forked from rpms/libvirt
import libvirt-8.0.0-10.module+el8.7.0+16689+53d59bc2
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
b9490e7bc0
commit
eec91b4d3f
@ -1,5 +1,5 @@
|
||||
From 2f3e89c97c7babc1d4da579eadf34979c8fc1725 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <2f3e89c97c7babc1d4da579eadf34979c8fc1725@dist-git>
|
||||
From 9c2fd182a02d64004e30900c52e3fcdb550de0bd Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <9c2fd182a02d64004e30900c52e3fcdb550de0bd@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 16:35:50 +0200
|
||||
Subject: [PATCH] Add VIR_MIGRATE_ZEROCOPY flag
|
||||
@ -14,7 +14,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 8744beecb36600e773c8a8c4823db2bf4b3e262d)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Conflicts:
|
||||
include/libvirt/libvirt-domain.h
|
||||
|
||||
@ -0,0 +1,52 @@
|
||||
From b6c1f9ca8eb0ca8f7603ab205c7dc95b9f07b5a0 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <b6c1f9ca8eb0ca8f7603ab205c7dc95b9f07b5a0@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Mon, 18 Jul 2022 16:01:20 +0200
|
||||
Subject: [PATCH] RHEL: qemu_migration: Fix restoring memlock limit on
|
||||
destination
|
||||
|
||||
Restoring memory locking limit on the destination host only makes sense
|
||||
when migration succeeded as otherwise the QEMU process will be killed
|
||||
anyway. Specifically if the migration fails because the process died,
|
||||
touching the limit would produce rather unhelpful error message instead
|
||||
of the real issue:
|
||||
|
||||
cannot get locked memory limit of process -1: No such file or
|
||||
directory
|
||||
|
||||
This patch is RHEL-only caused by misplacing the call to
|
||||
qemuDomainSetMaxMemLock when the "qemu_migration: Restore original
|
||||
memory locking limit" upstream patch was backported to an older code
|
||||
base.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2107954
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_migration.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
|
||||
index db5163e993..11f87296d6 100644
|
||||
--- a/src/qemu/qemu_migration.c
|
||||
+++ b/src/qemu/qemu_migration.c
|
||||
@@ -5895,6 +5895,8 @@ qemuMigrationDstFinish(virQEMUDriver *driver,
|
||||
*/
|
||||
if (inPostCopy)
|
||||
g_clear_pointer(&priv->job.completed, qemuDomainJobInfoFree);
|
||||
+
|
||||
+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
|
||||
}
|
||||
|
||||
qemuMigrationParamsReset(driver, vm, QEMU_ASYNC_JOB_MIGRATION_IN,
|
||||
@@ -5907,7 +5909,6 @@ qemuMigrationDstFinish(virQEMUDriver *driver,
|
||||
cleanup:
|
||||
g_clear_pointer(&jobInfo, qemuDomainJobInfoFree);
|
||||
virPortAllocatorRelease(port);
|
||||
- qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
|
||||
if (priv->mon)
|
||||
qemuMonitorSetDomainLog(priv->mon, NULL, NULL, NULL);
|
||||
VIR_FREE(priv->origname);
|
||||
--
|
||||
2.35.1
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From e60a964e51cb0aecb060f1a1cc2884586e00ddeb Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <e60a964e51cb0aecb060f1a1cc2884586e00ddeb@dist-git>
|
||||
From 19f7e6dc950baf346738f462ac5c6b815c04edcc Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <19f7e6dc950baf346738f462ac5c6b815c04edcc@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 21 Mar 2022 16:49:25 +0100
|
||||
Subject: [PATCH] conf: Introduce memory allocation threads
|
||||
@ -18,7 +18,7 @@ only complicate things for a little or no benefit.
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit ba7f98126fa84d354ce72929b77cc111a9a557a9)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
docs/formatdomain.rst | 8 +++++---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From b4469bda27e54a948f0d2750637226afc2b2be61 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <b4469bda27e54a948f0d2750637226afc2b2be61@dist-git>
|
||||
From 00c5cab2b92b653edbf491d9ef60359578c3d59a Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <00c5cab2b92b653edbf491d9ef60359578c3d59a@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Wed, 11 May 2022 16:27:18 +0200
|
||||
Subject: [PATCH] conf: Move virDomainObj::originalMemlock into
|
||||
@ -15,7 +15,7 @@ Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
|
||||
(cherry picked from commit 75df6d2c291c48d65c1e54dd93e3d2d3cb0712e7)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
@ -25,10 +25,10 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
3 files changed, 8 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
|
||||
index 10af94e2e4..7e3255e41a 100644
|
||||
index d0d0fdc815..45976beb2b 100644
|
||||
--- a/src/conf/domain_conf.h
|
||||
+++ b/src/conf/domain_conf.h
|
||||
@@ -3030,9 +3030,6 @@ struct _virDomainObj {
|
||||
@@ -3031,9 +3031,6 @@ struct _virDomainObj {
|
||||
int taint;
|
||||
size_t ndeprecations;
|
||||
char **deprecations;
|
||||
|
||||
151
SOURCES/libvirt-conf-virtiofs-add-thread_pool-element.patch
Normal file
151
SOURCES/libvirt-conf-virtiofs-add-thread_pool-element.patch
Normal file
@ -0,0 +1,151 @@
|
||||
From 0c09e4225c511ce1b0ebe22e45962f83d5145e66 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <0c09e4225c511ce1b0ebe22e45962f83d5145e66@dist-git>
|
||||
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
|
||||
Date: Fri, 10 Jun 2022 15:10:29 +0200
|
||||
Subject: [PATCH] conf: virtiofs: add thread_pool element
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Add an element to configure the thread pool size:
|
||||
|
||||
...
|
||||
<binary>
|
||||
<thread_pool size='16'/>
|
||||
</binary>
|
||||
...
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2072905
|
||||
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 0df2e7df80452f81edbfeb0ee355235b533346a9)
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2079582
|
||||
---
|
||||
docs/formatdomain.rst | 6 ++++++
|
||||
docs/schemas/domaincommon.rng | 9 +++++++++
|
||||
src/conf/domain_conf.c | 15 +++++++++++++++
|
||||
src/conf/domain_conf.h | 1 +
|
||||
.../qemuxml2argvdata/vhost-user-fs-fd-memory.xml | 1 +
|
||||
5 files changed, 32 insertions(+)
|
||||
|
||||
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
|
||||
index 17e89a0c0d..e6cf2ec083 100644
|
||||
--- a/docs/formatdomain.rst
|
||||
+++ b/docs/formatdomain.rst
|
||||
@@ -3316,6 +3316,7 @@ A directory on the host that can be accessed directly from the guest.
|
||||
<cache mode='always'/>
|
||||
<sandbox mode='namespace'/>
|
||||
<lock posix='on' flock='on'/>
|
||||
+ <thread_pool size='16'/>
|
||||
</binary>
|
||||
<source dir='/path'/>
|
||||
<target dir='mount_tag'/>
|
||||
@@ -3449,6 +3450,11 @@ A directory on the host that can be accessed directly from the guest.
|
||||
``chroot``, see the
|
||||
`virtiofsd documentation <https://qemu.readthedocs.io/en/latest/tools/virtiofsd.html>`__
|
||||
for more details. ( :since:`Since 7.2.0` )
|
||||
+ Element ``thread_pool`` accepts one attribute ``size`` which defines the
|
||||
+ maximum thread pool size. A value of "0" disables the pool.
