forked from rpms/libvirt
Compare commits
6 Commits
a8-stream-
...
c8-stream-
Author | SHA1 | Date | |
---|---|---|---|
4d9cc064e0 | |||
a32f3c4f37 | |||
0c3db8e72e | |||
daae142f13 | |||
ba8ac8bedf | |||
|
a0765b7f70 |
135
SOURCES/libvirt-conf-add-deprecated_features-attribute.patch
Normal file
135
SOURCES/libvirt-conf-add-deprecated_features-attribute.patch
Normal file
@ -0,0 +1,135 @@
|
||||
From 7a412cc71a4764f7e80bf475c39d999a584f41aa Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <7a412cc71a4764f7e80bf475c39d999a584f41aa.1749113304.git.jdenemar@redhat.com>
|
||||
From: Collin Walling <walling@linux.ibm.com>
|
||||
Date: Mon, 16 Dec 2024 18:03:58 -0500
|
||||
Subject: [PATCH] conf: add deprecated_features attribute
|
||||
|
||||
Add a new a attribute, deprecated_features='on|off' to the <cpu>
|
||||
element. This is used to toggle features flagged as deprecated on the
|
||||
CPU model on or off. When this attribute is paired with 'on',
|
||||
deprecated features will not be filtered. When paired with 'off', any
|
||||
CPU features that are flagged as deprecated will be listed under the
|
||||
CPU model with the 'disable' policy.
|
||||
|
||||
Example:
|
||||
|
||||
<cpu mode='host-model' check='partial' deprecated_features='off'/>
|
||||
|
||||
The absence of this attribute is equivalent to the 'on' option.
|
||||
|
||||
The deprecated features that will populate the domain XML are the same
|
||||
features that result in the virsh domcapabilities command with the
|
||||
--disable-deprecated-features argument present.
|
||||
|
||||
It is recommended to define a domain XML with this attribute set to
|
||||
'off' to ensure migration to machines that may outright drop these
|
||||
features in the future.
|
||||
|
||||
Signed-off-by: Collin Walling <walling@linux.ibm.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit 62658bbf060784c757f96c9de3935f27885834aa)
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Conflicts:
|
||||
src/qemu/qemu_process.c
|
||||
(contextual conflict)
|
||||
tests/*
|
||||
(dropped the changes to these files since they are of no use in
|
||||
downstream - upstream testing code changed too much, so it's
|
||||
not possible to get the related tests to work in downstream)
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
docs/schemas/cputypes.rng | 5 +++++
|
||||
src/conf/cpu_conf.c | 11 +++++++++++
|
||||
src/conf/cpu_conf.h | 1 +
|
||||
src/qemu/qemu_process.c | 11 +++++++++++
|
||||
4 files changed, 28 insertions(+)
|
||||
|
||||
diff --git a/docs/schemas/cputypes.rng b/docs/schemas/cputypes.rng
|
||||
index 056e66e1b4..2d831b423c 100644
|
||||
--- a/docs/schemas/cputypes.rng
|
||||
+++ b/docs/schemas/cputypes.rng
|
||||
@@ -395,6 +395,11 @@
|
||||
<optional>
|
||||
<ref name="cpuCheck"/>
|
||||
</optional>
|
||||
+ <optional>
|
||||
+ <attribute name="deprecated_features">
|
||||
+ <ref name="virOnOff"/>
|
||||
+ </attribute>
|
||||
+ </optional>
|
||||
<optional>
|
||||
<attribute name="migratable">
|
||||
<ref name="virOnOff"/>
|
||||
diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
|
||||
index fbceac1657..1db0c978e2 100644
|
||||
--- a/src/conf/cpu_conf.c
|
||||
+++ b/src/conf/cpu_conf.c
|
||||
@@ -238,6 +238,7 @@ virCPUDefCopyWithoutModel(const virCPUDef *cpu)
|
||||
copy->mode = cpu->mode;
|
||||
copy->match = cpu->match;
|
||||
copy->check = cpu->check;
|
||||
+ copy->deprecated_feats = cpu->deprecated_feats;
|
||||
copy->fallback = cpu->fallback;
|
||||
copy->sockets = cpu->sockets;
|
||||
copy->dies = cpu->dies;
|
||||
@@ -431,6 +432,11 @@ virCPUDefParseXML(xmlXPathContextPtr ctxt,
|
||||
if (virXMLPropEnum(ctxt->node, "check", virCPUCheckTypeFromString,
|
||||
VIR_XML_PROP_NONE, &def->check) < 0)
|
||||
return -1;
|
||||
+
|
||||
+ if (virXMLPropTristateSwitch(ctxt->node, "deprecated_features",
|
||||
+ VIR_XML_PROP_NONE,
|
||||
+ &def->deprecated_feats) < 0)
|
||||
+ return -1;
|
||||
}
|
||||
|
||||
if (def->type == VIR_CPU_TYPE_HOST) {
|
||||
@@ -707,6 +713,11 @@ virCPUDefFormatBufFull(virBuffer *buf,
|
||||
virBufferAsprintf(&attributeBuf, " migratable='%s'",
|
||||
virTristateSwitchTypeToString(def->migratable));
|
||||
}
|
||||
+
|
||||
+ if (def->deprecated_feats) {
|
||||
+ virBufferAsprintf(&attributeBuf, " deprecated_features='%s'",
|
||||
+ virTristateSwitchTypeToString(def->deprecated_feats));
|
||||
+ }
|
||||
}
|
||||
|
||||
/* Format children */
|
||||
diff --git a/src/conf/cpu_conf.h b/src/conf/cpu_conf.h
|
||||
index b0a81895be..a69ff724ca 100644
|
||||
--- a/src/conf/cpu_conf.h
|
||||
+++ b/src/conf/cpu_conf.h
|
||||
@@ -140,6 +140,7 @@ struct _virCPUDef {
|
||||
virCPUCacheDef *cache;
|
||||
virHostCPUTscInfo *tsc;
|
||||
virTristateSwitch migratable; /* for host-passthrough mode */
|
||||
+ virTristateSwitch deprecated_feats;
|
||||
};
|
||||
|
||||
virCPUDef *virCPUDefNew(void);
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index 73d54f01cd..54afcbe53e 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -6143,6 +6143,17 @@ qemuProcessUpdateGuestCPU(virDomainDef *def,
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (def->cpu->deprecated_feats &&
|
||||
+ !virQEMUCapsGet(qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS)) {
|
||||
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
|
||||
+ _("toggling deprecated features for CPU model is unsupported"));
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ if (def->cpu->deprecated_feats == VIR_TRISTATE_SWITCH_OFF) {
|
||||
+ virQEMUCapsUpdateCPUDeprecatedFeatures(qemuCaps, def->virtType, def->cpu);
|
||||
+ }
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
2.49.0
|
@ -0,0 +1,77 @@
|
||||
From 08ddc711a2e6d94a0fce55fec8e012a434655d2c Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <08ddc711a2e6d94a0fce55fec8e012a434655d2c.1690812875.git.jdenemar@redhat.com>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Fri, 1 Apr 2022 14:30:05 +0200
|
||||
Subject: [PATCH] lib: Set up cpuset controller for restrictive numatune
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The aim of 'restrictive' numatune mode is to rely solely on
|
||||
CGroups to have QEMU running on configured NUMA nodes. However,
|
||||
we were never setting the cpuset controller when a domain was
|
||||
starting up. We are doing so only when
|
||||
virDomainSetNumaParameters() is called (aka live pinning).
