label " (" cpu1 ", " cpu2 ")", \
+ NULL, label, cpus, 2, NULL, 0, 0); \
+ } while (0)
+
/* host to host comparison */
DO_TEST_COMPARE(VIR_ARCH_X86_64, "host", "host", VIR_CPU_COMPARE_IDENTICAL);
DO_TEST_COMPARE(VIR_ARCH_X86_64, "host", "host-better", VIR_CPU_COMPARE_INCOMPATIBLE);
@@ -1157,6 +1221,32 @@ mymain(void)
DO_TEST_CPUID(VIR_ARCH_X86_64, "Ice-Lake-Server", JSON_MODELS);
DO_TEST_CPUID(VIR_ARCH_X86_64, "Cooperlake", JSON_MODELS);
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Ryzen+Rome",
+ "Ryzen-7-1800X-Eight-Core", "Ryzen-9-3900X-12-Core");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "EPYC+Rome",
+ "EPYC-7601-32-Core", "EPYC-7502-32-Core");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Haswell-noTSX-IBRS+Skylake",
+ "Xeon-E5-2609-v3", "Xeon-Gold-6148");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Haswell-noTSX-IBRS+Skylake-IBRS",
+ "Xeon-E5-2609-v3", "Xeon-Gold-6130");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Broadwell-IBRS+Cascadelake",
+ "Xeon-E5-2623-v4", "Xeon-Platinum-8268");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Cascadelake+Skylake-IBRS",
+ "Xeon-Platinum-8268", "Xeon-Gold-6130");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Cascadelake+Skylake",
+ "Xeon-Platinum-9242", "Xeon-Gold-6148");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Cascadelake+Icelake",
+ "Xeon-Platinum-9242", "Ice-Lake-Server");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Cooperlake+Icelake",
+ "Cooperlake", "Ice-Lake-Server");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Cooperlake+Cascadelake",
+ "Cooperlake", "Xeon-Platinum-9242");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Skylake-Client+Server",
+ "Core-i5-6600", "Xeon-Gold-6148");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Haswell-noTSX-IBRS+Broadwell",
+ "Xeon-E5-2609-v3", "Xeon-E5-2650-v4");
+ DO_TEST_CPUID_BASELINE(VIR_ARCH_X86_64, "Haswell+Skylake",
+ "Xeon-E7-8890-v3", "Xeon-Gold-5115");
cleanup:
#if WITH_QEMU
qemuTestDriverFree(&driver);
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Broadwell-IBRS+Cascadelake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Broadwell-IBRS+Cascadelake.xml
new file mode 100644
index 0000000000..4e3f253e9b
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Broadwell-IBRS+Cascadelake.xml
@@ -0,0 +1,11 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Skylake-Client-IBRS</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='pdpe1gb'/>
+ <feature policy='disable' name='mpx'/>
+ <feature policy='disable' name='xsavec'/>
+ <feature policy='disable' name='xgetbv1'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Icelake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Icelake.xml
new file mode 100644
index 0000000000..e372a3e446
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Icelake.xml
@@ -0,0 +1,14 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Cooperlake</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='mpx'/>
+ <feature policy='require' name='umip'/>
+ <feature policy='require' name='xsaves'/>
+ <feature policy='disable' name='avx512-bf16'/>
+ <feature policy='disable' name='mds-no'/>
+ <feature policy='disable' name='pschange-mc-no'/>
+ <feature policy='disable' name='taa-no'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake-IBRS.xml b/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake-IBRS.xml
new file mode 100644
index 0000000000..e559e01583
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake-IBRS.xml
@@ -0,0 +1,12 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Cascadelake-Server</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='umip'/>
+ <feature policy='require' name='pku'/>
+ <feature policy='require' name='xsaves'/>
+ <feature policy='require' name='skip-l1dfl-vmentry'/>
+ <feature policy='disable' name='avx512vnni'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake.xml
new file mode 100644
index 0000000000..906259df0b
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Cascadelake+Skylake.xml
@@ -0,0 +1,8 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Skylake-Server</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='clflushopt'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml
new file mode 100644
index 0000000000..46c32c996f
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Cascadelake.xml
@@ -0,0 +1,17 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Cooperlake</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='vmx'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='mpx'/>
+ <feature policy='require' name='umip'/>
+ <feature policy='require' name='md-clear'/>
+ <feature policy='require' name='xsaves'/>
+ <feature policy='require' name='ibpb'/>
+ <feature policy='require' name='amd-ssbd'/>
+ <feature policy='require' name='tsx-ctrl'/>
+ <feature policy='disable' name='avx512-bf16'/>
+ <feature policy='disable' name='taa-no'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Icelake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Icelake.xml
new file mode 100644
index 0000000000..e372a3e446
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Cooperlake+Icelake.xml
@@ -0,0 +1,14 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Cooperlake</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='mpx'/>
+ <feature policy='require' name='umip'/>
+ <feature policy='require' name='xsaves'/>
+ <feature policy='disable' name='avx512-bf16'/>
+ <feature policy='disable' name='mds-no'/>
+ <feature policy='disable' name='pschange-mc-no'/>
+ <feature policy='disable' name='taa-no'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-EPYC+Rome.xml b/tests/cputestdata/x86_64-cpuid-baseline-EPYC+Rome.xml
new file mode 100644
index 0000000000..e1984b2890
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-EPYC+Rome.xml
@@ -0,0 +1,13 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>EPYC</model>
+ <vendor>AMD</vendor>
+ <feature policy='require' name='x2apic'/>
+ <feature policy='require' name='tsc-deadline'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='cmp_legacy'/>
+ <feature policy='require' name='npt'/>
+ <feature policy='require' name='nrip-save'/>
+ <feature policy='disable' name='svm'/>
+ <feature policy='disable' name='monitor'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Haswell+Skylake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Haswell+Skylake.xml
new file mode 100644
index 0000000000..e687a679b3
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Haswell+Skylake.xml
@@ -0,0 +1,14 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Haswell</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='vme'/>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='f16c'/>
+ <feature policy='require' name='rdrand'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='arat'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='xsaveopt'/>
+ <feature policy='require' name='pdpe1gb'/>
+ <feature policy='require' name='abm'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Broadwell.xml b/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Broadwell.xml
new file mode 100644
index 0000000000..651457b17a
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Broadwell.xml
@@ -0,0 +1,14 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Haswell-noTSX</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='vme'/>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='f16c'/>
+ <feature policy='require' name='rdrand'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='arat'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='xsaveopt'/>
+ <feature policy='require' name='pdpe1gb'/>
+ <feature policy='require' name='abm'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake-IBRS.xml b/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake-IBRS.xml
new file mode 100644
index 0000000000..8bda1c02e2
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake-IBRS.xml
@@ -0,0 +1,14 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Haswell-noTSX-IBRS</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='vme'/>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='f16c'/>
+ <feature policy='require' name='rdrand'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='arat'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='xsaveopt'/>
+ <feature policy='require' name='pdpe1gb'/>
+ <feature policy='require' name='abm'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake.xml b/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake.xml
new file mode 100644
index 0000000000..651457b17a
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Haswell-noTSX-IBRS+Skylake.xml
@@ -0,0 +1,14 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Haswell-noTSX</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='vme'/>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='f16c'/>
+ <feature policy='require' name='rdrand'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='arat'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='xsaveopt'/>
+ <feature policy='require' name='pdpe1gb'/>
+ <feature policy='require' name='abm'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Ryzen+Rome.xml b/tests/cputestdata/x86_64-cpuid-baseline-Ryzen+Rome.xml
new file mode 100644
index 0000000000..051402b9d5
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Ryzen+Rome.xml
@@ -0,0 +1,13 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>EPYC</model>
+ <vendor>AMD</vendor>
+ <feature policy='require' name='x2apic'/>
+ <feature policy='require' name='tsc-deadline'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='cmp_legacy'/>
+ <feature policy='require' name='npt'/>
+ <feature policy='require' name='nrip-save'/>
+ <feature policy='disable' name='sha-ni'/>
+ <feature policy='disable' name='monitor'/>
+</cpu>
diff --git a/tests/cputestdata/x86_64-cpuid-baseline-Skylake-Client+Server.xml b/tests/cputestdata/x86_64-cpuid-baseline-Skylake-Client+Server.xml
new file mode 100644
index 0000000000..d46ff26eeb
--- /dev/null
+++ b/tests/cputestdata/x86_64-cpuid-baseline-Skylake-Client+Server.xml
@@ -0,0 +1,9 @@
+<cpu mode='custom' match='exact'>
+ <model fallback='allow'>Skylake-Client</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='clflushopt'/>
+ <feature policy='require' name='pdpe1gb'/>
+</cpu>
--
2.35.1