|
||||
+ The thread pool helps increase the number of requests in flight when used with
|
||||
+ storage that has a higher latency. However, it has an overhead, and so for
|
||||
+ fast, low latency filesystems, it may be best to turn it off. ( :since:`Since 8.5.0` )
|
||||
``source``
|
||||
The resource on the host that is being accessed in the guest. The ``name``
|
||||
attribute must be used with ``type='template'``, and the ``dir`` attribute
|
||||
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
|
||||
index c9c1529979..79c8979410 100644
|
||||
--- a/docs/schemas/domaincommon.rng
|
||||
+++ b/docs/schemas/domaincommon.rng
|
||||
@@ -3064,6 +3064,15 @@
|
||||
</optional>
|
||||
</element>
|
||||
</optional>
|
||||
+ <optional>
|
||||
+ <element name="thread_pool">
|
||||
+ <optional>
|
||||
+ <attribute name="size">
|
||||
+ <data type="integer"/>
|
||||
+ </attribute>
|
||||
+ </optional>
|
||||
+ </element>
|
||||
+ </optional>
|
||||
</interleave>
|
||||
</element>
|
||||
</define>
|
||||
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
|
||||
index 92510973e6..95afd9226e 100644
|
||||
--- a/src/conf/domain_conf.c
|
||||
+++ b/src/conf/domain_conf.c
|
||||
@@ -2447,6 +2447,8 @@ virDomainFSDefNew(virDomainXMLOption *xmlopt)
|
||||
|
||||
ret->src = virStorageSourceNew();
|
||||
|
||||
+ ret->thread_pool_size = -1;
|
||||
+
|
||||
if (xmlopt &&
|
||||
xmlopt->privateData.fsNew &&
|
||||
!(ret->privateData = xmlopt->privateData.fsNew()))
|
||||
@@ -9869,6 +9871,7 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
|
||||
if (def->fsdriver == VIR_DOMAIN_FS_DRIVER_TYPE_VIRTIOFS) {
|
||||
g_autofree char *queue_size = virXPathString("string(./driver/@queue)", ctxt);
|
||||
g_autofree char *binary = virXPathString("string(./binary/@path)", ctxt);
|
||||
+ g_autofree char *thread_pool_size = virXPathString("string(./binary/thread_pool/@size)", ctxt);
|
||||
g_autofree char *xattr = virXPathString("string(./binary/@xattr)", ctxt);
|
||||
g_autofree char *cache = virXPathString("string(./binary/cache/@mode)", ctxt);
|
||||
g_autofree char *sandbox = virXPathString("string(./binary/sandbox/@mode)", ctxt);
|
||||
@@ -9883,6 +9886,14 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt,
|
||||
goto error;
|
||||
}
|
||||
|
||||
+ if (thread_pool_size &&
|
||||
+ virStrToLong_i(thread_pool_size, NULL, 10, &def->thread_pool_size) < 0) {
|
||||
+ virReportError(VIR_ERR_XML_ERROR,
|
||||
+ _("cannot parse thread pool size '%s' for virtiofs"),
|
||||
+ queue_size);
|
||||
+ goto error;
|
||||
+ }
|
||||
+
|
||||
if (binary)
|
||||
def->binary = virFileSanitizePath(binary);
|
||||
|
||||
@@ -24205,6 +24216,10 @@ virDomainFSDefFormat(virBuffer *buf,
|
||||
}
|
||||
|
||||
virXMLFormatElement(&binaryBuf, "lock", &lockAttrBuf, NULL);
|
||||
+
|
||||
+ if (def->thread_pool_size >= 0)
|
||||
+ virBufferAsprintf(&binaryBuf, "<thread_pool size='%d'/>\n", def->thread_pool_size);
|
||||
+
|
||||
}
|
||||
|
||||
virDomainVirtioOptionsFormat(&driverAttrBuf, def->virtio);
|
||||
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
|
||||
index 10af94e2e4..d0d0fdc815 100644
|
||||
--- a/src/conf/domain_conf.h
|
||||
+++ b/src/conf/domain_conf.h
|
||||
@@ -892,6 +892,7 @@ struct _virDomainFSDef {
|
||||
virTristateSwitch posix_lock;
|
||||
virTristateSwitch flock;
|
||||
virDomainFSSandboxMode sandbox;
|
||||
+ int thread_pool_size;
|
||||
virDomainVirtioOptions *virtio;
|
||||
virObject *privateData;
|
||||
};
|
||||
diff --git a/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml b/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml
|
||||
index abddf0870b..81de8c0dd7 100644
|
||||
--- a/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml
|
||||
+++ b/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml
|
||||
@@ -32,6 +32,7 @@
|
||||
<cache mode='always'/>
|
||||
<sandbox mode='chroot'/>
|
||||
<lock posix='off' flock='off'/>
|
||||
+ <thread_pool size='16'/>
|
||||
</binary>
|
||||
<source dir='/path'/>
|
||||
<target dir='mount_tag'/>
|
||||
--
|
||||
2.35.1
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From d03c369dd75c747f25ecc34af3b9d79adf92ea0c Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d03c369dd75c747f25ecc34af3b9d79adf92ea0c@dist-git>
|
||||
From 46f4cfe513f0f893c862dca7f02ed7d7932b2115 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <46f4cfe513f0f893c862dca7f02ed7d7932b2115@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Tue, 26 Apr 2022 12:50:41 +0200
|
||||
Subject: [PATCH] cpu_map: Disable cpu64-rhel* for host-model and baseline
|
||||
@ -12,7 +12,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit d2e4d66be35cd04da72e5f5129a8a4da6a931505)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From e075af4319c7c30531421e6667845abd30cd28e9 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <e075af4319c7c30531421e6667845abd30cd28e9@dist-git>
|
||||
From 99a298a4a0575bf0072f504c4b8e4551400c44c0 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <99a298a4a0575bf0072f504c4b8e4551400c44c0@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Tue, 26 Apr 2022 11:58:07 +0200
|
||||
Subject: [PATCH] cpu_x86: Consolidate signature match in x86DecodeUseCandidate
|
||||
@ -12,7 +12,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 35ce086667e68e8f546cf36473591dd7c19c72eb)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 5b5f684bfceeed923e1733931b6c4c75d5ed4149 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <5b5f684bfceeed923e1733931b6c4c75d5ed4149@dist-git>
|
||||
From 752c74eeae67d41e7550991cb3bbe289984ec9d3 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <752c74eeae67d41e7550991cb3bbe289984ec9d3@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Fri, 29 Apr 2022 10:35:02 +0200
|
||||
Subject: [PATCH] cpu_x86: Ignore enabled features for input models in
|
||||
@ -22,7 +22,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit bb6cedd2082599323257ee0df18c93a6e0551b0b)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 652e1798991dcb503abc9a2588b0f95c47b8e3df Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <652e1798991dcb503abc9a2588b0f95c47b8e3df@dist-git>
|
||||
From 5db9a525e3cec267544580d43554b2cf5779b6b9 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <5db9a525e3cec267544580d43554b2cf5779b6b9@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Tue, 26 Apr 2022 15:06:30 +0200
|
||||
Subject: [PATCH] cpu_x86: Penalize disabled features when computing CPU model
|
||||
@ -39,8 +39,6 @@ Conflicts:
|
||||
tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml
|
||||
- not supported upstream anymore
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
src/cpu/cpu_x86.c | 44 ++++++++++++++++---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From d9736516378d1fbac451dd80a93bf25c85e74b50 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d9736516378d1fbac451dd80a93bf25c85e74b50@dist-git>
|
||||
From 3d7a4041d31e403dc9e762b34f7faf36f7f20a28 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <3d7a4041d31e403dc9e762b34f7faf36f7f20a28@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Tue, 26 Apr 2022 15:02:51 +0200
|
||||
Subject: [PATCH] cpu_x86: Refactor feature list comparison in
|
||||
@ -12,7 +12,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 1d6ca40ac23c039abc4392b668f256d0eda33280)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 8f7e267c7b98b378e301519b10aa3d18f0ceb45c Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <8f7e267c7b98b378e301519b10aa3d18f0ceb45c@dist-git>
|
||||
From b37a398da4323407de24d19afac937eac80170cc Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <b37a398da4323407de24d19afac937eac80170cc@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Thu, 21 Apr 2022 18:25:15 +0200
|
||||
Subject: [PATCH] cputest: Add some real world baseline tests
|
||||