|
||||
|
||||
This is obviously wrong. Fortunately, fix is simple as
|
||||
'restrictive' is similar to 'strict' - every location where
|
||||
VIR_DOMAIN_NUMATUNE_MEM_STRICT occurs can be audited and
|
||||
VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE case can be added.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2070380
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 629282d8845407c1aff9a26f5dc026e15121f8cd)
|
||||
|
||||
Conflicts:
|
||||
- src/ch/ch_process.c: The CH driver diverged because it's
|
||||
unsupported downstream. Just drop the conflicting hunk from
|
||||
there.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2223464
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/lxc/lxc_controller.c | 3 ++-
|
||||
src/qemu/qemu_process.c | 6 ++++--
|
||||
2 files changed, 6 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
|
||||
index 3c930eaacd..6fd8373256 100644
|
||||
--- a/src/lxc/lxc_controller.c
|
||||
+++ b/src/lxc/lxc_controller.c
|
||||
@@ -812,7 +812,8 @@ static int virLXCControllerSetupResourceLimits(virLXCController *ctrl)
|
||||
virDomainNumatuneMemMode mode;
|
||||
|
||||
if (virDomainNumatuneGetMode(ctrl->def->numa, -1, &mode) == 0) {
|
||||
- if (mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT &&
|
||||
+ if ((mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT ||
|
||||
+ mode == VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) &&
|
||||
virCgroupControllerAvailable(VIR_CGROUP_CONTROLLER_CPUSET)) {
|
||||
/* Use virNuma* API iff necessary. Once set and child is exec()-ed,
|
||||
* there's no way for us to change it. Rely on cgroups (if available
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index 0fb665bc82..73d54f01cd 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -2645,7 +2645,8 @@ qemuProcessSetupPid(virDomainObj *vm,
|
||||
virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_CPUSET)) {
|
||||
|
||||
if (virDomainNumatuneGetMode(vm->def->numa, -1, &mem_mode) == 0 &&
|
||||
- mem_mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT &&
|
||||
+ (mem_mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT ||
|
||||
+ mem_mode == VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) &&
|
||||
virDomainNumatuneMaybeFormatNodeset(vm->def->numa,
|
||||
priv->autoNodeset,
|
||||
&mem_mask, -1) < 0)
|
||||
@@ -3162,7 +3163,8 @@ static int qemuProcessHook(void *data)
|
||||
goto cleanup;
|
||||
|
||||
if (virDomainNumatuneGetMode(h->vm->def->numa, -1, &mode) == 0) {
|
||||
- if (mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT &&
|
||||
+ if ((mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT ||
|
||||
+ mode == VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) &&
|
||||
h->cfg->cgroupControllers & (1 << VIR_CGROUP_CONTROLLER_CPUSET) &&
|
||||
virCgroupControllerAvailable(VIR_CGROUP_CONTROLLER_CPUSET)) {
|
||||
/* Use virNuma* API iff necessary. Once set and child is exec()-ed,
|
||||
--
|
||||
2.41.0
|
@ -0,0 +1,58 @@
|
||||
From a47232facc446039ed509100f80ebb7de621fffa Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <a47232facc446039ed509100f80ebb7de621fffa.1749113303.git.jdenemar@redhat.com>
|
||||
From: Collin Walling <walling@linux.ibm.com>
|
||||
Date: Mon, 16 Dec 2024 18:03:55 -0500
|
||||
Subject: [PATCH] libvirt-domain: introduce
|
||||
VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES
|
||||
|
||||
Introduce domain flag used to filter deprecated features from the
|
||||
domain's CPU model.
|
||||
|
||||
Signed-off-by: Collin Walling <walling@linux.ibm.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit 4e2c8de2047e21d98443944a2bfe94529b269efa)
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
include/libvirt/libvirt-domain.h | 12 ++++++++++++
|
||||
src/libvirt-domain.c | 2 +-
|
||||
2 files changed, 13 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
|
||||
index 792973ce2d..d3101b112b 100644
|
||||
--- a/include/libvirt/libvirt-domain.h
|
||||
+++ b/include/libvirt/libvirt-domain.h
|
||||
@@ -1160,6 +1160,18 @@ int virDomainMigrateGetMaxSpeed(virDomainPtr domain,
|
||||
int virDomainMigrateStartPostCopy(virDomainPtr domain,
|
||||
unsigned int flags);
|
||||
|
||||
+/**
|
||||
+ * virConnectGetDomainCapabilitiesFlags:
|
||||
+ *
|
||||
+ * Domain capabilities flags.