View File

@ -0,0 +1,334 @@
From 50d94f13286ca19ef1f457be72debdbf77547df6 Mon Sep 17 00:00:00 2001
Message-Id: <50d94f13286ca19ef1f457be72debdbf77547df6@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 4 May 2022 16:21:38 +0200
Subject: [PATCH] cputest: Drop some old artificial baseline tests
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 6aff36019bbaf643f451779621c6c88cab0e64a7)
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
tests/cputest.c | 6 ---
.../cputestdata/x86_64-baseline-1-result.xml | 5 --
tests/cputestdata/x86_64-baseline-1.xml | 20 --------
.../cputestdata/x86_64-baseline-2-result.xml | 4 --
tests/cputestdata/x86_64-baseline-2.xml | 22 ---------
.../x86_64-baseline-5-expanded.xml | 47 -------------------
.../cputestdata/x86_64-baseline-5-result.xml | 10 ----
tests/cputestdata/x86_64-baseline-5.xml | 35 --------------
.../cputestdata/x86_64-baseline-7-result.xml | 4 --
tests/cputestdata/x86_64-baseline-7.xml | 24 ----------
.../cputestdata/x86_64-baseline-8-result.xml | 4 --
tests/cputestdata/x86_64-baseline-8.xml | 28 -----------
12 files changed, 209 deletions(-)
delete mode 100644 tests/cputestdata/x86_64-baseline-1-result.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-1.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-2-result.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-2.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-5-expanded.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-5-result.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-5.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-7-result.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-7.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-8-result.xml
delete mode 100644 tests/cputestdata/x86_64-baseline-8.xml
diff --git a/tests/cputest.c b/tests/cputest.c
index 0f0621292a..20d56836be 100644
--- a/tests/cputest.c
+++ b/tests/cputest.c
@@ -1051,18 +1051,12 @@ mymain(void)
DO_TEST_BASELINE(VIR_ARCH_X86_64, "incompatible-vendors", 0, -1);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "no-vendor", 0, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "some-vendors", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "1", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "2", 0, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "3", 0, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "3", VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "4", 0, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "4", VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "5", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "5", VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "6", 0, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "6", VIR_CONNECT_BASELINE_CPU_MIGRATABLE, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "7", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "8", 0, 0);
DO_TEST_BASELINE(VIR_ARCH_PPC64, "incompatible-vendors", 0, -1);
DO_TEST_BASELINE(VIR_ARCH_PPC64, "no-vendor", 0, 0);
diff --git a/tests/cputestdata/x86_64-baseline-1-result.xml b/tests/cputestdata/x86_64-baseline-1-result.xml
deleted file mode 100644
index 96c4f43b3d..0000000000
--- a/tests/cputestdata/x86_64-baseline-1-result.xml
+++ /dev/null
@@ -1,5 +0,0 @@
-<cpu mode='custom' match='exact'>
- <model fallback='allow'>Conroe</model>
- <vendor>Intel</vendor>
- <feature policy='disable' name='lahf_lm'/>
-</cpu>
diff --git a/tests/cputestdata/x86_64-baseline-1.xml b/tests/cputestdata/x86_64-baseline-1.xml
deleted file mode 100644
index 509e6a85d2..0000000000
--- a/tests/cputestdata/x86_64-baseline-1.xml
+++ /dev/null
@@ -1,20 +0,0 @@
-<cpuTest>
-<cpu>
- <arch>x86_64</arch>
- <model>Penryn</model>
- <vendor>Intel</vendor>
- <topology sockets='2' cores='4' threads='1'/>
-</cpu>
-<cpu>
- <arch>x86_64</arch>
- <model>Conroe</model>
- <vendor>Intel</vendor>
- <topology sockets='1' cores='1' threads='1'/>
-</cpu>
-<cpu>
- <arch>x86_64</arch>
- <model>core2duo</model>
- <vendor>Intel</vendor>
- <topology sockets='1' cores='1' threads='1'/>
-</cpu>
-</cpuTest>
diff --git a/tests/cputestdata/x86_64-baseline-2-result.xml b/tests/cputestdata/x86_64-baseline-2-result.xml
deleted file mode 100644
index a11352d0b1..0000000000
--- a/tests/cputestdata/x86_64-baseline-2-result.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<cpu mode='custom' match='exact'>
- <model fallback='allow'>core2duo</model>
- <feature policy='disable' name='nx'/>
-</cpu>
diff --git a/tests/cputestdata/x86_64-baseline-2.xml b/tests/cputestdata/x86_64-baseline-2.xml
deleted file mode 100644
index 055223fd34..0000000000
--- a/tests/cputestdata/x86_64-baseline-2.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<cpuTest>
-<cpu>
- <arch>x86_64</arch>
- <model>core2duo</model>
- <topology sockets='1' cores='2' threads='1'/>
-</cpu>
-<cpu>
- <arch>x86_64</arch>
- <model>pentiumpro</model>
- <topology sockets='1' cores='2' threads='1'/>
- <feature name='mtrr'/>
- <feature name='clflush'/>
- <feature name='mca'/>
- <feature name='vme'/>
- <feature name='pse36'/>
- <feature name='pni'/>
- <feature name='monitor'/>
- <feature name='ssse3'/>
- <feature name='lm'/>
- <feature name='syscall'/>
-</cpu>
-</cpuTest>
diff --git a/tests/cputestdata/x86_64-baseline-5-expanded.xml b/tests/cputestdata/x86_64-baseline-5-expanded.xml
deleted file mode 100644
index 2c1b400150..0000000000
--- a/tests/cputestdata/x86_64-baseline-5-expanded.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<cpu mode='custom' match='exact'>
- <model fallback='allow'>SandyBridge</model>
- <vendor>Intel</vendor>
- <feature policy='require' name='aes'/>
- <feature policy='require' name='apic'/>
- <feature policy='require' name='avx'/>
- <feature policy='require' name='clflush'/>
- <feature policy='require' name='cmov'/>
- <feature policy='require' name='cx16'/>
- <feature policy='require' name='cx8'/>
- <feature policy='require' name='de'/>
- <feature policy='require' name='fpu'/>
- <feature policy='require' name='fxsr'/>
- <feature policy='require' name='hypervisor'/>
- <feature policy='require' name='lahf_lm'/>
- <feature policy='require' name='lm'/>
- <feature policy='require' name='mca'/>
- <feature policy='require' name='mce'/>
- <feature policy='require' name='mmx'/>
- <feature policy='require' name='msr'/>
- <feature policy='require' name='mtrr'/>
- <feature policy='require' name='nx'/>
- <feature policy='require' name='osxsave'/>
- <feature policy='require' name='pae'/>
- <feature policy='require' name='pat'/>
- <feature policy='require' name='pcid'/>
- <feature policy='require' name='pclmuldq'/>
- <feature policy='require' name='pge'/>
- <feature policy='require' name='pni'/>
- <feature policy='require' name='popcnt'/>
- <feature policy='require' name='pse'/>
- <feature policy='require' name='pse36'/>
- <feature policy='disable' name='rdtscp'/>
- <feature policy='require' name='sep'/>
- <feature policy='require' name='ss'/>
- <feature policy='require' name='sse'/>
- <feature policy='require' name='sse2'/>
- <feature policy='require' name='sse4.1'/>
- <feature policy='require' name='sse4.2'/>
- <feature policy='require' name='ssse3'/>
- <feature policy='require' name='syscall'/>
- <feature policy='require' name='tsc'/>
- <feature policy='require' name='tsc-deadline'/>
- <feature policy='require' name='vme'/>
- <feature policy='require' name='x2apic'/>
- <feature policy='require' name='xsave'/>
-</cpu>
diff --git a/tests/cputestdata/x86_64-baseline-5-result.xml b/tests/cputestdata/x86_64-baseline-5-result.xml
deleted file mode 100644
index 775a27de2e..0000000000
--- a/tests/cputestdata/x86_64-baseline-5-result.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<cpu mode='custom' match='exact'>
- <model fallback='allow'>SandyBridge</model>
- <vendor>Intel</vendor>
- <feature policy='require' name='vme'/>
- <feature policy='require' name='ss'/>
- <feature policy='require' name='pcid'/>
- <feature policy='require' name='osxsave'/>
- <feature policy='require' name='hypervisor'/>
- <feature policy='disable' name='rdtscp'/>
-</cpu>
diff --git a/tests/cputestdata/x86_64-baseline-5.xml b/tests/cputestdata/x86_64-baseline-5.xml
deleted file mode 100644
index 80cd533ca4..0000000000
--- a/tests/cputestdata/x86_64-baseline-5.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<cpuTest>
-<cpu>
- <arch>x86_64</arch>
- <model>Westmere</model>
- <vendor>Intel</vendor>
- <topology sockets='4' cores='1' threads='1'/>
- <feature name='hypervisor'/>
- <feature name='avx'/>
- <feature name='osxsave'/>
- <feature name='xsave'/>
- <feature name='tsc-deadline'/>
- <feature name='x2apic'/>
- <feature name='pcid'/>
- <feature name='pclmuldq'/>
- <feature name='ss'/>
- <feature name='vme'/>
-</cpu>
-<cpu>
- <arch>x86_64</arch>
- <model>Nehalem</model>
- <vendor>Intel</vendor>
- <topology sockets='4' cores='1' threads='1'/>
- <feature name='aes'/>
- <feature name='hypervisor'/>
- <feature name='avx'/>
- <feature name='osxsave'/>
- <feature name='xsave'/>
- <feature name='tsc-deadline'/>
- <feature name='x2apic'/>
- <feature name='pcid'/>
- <feature name='pclmuldq'/>
- <feature name='ss'/>
- <feature name='vme'/>
-</cpu>
-</cpuTest>
diff --git a/tests/cputestdata/x86_64-baseline-7-result.xml b/tests/cputestdata/x86_64-baseline-7-result.xml
deleted file mode 100644
index 2af549e77a..0000000000
--- a/tests/cputestdata/x86_64-baseline-7-result.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<cpu mode='custom' match='exact'>
- <model fallback='allow'>Haswell-noTSX</model>
- <vendor>Intel</vendor>
-</cpu>
diff --git a/tests/cputestdata/x86_64-baseline-7.xml b/tests/cputestdata/x86_64-baseline-7.xml
deleted file mode 100644
index b7e61b160c..0000000000
--- a/tests/cputestdata/x86_64-baseline-7.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<cpuTest>
- <cpu>
- <arch>x86_64</arch>
- <model>SandyBridge</model>
- <vendor>Intel</vendor>
- <topology sockets='1' cores='2' threads='2'/>
- <feature name='invpcid'/>
- <feature name='erms'/>
- <feature name='bmi2'/>
- <feature name='smep'/>
- <feature name='avx2'/>
- <feature name='bmi1'/>
- <feature name='fsgsbase'/>
- <feature name='movbe'/>
- <feature name='pcid'/>
- <feature name='fma'/>
- </cpu>
- <cpu>
- <arch>x86_64</arch>
- <model>Haswell-noTSX</model>
- <vendor>Intel</vendor>
- <topology sockets='1' cores='2' threads='2'/>
- </cpu>
-</cpuTest>
diff --git a/tests/cputestdata/x86_64-baseline-8-result.xml b/tests/cputestdata/x86_64-baseline-8-result.xml
deleted file mode 100644
index 88226b3dab..0000000000
--- a/tests/cputestdata/x86_64-baseline-8-result.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<cpu mode='custom' match='exact'>
- <model fallback='allow'>Broadwell-noTSX</model>
- <vendor>Intel</vendor>
-</cpu>
diff --git a/tests/cputestdata/x86_64-baseline-8.xml b/tests/cputestdata/x86_64-baseline-8.xml
deleted file mode 100644
index f1ee67d542..0000000000
--- a/tests/cputestdata/x86_64-baseline-8.xml
+++ /dev/null
@@ -1,28 +0,0 @@
-<cpuTest>
- <cpu>
- <arch>x86_64</arch>
- <model>SandyBridge</model>
- <vendor>Intel</vendor>
- <topology sockets='1' cores='2' threads='2'/>
- <feature name='invpcid'/>
- <feature name='erms'/>
- <feature name='bmi2'/>
- <feature name='smep'/>
- <feature name='avx2'/>
- <feature name='bmi1'/>
- <feature name='fsgsbase'/>
- <feature name='movbe'/>
- <feature name='pcid'/>
- <feature name='fma'/>
- <feature name='3dnowprefetch'/>
- <feature name='rdseed'/>
- <feature name='adx'/>
- <feature name='smap'/>
- </cpu>
- <cpu>
- <arch>x86_64</arch>
- <model>Broadwell-noTSX</model>
- <vendor>Intel</vendor>
- <topology sockets='1' cores='2' threads='2'/>
- </cpu>
-</cpuTest>
--
2.35.1