@ -8,7 +8,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 63d633b9a4fc42da7e2acaf45501914607d968a5)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 039e6627a7ee53973da64405b79cc0c0f6111fc7 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <039e6627a7ee53973da64405b79cc0c0f6111fc7@dist-git>
|
||||
From 50d94f13286ca19ef1f457be72debdbf77547df6 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <50d94f13286ca19ef1f457be72debdbf77547df6@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 4 May 2022 16:21:38 +0200
|
||||
Subject: [PATCH] cputest: Drop some old artificial baseline tests
|
||||
@ -8,7 +8,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 6aff36019bbaf643f451779621c6c88cab0e64a7)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 89272567fd9e2b87133333f5565c1d9e2befb350 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <89272567fd9e2b87133333f5565c1d9e2befb350@dist-git>
|
||||
From 6cf9cd8f6d9e90eadd58d8a37129e7401876e4e8 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <6cf9cd8f6d9e90eadd58d8a37129e7401876e4e8@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 4 May 2022 16:28:03 +0200
|
||||
Subject: [PATCH] cputest: Give better names to baseline tests
|
||||
@ -8,7 +8,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 3daa68e26514dc114d71f4c44f7d728e93a53cd0)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2084030
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1851227
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From bfd8d181d45a22731ae5b1f05f3cb9488a2c7939 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <bfd8d181d45a22731ae5b1f05f3cb9488a2c7939@dist-git>
|
||||
From 296343c5a950668d790f9cd5ebd7b466e8156d03 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <296343c5a950668d790f9cd5ebd7b466e8156d03@dist-git>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Tue, 14 Jun 2022 13:23:29 +0200
|
||||
Subject: [PATCH] domain_validate: Split out validation of disk startup policy
|
||||
@ -14,7 +14,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 3603a18bcec18842cedecbd8329723062b87795c)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2095758
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2109571
|
||||
---
|
||||
src/conf/domain_validate.c | 45 ++++++++++++++++++++++++--------------
|
||||
src/conf/domain_validate.h | 2 ++
|
||||
|
||||
@ -0,0 +1,55 @@
|
||||
From dc6ab8b51ff53ba22abfb84f24641aa87320038a Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <dc6ab8b51ff53ba22abfb84f24641aa87320038a@dist-git>
|
||||
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
||||
Date: Tue, 8 Mar 2022 17:28:38 +0000
|
||||
Subject: [PATCH] nwfilter: fix crash when counting number of network filters
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The virNWFilterObjListNumOfNWFilters method iterates over the
|
||||
driver->nwfilters, accessing virNWFilterObj instances. As such
|
||||
it needs to be protected against concurrent modification of
|
||||
the driver->nwfilters object.
|
||||
|
||||
This API allows unprivileged users to connect, so users with
|
||||
read-only access to libvirt can cause a denial of service
|
||||
crash if they are able to race with a call of virNWFilterUndefine.
|
||||
Since network filters are usually statically defined, this is
|
||||
considered a low severity problem.
|
||||
|
||||
This is assigned CVE-2022-0897.
|
||||
|
||||
Reviewed-by: Eric Blake <eblake@redhat.com>
|
||||
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||
(cherry picked from commit a4947e8f63c3e6b7b067b444f3d6cf674c0d7f36)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2063902
|
||||
---
|
||||
src/nwfilter/nwfilter_driver.c | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
|
||||
index 200451d6b1..956aca6421 100644
|
||||
--- a/src/nwfilter/nwfilter_driver.c
|
||||
+++ b/src/nwfilter/nwfilter_driver.c
|
||||
@@ -478,11 +478,15 @@ nwfilterLookupByName(virConnectPtr conn,
|
||||
static int
|
||||
nwfilterConnectNumOfNWFilters(virConnectPtr conn)
|
||||
{
|
||||
+ int ret;
|
||||
if (virConnectNumOfNWFiltersEnsureACL(conn) < 0)
|
||||
return -1;
|
||||
|
||||
- return virNWFilterObjListNumOfNWFilters(driver->nwfilters, conn,
|
||||
- virConnectNumOfNWFiltersCheckACL);
|
||||
+ nwfilterDriverLock();
|
||||
+ ret = virNWFilterObjListNumOfNWFilters(driver->nwfilters, conn,
|
||||
+ virConnectNumOfNWFiltersCheckACL);
|
||||
+ nwfilterDriverUnlock();
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
|
||||
--
|
||||
2.35.1
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 7f5b89a15bfcd964c7f2b6ccbf3c03fd867f93b5 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <7f5b89a15bfcd964c7f2b6ccbf3c03fd867f93b5@dist-git>
|
||||
From 2595c7716b19214b2729b41b86656f96a2cd18bc Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <2595c7716b19214b2729b41b86656f96a2cd18bc@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 15:21:30 +0200
|
||||
Subject: [PATCH] qemu: Add qemuDomainSetMaxMemLock helper
|
||||
@ -15,7 +15,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit dff51c7f5760ded8235076f55d082fe4363f2f78)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
37
SOURCES/libvirt-qemu-virtiofs-format-thread-pool-size.patch
Normal file
37
SOURCES/libvirt-qemu-virtiofs-format-thread-pool-size.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From 44f83782ba882f9eb037a54fb75231c305d98712 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <44f83782ba882f9eb037a54fb75231c305d98712@dist-git>
|
||||
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
|
||||
Date: Fri, 10 Jun 2022 15:25:00 +0200
|
||||
Subject: [PATCH] qemu: virtiofs: format --thread-pool-size
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2079582
|
||||
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 2753eba20ce76d3d8785b23a6e940574ca12fe3c)
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_virtiofs.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/src/qemu/qemu_virtiofs.c b/src/qemu/qemu_virtiofs.c
|
||||
index 1b853a5a59..1ee3781286 100644
|
||||
--- a/src/qemu/qemu_virtiofs.c
|
||||
+++ b/src/qemu/qemu_virtiofs.c
|
||||
@@ -163,6 +163,10 @@ qemuVirtioFSBuildCommandLine(virQEMUDriverConfig *cfg,
|
||||
virBufferAddLit(&opts, ",no_posix_lock");
|
||||
|
||||
virCommandAddArgBuffer(cmd, &opts);
|
||||
+
|
||||
+ if (fs->thread_pool_size >= 0)
|
||||
+ virCommandAddArgFormat(cmd, "--thread-pool-size=%i", fs->thread_pool_size);
|
||||
+
|
||||
if (cfg->virtiofsdDebug)
|
||||
virCommandAddArg(cmd, "-d");
|
||||
|
||||
--
|
||||
2.35.1
|
||||
|
||||
@ -1,57 +0,0 @@
|
||||
From 9e5559fb4056507ecfc5e7dd758c3837283feb39 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <9e5559fb4056507ecfc5e7dd758c3837283feb39@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Wed, 28 Sep 2022 10:12:36 +0200
|
||||
Subject: [PATCH] qemuProcessReconnect: Don't build memory paths
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Let me take you on a short trip to history. A long time ago,
|
||||
libvirt would configure all QEMUs to use $hugetlbfs/libvirt/qemu
|
||||
for their hugepages setup. This was problematic, because it did
|
||||
not allow enough separation between guests. Therefore in
|
||||
v3.0.0-rc1~367 the path changed to a per-domain basis:
|
||||
|
||||
$hugetlbfs/libvirt/qemu/$domainShortName
|
||||
|
||||
And to help with migration on daemon restart a call to
|
||||
qemuProcessBuildDestroyMemoryPaths() was added to
|
||||
qemuProcessReconnect() (well, it was named
|
||||
qemuProcessBuildDestroyHugepagesPath() back then, see
|
||||
v3.10.0-rc1~174). This was desirable then, because the memory
|
||||
hotplug code did not call the function, it simply assumes
|
||||
per-domain paths to exist. But this changed in v3.5.0-rc1~92
|
||||
after which the per-domain paths are created on memory hotplug
|
||||
too.
|
||||
|
||||
Therefore, it's no longer necessary to create these paths in
|
||||
qemuProcessReconnect(). They are created exactly when needed
|
||||
(domain startup and memory hotplug).