|
||||
+ *
|
||||
+ * Since: 11.0.0
|
||||
+ */
|
||||
+typedef enum {
|
||||
+ /* Report host model with deprecated features disabled. (Since: 11.0.0) */
|
||||
+ VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES = (1 << 0),
|
||||
+} virConnectGetDomainCapabilitiesFlags;
|
||||
+
|
||||
char * virConnectGetDomainCapabilities(virConnectPtr conn,
|
||||
const char *emulatorbin,
|
||||
const char *arch,
|
||||
diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
|
||||
index 5912551a49..7083f10f04 100644
|
||||
--- a/src/libvirt-domain.c
|
||||
+++ b/src/libvirt-domain.c
|
||||
@@ -11573,7 +11573,7 @@ virDomainSetUserPassword(virDomainPtr dom,
|
||||
* @arch: domain architecture
|
||||
* @machine: machine type
|
||||
* @virttype: virtualization type
|
||||
- * @flags: extra flags; not used yet, so callers should always pass 0
|
||||
+ * @flags: extra flags; bitwise-OR of virConnectGetDomainCapabilitiesFlags
|
||||
*
|
||||
* Prior creating a domain (for instance via virDomainCreateXML
|
||||
* or virDomainDefineXML) it may be suitable to know what the
|
||||
--
|
||||
2.49.0
|
@ -21,7 +21,6 @@ Reviewed-by: Peter Krempa <pkrempa@redhat.com>
|
||||
(cherry picked from commit 64d32118540aca3d42bc5ee21c8b780cafe04bfa)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-2700
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/conf/node_device_conf.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
79
SOURCES/libvirt-nodedev-update-transient-mdevs.patch
Normal file
79
SOURCES/libvirt-nodedev-update-transient-mdevs.patch
Normal file
@ -0,0 +1,79 @@
|
||||
From aebcc09c7060f6eace93821c6a782031cf107d85 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <aebcc09c7060f6eace93821c6a782031cf107d85.1687452713.git.jdenemar@redhat.com>
|
||||
From: Boris Fiuczynski <fiuczy@linux.ibm.com>
|
||||
Date: Mon, 8 May 2023 19:10:46 +0200
|
||||
Subject: [PATCH] nodedev: update transient mdevs
|
||||
|
||||
Instead of updating defined mdevs only add another update for active
|
||||
devices as well to cover transient mdev devices as well.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2143158
|
||||
Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
|
||||
Reviewed-by: Jonathon Jongsma <jjongsma@redhat.com>
|
||||
|
||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2143160
|
||||
|
||||
(cherry picked from commit 44a0f2f0c8ff5e78c238013ed297b8fce223ac5a)
|
||||
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
|
||||
---
|
||||
src/node_device/node_device_driver.c | 31 ++++++++++++++++++++++++++++
|
||||
1 file changed, 31 insertions(+)
|
||||
|
||||
diff --git a/src/node_device/node_device_driver.c b/src/node_device/node_device_driver.c
|
||||
index e6ab4bb94c..943f6121a0 100644
|
||||
--- a/src/node_device/node_device_driver.c
|
||||
+++ b/src/node_device/node_device_driver.c
|
||||
@@ -1651,6 +1651,24 @@ virMdevctlListDefined(virNodeDeviceDef ***devs, char **errmsg)
|
||||
}
|
||||
|
||||
|
||||
+static int
|
||||
+virMdevctlListActive(virNodeDeviceDef ***devs, char **errmsg)
|
||||
+{
|
||||
+ int status;
|
||||
+ g_autofree char *output = NULL;
|
||||
+ g_autoptr(virCommand) cmd = nodeDeviceGetMdevctlListCommand(false, &output, errmsg);
|
||||
+
|
||||
+ if (virCommandRun(cmd, &status) < 0 || status != 0) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ if (!output)
|
||||
+ return -1;
|
||||
+
|
||||
+ return nodeDeviceParseMdevctlJSON(output, devs);
|
||||
+}
|
||||
+
|
||||
+
|
||||
typedef struct _virMdevctlForEachData virMdevctlForEachData;
|
||||
struct _virMdevctlForEachData {
|
||||
int ndefs;
|
||||
@@ -1712,6 +1730,8 @@ int
|
||||
nodeDeviceUpdateMediatedDevices(void)
|
||||
{
|
||||
g_autofree virNodeDeviceDef **defs = NULL;
|
||||
+ g_autofree virNodeDeviceDef **act_defs = NULL;
|
||||
+ int act_ndefs = 0;
|
||||
g_autofree char *errmsg = NULL;
|
||||
g_autofree char *mdevctl = NULL;
|
||||
virMdevctlForEachData data = { 0, };
|
||||
@@ -1738,6 +1758,17 @@ nodeDeviceUpdateMediatedDevices(void)
|
||||
if (nodeDeviceUpdateMediatedDevice(defs[i]) < 0)
|
||||
return -1;
|
||||
|
||||
+ /* Update active/transient mdev devices */
|
||||
+ if ((act_ndefs = virMdevctlListActive(&act_defs, &errmsg)) < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
+ _("failed to query mdevs from mdevctl: %1$s"), errmsg);
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ for (i = 0; i < act_ndefs; i++)
|
||||
+ if (nodeDeviceUpdateMediatedDevice(act_defs[i]) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
@ -14,7 +14,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit f9ae469a6ebb17e0990096e826f049c1c46cd760)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2170472
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/qemu/qemu_monitor.h | 14 --------------
|
||||
src/qemu/qemu_monitor_json.c | 3 +++
|
||||
|
@ -15,7 +15,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit c5eb99a9d9af8683789e99cc904671e343580058)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2170472
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/qemu/qemu_monitor.h | 7 +------
|
||||
1 file changed, 1 insertion(+), 6 deletions(-)
|
||||
|
@ -16,7 +16,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 7c35c483eaa78eb847e0865cbb210d5355f75d7a)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2170472
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/qemu/qemu_monitor.c | 50 ---------------------------------
|
||||
src/qemu/qemu_monitor_priv.h | 54 ++++++++++++++++++++++++++++++++++++
|
||||
|
@ -19,7 +19,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit b0e4ad5263c73a926b8246028c76c552b07fca74)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2170472
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/qemu/qemu_monitor.c | 4 +++-
|
||||
src/qemu/qemu_monitor_priv.h | 2 ++
|
||||
|
@ -0,0 +1,214 @@
|
||||
From 5289208127468cd34b5cb6ea7bb45bbeff45d537 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <5289208127468cd34b5cb6ea7bb45bbeff45d537.1749113303.git.jdenemar@redhat.com>
|
||||
From: Collin Walling <walling@linux.ibm.com>
|
||||
Date: Mon, 16 Dec 2024 18:03:53 -0500
|
||||
Subject: [PATCH] qemu: parse deprecated-props from query-cpu-model-expansion
|
||||
response
|
||||
|
||||
query-cpu-model-expansion may report an array of deprecated properties.