View File

@ -0,0 +1,97 @@
From 6cf9cd8f6d9e90eadd58d8a37129e7401876e4e8 Mon Sep 17 00:00:00 2001
Message-Id: <6cf9cd8f6d9e90eadd58d8a37129e7401876e4e8@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 4 May 2022 16:28:03 +0200
Subject: [PATCH] cputest: Give better names to baseline tests
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 3daa68e26514dc114d71f4c44f7d728e93a53cd0)
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
tests/cputest.c | 12 ++++++------
... x86_64-baseline-Westmere+Nehalem-migratable.xml} | 0
...l => x86_64-baseline-Westmere+Nehalem-result.xml} | 0
...ne-6.xml => x86_64-baseline-Westmere+Nehalem.xml} | 0
...ded.xml => x86_64-baseline-features-expanded.xml} | 0
...esult.xml => x86_64-baseline-features-result.xml} | 0
...4-baseline-4.xml => x86_64-baseline-features.xml} | 0
...anded.xml => x86_64-baseline-simple-expanded.xml} | 0
...-result.xml => x86_64-baseline-simple-result.xml} | 0
..._64-baseline-3.xml => x86_64-baseline-simple.xml} | 0
10 files changed, 6 insertions(+), 6 deletions(-)
rename tests/cputestdata/{x86_64-baseline-6-migratable.xml => x86_64-baseline-Westmere+Nehalem-migratable.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-6-result.xml => x86_64-baseline-Westmere+Nehalem-result.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-6.xml => x86_64-baseline-Westmere+Nehalem.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-4-expanded.xml => x86_64-baseline-features-expanded.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-4-result.xml => x86_64-baseline-features-result.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-4.xml => x86_64-baseline-features.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-3-expanded.xml => x86_64-baseline-simple-expanded.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-3-result.xml => x86_64-baseline-simple-result.xml} (100%)
rename tests/cputestdata/{x86_64-baseline-3.xml => x86_64-baseline-simple.xml} (100%)
diff --git a/tests/cputest.c b/tests/cputest.c
index 20d56836be..b939e20718 100644
--- a/tests/cputest.c
+++ b/tests/cputest.c
@@ -1051,12 +1051,12 @@ mymain(void)
DO_TEST_BASELINE(VIR_ARCH_X86_64, "incompatible-vendors", 0, -1);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "no-vendor", 0, 0);
DO_TEST_BASELINE(VIR_ARCH_X86_64, "some-vendors", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "3", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "3", VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "4", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "4", VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "6", 0, 0);
- DO_TEST_BASELINE(VIR_ARCH_X86_64, "6", VIR_CONNECT_BASELINE_CPU_MIGRATABLE, 0);
+ DO_TEST_BASELINE(VIR_ARCH_X86_64, "simple", 0, 0);
+ DO_TEST_BASELINE(VIR_ARCH_X86_64, "simple", VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, 0);
+ DO_TEST_BASELINE(VIR_ARCH_X86_64, "features", 0, 0);
+ DO_TEST_BASELINE(VIR_ARCH_X86_64, "features", VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES, 0);
+ DO_TEST_BASELINE(VIR_ARCH_X86_64, "Westmere+Nehalem", 0, 0);
+ DO_TEST_BASELINE(VIR_ARCH_X86_64, "Westmere+Nehalem", VIR_CONNECT_BASELINE_CPU_MIGRATABLE, 0);
DO_TEST_BASELINE(VIR_ARCH_PPC64, "incompatible-vendors", 0, -1);
DO_TEST_BASELINE(VIR_ARCH_PPC64, "no-vendor", 0, 0);
diff --git a/tests/cputestdata/x86_64-baseline-6-migratable.xml b/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-migratable.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-6-migratable.xml
rename to tests/cputestdata/x86_64-baseline-Westmere+Nehalem-migratable.xml
diff --git a/tests/cputestdata/x86_64-baseline-6-result.xml b/tests/cputestdata/x86_64-baseline-Westmere+Nehalem-result.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-6-result.xml
rename to tests/cputestdata/x86_64-baseline-Westmere+Nehalem-result.xml
diff --git a/tests/cputestdata/x86_64-baseline-6.xml b/tests/cputestdata/x86_64-baseline-Westmere+Nehalem.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-6.xml
rename to tests/cputestdata/x86_64-baseline-Westmere+Nehalem.xml
diff --git a/tests/cputestdata/x86_64-baseline-4-expanded.xml b/tests/cputestdata/x86_64-baseline-features-expanded.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-4-expanded.xml
rename to tests/cputestdata/x86_64-baseline-features-expanded.xml
diff --git a/tests/cputestdata/x86_64-baseline-4-result.xml b/tests/cputestdata/x86_64-baseline-features-result.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-4-result.xml
rename to tests/cputestdata/x86_64-baseline-features-result.xml
diff --git a/tests/cputestdata/x86_64-baseline-4.xml b/tests/cputestdata/x86_64-baseline-features.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-4.xml
rename to tests/cputestdata/x86_64-baseline-features.xml
diff --git a/tests/cputestdata/x86_64-baseline-3-expanded.xml b/tests/cputestdata/x86_64-baseline-simple-expanded.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-3-expanded.xml
rename to tests/cputestdata/x86_64-baseline-simple-expanded.xml
diff --git a/tests/cputestdata/x86_64-baseline-3-result.xml b/tests/cputestdata/x86_64-baseline-simple-result.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-3-result.xml
rename to tests/cputestdata/x86_64-baseline-simple-result.xml
diff --git a/tests/cputestdata/x86_64-baseline-3.xml b/tests/cputestdata/x86_64-baseline-simple.xml
similarity index 100%
rename from tests/cputestdata/x86_64-baseline-3.xml
rename to tests/cputestdata/x86_64-baseline-simple.xml
--
2.35.1