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 3478cca80ea7382cfdbff836d5d0b92aa014297b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_process.c | 3 ---
|
||||
1 file changed, 3 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index 1164340aa9..0fb665bc82 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -8869,9 +8869,6 @@ qemuProcessReconnect(void *opaque)
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
- if (qemuProcessBuildDestroyMemoryPaths(driver, obj, NULL, true) < 0)
|
||||
- goto error;
|
||||
-
|
||||
if ((qemuDomainAssignAddresses(obj->def, priv->qemuCaps,
|
||||
driver, obj, false)) < 0) {
|
||||
goto error;
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 9f9fcbc842846c6f2579ca52190f506060e191d8 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <9f9fcbc842846c6f2579ca52190f506060e191d8@dist-git>
|
||||
From c387e7680c07d7dbb934dbe972e99ab78cebad28 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <c387e7680c07d7dbb934dbe972e99ab78cebad28@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 21 Mar 2022 16:55:05 +0100
|
||||
Subject: [PATCH] qemu_capabilities: Detect memory-backend-*.prealloc-threads
|
||||
@ -36,7 +36,7 @@ tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml
|
||||
tests/qemucapabilitiesdata/caps_7.0.0.ppc64.xml
|
||||
tests/qemucapabilitiesdata/caps_7.0.0.x86_64.xml
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_capabilities.c | 2 ++
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From f9c8097e8a836052239c51552d943a76b8164de3 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <f9c8097e8a836052239c51552d943a76b8164de3@dist-git>
|
||||
From e52b12a986de8ac469b98135b2c1d2a8a63b9052 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <e52b12a986de8ac469b98135b2c1d2a8a63b9052@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 21 Mar 2022 17:10:15 +0100
|
||||
Subject: [PATCH] qemu_command: Generate prealloc-threads property
|
||||
@ -16,7 +16,7 @@ tests/qemuxml2argvdata/memfd-memory-numa.x86_64-latest.args:
|
||||
Upstream has moved some cmd line arguments
|
||||
(v8.0.0-260-gaf23241cfe) but that is not backported.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_command.c | 5 ++++-
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From cbfe812a4affe5be7677bf28764b58dc7f99c969 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <cbfe812a4affe5be7677bf28764b58dc7f99c969@dist-git>
|
||||
From b221b3ab6d881efedc544e0e0ed9c507e21fd178 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <b221b3ab6d881efedc544e0e0ed9c507e21fd178@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Wed, 11 May 2022 16:37:27 +0200
|
||||
Subject: [PATCH] qemu_domain: Format qemuDomainObjPrivate::originalMemlock
|
||||
@ -12,7 +12,7 @@ Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
|
||||
(cherry picked from commit 21aec91790ae14d24512856b20cff49764ede637)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 34dc905251ca0f00d92e8419adc63580c6266394 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <34dc905251ca0f00d92e8419adc63580c6266394@dist-git>
|
||||
From 35f06623b82d99dd380340eef465394975dd1c80 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <35f06623b82d99dd380340eef465394975dd1c80@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 16:37:31 +0200
|
||||
Subject: [PATCH] qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag
|
||||
@ -13,7 +13,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit d375993ab314a41bca7ef6c846e07afc18c37774)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Conflicts:
|
||||
src/qemu/qemu_migration.c
|
||||
@ -29,7 +29,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
4 files changed, 29 insertions(+)
|
||||
|
||||
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
|
||||
index 01102c4300..11f87296d6 100644
|
||||
index 35ad201580..db5163e993 100644
|
||||
--- a/src/qemu/qemu_migration.c
|
||||
+++ b/src/qemu/qemu_migration.c
|
||||
@@ -2366,6 +2366,12 @@ qemuMigrationSrcBeginPhase(virQEMUDriver *driver,
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 7cbfdb081de6e4eb684447ba48869082df798419 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <7cbfdb081de6e4eb684447ba48869082df798419@dist-git>
|
||||
From 8cccd9634ecd91a5b7343eddc037e0fa7de2f9f6 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <8cccd9634ecd91a5b7343eddc037e0fa7de2f9f6@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 16:12:02 +0200
|
||||
Subject: [PATCH] qemu_migration: Restore original memory locking limit
|
||||
@ -15,22 +15,18 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit d4d3bb813031275c2c7cf72724b83c97ce82ab7a)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Conflicts:
|
||||
src/qemu/qemu_migration.c
|
||||
- post-copy resovery not backported
|
||||
|
||||
The original 8.7.0 backport contained a bug which was later fixed by
|
||||
"qemu_migration: Fix restoring memlock limit on destination". This
|
||||
backport includes the follow up fix squashed in.
|
||||
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_domain.c | 12 ++++++++++++
|
||||
src/qemu/qemu_domain.h | 3 +++
|
||||
src/qemu/qemu_migration.c | 11 +++++++++--
|
||||
3 files changed, 24 insertions(+), 2 deletions(-)
|
||||
src/qemu/qemu_migration.c | 10 ++++++++--
|
||||
3 files changed, 23 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
|
||||
index a81789f194..c24d1e4d53 100644
|
||||
@ -77,7 +73,7 @@ index 6d1d23439a..d6e8a7a0fb 100644
|
||||
virChrdevs *devs;
|
||||
|
||||
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
|
||||
index 10338f8e87..01102c4300 100644
|
||||
index 10338f8e87..35ad201580 100644
|
||||
--- a/src/qemu/qemu_migration.c
|
||||
+++ b/src/qemu/qemu_migration.c
|
||||
@@ -2974,7 +2974,8 @@ qemuMigrationDstPrepareAny(virQEMUDriver *driver,
|
||||
@ -124,15 +120,14 @@ index 10338f8e87..01102c4300 100644
|
||||
qemuMigrationJobFinish(driver, vm);
|
||||
} else {
|
||||
qemuMigrationJobContinue(vm);
|
||||
@@ -5869,6 +5874,8 @@ qemuMigrationDstFinish(virQEMUDriver *driver,
|
||||
*/
|
||||
if (inPostCopy)
|
||||
g_clear_pointer(&priv->job.completed, qemuDomainJobInfoFree);
|
||||
+
|
||||
+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
|
||||
}
|
||||
|
||||
qemuMigrationParamsReset(driver, vm, QEMU_ASYNC_JOB_MIGRATION_IN,
|
||||
@@ -5881,6 +5886,7 @@ qemuMigrationDstFinish(virQEMUDriver *driver,
|
||||
cleanup:
|
||||
g_clear_pointer(&jobInfo, qemuDomainJobInfoFree);
|
||||
virPortAllocatorRelease(port);
|
||||
+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock);
|
||||
if (priv->mon)
|
||||
qemuMonitorSetDomainLog(priv->mon, NULL, NULL, NULL);
|
||||
VIR_FREE(priv->origname);
|
||||
--
|
||||
2.35.1
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From ad3f1dceac21369b9c18b6032a4ff859dc79bbc7 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <ad3f1dceac21369b9c18b6032a4ff859dc79bbc7@dist-git>
|
||||
From 8354fa1d2e471699331961272bc38f5e4cfe7cb8 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <8354fa1d2e471699331961272bc38f5e4cfe7cb8@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 09:04:04 +0200
|
||||
Subject: [PATCH] qemu_migration: Use qemuDomainSetMaxMemLock
|
||||
@ -15,7 +15,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 22ee8cbf090c45f999b76e3f8dc7a45065fc9edf)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Conflicts:
|
||||
src/qemu/qemu_migration.c
|
||||
|
||||
@ -1,80 +0,0 @@
|
||||
From d32d74310b652295fa23ccf8f096dd6c997dee05 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d32d74310b652295fa23ccf8f096dd6c997dee05@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:43:22 +0200
|
||||
Subject: [PATCH] qemu_namespace: Fix a corner case in
|
||||
qemuDomainGetPreservedMounts()
|
||||
|
||||
When setting up namespace for QEMU we look at mount points under
|
||||
/dev (like /dev/pts, /dev/mqueue/, etc.) because we want to
|
||||
preserve those (which is done by moving them to a temp location,
|
||||
unshare(), and then moving them back). We have a convenience
|
||||
helper - qemuDomainGetPreservedMounts() - that processes the
|
||||
mount table and (optionally) moves the other filesystems too.