|
||||
This array is optional, and may not be supported for a particular
|
||||
architecture or reported for a particular CPU model. If the output is
|
||||
present, then capture it and store in a qemuMonitorCPUModelInfo struct
|
||||
for later use.
|
||||
|
||||
The deprecated features will be retained in qemuCaps->kvm->hostCPU.info
|
||||
and will be stored in the capabilities cache file under the <hostCPU>
|
||||
element using the following format:
|
||||
|
||||
<deprecatedFeatures>
|
||||
<property name='bpb'/>
|
||||
<property name='csske'/>
|
||||
<property name='cte'/>
|
||||
<property name='te'/>
|
||||
</deprecatedFeatures>
|
||||
|
||||
At this time the data is only queried, parsed, and cached. The data
|
||||
will be utilized in a subsequent patch.
|
||||
|
||||
Signed-off-by: Collin Walling <walling@linux.ibm.com>
|
||||
Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit 45140d293007c1b29f7563bf6ee9640e27769b96)
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Conflicts:
|
||||
tests/qemucapabilitiesdata/caps_9.1.0.s390x.xml
|
||||
tests/qemucapabilitiesdata/caps_9.2.0.s390x.xml
|
||||
(dropped the changes to these files since they are of no use in
|
||||
downstream - upstream testing code changed too much, so it's
|
||||
not possible to get the related tests to work in downstream)
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_capabilities.c | 31 +++++++++++++++++++++++++++++++
|
||||
src/qemu/qemu_monitor.c | 3 +++
|
||||
src/qemu/qemu_monitor.h | 1 +
|
||||
src/qemu/qemu_monitor_json.c | 18 ++++++++++++++++++
|
||||
4 files changed, 53 insertions(+)
|
||||
|
||||
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
|
||||
index c4f7db55c8..d616273406 100644
|
||||
--- a/src/qemu/qemu_capabilities.c
|
||||
+++ b/src/qemu/qemu_capabilities.c
|
||||
@@ -3766,6 +3766,7 @@ virQEMUCapsLoadHostCPUModelInfo(virQEMUCapsAccel *caps,
|
||||
{
|
||||
g_autofree char *migratability = NULL;
|
||||
xmlNodePtr hostCPUNode;
|
||||
+ xmlNodePtr deprecated_props;
|
||||
g_autofree xmlNodePtr *nodes = NULL;
|
||||
VIR_XPATH_NODE_AUTORESTORE(ctxt)
|
||||
g_autoptr(qemuMonitorCPUModelInfo) hostCPU = NULL;
|
||||
@@ -3870,6 +3871,24 @@ virQEMUCapsLoadHostCPUModelInfo(virQEMUCapsAccel *caps,
|
||||
}
|
||||
}
|
||||
|
||||
+ ctxt->node = hostCPUNode;
|
||||
+
|
||||
+ if ((deprecated_props = virXPathNode("./deprecatedFeatures", ctxt))) {
|
||||
+ g_autoptr(GPtrArray) props = virXMLNodeGetSubelementList(deprecated_props, NULL);
|
||||
+
|
||||
+ hostCPU->deprecated_props = g_new0(char *, props->len + 1);
|
||||
+
|
||||
+ for (i = 0; i < props->len; i++) {
|
||||
+ xmlNodePtr prop = g_ptr_array_index(props, i);
|
||||
+
|
||||
+ if (!(hostCPU->deprecated_props[i] = virXMLPropString(prop, "name"))) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||
+ _("missing 'name' attribute for a host CPU model deprecated property in QEMU capabilities cache"));
|
||||
+ return -1;
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
caps->hostCPU.info = g_steal_pointer(&hostCPU);
|
||||
return 0;
|
||||
}
|
||||
@@ -4500,6 +4519,18 @@ virQEMUCapsFormatHostCPUModelInfo(virQEMUCapsAccel *caps,
|
||||
virBufferAddLit(buf, "/>\n");
|
||||
}
|
||||
|
||||
+ if (model->deprecated_props) {
|
||||
+ virBufferAddLit(buf, "<deprecatedFeatures>\n");
|
||||
+ virBufferAdjustIndent(buf, 2);
|
||||
+
|
||||
+ for (i = 0; i < g_strv_length(model->deprecated_props); i++)
|
||||
+ virBufferAsprintf(buf, "<property name='%s'/>\n",
|
||||
+ model->deprecated_props[i]);
|
||||
+
|
||||
+ virBufferAdjustIndent(buf, -2);
|
||||
+ virBufferAddLit(buf, "</deprecatedFeatures>\n");
|
||||
+ }
|
||||
+
|
||||
virBufferAdjustIndent(buf, -2);
|
||||
virBufferAddLit(buf, "</hostCPU>\n");
|
||||
}
|
||||
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
|
||||
index 99667fdf2f..8f72fc5bd9 100644
|
||||
--- a/src/qemu/qemu_monitor.c
|
||||
+++ b/src/qemu/qemu_monitor.c
|
||||
@@ -3487,6 +3487,7 @@ qemuMonitorCPUModelInfoFree(qemuMonitorCPUModelInfo *model_info)
|
||||
g_free(model_info->props[i].value.string);
|
||||
}
|
||||
|
||||
+ g_strfreev(model_info->deprecated_props);
|
||||
g_free(model_info->props);
|
||||
g_free(model_info->name);
|
||||
g_free(model_info);
|
||||
@@ -3531,6 +3532,8 @@ qemuMonitorCPUModelInfoCopy(const qemuMonitorCPUModelInfo *orig)
|
||||
}
|
||||
}
|
||||
|
||||
+ copy->deprecated_props = g_strdupv(orig->deprecated_props);
|
||||
+
|
||||
return copy;
|
||||
}
|
||||
|
||||
diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
|
||||
index d00967d84f..5b9ea336ec 100644
|
||||
--- a/src/qemu/qemu_monitor.h
|
||||
+++ b/src/qemu/qemu_monitor.h
|
||||
@@ -1238,6 +1238,7 @@ struct _qemuMonitorCPUModelInfo {