View File

@ -0,0 +1,111 @@
From 296343c5a950668d790f9cd5ebd7b466e8156d03 Mon Sep 17 00:00:00 2001
Message-Id: <296343c5a950668d790f9cd5ebd7b466e8156d03@dist-git>
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 14 Jun 2022 13:23:29 +0200
Subject: [PATCH] domain_validate: Split out validation of disk startup policy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Move the code into 'virDomainDiskDefValidateStartupPolicy' which will be
later reused in the qemu driver.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit 3603a18bcec18842cedecbd8329723062b87795c)
https://bugzilla.redhat.com/show_bug.cgi?id=2095758
---
src/conf/domain_validate.c | 45 ++++++++++++++++++++++++--------------
src/conf/domain_validate.h | 2 ++
src/libvirt_private.syms | 1 +
3 files changed, 31 insertions(+), 17 deletions(-)
diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index 452742e67c..bfff7339ef 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -598,6 +598,32 @@ virDomainDiskDefSourceLUNValidate(const virStorageSource *src)
}
+int
+virDomainDiskDefValidateStartupPolicy(const virDomainDiskDef *disk)
+{
+ if (disk->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_DEFAULT)
+ return 0;
+
+ if (disk->src->type == VIR_STORAGE_TYPE_NETWORK) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("disk startupPolicy '%s' is not allowed for disk of '%s' type"),
+ virDomainStartupPolicyTypeToString(disk->startupPolicy),
+ virStorageTypeToString(disk->src->type));
+ return -1;
+ }
+
+ if (disk->device != VIR_DOMAIN_DISK_DEVICE_CDROM &&
+ disk->device != VIR_DOMAIN_DISK_DEVICE_FLOPPY &&
+ disk->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_REQUISITE) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("disk startupPolicy 'requisite' is allowed only for cdrom or floppy"));
+ return -1;
+ }
+
+ return 0;
+}
+
+
static int
virDomainDiskDefValidate(const virDomainDef *def,
const virDomainDiskDef *disk)
@@ -775,23 +801,8 @@ virDomainDiskDefValidate(const virDomainDef *def,
return -1;
}
- if (disk->startupPolicy != VIR_DOMAIN_STARTUP_POLICY_DEFAULT) {
- if (disk->src->type == VIR_STORAGE_TYPE_NETWORK) {
- virReportError(VIR_ERR_XML_ERROR,
- _("disk startupPolicy '%s' is not allowed for disk of '%s' type"),
- virDomainStartupPolicyTypeToString(disk->startupPolicy),
- virStorageTypeToString(disk->src->type));
- return -1;
- }
-
- if (disk->device != VIR_DOMAIN_DISK_DEVICE_CDROM &&
- disk->device != VIR_DOMAIN_DISK_DEVICE_FLOPPY &&
- disk->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_REQUISITE) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("disk startupPolicy 'requisite' is allowed only for cdrom or floppy"));
- return -1;
- }
- }
+ if (virDomainDiskDefValidateStartupPolicy(disk) < 0)
+ return -1;
if (disk->wwn && !virValidateWWN(disk->wwn))
return -1;
diff --git a/src/conf/domain_validate.h b/src/conf/domain_validate.h
index 430d61fd3c..07b99195e3 100644
--- a/src/conf/domain_validate.h
+++ b/src/conf/domain_validate.h
@@ -41,4 +41,6 @@ int virDomainDeviceDefValidate(const virDomainDeviceDef *dev,
int virDomainDiskDefValidateSource(const virStorageSource *src);
+int virDomainDiskDefValidateStartupPolicy(const virDomainDiskDef *disk);
+
int virDomainDiskDefSourceLUNValidate(const virStorageSource *src);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 2c42e2a5e8..5b7a056151 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -777,6 +777,7 @@ virDomainActualNetDefValidate;
virDomainDefValidate;
virDomainDeviceValidateAliasForHotplug;
virDomainDiskDefSourceLUNValidate;
+virDomainDiskDefValidateStartupPolicy;
# conf/interface_conf.h
--
2.35.1

View File

@ -0,0 +1,55 @@
From dc6ab8b51ff53ba22abfb84f24641aa87320038a Mon Sep 17 00:00:00 2001
Message-Id: <dc6ab8b51ff53ba22abfb84f24641aa87320038a@dist-git>
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Tue, 8 Mar 2022 17:28:38 +0000
Subject: [PATCH] nwfilter: fix crash when counting number of network filters
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The virNWFilterObjListNumOfNWFilters method iterates over the
driver->nwfilters, accessing virNWFilterObj instances. As such
it needs to be protected against concurrent modification of
the driver->nwfilters object.
This API allows unprivileged users to connect, so users with
read-only access to libvirt can cause a denial of service
crash if they are able to race with a call of virNWFilterUndefine.
Since network filters are usually statically defined, this is
considered a low severity problem.
This is assigned CVE-2022-0897.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit a4947e8f63c3e6b7b067b444f3d6cf674c0d7f36)
https://bugzilla.redhat.com/show_bug.cgi?id=2063902
---
src/nwfilter/nwfilter_driver.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 200451d6b1..956aca6421 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -478,11 +478,15 @@ nwfilterLookupByName(virConnectPtr conn,
static int
nwfilterConnectNumOfNWFilters(virConnectPtr conn)
{
+ int ret;
if (virConnectNumOfNWFiltersEnsureACL(conn) < 0)
return -1;
- return virNWFilterObjListNumOfNWFilters(driver->nwfilters, conn,
- virConnectNumOfNWFiltersCheckACL);
+ nwfilterDriverLock();
+ ret = virNWFilterObjListNumOfNWFilters(driver->nwfilters, conn,
+ virConnectNumOfNWFiltersCheckACL);
+ nwfilterDriverUnlock();
+ return ret;
}
--
2.35.1