|
||||
This helper is also used when attempting to create a path in NS,
|
||||
because the path, while starting with "/dev/" prefix, may
|
||||
actually lead to one of those filesystems that we preserved.
|
||||
|
||||
And here comes the corner case: while we require the parent mount
|
||||
table to be in shared mode (equivalent of `mount --make-rshared /'),
|
||||
these mount events propagate iff the target path exist inside the
|
||||
slave mount table (= QEMU's private namespace). And since we
|
||||
create only a subset of /dev nodes, well, that assumption is not
|
||||
always the case.
|
||||
|
||||
For instance, assume that a domain is already running, no
|
||||
hugepages were configured for it nor any hugetlbfs is mounted.
|
||||
Now, when a hugetlbfs is mounted into '/dev/hugepages', this is
|
||||
propagated into the QEMU's namespace, but since the target dir
|
||||
does not exist in the private /dev, the FS is not mounted in the
|
||||
namespace.
|
||||
|
||||
Fortunately, this difference between namespaces is visible when
|
||||
comparing /proc/mounts and /proc/$PID/mounts (where PID is the
|
||||
QEMU's PID). Therefore, if possible we should look at the latter.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 46b03819ae8d833b11c2aaccb2c2a0361727f51b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_namespace.c | 10 +++++++++-
|
||||
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
|
||||
index 4bff325a2c..fc286ab0be 100644
|
||||
--- a/src/qemu/qemu_namespace.c
|
||||
+++ b/src/qemu/qemu_namespace.c
|
||||
@@ -110,6 +110,8 @@ qemuDomainGetPreservedMountPath(virQEMUDriverConfig *cfg,
|
||||
* b) generate backup path for all the entries in a)
|
||||
*
|
||||
* Any of the return pointers can be NULL. Both arrays are NULL-terminated.
|
||||
+ * Get the mount table either from @vm's PID (if running), or from the
|
||||
+ * namespace we're in (if @vm's not running).
|
||||
*
|
||||
* Returns 0 on success, -1 otherwise (with error reported)
|
||||
*/
|
||||
@@ -124,12 +126,18 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfig *cfg,
|
||||
size_t nmounts = 0;
|
||||
g_auto(GStrv) paths = NULL;
|
||||
g_auto(GStrv) savePaths = NULL;
|
||||
+ g_autofree char *mountsPath = NULL;
|
||||
size_t i;
|
||||
|
||||
if (ndevPath)
|
||||
*ndevPath = 0;
|
||||
|
||||
- if (virFileGetMountSubtree(QEMU_PROC_MOUNTS, "/dev", &mounts, &nmounts) < 0)
|
||||
+ if (vm->pid > 0)
|
||||
+ mountsPath = g_strdup_printf("/proc/%lld/mounts", (long long) vm->pid);
|
||||
+ else
|
||||
+ mountsPath = g_strdup(QEMU_PROC_MOUNTS);
|
||||
+
|
||||
+ if (virFileGetMountSubtree(mountsPath, "/dev", &mounts, &nmounts) < 0)
|
||||
return -1;
|
||||
|
||||
if (nmounts == 0)
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@ -1,68 +0,0 @@
|
||||
From edca5497554ccf8016681884aa732156a9773061 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <edca5497554ccf8016681884aa732156a9773061@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:43:58 +0200
|
||||
Subject: [PATCH] qemu_namespace: Introduce qemuDomainNamespaceSetupPath()
|
||||
|
||||
Sometimes it may come handy to just bind mount a directory/file
|
||||
into domain's namespace. Implement a thin wrapper over
|
||||
qemuNamespaceMknodPaths() which has all the logic we need.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 5853d707189005a4ea5b2215e80853867b822fd9)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_namespace.c | 19 +++++++++++++++++++
|
||||
src/qemu/qemu_namespace.h | 4 ++++
|
||||
2 files changed, 23 insertions(+)
|
||||
|
||||
diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
|
||||
index fc286ab0be..74ffd6fb90 100644
|
||||
--- a/src/qemu/qemu_namespace.c
|
||||
+++ b/src/qemu/qemu_namespace.c
|
||||
@@ -1398,6 +1398,25 @@ qemuNamespaceUnlinkPaths(virDomainObj *vm,
|
||||
}
|
||||
|
||||
|
||||
+int
|
||||
+qemuDomainNamespaceSetupPath(virDomainObj *vm,
|
||||
+ const char *path,
|
||||
+ bool *created)
|
||||
+{
|
||||
+ g_autoptr(virGSListString) paths = NULL;
|
||||
+
|
||||
+ if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
|
||||
+ return 0;
|
||||
+
|
||||
+ paths = g_slist_prepend(paths, g_strdup(path));
|
||||
+
|
||||
+ if (qemuNamespaceMknodPaths(vm, paths, created) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
int
|
||||
qemuDomainNamespaceSetupDisk(virDomainObj *vm,
|
||||
virStorageSource *src,
|
||||
diff --git a/src/qemu/qemu_namespace.h b/src/qemu/qemu_namespace.h
|
||||
index 020aca13d8..1ab9322061 100644
|
||||
--- a/src/qemu/qemu_namespace.h
|
||||
+++ b/src/qemu/qemu_namespace.h
|
||||
@@ -49,6 +49,10 @@ void qemuDomainDestroyNamespace(virQEMUDriver *driver,
|
||||
|
||||
bool qemuDomainNamespaceAvailable(qemuDomainNamespace ns);
|
||||
|
||||
+int qemuDomainNamespaceSetupPath(virDomainObj *vm,
|
||||
+ const char *path,
|
||||
+ bool *created);
|
||||
+
|
||||
int qemuDomainNamespaceSetupDisk(virDomainObj *vm,
|
||||
virStorageSource *src,
|
||||
bool *created);
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@ -1,45 +0,0 @@
|
||||
From 8806d4dd0f0c7c20a42513b2a1ff310455decdc6 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <8806d4dd0f0c7c20a42513b2a1ff310455decdc6@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:37:23 +0200
|
||||
Subject: [PATCH] qemu_namespace: Tolerate missing ACLs when creating a path in
|
||||
namespace
|
||||
|
||||
When creating a path in a domain's mount namespace we try to set
|
||||
ACLs on it, so that it's a verbatim copy of the path in parent's
|
||||
namespace. The ACLs are queried upfront (by
|
||||
qemuNamespaceMknodItemInit()) but this is fault tolerant so the
|
||||
pointer to ACLs might be NULL (meaning no ACLs were queried, for
|
||||
instance because the underlying filesystem does not support
|
||||
them). But then we take this NULL and pass it to virFileSetACLs()
|
||||
which immediately returns an error because NULL is invalid value.