|
||||
char *name;
|
||||
size_t nprops;
|
||||
qemuMonitorCPUProperty *props;
|
||||
+ GStrv deprecated_props;
|
||||
bool migratability;
|
||||
};
|
||||
|
||||
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
|
||||
index 487f8028d9..9a3ca3d186 100644
|
||||
--- a/src/qemu/qemu_monitor_json.c
|
||||
+++ b/src/qemu/qemu_monitor_json.c
|
||||
@@ -5500,6 +5500,7 @@ qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
|
||||
bool fail_no_props,
|
||||
virJSONValue **cpu_model,
|
||||
virJSONValue **cpu_props,
|
||||
+ virJSONValue **cpu_deprecated_props,
|
||||
const char **cpu_name)
|
||||
{
|
||||
if (qemuMonitorJSONParseCPUModelData(data, "query-cpu-model-expansion",
|
||||
@@ -5507,6 +5508,12 @@ qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
|
||||
cpu_name) < 0)
|
||||
return -1;
|
||||
|
||||
+ /*
|
||||
+ * Unconditionally check for the deprecated-props array, as
|
||||
+ * it is not a guarantee response even if QEMU supports it.
|
||||
+ */
|
||||
+ *cpu_deprecated_props = virJSONValueObjectGetArray(data, "deprecated-props");
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -5514,6 +5521,7 @@ qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
|
||||
static int
|
||||
qemuMonitorJSONParseCPUModelExpansion(const char *cpu_name,
|
||||
virJSONValue *cpu_props,
|
||||
+ virJSONValue *cpu_deprecated_props,
|
||||
qemuMonitorCPUModelInfo **model_info)
|
||||
{
|
||||
g_autoptr(qemuMonitorCPUModelInfo) expanded_model = NULL;
|
||||
@@ -5521,6 +5529,12 @@ qemuMonitorJSONParseCPUModelExpansion(const char *cpu_name,
|
||||
if (qemuMonitorJSONParseCPUModel(cpu_name, cpu_props, &expanded_model) < 0)
|
||||
return -1;
|
||||
|
||||
+ if (cpu_deprecated_props &&
|
||||
+ virJSONValueArraySize(cpu_deprecated_props) &&
|
||||
+ (!(expanded_model->deprecated_props = virJSONValueArrayToStringList(cpu_deprecated_props)))) {
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
*model_info = g_steal_pointer(&expanded_model);
|
||||
return 0;
|
||||
}
|
||||
@@ -5584,6 +5598,7 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
|
||||
g_autoptr(virJSONValue) fullData = NULL;
|
||||
virJSONValue *cpu_model;
|
||||
virJSONValue *cpu_props = NULL;
|
||||
+ virJSONValue *cpu_deprecated_props = NULL;
|
||||
const char *cpu_name = "";
|
||||
int rc;
|
||||
|
||||
@@ -5597,6 +5612,7 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
|
||||
|
||||
if (qemuMonitorJSONParseCPUModelExpansionData(data, fail_no_props,
|
||||
&cpu_model, &cpu_props,
|
||||
+ &cpu_deprecated_props,
|
||||
&cpu_name) < 0)
|
||||
return -1;
|
||||
|
||||
@@ -5615,11 +5631,13 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
|
||||
|
||||
if (qemuMonitorJSONParseCPUModelExpansionData(fullData, fail_no_props,
|
||||
&cpu_model, &cpu_props,
|
||||
+ &cpu_deprecated_props,
|
||||
&cpu_name) < 0)
|
||||
return -1;
|
||||
}
|
||||
|
||||
return qemuMonitorJSONParseCPUModelExpansion(cpu_name, cpu_props,
|
||||
+ cpu_deprecated_props,
|
||||
model_info);
|
||||
}
|
||||
|
||||
--
|
||||
2.49.0
|
@ -20,7 +20,6 @@ Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
- qemuDomainObjEnter/ExitMonitor still needs 'driver'
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2170472
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/qemu/qemu_block.c | 7 ++-----
|
||||
1 file changed, 2 insertions(+), 5 deletions(-)
|
||||
|
@ -0,0 +1,65 @@
|
||||
From e9418cec1ba24b6cf78f85bbbef8586ed612692a Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <e9418cec1ba24b6cf78f85bbbef8586ed612692a@dist-git>
|
||||
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
|
||||
Date: Mon, 13 Mar 2023 13:56:47 +0100
|
||||
Subject: [PATCH] qemu: relax shared memory check for vhostuser daemons
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
For some vhostuser daemons, we validate that the guest memory is shared
|
||||
with the host.
|
||||
|
||||
With earlier versions of QEMU, it was only possible to mark memory
|
||||
as shared by defining an explicit NUMA topology. Later, QEMU exposed
|
||||
the name of the default memory backend (defaultRAMid) so we can mark
|
||||
that memory as shared.
|
||||
|
||||
Since libvirt commit:
|
||||
commit bff2ad5d6b1f25da02802273934d2a519159fec7
|
||||
qemu: Relax validation for mem->access if guest has no NUMA
|
||||
we already check for the case when user requests shared memory,
|
||||
but QEMU did not expose defaultRAMid.
|
||||
|
||||
Drop the duplicit check from vhostuser device validation, to make
|
||||
it pass on hotplug even after libvirtd restart.
|
||||
|
||||
This avoids the need to store the defaultRAMid, since we don't really
|
||||
need it for anything after the VM has been already started.