View File

@ -0,0 +1,155 @@
From 2595c7716b19214b2729b41b86656f96a2cd18bc Mon Sep 17 00:00:00 2001
Message-Id: <2595c7716b19214b2729b41b86656f96a2cd18bc@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 22 Jun 2022 15:21:30 +0200
Subject: [PATCH] qemu: Add qemuDomainSetMaxMemLock helper
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
qemuDomainAdjustMaxMemLock combined computing the desired limit with
applying it. This patch separates the code to apply a memory locking
limit to a new qemuDomainSetMaxMemLock helper for better reusability.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit dff51c7f5760ded8235076f55d082fe4363f2f78)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_domain.c | 95 ++++++++++++++++++++++++++----------------
src/qemu/qemu_domain.h | 3 ++
2 files changed, 61 insertions(+), 37 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index ee7d310903..a81789f194 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -9261,6 +9261,61 @@ qemuDomainGetMemLockLimitBytes(virDomainDef *def,
}
+/**
+ * qemuDomainSetMaxMemLock:
+ * @vm: domain
+ * @limit: the desired memory locking limit
+ * @origPtr: where to store (or load from) the original value of the limit
+ *
+ * Set the memory locking limit for @vm unless it's already big enough. If
+ * @origPtr is non-NULL, the original value of the limit will be store there
+ * and can be restored by calling this function with @limit == 0.
+ *
+ * Returns: 0 on success, -1 otherwise.
+ */
+int
+qemuDomainSetMaxMemLock(virDomainObj *vm,
+ unsigned long long limit,
+ unsigned long long *origPtr)
+{
+ unsigned long long current = 0;
+
+ if (virProcessGetMaxMemLock(vm->pid, &current) < 0)
+ return -1;
+
+ if (limit > 0) {
+ VIR_DEBUG("Requested memory lock limit: %llu", limit);
+ /* If the limit is already high enough, we can assume
+ * that some external process is taking care of managing
+ * process limits and we shouldn't do anything ourselves:
+ * we're probably running in a containerized environment
+ * where we don't have enough privilege anyway */
+ if (current >= limit) {
+ VIR_DEBUG("Current limit %llu is big enough", current);
+ return 0;
+ }
+
+ /* If this is the first time adjusting the limit, save the current
+ * value so that we can restore it once memory locking is no longer
+ * required */
+ if (origPtr && *origPtr == 0)
+ *origPtr = current;
+ } else {
+ /* Once memory locking is no longer required, we can restore the
+ * original, usually very low, limit. But only if we actually stored
+ * the original limit before. */
+ if (!origPtr || *origPtr == 0)
+ return 0;
+
+ limit = *origPtr;
+ *origPtr = 0;
+ VIR_DEBUG("Resetting memory lock limit back to %llu", limit);
+ }
+
+ return virProcessSetMaxMemLock(vm->pid, limit);
+}
+
+
/**
* qemuDomainAdjustMaxMemLock:
* @vm: domain
@@ -9282,43 +9337,9 @@ int
qemuDomainAdjustMaxMemLock(virDomainObj *vm,
bool forceVFIO)
{
- qemuDomainObjPrivate *priv = vm->privateData;
- unsigned long long currentMemLock = 0;
- unsigned long long desiredMemLock = 0;
-
- desiredMemLock = qemuDomainGetMemLockLimitBytes(vm->def, forceVFIO);
- if (virProcessGetMaxMemLock(vm->pid, &currentMemLock) < 0)
- return -1;
-
- if (desiredMemLock > 0) {
- if (currentMemLock < desiredMemLock) {
- /* If this is the first time adjusting the limit, save the current
- * value so that we can restore it once memory locking is no longer
- * required */
- if (priv->originalMemlock == 0) {
- priv->originalMemlock = currentMemLock;
- }
- } else {
- /* If the limit is already high enough, we can assume
- * that some external process is taking care of managing
- * process limits and we shouldn't do anything ourselves:
- * we're probably running in a containerized environment
- * where we don't have enough privilege anyway */
- desiredMemLock = 0;
- }
- } else {
- /* Once memory locking is no longer required, we can restore the
- * original, usually very low, limit */
- desiredMemLock = priv->originalMemlock;
- priv->originalMemlock = 0;
- }
-
- if (desiredMemLock > 0 &&
- virProcessSetMaxMemLock(vm->pid, desiredMemLock) < 0) {
- return -1;
- }
-
- return 0;
+ return qemuDomainSetMaxMemLock(vm,
+ qemuDomainGetMemLockLimitBytes(vm->def, forceVFIO),
+ &QEMU_DOMAIN_PRIVATE(vm)->originalMemlock);
}
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index e9497d20de..6d1d23439a 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -789,6 +789,9 @@ int qemuDomainAdjustMaxMemLock(virDomainObj *vm,
bool forceVFIO);
int qemuDomainAdjustMaxMemLockHostdev(virDomainObj *vm,
virDomainHostdevDef *hostdev);
+int qemuDomainSetMaxMemLock(virDomainObj *vm,
+ unsigned long long limit,
+ unsigned long long *origPtr);
int qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
const virDomainMemoryDef *mem);
--
2.35.1

View File

@ -0,0 +1,37 @@
From 44f83782ba882f9eb037a54fb75231c305d98712 Mon Sep 17 00:00:00 2001
Message-Id: <44f83782ba882f9eb037a54fb75231c305d98712@dist-git>
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
Date: Fri, 10 Jun 2022 15:25:00 +0200
Subject: [PATCH] qemu: virtiofs: format --thread-pool-size
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
https://bugzilla.redhat.com/show_bug.cgi?id=2079582
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 2753eba20ce76d3d8785b23a6e940574ca12fe3c)
Signed-off-by: Ján Tomko <jtomko@redhat.com>
---
src/qemu/qemu_virtiofs.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/qemu/qemu_virtiofs.c b/src/qemu/qemu_virtiofs.c
index 1b853a5a59..1ee3781286 100644
--- a/src/qemu/qemu_virtiofs.c
+++ b/src/qemu/qemu_virtiofs.c
@@ -163,6 +163,10 @@ qemuVirtioFSBuildCommandLine(virQEMUDriverConfig *cfg,
virBufferAddLit(&opts, ",no_posix_lock");
virCommandAddArgBuffer(cmd, &opts);
+
+ if (fs->thread_pool_size >= 0)
+ virCommandAddArgFormat(cmd, "--thread-pool-size=%i", fs->thread_pool_size);
+
if (cfg->virtiofsdDebug)
virCommandAddArg(cmd, "-d");
--
2.35.1

View File

@ -0,0 +1,55 @@
From b221b3ab6d881efedc544e0e0ed9c507e21fd178 Mon Sep 17 00:00:00 2001
Message-Id: <b221b3ab6d881efedc544e0e0ed9c507e21fd178@dist-git>
From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 11 May 2022 16:37:27 +0200
Subject: [PATCH] qemu_domain: Format qemuDomainObjPrivate::originalMemlock
Now that qemuDomainObjPrivate struct gained new member format it
into XML and parse it so that the value is preserved across
daemon restarts.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
(cherry picked from commit 21aec91790ae14d24512856b20cff49764ede637)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_domain.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 86d673dafa..ee7d310903 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -2383,6 +2383,12 @@ qemuDomainObjPrivateXMLFormat(virBuffer *buf,
if (qemuDomainObjPrivateXMLFormatBackups(buf, vm) < 0)
return -1;
+ if (priv->originalMemlock > 0) {
+ virBufferAsprintf(buf,
+ "<originalMemlock>%llu</originalMemlock>\n",
+ priv->originalMemlock);
+ }
+
return 0;
}
@@ -3104,6 +3110,13 @@ qemuDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt,
priv->memPrealloc = virXPathBoolean("boolean(./memPrealloc)", ctxt) == 1;
+ if (virXPathULongLong("string(./originalMemlock)",
+ ctxt, &priv->originalMemlock) == -2) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to parse original memlock size"));
+ goto error;
+ }
+
return 0;
error:
--
2.35.1