|
||||
|
||||
Mimic what we do with SELinux label - only set ACLs if they are
|
||||
non-NULL which includes symlinks.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 687374959e160dc566bd4b6d43c7bf1beb470c59)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_namespace.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
|
||||
index 94453033f5..4bff325a2c 100644
|
||||
--- a/src/qemu/qemu_namespace.c
|
||||
+++ b/src/qemu/qemu_namespace.c
|
||||
@@ -1023,8 +1023,7 @@ qemuNamespaceMknodOne(qemuNamespaceMknodItem *data)
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
- /* Symlinks don't have ACLs. */
|
||||
- if (!isLink &&
|
||||
+ if (data->acl &&
|
||||
virFileSetACLs(data->file, data->acl) < 0 &&
|
||||
errno != ENOTSUP) {
|
||||
virReportSystemError(errno,
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@ -1,50 +0,0 @@
|
||||
From a2cb0eca44996e1a7a397f028d44994f2e402a2e Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <a2cb0eca44996e1a7a397f028d44994f2e402a2e@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 5 Sep 2022 10:34:44 +0200
|
||||
Subject: [PATCH] qemu_process: Don't require a hugetlbfs mount for memfd
|
||||
|
||||
The aim of qemuProcessNeedHugepagesPath() is to determine whether
|
||||
a hugetlbfs mount point is required for given domain (as in
|
||||
whether qemuBuildMemoryBackendProps() picks up
|
||||
memory-backend-file pointing to a hugetlbfs mount point). Well,
|
||||
when domain is configured to use memfd backend then that
|
||||
condition can never be true. Therefore, skip creating domain's
|
||||
private path under hugetlbfs mount points.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit f14f8dff9330ed51d817f190a2ee9ac76dfac00b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_process.c | 12 +++++++++++-
|
||||
1 file changed, 11 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index 5c6657a876..540eee9ff0 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -3810,8 +3810,18 @@ qemuProcessNeedHugepagesPath(virDomainDef *def,
|
||||
const long system_pagesize = virGetSystemPageSizeKB();
|
||||
size_t i;
|
||||
|
||||
- if (def->mem.source == VIR_DOMAIN_MEMORY_SOURCE_FILE)
|
||||
+ switch ((virDomainMemorySource)def->mem.source) {
|
||||
+ case VIR_DOMAIN_MEMORY_SOURCE_FILE:
|
||||
+ /* This needs a hugetlbfs mount. */
|
||||
return true;
|
||||
+ case VIR_DOMAIN_MEMORY_SOURCE_MEMFD:
|
||||
+ /* memfd works without a hugetlbfs mount */
|
||||
+ return false;
|
||||
+ case VIR_DOMAIN_MEMORY_SOURCE_NONE:
|
||||
+ case VIR_DOMAIN_MEMORY_SOURCE_ANONYMOUS:
|
||||
+ case VIR_DOMAIN_MEMORY_SOURCE_LAST:
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
for (i = 0; i < def->mem.nhugepages; i++) {
|
||||
if (def->mem.hugepages[i].size != system_pagesize)
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@ -1,65 +0,0 @@
|
||||
From 347606bc80f40c22712d0ffe61a149c3266bf131 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <347606bc80f40c22712d0ffe61a149c3266bf131@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:45:51 +0200
|
||||
Subject: [PATCH] qemu_process.c: Propagate hugetlbfs mounts on reconnect
|
||||
|
||||
When reconnecting to a running QEMU process, we construct the
|
||||
per-domain path in all hugetlbfs mounts. This is a relict from
|
||||
the past (v3.4.0-100-g5b24d25062) where we switched to a
|
||||
per-domain path and we want to create those paths when libvirtd
|
||||
restarts on upgrade.
|
||||
|
||||
And with namespaces enabled there is one corner case where the
|
||||
path is not created. In fact an error is reported and the
|
||||
reconnect fails. Ideally, all mount events are propagated into
|
||||
the QEMU's namespace. And they probably are, except when the
|
||||
target path does not exist inside the namespace. Now, it's pretty
|
||||
common for users to mount hugetlbfs under /dev (e.g.
|
||||
/dev/hugepages), but if domain is started without hugepages (or
|
||||
more specifically - private hugetlbfs path wasn't created on
|
||||
domain startup), then the reconnect code tries to create it.
|
||||
But it fails to do so, well, it fails to set seclabels on the
|
||||
path because, because the path does not exist in the private
|
||||
namespace. And it doesn't exist because we specifically create
|
||||
only a subset of all possible /dev nodes. Therefore, the mount
|
||||
event, whilst propagated, is not successful and hence the
|
||||
filesystem is not mounted. We have to do it ourselves.
|
||||
|
||||
If hugetlbfs is mount anywhere else there's no problem and this
|
||||
is effectively a dead code.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2123196
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 0377177c7856bb87a9d8aa1324b54f5fbe9f1e5b)
|
||||
|
||||
Conflicts:
|
||||
- docs/kbase/qemu-passthrough-security.rst: Well, v8.8.0-rc1~32
|
||||
isn't backported, thus we can't remove a paragraph that the
|
||||
backported commit did. It's a documentation after all, so no
|
||||
harm.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_process.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index 540eee9ff0..1164340aa9 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -3906,6 +3906,9 @@ qemuProcessBuildDestroyMemoryPathsImpl(virQEMUDriver *driver,
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (qemuDomainNamespaceSetupPath(vm, path, NULL) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
if (qemuSecurityDomainSetPathLabel(driver, vm, path, true) < 0)
|
||||
return -1;
|
||||
} else {
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From d1a1a95343946fbe0736a14073b63831320d55d2 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d1a1a95343946fbe0736a14073b63831320d55d2@dist-git>
|
||||
From 088ba382d7a099ddbebe37e5486ce648e24266db Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <088ba382d7a099ddbebe37e5486ce648e24266db@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 21 Mar 2022 17:09:40 +0100
|
||||
Subject: [PATCH] qemu_validate: Validate prealloc threads against qemuCpas
|
||||
@ -10,7 +10,7 @@ preallocation threads. Validate this assumption.
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 75a4e0165ef199809974e97b507d3953e1de01d1)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_validate.c | 7 +++++++
|
||||
|
||||
@ -0,0 +1,64 @@
|
||||
From 07fb786e0d17bd395333d276ebbaad42c72ee358 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <07fb786e0d17bd395333d276ebbaad42c72ee358@dist-git>
|
||||
From: David Michael <david@bigbadwolfsecurity.com>
|
||||
Date: Tue, 28 Jun 2022 08:33:41 -0400
|
||||
Subject: [PATCH] security_selinux.c: Relabel existing mode="bind" UNIX sockets
|
||||
|
||||
This supports sockets created by libvirt and passed by FD using the
|
||||
same method as in security_dac.c.