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2078693
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2177701
|
||||
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit d5c7b7870e45575f81fffcb611c2546d0e02e778)
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_validate.c | 8 ++------
|
||||
1 file changed, 2 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
|
||||
index 7bc14293d6..4069f47c12 100644
|
||||
--- a/src/qemu/qemu_validate.c
|
||||
+++ b/src/qemu/qemu_validate.c
|
||||
@@ -1588,16 +1588,12 @@ qemuValidateDomainVirtioOptions(const virDomainVirtioOptions *virtio,
|
||||
static int
|
||||
qemuValidateDomainDefVhostUserRequireSharedMemory(const virDomainDef *def,
|
||||
const char *name,
|
||||
- virQEMUCaps *qemuCaps)
|
||||
+ virQEMUCaps *qemuCaps G_GNUC_UNUSED)
|
||||
{
|
||||
- const char *defaultRAMId = virQEMUCapsGetMachineDefaultRAMid(qemuCaps,
|
||||
- def->virtType,
|
||||
- def->os.machine);
|
||||
size_t numa_nodes = virDomainNumaGetNodeCount(def->numa);
|
||||
size_t i;
|
||||
|
||||
- if (numa_nodes == 0 &&
|
||||
- !(defaultRAMId && def->mem.access == VIR_DOMAIN_MEMORY_ACCESS_SHARED)) {
|
||||
+ if (numa_nodes == 0 && def->mem.access != VIR_DOMAIN_MEMORY_ACCESS_SHARED) {
|
||||
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
|
||||
_("'%s' requires shared memory"), name);
|
||||
return -1;
|
||||
--
|
||||
2.40.1
|
@ -20,7 +20,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit bbd4d4899391b3bd1906cce61a3634f42f4b1bdf)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2170472
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/qemu/qemu_monitor_json.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
@ -0,0 +1,100 @@
|
||||
From ed03cdb563ee30bff2f4f8a66f7778b5e55a4683 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <ed03cdb563ee30bff2f4f8a66f7778b5e55a4683.1749113303.git.jdenemar@redhat.com>
|
||||
From: Collin Walling <walling@linux.ibm.com>
|
||||
Date: Mon, 16 Dec 2024 18:03:52 -0500
|
||||
Subject: [PATCH] qemuMonitorJSONGetCPUModelExpansion: refactor parsing
|
||||
functions
|
||||
|
||||
Refactor the CPU Model parsing functions within
|
||||
qemuMonitorJSONGetCPUModelExpansion. The new functions,
|
||||
qemuMonitorJSONParseCPUModelExpansionData and
|
||||
qemuMonitorJSONParseCPUModelExpansion invoke the functions they
|
||||
replace and leave room for a subsequent patch to handle parsing the
|
||||
(optional) deprecated_props field resulting from the command.
|
||||
|
||||
Signed-off-by: Collin Walling <walling@linux.ibm.com>
|
||||
Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit 60e407deb5cd88e5f1564d1c9145e374001cf34f)
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_monitor_json.c | 46 ++++++++++++++++++++++++++++++------
|
||||
1 file changed, 39 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
|
||||
index 789554e225..487f8028d9 100644
|
||||
--- a/src/qemu/qemu_monitor_json.c
|
||||
+++ b/src/qemu/qemu_monitor_json.c
|
||||
@@ -5495,6 +5495,37 @@ qemuMonitorJSONParseCPUModel(const char *cpu_name,
|
||||
}
|
||||
|
||||
|
||||
+static int
|
||||
+qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
|
||||
+ bool fail_no_props,
|
||||
+ virJSONValue **cpu_model,
|
||||
+ virJSONValue **cpu_props,
|
||||
+ const char **cpu_name)
|
||||
+{
|
||||
+ if (qemuMonitorJSONParseCPUModelData(data, "query-cpu-model-expansion",
|
||||
+ fail_no_props, cpu_model, cpu_props,
|
||||
+ cpu_name) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static int
|
||||
+qemuMonitorJSONParseCPUModelExpansion(const char *cpu_name,
|
||||
+ virJSONValue *cpu_props,
|
||||
+ qemuMonitorCPUModelInfo **model_info)
|
||||
+{
|
||||
+ g_autoptr(qemuMonitorCPUModelInfo) expanded_model = NULL;
|
||||
+
|
||||
+ if (qemuMonitorJSONParseCPUModel(cpu_name, cpu_props, &expanded_model) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ *model_info = g_steal_pointer(&expanded_model);
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static int
|
||||
qemuMonitorJSONQueryCPUModelExpansionOne(qemuMonitor *mon,
|
||||
qemuMonitorCPUModelExpansionType type,
|
||||
@@ -5564,9 +5595,9 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
|
||||
if ((rc = qemuMonitorJSONQueryCPUModelExpansionOne(mon, type, &model, &data)) <= 0)
|
||||
return rc;
|
||||
|
||||
- if (qemuMonitorJSONParseCPUModelData(data, "query-cpu-model-expansion",
|
||||
- fail_no_props, &cpu_model, &cpu_props,
|
||||
- &cpu_name) < 0)
|
||||
+ if (qemuMonitorJSONParseCPUModelExpansionData(data, fail_no_props,
|
||||
+ &cpu_model, &cpu_props,
|
||||
+ &cpu_name) < 0)
|
||||
return -1;
|
||||
|
||||
/* QEMU_MONITOR_CPU_MODEL_EXPANSION_STATIC_FULL requests "full" expansion
|
||||
@@ -5582,13 +5613,14 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
|
||||
if ((rc = qemuMonitorJSONQueryCPUModelExpansionOne(mon, type, &fullModel, &fullData)) <= 0)
|
||||
return rc;
|
||||
|
||||
- if (qemuMonitorJSONParseCPUModelData(fullData, "query-cpu-model-expansion",
|
||||
- fail_no_props, &cpu_model, &cpu_props,
|
||||
- &cpu_name) < 0)
|
||||
+ if (qemuMonitorJSONParseCPUModelExpansionData(fullData, fail_no_props,
|
||||
+ &cpu_model, &cpu_props,
|
||||
+ &cpu_name) < 0)
|
||||
return -1;
|
||||
}
|
||||
|
||||
- return qemuMonitorJSONParseCPUModel(cpu_name, cpu_props, model_info);
|
||||
+ return qemuMonitorJSONParseCPUModelExpansion(cpu_name, cpu_props,
|
||||
+ model_info);
|
||||
}
|
||||
|
||||
|
||||
--
|
||||
2.49.0
|
@ -0,0 +1,95 @@
|
||||
From 59ec9c201e8849f7231557c6019e1fabd0893240 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <59ec9c201e8849f7231557c6019e1fabd0893240.1749113303.git.jdenemar@redhat.com>
|
||||
From: Collin Walling <walling@linux.ibm.com>
|
||||
Date: Mon, 16 Dec 2024 18:03:56 -0500
|
||||
Subject: [PATCH] qemu_capabilities: filter deprecated features if requested
|
||||
|
||||
If flag VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES
|
||||
is passed to qemuConnectGetDomainCapabilities, then the domain's CPU
|
||||
model features will be updated to set any deprecated features to the
|
||||
'disabled' policy.