View File

@ -0,0 +1,120 @@
From 35f06623b82d99dd380340eef465394975dd1c80 Mon Sep 17 00:00:00 2001
Message-Id: <35f06623b82d99dd380340eef465394975dd1c80@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 22 Jun 2022 16:37:31 +0200
Subject: [PATCH] qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/306
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit d375993ab314a41bca7ef6c846e07afc18c37774)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Conflicts:
src/qemu/qemu_migration.c
src/qemu/qemu_migration.h
- post-copy recovery not bacported
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_migration.c | 21 +++++++++++++++++++++
src/qemu/qemu_migration.h | 1 +
src/qemu/qemu_migration_params.c | 6 ++++++
src/qemu/qemu_migration_params.h | 1 +
4 files changed, 29 insertions(+)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 35ad201580..db5163e993 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -2366,6 +2366,12 @@ qemuMigrationSrcBeginPhase(virQEMUDriver *driver,
return NULL;
}
+ if (flags & VIR_MIGRATE_ZEROCOPY && !(flags & VIR_MIGRATE_PARALLEL)) {
+ virReportError(VIR_ERR_OPERATION_INVALID, "%s",
+ _("zero-copy is only available for parallel migration"));
+ return NULL;
+ }
+
if (flags & (VIR_MIGRATE_NON_SHARED_DISK | VIR_MIGRATE_NON_SHARED_INC)) {
if (flags & VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES &&
!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV)) {
@@ -4137,6 +4143,21 @@ qemuMigrationSrcRun(virQEMUDriver *driver,
migParams) < 0)
goto error;
+ if (flags & VIR_MIGRATE_ZEROCOPY) {
+ /* Zero-copy requires pages in transfer to be locked in host memory.
+ * Unfortunately, we have no reliable way of computing how many pages
+ * will need to be locked at the same time. Thus we set the limit to
+ * the whole guest memory and reset it back once migration is done. */
+ unsigned long long limit;
+
+ if (virMemoryLimitIsSet(vm->def->mem.hard_limit))
+ limit = vm->def->mem.hard_limit;
+ else
+ limit = virDomainDefGetMemoryTotal(vm->def);
+
+ if (qemuDomainSetMaxMemLock(vm, limit << 10, &priv->preMigrationMemlock) < 0)
+ goto error;
+ }
if (storageMigration) {
if (mig->nbd) {
diff --git a/src/qemu/qemu_migration.h b/src/qemu/qemu_migration.h
index b233358a51..6f737f7b4c 100644
--- a/src/qemu/qemu_migration.h
+++ b/src/qemu/qemu_migration.h
@@ -60,6 +60,7 @@
VIR_MIGRATE_TLS | \
VIR_MIGRATE_PARALLEL | \
VIR_MIGRATE_NON_SHARED_SYNCHRONOUS_WRITES | \
+ VIR_MIGRATE_ZEROCOPY | \
0)
/* All supported migration parameters and their types. */
diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_params.c
index 7b225fdf4b..c985583861 100644
--- a/src/qemu/qemu_migration_params.c
+++ b/src/qemu/qemu_migration_params.c
@@ -96,6 +96,7 @@ VIR_ENUM_IMPL(qemuMigrationCapability,
"multifd",
"dirty-bitmaps",
"return-path",
+ "zero-copy-send",
);
@@ -177,6 +178,11 @@ static const qemuMigrationParamsFlagMapItem qemuMigrationParamsFlagMap[] = {
VIR_MIGRATE_TUNNELLED,
QEMU_MIGRATION_CAP_RETURN_PATH,
QEMU_MIGRATION_SOURCE | QEMU_MIGRATION_DESTINATION},
+
+ {QEMU_MIGRATION_FLAG_REQUIRED,
+ VIR_MIGRATE_ZEROCOPY,
+ QEMU_MIGRATION_CAP_ZERO_COPY_SEND,
+ QEMU_MIGRATION_SOURCE},
};
/* Translation from VIR_MIGRATE_PARAM_* typed parameters to
diff --git a/src/qemu/qemu_migration_params.h b/src/qemu/qemu_migration_params.h
index b4de8dda7b..caa5e47f0f 100644
--- a/src/qemu/qemu_migration_params.h
+++ b/src/qemu/qemu_migration_params.h
@@ -41,6 +41,7 @@ typedef enum {
QEMU_MIGRATION_CAP_MULTIFD,
QEMU_MIGRATION_CAP_BLOCK_DIRTY_BITMAPS,
QEMU_MIGRATION_CAP_RETURN_PATH,
+ QEMU_MIGRATION_CAP_ZERO_COPY_SEND,
QEMU_MIGRATION_CAP_LAST
} qemuMigrationCapability;
--
2.35.1

View File

@ -0,0 +1,133 @@
From 8cccd9634ecd91a5b7343eddc037e0fa7de2f9f6 Mon Sep 17 00:00:00 2001
Message-Id: <8cccd9634ecd91a5b7343eddc037e0fa7de2f9f6@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 22 Jun 2022 16:12:02 +0200
Subject: [PATCH] qemu_migration: Restore original memory locking limit
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
For RDMA migration we update memory locking limit, but never set it back
once migration finishes (on the destination host) or aborts (on the
source host).
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit d4d3bb813031275c2c7cf72724b83c97ce82ab7a)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Conflicts:
src/qemu/qemu_migration.c
- post-copy resovery not backported
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_domain.c | 12 ++++++++++++
src/qemu/qemu_domain.h | 3 +++
src/qemu/qemu_migration.c | 10 ++++++++--
3 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index a81789f194..c24d1e4d53 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -2389,6 +2389,11 @@ qemuDomainObjPrivateXMLFormat(virBuffer *buf,
priv->originalMemlock);
}
+ if (priv->preMigrationMemlock > 0) {
+ virBufferAsprintf(buf, "<preMigrationMemlock>%llu</preMigrationMemlock>\n",
+ priv->preMigrationMemlock);
+ }
+
return 0;
}
@@ -3117,6 +3122,13 @@ qemuDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt,
goto error;
}
+ if (virXPathULongLong("string(./preMigrationMemlock)", ctxt,
+ &priv->preMigrationMemlock) == -2) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to parse pre-migration memlock limit"));
+ return -1;
+ }
+
return 0;
error:
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 6d1d23439a..d6e8a7a0fb 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -146,6 +146,9 @@ struct _qemuDomainObjPrivate {
int nbdPort; /* Port used for migration with NBD */
unsigned short migrationPort;
int preMigrationState;
+ unsigned long long preMigrationMemlock; /* Original RLIMIT_MEMLOCK in case
+ it was changed for the current
+ migration job. */
virChrdevs *devs;
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 10338f8e87..35ad201580 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -2974,7 +2974,8 @@ qemuMigrationDstPrepareAny(virQEMUDriver *driver,
if (STREQ_NULLABLE(protocol, "rdma") &&
vm->def->mem.hard_limit > 0 &&
- qemuDomainSetMaxMemLock(vm, vm->def->mem.hard_limit << 10, NULL) < 0) {
+ qemuDomainSetMaxMemLock(vm, vm->def->mem.hard_limit << 10,
+ &priv->preMigrationMemlock) < 0) {
goto stopjob;
}
@@ -3451,6 +3452,7 @@ qemuMigrationSrcConfirmPhase(virQEMUDriver *driver,
VIR_DOMAIN_EVENT_STOPPED_MIGRATED);
virObjectEventStateQueue(driver->domainEventState, event);
qemuDomainEventEmitJobCompleted(driver, vm);
+ priv->preMigrationMemlock = 0;
} else {
virErrorPtr orig_err;
int reason;
@@ -3471,6 +3473,7 @@ qemuMigrationSrcConfirmPhase(virQEMUDriver *driver,
qemuMigrationParamsReset(driver, vm, QEMU_ASYNC_JOB_MIGRATION_OUT,
jobPriv->migParams, priv->job.apiFlags);
+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
qemuDomainSaveStatus(vm);
}
@@ -4224,7 +4227,8 @@ qemuMigrationSrcRun(virQEMUDriver *driver,
case MIGRATION_DEST_HOST:
if (STREQ(spec->dest.host.protocol, "rdma") &&
vm->def->mem.hard_limit > 0 &&
- qemuDomainSetMaxMemLock(vm, vm->def->mem.hard_limit << 10, NULL) < 0) {
+ qemuDomainSetMaxMemLock(vm, vm->def->mem.hard_limit << 10,
+ &priv->preMigrationMemlock) < 0) {
goto exit_monitor;
}
rc = qemuMonitorMigrateToHost(priv->mon, migrate_flags,
@@ -5408,6 +5412,7 @@ qemuMigrationSrcPerformPhase(virQEMUDriver *driver,
if (ret < 0) {
qemuMigrationParamsReset(driver, vm, QEMU_ASYNC_JOB_MIGRATION_OUT,
jobPriv->migParams, priv->job.apiFlags);
+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
qemuMigrationJobFinish(driver, vm);
} else {
qemuMigrationJobContinue(vm);
@@ -5881,6 +5886,7 @@ qemuMigrationDstFinish(virQEMUDriver *driver,
cleanup:
g_clear_pointer(&jobInfo, qemuDomainJobInfoFree);
virPortAllocatorRelease(port);
+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
if (priv->mon)
qemuMonitorSetDomainLog(priv->mon, NULL, NULL, NULL);
VIR_FREE(priv->origname);
--
2.35.1