|
||||
|
||||
Signed-off-by: David Michael <david@bigbadwolfsecurity.com>
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 9f13f54a6348b54170f7de3595039c99b9da72c7)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2101575
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/security/security_selinux.c | 9 +++++++--
|
||||
tests/securityselinuxlabeldata/chardev.txt | 2 +-
|
||||
2 files changed, 8 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
|
||||
index 0952431064..b90e819fd2 100644
|
||||
--- a/src/security/security_selinux.c
|
||||
+++ b/src/security/security_selinux.c
|
||||
@@ -2545,7 +2545,12 @@ virSecuritySELinuxSetChardevLabel(virSecurityManager *mgr,
|
||||
break;
|
||||
|
||||
case VIR_DOMAIN_CHR_TYPE_UNIX:
|
||||
- if (!dev_source->data.nix.listen) {
|
||||
+ if (!dev_source->data.nix.listen ||
|
||||
+ (dev_source->data.nix.path &&
|
||||
+ virFileExists(dev_source->data.nix.path))) {
|
||||
+ /* Also label mode='bind' sockets if they exist,
|
||||
+ * e.g. because they were created by libvirt
|
||||
+ * and passed via FD */
|
||||
if (virSecuritySELinuxSetFilecon(mgr,
|
||||
dev_source->data.nix.path,
|
||||
imagelabel,
|
||||
@@ -2622,7 +2627,7 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityManager *mgr,
|
||||
case VIR_DOMAIN_CHR_TYPE_UNIX:
|
||||
if (!dev_source->data.nix.listen) {
|
||||
if (virSecuritySELinuxRestoreFileLabel(mgr,
|
||||
- dev_source->data.file.path,
|
||||
+ dev_source->data.nix.path,
|
||||
true) < 0)
|
||||
goto done;
|
||||
}
|
||||
diff --git a/tests/securityselinuxlabeldata/chardev.txt b/tests/securityselinuxlabeldata/chardev.txt
|
||||
index 3f4b6302b9..bdb367f7a5 100644
|
||||
--- a/tests/securityselinuxlabeldata/chardev.txt
|
||||
+++ b/tests/securityselinuxlabeldata/chardev.txt
|
||||
@@ -2,6 +2,6 @@
|
||||
/plain.dev;system_u:object_r:svirt_image_t:s0:c41,c264
|
||||
/plain.fifo;system_u:object_r:svirt_image_t:s0:c41,c264
|
||||
/nolabel.sock;
|
||||
-/plain.sock;
|
||||
+/plain.sock;system_u:object_r:svirt_image_t:s0:c41,c264
|
||||
/yeslabel.sock;system_u:object_r:svirt_image_t:s0:c41,c264
|
||||
/altlabel.sock;system_u:object_r:svirt_image_custom_t:s0:c41,c264
|
||||
--
|
||||
2.35.1
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From 4c57d8399b86c07ee0b1bafd2f8bf0ba10ff384f Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <4c57d8399b86c07ee0b1bafd2f8bf0ba10ff384f@dist-git>
|
||||
From 41247c87fd47f2e55825d62c697da810ba5062f5 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <41247c87fd47f2e55825d62c697da810ba5062f5@dist-git>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Tue, 14 Jun 2022 13:13:48 +0200
|
||||
Subject: [PATCH] virDomainDiskDefValidate: Improve error messages for
|
||||
@ -15,7 +15,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 9a480737c8adf92c332aa850c5269191ceb04eb9)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2095758
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2109571
|
||||
---
|
||||
src/conf/domain_validate.c | 9 ++++-----
|
||||
1 file changed, 4 insertions(+), 5 deletions(-)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From a5cdca9995a05ac45e882ad3e1ca1e4ab53a2c34 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <a5cdca9995a05ac45e882ad3e1ca1e4ab53a2c34@dist-git>
|
||||
From 26daf647925213a05509cc302d9151fe4525febb Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <26daf647925213a05509cc302d9151fe4525febb@dist-git>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Tue, 14 Jun 2022 14:07:47 +0200
|
||||
Subject: [PATCH] virDomainDiskDefValidateStartupPolicy: Validate disk type
|
||||
@ -17,7 +17,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit b90d0f0a1e4ee52c828fb683c14c14e241e6fcbb)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2095758
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2109571
|
||||
---
|
||||
src/conf/domain_validate.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From d56c0a4b1b57d9547d40088b6787d7503c09e2b9 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d56c0a4b1b57d9547d40088b6787d7503c09e2b9@dist-git>
|
||||
From 2ea89fb18aa9d2dac1e651869736fede7a2ec434 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <2ea89fb18aa9d2dac1e651869736fede7a2ec434@dist-git>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Tue, 14 Jun 2022 14:21:33 +0200
|
||||
Subject: [PATCH] virDomainDiskTranslateSourcePool: Fix check of
|
||||
@ -23,7 +23,6 @@ Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2095758
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit ed8984306e1cd44c424fda3ed412a4177dd7b84d)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2109571
|
||||
---
|
||||
src/conf/domain_conf.c | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
From eb87264dc41a7147fb88fdc4d666ef8d0e9bb882 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <eb87264dc41a7147fb88fdc4d666ef8d0e9bb882@dist-git>
|
||||
From 20c1c86f96dd7293734888ef6f8b75c11cda5fae Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <20c1c86f96dd7293734888ef6f8b75c11cda5fae@dist-git>
|
||||
From: Jiri Denemark <jdenemar@redhat.com>
|
||||
Date: Wed, 22 Jun 2022 16:36:53 +0200
|
||||
Subject: [PATCH] virsh: Add support for VIR_MIGRATE_ZEROCOPY flag
|
||||
@ -11,7 +11,7 @@ Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit efa3baeae70fbdf4ab032ca485cb9272ee96bd50)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2117272
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2089433
|
||||
|
||||
Conflicts:
|
||||
docs/manpages/virsh.rst
|
||||
|
||||
@ -210,7 +210,7 @@
|
||||
Summary: Library providing a simple virtualization API
|
||||
Name: libvirt
|
||||
Version: 8.0.0
|
||||
Release: 5.5%{?dist}%{?extra_release}
|
||||
Release: 10%{?dist}%{?extra_release}
|
||||
License: LGPLv2+
|
||||
URL: https://libvirt.org/
|
||||
|
||||
@ -250,24 +250,23 @@ Patch27: libvirt-cpu_x86-Consolidate-signature-match-in-x86DecodeUseCandidate.pa
|
||||
Patch28: libvirt-cpu_x86-Refactor-feature-list-comparison-in-x86DecodeUseCandidate.patch
|
||||
Patch29: libvirt-cpu_x86-Penalize-disabled-features-when-computing-CPU-model.patch
|
||||
Patch30: libvirt-cpu_x86-Ignore-enabled-features-for-input-models-in-x86DecodeUseCandidate.patch
|
||||
Patch31: libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch
|
||||
Patch32: libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch
|
||||
Patch33: libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch
|
||||
Patch34: libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch
|
||||
Patch35: libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch
|
||||
Patch36: libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch
|
||||
Patch37: libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch
|
||||
Patch38: libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch
|
||||
Patch39: libvirt-qemu_migration-Restore-original-memory-locking-limit.patch
|
||||
Patch40: libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch
|
||||
Patch41: libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch
|
||||
Patch42: libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch
|
||||
Patch43: libvirt-qemu_process-Don-t-require-a-hugetlbfs-mount-for-memfd.patch
|
||||
Patch44: libvirt-qemu_namespace-Tolerate-missing-ACLs-when-creating-a-path-in-namespace.patch
|
||||
Patch45: libvirt-qemu_namespace-Fix-a-corner-case-in-qemuDomainGetPreservedMounts.patch
|
||||
Patch46: libvirt-qemu_namespace-Introduce-qemuDomainNamespaceSetupPath.patch
|
||||