|
||||
|
||||
Signed-off-by: Collin Walling <walling@linux.ibm.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit cd1e837c22182dcadfe17b469c931f9fc9745a46)
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_capabilities.c | 20 ++++++++++++++++++++
|
||||
src/qemu/qemu_capabilities.h | 3 +++
|
||||
src/qemu/qemu_driver.c | 8 +++++++-
|
||||
3 files changed, 30 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
|
||||
index 98773d2a0a..389b43ab3d 100644
|
||||
--- a/src/qemu/qemu_capabilities.c
|
||||
+++ b/src/qemu/qemu_capabilities.c
|
||||
@@ -3152,6 +3152,26 @@ virQEMUCapsGetCPUFeatures(virQEMUCaps *qemuCaps,
|
||||
}
|
||||
|
||||
|
||||
+void
|
||||
+virQEMUCapsUpdateCPUDeprecatedFeatures(virQEMUCaps *qemuCaps,
|
||||
+ virDomainVirtType virtType,
|
||||
+ virCPUDef *cpu)
|
||||
+{
|
||||
+ qemuMonitorCPUModelInfo *modelInfo;
|
||||
+ size_t i;
|
||||
+
|
||||
+ modelInfo = virQEMUCapsGetCPUModelInfo(qemuCaps, virtType);
|
||||
+
|
||||
+ if (!modelInfo || !modelInfo->deprecated_props)
|
||||
+ return;
|
||||
+
|
||||
+ for (i = 0; i < g_strv_length(modelInfo->deprecated_props); i++) {
|
||||
+ virCPUDefUpdateFeature(cpu, modelInfo->deprecated_props[i],
|
||||
+ VIR_CPU_FEATURE_DISABLE);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+
|
||||
struct tpmTypeToCaps {
|
||||
int type;
|
||||
virQEMUCapsFlags caps;
|
||||
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
|
||||
index 4a7fb2c726..249adf66fa 100644
|
||||
--- a/src/qemu/qemu_capabilities.h
|
||||
+++ b/src/qemu/qemu_capabilities.h
|
||||
@@ -702,6 +702,9 @@ int virQEMUCapsGetCPUFeatures(virQEMUCaps *qemuCaps,
|
||||
virDomainVirtType virtType,
|
||||
bool migratable,
|
||||
char ***features);
|
||||
+void virQEMUCapsUpdateCPUDeprecatedFeatures(virQEMUCaps *qemuCaps,
|
||||
+ virDomainVirtType virtType,
|
||||
+ virCPUDef *cpu);
|
||||
|
||||
virDomainVirtType virQEMUCapsGetVirtType(virQEMUCaps *qemuCaps);
|
||||
|
||||
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
||||
index d3d76c003f..315abe57b0 100644
|
||||
--- a/src/qemu/qemu_driver.c
|
||||
+++ b/src/qemu/qemu_driver.c
|
||||
@@ -17383,7 +17383,8 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
|
||||
virDomainVirtType virttype;
|
||||
g_autoptr(virDomainCaps) domCaps = NULL;
|
||||
|
||||
- virCheckFlags(0, NULL);
|
||||
+ virCheckFlags(VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES,
|
||||
+ NULL);
|
||||
|
||||
if (virConnectGetDomainCapabilitiesEnsureACL(conn) < 0)
|
||||
return NULL;
|
||||
@@ -17402,6 +17403,11 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
|
||||
arch, virttype)))
|
||||
return NULL;
|
||||
|
||||
+ if (flags & VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES) {
|
||||
+ virQEMUCapsUpdateCPUDeprecatedFeatures(qemuCaps, virttype,
|
||||
+ domCaps->cpu.hostModel);
|
||||
+ }
|
||||
+
|
||||
return virDomainCapsFormat(domCaps);
|
||||
}
|
||||
|
||||
--
|
||||
2.49.0
|
@ -0,0 +1,128 @@
|
||||
From 4ad452d843406b9bb8423a47987f4180d565f11a Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <4ad452d843406b9bb8423a47987f4180d565f11a.1749113303.git.jdenemar@redhat.com>
|
||||
From: Collin Walling <walling@linux.ibm.com>
|
||||
Date: Mon, 16 Dec 2024 18:03:54 -0500
|
||||
Subject: [PATCH] qemu_capabilities: query deprecated features for host-model
|
||||
|
||||
Add QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS for detecting
|
||||
if query-cpu-model-expansion can report deprecated CPU model properties.
|
||||
QEMU introduced this capability in 9.1 release. Add flag and deprecated
|
||||
features to the capabilities test data for QEMU 9.1 and 9.2 replies/XML
|
||||
since it can now be accounted for.
|
||||
|
||||
When probing for the host CPU, perform a full CPU model expansion to
|
||||
retrieve the list of features deprecated across the entire architecture.