View File

@ -0,0 +1,53 @@
From 8354fa1d2e471699331961272bc38f5e4cfe7cb8 Mon Sep 17 00:00:00 2001
Message-Id: <8354fa1d2e471699331961272bc38f5e4cfe7cb8@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 22 Jun 2022 09:04:04 +0200
Subject: [PATCH] qemu_migration: Use qemuDomainSetMaxMemLock
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This helper will not try to set the limit if it is already big enough,
which may be useful when libvirt daemon is running in a containerized
environment and is not allowed to change memory locking limit.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit 22ee8cbf090c45f999b76e3f8dc7a45065fc9edf)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Conflicts:
src/qemu/qemu_migration.c
- refactoring for post-copy recovery not backported
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/qemu/qemu_migration.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 2635ef1162..10338f8e87 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -2974,7 +2974,7 @@ qemuMigrationDstPrepareAny(virQEMUDriver *driver,
if (STREQ_NULLABLE(protocol, "rdma") &&
vm->def->mem.hard_limit > 0 &&
- virProcessSetMaxMemLock(vm->pid, vm->def->mem.hard_limit << 10) < 0) {
+ qemuDomainSetMaxMemLock(vm, vm->def->mem.hard_limit << 10, NULL) < 0) {
goto stopjob;
}
@@ -4224,7 +4224,7 @@ qemuMigrationSrcRun(virQEMUDriver *driver,
case MIGRATION_DEST_HOST:
if (STREQ(spec->dest.host.protocol, "rdma") &&
vm->def->mem.hard_limit > 0 &&
- virProcessSetMaxMemLock(vm->pid, vm->def->mem.hard_limit << 10) < 0) {
+ qemuDomainSetMaxMemLock(vm, vm->def->mem.hard_limit << 10, NULL) < 0) {
goto exit_monitor;
}
rc = qemuMonitorMigrateToHost(priv->mon, migrate_flags,
--
2.35.1

View File

@ -0,0 +1,64 @@
From 07fb786e0d17bd395333d276ebbaad42c72ee358 Mon Sep 17 00:00:00 2001
Message-Id: <07fb786e0d17bd395333d276ebbaad42c72ee358@dist-git>
From: David Michael <david@bigbadwolfsecurity.com>
Date: Tue, 28 Jun 2022 08:33:41 -0400
Subject: [PATCH] security_selinux.c: Relabel existing mode="bind" UNIX sockets
This supports sockets created by libvirt and passed by FD using the
same method as in security_dac.c.
Signed-off-by: David Michael <david@bigbadwolfsecurity.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 9f13f54a6348b54170f7de3595039c99b9da72c7)
https://bugzilla.redhat.com/show_bug.cgi?id=2101575
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
src/security/security_selinux.c | 9 +++++++--
tests/securityselinuxlabeldata/chardev.txt | 2 +-
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 0952431064..b90e819fd2 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2545,7 +2545,12 @@ virSecuritySELinuxSetChardevLabel(virSecurityManager *mgr,
break;
case VIR_DOMAIN_CHR_TYPE_UNIX:
- if (!dev_source->data.nix.listen) {
+ if (!dev_source->data.nix.listen ||
+ (dev_source->data.nix.path &&
+ virFileExists(dev_source->data.nix.path))) {
+ /* Also label mode='bind' sockets if they exist,
+ * e.g. because they were created by libvirt
+ * and passed via FD */
if (virSecuritySELinuxSetFilecon(mgr,
dev_source->data.nix.path,
imagelabel,
@@ -2622,7 +2627,7 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityManager *mgr,
case VIR_DOMAIN_CHR_TYPE_UNIX:
if (!dev_source->data.nix.listen) {
if (virSecuritySELinuxRestoreFileLabel(mgr,
- dev_source->data.file.path,
+ dev_source->data.nix.path,
true) < 0)
goto done;
}
diff --git a/tests/securityselinuxlabeldata/chardev.txt b/tests/securityselinuxlabeldata/chardev.txt
index 3f4b6302b9..bdb367f7a5 100644
--- a/tests/securityselinuxlabeldata/chardev.txt
+++ b/tests/securityselinuxlabeldata/chardev.txt
@@ -2,6 +2,6 @@
/plain.dev;system_u:object_r:svirt_image_t:s0:c41,c264
/plain.fifo;system_u:object_r:svirt_image_t:s0:c41,c264
/nolabel.sock;
-/plain.sock;
+/plain.sock;system_u:object_r:svirt_image_t:s0:c41,c264
/yeslabel.sock;system_u:object_r:svirt_image_t:s0:c41,c264
/altlabel.sock;system_u:object_r:svirt_image_custom_t:s0:c41,c264
--
2.35.1

View File

@ -0,0 +1,51 @@
From 41247c87fd47f2e55825d62c697da810ba5062f5 Mon Sep 17 00:00:00 2001
Message-Id: <41247c87fd47f2e55825d62c697da810ba5062f5@dist-git>
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 14 Jun 2022 13:13:48 +0200
Subject: [PATCH] virDomainDiskDefValidate: Improve error messages for
'startupPolicy' checks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Remove linebreak and mention the attribute name. Also prepare the error
messages for future by substituting the type of offending access.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit 9a480737c8adf92c332aa850c5269191ceb04eb9)
https://bugzilla.redhat.com/show_bug.cgi?id=2095758
---
src/conf/domain_validate.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index a4271f1247..452742e67c 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -778,9 +778,9 @@ virDomainDiskDefValidate(const virDomainDef *def,
if (disk->startupPolicy != VIR_DOMAIN_STARTUP_POLICY_DEFAULT) {
if (disk->src->type == VIR_STORAGE_TYPE_NETWORK) {
virReportError(VIR_ERR_XML_ERROR,
- _("Setting disk %s is not allowed for "
- "disk of network type"),
- virDomainStartupPolicyTypeToString(disk->startupPolicy));
+ _("disk startupPolicy '%s' is not allowed for disk of '%s' type"),
+ virDomainStartupPolicyTypeToString(disk->startupPolicy),
+ virStorageTypeToString(disk->src->type));
return -1;
}
@@ -788,8 +788,7 @@ virDomainDiskDefValidate(const virDomainDef *def,
disk->device != VIR_DOMAIN_DISK_DEVICE_FLOPPY &&
disk->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_REQUISITE) {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("Setting disk 'requisite' is allowed only for "
- "cdrom or floppy"));
+ _("disk startupPolicy 'requisite' is allowed only for cdrom or floppy"));
return -1;
}
}
--
2.35.1

View File

@ -0,0 +1,42 @@
From 26daf647925213a05509cc302d9151fe4525febb Mon Sep 17 00:00:00 2001
Message-Id: <26daf647925213a05509cc302d9151fe4525febb@dist-git>
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 14 Jun 2022 14:07:47 +0200
Subject: [PATCH] virDomainDiskDefValidateStartupPolicy: Validate disk type
better
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Our startup policy checkers work only for local paths, so disk sources
such as NVMe, or vhost-user can't be used with startup policy.
Unfortunately the validation did not catch these cases. Fix it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit b90d0f0a1e4ee52c828fb683c14c14e241e6fcbb)
https://bugzilla.redhat.com/show_bug.cgi?id=2095758
---
src/conf/domain_validate.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index bfff7339ef..55759af9f8 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -604,7 +604,10 @@ virDomainDiskDefValidateStartupPolicy(const virDomainDiskDef *disk)
if (disk->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_DEFAULT)
return 0;
- if (disk->src->type == VIR_STORAGE_TYPE_NETWORK) {
+ /* We want to allow any startup policy for un-translated _TYPE_VOLUME disks.
+ * virStorageSourceGetActualType returns _TYPE_VOLUME in such case */
+ if (virStorageSourceGetActualType(disk->src) != VIR_STORAGE_TYPE_VOLUME &&
+ !virStorageSourceIsLocalStorage(disk->src)) {
virReportError(VIR_ERR_XML_ERROR,
_("disk startupPolicy '%s' is not allowed for disk of '%s' type"),
virDomainStartupPolicyTypeToString(disk->startupPolicy),
--
2.35.1

View File

@ -0,0 +1,56 @@
From 2ea89fb18aa9d2dac1e651869736fede7a2ec434 Mon Sep 17 00:00:00 2001
Message-Id: <2ea89fb18aa9d2dac1e651869736fede7a2ec434@dist-git>
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 14 Jun 2022 14:21:33 +0200
Subject: [PATCH] virDomainDiskTranslateSourcePool: Fix check of
'startupPolicy' definition
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The check was historically done only for _TYPE_VOLUME disks, but
refactors to allow _TYPE_VOLUME disks in the backing chain caused a
regression where we'd reject startupPolicy also for _TYPE_BLOCK disks
which historically worked well.
Fix it by using the 'virDomainDiskDefValidateStartupPolicy' helper and
use it only when the top level image is a _TYPE_VOLUME as in other cases
it was already validated. This also allows _TYPE_BLOCK volumes to use
startup policy.
Fixes: 37f01262eed9f37dd5eb7de8b83edd2fea741054
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2095758
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit ed8984306e1cd44c424fda3ed412a4177dd7b84d)
---
src/conf/domain_conf.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 805a15848e..92510973e6 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -31311,13 +31311,13 @@ virDomainDiskTranslateSourcePool(virDomainDiskDef *def)
if (virDomainStorageSourceTranslateSourcePool(n, conn) < 0)
return -1;
- }
- if (def->startupPolicy != 0 &&
- virStorageSourceGetActualType(def->src) != VIR_STORAGE_TYPE_FILE) {
- virReportError(VIR_ERR_XML_ERROR, "%s",
- _("'startupPolicy' is only valid for 'file' type volume"));
- return -1;
+ /* The validity of 'startupPolicy' setting is checked only for the top
+ * level image. For any other subsequent images we honour it only if
+ * possible */
+ if (n == def->src &&
+ virDomainDiskDefValidateStartupPolicy(def) < 0)
+ return -1;
}
return 0;
--
2.35.1