Patch47: libvirt-qemu_process.c-Propagate-hugetlbfs-mounts-on-reconnect.patch
|
||||
Patch48: libvirt-qemuProcessReconnect-Don-t-build-memory-paths.patch
|
||||
Patch31: libvirt-nwfilter-fix-crash-when-counting-number-of-network-filters.patch
|
||||
Patch32: libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch
|
||||
Patch33: libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch
|
||||
Patch34: libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch
|
||||
Patch35: libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch
|
||||
Patch36: libvirt-conf-virtiofs-add-thread_pool-element.patch
|
||||
Patch37: libvirt-qemu-virtiofs-format-thread-pool-size.patch
|
||||
Patch38: libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch
|
||||
Patch39: libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch
|
||||
Patch40: libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch
|
||||
Patch41: libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch
|
||||
Patch42: libvirt-qemu_migration-Restore-original-memory-locking-limit.patch
|
||||
Patch43: libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch
|
||||
Patch44: libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch
|
||||
Patch45: libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch
|
||||
Patch46: libvirt-security_selinux.c-Relabel-existing-mode-bind-UNIX-sockets.patch
|
||||
Patch47: libvirt-RHEL-qemu_migration-Fix-restoring-memlock-limit-on-destination.patch
|
||||
|
||||
Requires: libvirt-daemon = %{version}-%{release}
|
||||
Requires: libvirt-daemon-config-network = %{version}-%{release}
|
||||
@ -2141,45 +2140,44 @@ exit 0
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Oct 6 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-5.5.el8
|
||||
- qemu_process: Don't require a hugetlbfs mount for memfd (rhbz#2132177)
|
||||
- qemu_namespace: Tolerate missing ACLs when creating a path in namespace (rhbz#2132177)
|
||||
- qemu_namespace: Fix a corner case in qemuDomainGetPreservedMounts() (rhbz#2132177)
|
||||
- qemu_namespace: Introduce qemuDomainNamespaceSetupPath() (rhbz#2132177)
|
||||
- qemu_process.c: Propagate hugetlbfs mounts on reconnect (rhbz#2132177)
|
||||
- qemuProcessReconnect: Don't build memory paths (rhbz#2132177)
|
||||
* Mon Jul 25 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-10
|
||||
- security_selinux.c: Relabel existing mode="bind" UNIX sockets (rhbz#2101575)
|
||||
- RHEL: qemu_migration: Fix restoring memlock limit on destination (rhbz#2107954)
|
||||
|
||||
* Thu Aug 18 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-5.4.el8
|
||||
- conf: Move virDomainObj::originalMemlock into qemuDomainObjPrivate (rhbz#2117272)
|
||||
- qemu_domain: Format qemuDomainObjPrivate::originalMemlock (rhbz#2117272)
|
||||
- qemu: Add qemuDomainSetMaxMemLock helper (rhbz#2117272)
|
||||
- qemu_migration: Use qemuDomainSetMaxMemLock (rhbz#2117272)
|
||||
- qemu_migration: Restore original memory locking limit (rhbz#2117272)
|
||||
- Add VIR_MIGRATE_ZEROCOPY flag (rhbz#2117272)
|
||||
- virsh: Add support for VIR_MIGRATE_ZEROCOPY flag (rhbz#2117272)
|
||||
- qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag (rhbz#2117272)
|
||||
* Thu Jun 30 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-9
|
||||
- conf: virtiofs: add thread_pool element (rhbz#2079582)
|
||||
- qemu: virtiofs: format --thread-pool-size (rhbz#2079582)
|
||||
- conf: Move virDomainObj::originalMemlock into qemuDomainObjPrivate (rhbz#2089433)
|
||||
- qemu_domain: Format qemuDomainObjPrivate::originalMemlock (rhbz#2089433)
|
||||
- qemu: Add qemuDomainSetMaxMemLock helper (rhbz#2089433)
|
||||
- qemu_migration: Use qemuDomainSetMaxMemLock (rhbz#2089433)
|
||||
- qemu_migration: Restore original memory locking limit (rhbz#2089433)
|
||||
- Add VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433)
|
||||
- virsh: Add support for VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433)
|
||||
- qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433)
|
||||
|
||||
* Fri Jul 29 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-5.3.el8
|
||||
- virDomainDiskDefValidate: Improve error messages for 'startupPolicy' checks (rhbz#2109571)
|
||||
- domain_validate: Split out validation of disk startup policy (rhbz#2109571)
|
||||
- virDomainDiskDefValidateStartupPolicy: Validate disk type better (rhbz#2109571)
|
||||
- virDomainDiskTranslateSourcePool: Fix check of 'startupPolicy' definition (rhbz#2109571)
|
||||
* Wed Jun 15 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-8
|
||||
- nwfilter: fix crash when counting number of network filters (CVE-2022-0897, rhbz#2063902)
|
||||
- virDomainDiskDefValidate: Improve error messages for 'startupPolicy' checks (rhbz#2095758)
|
||||
- domain_validate: Split out validation of disk startup policy (rhbz#2095758)
|
||||
- virDomainDiskDefValidateStartupPolicy: Validate disk type better (rhbz#2095758)
|
||||
- virDomainDiskTranslateSourcePool: Fix check of 'startupPolicy' definition (rhbz#2095758)
|
||||
|
||||
* Tue May 17 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-5.2.el8
|
||||
- cpu_map: Disable cpu64-rhel* for host-model and baseline (rhbz#2084030)
|
||||
- cputest: Drop some old artificial baseline tests (rhbz#2084030)
|
||||
- cputest: Give better names to baseline tests (rhbz#2084030)
|
||||
- cputest: Add some real world baseline tests (rhbz#2084030)
|
||||
- cpu_x86: Consolidate signature match in x86DecodeUseCandidate (rhbz#2084030)
|
||||
- cpu_x86: Refactor feature list comparison in x86DecodeUseCandidate (rhbz#2084030)
|
||||
- cpu_x86: Penalize disabled features when computing CPU model (rhbz#2084030)
|
||||
- cpu_x86: Ignore enabled features for input models in x86DecodeUseCandidate (rhbz#2084030)
|
||||
* Tue May 17 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-7
|
||||
- cpu_map: Disable cpu64-rhel* for host-model and baseline (rhbz#1851227)
|
||||
- cputest: Drop some old artificial baseline tests (rhbz#1851227)
|
||||
- cputest: Give better names to baseline tests (rhbz#1851227)
|
||||
- cputest: Add some real world baseline tests (rhbz#1851227)
|
||||
- cpu_x86: Consolidate signature match in x86DecodeUseCandidate (rhbz#1851227)
|
||||
- cpu_x86: Refactor feature list comparison in x86DecodeUseCandidate (rhbz#1851227)
|
||||
- cpu_x86: Penalize disabled features when computing CPU model (rhbz#1851227)
|
||||
- cpu_x86: Ignore enabled features for input models in x86DecodeUseCandidate (rhbz#1851227)
|
||||
|
||||
* Wed Apr 27 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-5.1.el8
|
||||
- conf: Introduce memory allocation threads (rhbz#2075569)
|
||||
- qemu_capabilities: Detect memory-backend-*.prealloc-threads property (rhbz#2075569)
|
||||
- qemu_validate: Validate prealloc threads against qemuCpas (rhbz#2075569)
|
||||
- qemu_command: Generate prealloc-threads property (rhbz#2075569)
|
||||
* Wed Apr 27 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-6
|
||||
- conf: Introduce memory allocation threads (rhbz#2067126)
|
||||
- qemu_capabilities: Detect memory-backend-*.prealloc-threads property (rhbz#2067126)
|
||||
- qemu_validate: Validate prealloc threads against qemuCpas (rhbz#2067126)
|
||||
- qemu_command: Generate prealloc-threads property (rhbz#2067126)
|
||||
|
||||
* Fri Feb 25 2022 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-5
|
||||
- node_device: Rework udevKludgeStorageType() (rhbz#2056673)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user