View File

@ -0,0 +1,80 @@
From 20c1c86f96dd7293734888ef6f8b75c11cda5fae Mon Sep 17 00:00:00 2001
Message-Id: <20c1c86f96dd7293734888ef6f8b75c11cda5fae@dist-git>
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 22 Jun 2022 16:36:53 +0200
Subject: [PATCH] virsh: Add support for VIR_MIGRATE_ZEROCOPY flag
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit efa3baeae70fbdf4ab032ca485cb9272ee96bd50)
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
Conflicts:
docs/manpages/virsh.rst
tools/virsh-domain.c
- post-copy recovery not backported
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
docs/manpages/virsh.rst | 8 +++++++-
tools/virsh-domain.c | 7 +++++++
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index dd534c10cb..d24e7774a6 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -3225,7 +3225,8 @@ migrate
migrate [--live] [--offline] [--direct] [--p2p [--tunnelled]]
[--persistent] [--undefinesource] [--suspend] [--copy-storage-all]
[--copy-storage-inc] [--change-protection] [--unsafe] [--verbose]
- [--rdma-pin-all] [--abort-on-error] [--postcopy] [--postcopy-after-precopy]
+ [--rdma-pin-all] [--abort-on-error] [--postcopy]
+ [--postcopy-after-precopy] [--zerocopy]
domain desturi [migrateuri] [graphicsuri] [listen-address] [dname]
[--timeout seconds [--timeout-suspend | --timeout-postcopy]]
[--xml file] [--migrate-disks disk-list] [--disks-port port]
@@ -3298,6 +3299,11 @@ high (and thus allowing the domain to lock most of the host's memory). Doing so
may be dangerous to both the domain and the host itself since the host's kernel
may run out of memory.
+*--zerocopy* requests zero-copy mechanism to be used for migrating memory pages.
+For QEMU/KVM this means QEMU will be temporarily allowed to lock all guest
+pages in host's memory, although only those that are queued for transfer will
+be locked at the same time.
+
``Note``: Individual hypervisors usually do not support all possible types of
migration. For example, QEMU does not support direct migration.
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index b56f6a90f5..c5bade1dbf 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -10730,6 +10730,10 @@ static const vshCmdOptDef opts_migrate[] = {
.type = VSH_OT_BOOL,
.help = N_("automatically switch to post-copy migration after one pass of pre-copy")
},
+ {.name = "zerocopy",
+ .type = VSH_OT_BOOL,
+ .help = N_("use zero-copy mechanism for migrating memory pages")
+ },
{.name = "migrateuri",
.type = VSH_OT_STRING,
.completer = virshCompleteEmpty,
@@ -11133,6 +11137,9 @@ doMigrate(void *opaque)
if (vshCommandOptBool(cmd, "postcopy"))
flags |= VIR_MIGRATE_POSTCOPY;
+ if (vshCommandOptBool(cmd, "zerocopy"))
+ flags |= VIR_MIGRATE_ZEROCOPY;
+
if (vshCommandOptBool(cmd, "tls"))
flags |= VIR_MIGRATE_TLS;
--
2.35.1

View File

@ -210,7 +210,7 @@
Summary: Library providing a simple virtualization API
Name: libvirt
Version: 8.0.0
Release: 6%{?dist}%{?extra_release}
Release: 10%{?dist}%{?extra_release}
License: LGPLv2+
URL: https://libvirt.org/
@ -242,6 +242,31 @@ Patch19: libvirt-conf-Introduce-memory-allocation-threads.patch
Patch20: libvirt-qemu_capabilities-Detect-memory-backend-.prealloc-threads-property.patch
Patch21: libvirt-qemu_validate-Validate-prealloc-threads-against-qemuCpas.patch
Patch22: libvirt-qemu_command-Generate-prealloc-threads-property.patch
Patch23: libvirt-cpu_map-Disable-cpu64-rhel-for-host-model-and-baseline.patch
Patch24: libvirt-cputest-Drop-some-old-artificial-baseline-tests.patch
Patch25: libvirt-cputest-Give-better-names-to-baseline-tests.patch
Patch26: libvirt-cputest-Add-some-real-world-baseline-tests.patch
Patch27: libvirt-cpu_x86-Consolidate-signature-match-in-x86DecodeUseCandidate.patch
Patch28: libvirt-cpu_x86-Refactor-feature-list-comparison-in-x86DecodeUseCandidate.patch
Patch29: libvirt-cpu_x86-Penalize-disabled-features-when-computing-CPU-model.patch
Patch30: libvirt-cpu_x86-Ignore-enabled-features-for-input-models-in-x86DecodeUseCandidate.patch
Patch31: libvirt-nwfilter-fix-crash-when-counting-number-of-network-filters.patch
Patch32: libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch
Patch33: libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch
Patch34: libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch
Patch35: libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch
Patch36: libvirt-conf-virtiofs-add-thread_pool-element.patch
Patch37: libvirt-qemu-virtiofs-format-thread-pool-size.patch
Patch38: libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch
Patch39: libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch
Patch40: libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch
Patch41: libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch
Patch42: libvirt-qemu_migration-Restore-original-memory-locking-limit.patch
Patch43: libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch
Patch44: libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch
Patch45: libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch
Patch46: libvirt-security_selinux.c-Relabel-existing-mode-bind-UNIX-sockets.patch
Patch47: libvirt-RHEL-qemu_migration-Fix-restoring-memlock-limit-on-destination.patch
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-config-network = %{version}-%{release}
@ -2115,6 +2140,39 @@ exit 0
%changelog
* Mon Jul 25 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-10
- security_selinux.c: Relabel existing mode="bind" UNIX sockets (rhbz#2101575)
- RHEL: qemu_migration: Fix restoring memlock limit on destination (rhbz#2107954)
* Thu Jun 30 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-9
- conf: virtiofs: add thread_pool element (rhbz#2079582)
- qemu: virtiofs: format --thread-pool-size (rhbz#2079582)
- conf: Move virDomainObj::originalMemlock into qemuDomainObjPrivate (rhbz#2089433)
- qemu_domain: Format qemuDomainObjPrivate::originalMemlock (rhbz#2089433)
- qemu: Add qemuDomainSetMaxMemLock helper (rhbz#2089433)
- qemu_migration: Use qemuDomainSetMaxMemLock (rhbz#2089433)
- qemu_migration: Restore original memory locking limit (rhbz#2089433)
- Add VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433)
- virsh: Add support for VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433)
- qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433)
* Wed Jun 15 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-8
- nwfilter: fix crash when counting number of network filters (CVE-2022-0897, rhbz#2063902)
- virDomainDiskDefValidate: Improve error messages for 'startupPolicy' checks (rhbz#2095758)
- domain_validate: Split out validation of disk startup policy (rhbz#2095758)
- virDomainDiskDefValidateStartupPolicy: Validate disk type better (rhbz#2095758)
- virDomainDiskTranslateSourcePool: Fix check of 'startupPolicy' definition (rhbz#2095758)
* Tue May 17 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-7
- cpu_map: Disable cpu64-rhel* for host-model and baseline (rhbz#1851227)
- cputest: Drop some old artificial baseline tests (rhbz#1851227)
- cputest: Give better names to baseline tests (rhbz#1851227)
- cputest: Add some real world baseline tests (rhbz#1851227)
- cpu_x86: Consolidate signature match in x86DecodeUseCandidate (rhbz#1851227)
- cpu_x86: Refactor feature list comparison in x86DecodeUseCandidate (rhbz#1851227)
- cpu_x86: Penalize disabled features when computing CPU model (rhbz#1851227)
- cpu_x86: Ignore enabled features for input models in x86DecodeUseCandidate (rhbz#1851227)
* Wed Apr 27 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-6
- conf: Introduce memory allocation threads (rhbz#2067126)
- qemu_capabilities: Detect memory-backend-*.prealloc-threads property (rhbz#2067126)