|
||||
The list and count are stored in the host's CPU model info within the
|
||||
QEMU capabilities. Other info resulting from this query (e.g. model
|
||||
name, etc) is ignored.
|
||||
|
||||
The new capabilities flag is used to fence off the extra query for
|
||||
architectures/QEMU binaries that do not report deprecated CPU model
|
||||
features.
|
||||
|
||||
Signed-off-by: Collin Walling <walling@linux.ibm.com>
|
||||
Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit 51c098347d7f2af9b4386ac0adc4431997d06f3d)
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Conflicts:
|
||||
src/qemu/qemu_capabilities.c
|
||||
src/qemu/qemu_capabilities.h
|
||||
(Contextual conflicts due to missing other patches in downstream
|
||||
and qemuMonitorGetCPUModelExpansion() having one parameter less
|
||||
in downstream)
|
||||
tests/qemucapabilitiesdata/caps_9.*
|
||||
(dropped the changes to these files since they are of no use in
|
||||
downstream - upstream testing code changed too much, so it's
|
||||
not possible to get the related tests to work in downstream)
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_capabilities.c | 38 ++++++++++++++++++++++++++++++++++++
|
||||
src/qemu/qemu_capabilities.h | 1 +
|
||||
2 files changed, 39 insertions(+)
|
||||
|
||||
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
|
||||
index d616273406..98773d2a0a 100644
|
||||
--- a/src/qemu/qemu_capabilities.c
|
||||
+++ b/src/qemu/qemu_capabilities.c
|
||||
@@ -658,6 +658,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
|
||||
/* 420 */
|
||||
"blockdev-reopen.__com.redhat_rhel-av-8_2_0-api", /* QEMU_CAPS_BLOCKDEV_REOPEN_COM_REDHAT_AV_8_2_0_API */
|
||||
"memory-backend-file.prealloc-threads", /* QEMU_CAPS_MEMORY_BACKEND_PREALLOC_THREADS */
|
||||
+ "query-cpu-model-expansion.deprecated-props", /* QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS */
|
||||
);
|
||||
|
||||
|
||||
@@ -1579,6 +1580,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsQMPSchemaQueries[] = {
|
||||
{ "screendump/arg-type/device", QEMU_CAPS_SCREENDUMP_DEVICE },
|
||||
{ "set-numa-node/arg-type/+hmat-lb", QEMU_CAPS_NUMA_HMAT },
|
||||
{ "object-add/arg-type/+sev-guest/kernel-hashes", QEMU_CAPS_SEV_GUEST_KERNEL_HASHES },
|
||||
+ { "query-cpu-model-expansion/ret-type/deprecated-props", QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS },
|
||||
};
|
||||
|
||||
typedef struct _virQEMUCapsObjectTypeProps virQEMUCapsObjectTypeProps;
|
||||
@@ -2982,6 +2984,38 @@ virQEMUCapsProbeCPUDefinitionsTest(virQEMUCaps *qemuCaps,
|
||||
}
|
||||
|
||||
|
||||
+/**
|
||||
+ * virQEMUCapsProbeFullDeprecatedProperties
|
||||
+ * @mon: QEMU monitor
|
||||
+ * @cpu: CPU definition to be expanded
|
||||
+ * @props: the array to be filled with deprecated features
|
||||
+ *
|
||||
+ * Performs a full CPU model expansion to retrieve an array of deprecated
|
||||
+ * properties. If the expansion succeeds, then data previously stored in
|
||||
+ * @props is freed.
|
||||
+ *
|
||||
+ * Returns: -1 if the expansion failed; otherwise 0.
|
||||
+ */
|
||||
+static int
|
||||
+virQEMUCapsProbeFullDeprecatedProperties(qemuMonitor *mon,
|
||||
+ virCPUDef *cpu,
|
||||
+ GStrv *props)
|
||||
+{
|
||||
+ g_autoptr(qemuMonitorCPUModelInfo) propsInfo = NULL;
|
||||
+
|
||||
+ if (qemuMonitorGetCPUModelExpansion(mon, QEMU_MONITOR_CPU_MODEL_EXPANSION_FULL,
|
||||
+ cpu, true, false, &propsInfo) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ if (propsInfo && propsInfo->deprecated_props) {
|
||||
+ g_free(*props);
|
||||
+ *props = g_steal_pointer(&propsInfo->deprecated_props);
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static int
|
||||
virQEMUCapsProbeQMPHostCPU(virQEMUCaps *qemuCaps,
|
||||
virQEMUCapsAccel *accel,
|
||||
@@ -3065,6 +3099,10 @@ virQEMUCapsProbeQMPHostCPU(virQEMUCaps *qemuCaps,
|
||||
modelInfo->migratability = true;
|
||||
}
|
||||
|
||||
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS) &&
|
||||
+ virQEMUCapsProbeFullDeprecatedProperties(mon, cpu, &modelInfo->deprecated_props) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
accel->hostCPU.info = g_steal_pointer(&modelInfo);
|
||||
return 0;
|
||||
}
|
||||
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
|
||||
index 8e65635e0d..4a7fb2c726 100644
|
||||
--- a/src/qemu/qemu_capabilities.h
|
||||
+++ b/src/qemu/qemu_capabilities.h
|
||||
@@ -637,6 +637,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */
|
||||
/* 420 */
|
||||
QEMU_CAPS_BLOCKDEV_REOPEN_COM_REDHAT_AV_8_2_0_API, /* downstream support for blockdev reopen in rhel-av-8.2.0 */
|
||||
QEMU_CAPS_MEMORY_BACKEND_PREALLOC_THREADS, /* -object memory-backend-*.prealloc-threads */
|
||||
+ QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS, /* query-cpu-model-expansion may report deprecated CPU properties */
|
||||
|
||||
QEMU_CAPS_LAST /* this must always be the last item */
|
||||
} virQEMUCapsFlags;
|
||||
--
|
||||
2.49.0
|
@ -0,0 +1,218 @@
|
||||
From cb42cd98d347deeee7c225d8d1e9f71f232cad29 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <cb42cd98d347deeee7c225d8d1e9f71f232cad29.1712647819.git.jdenemar@redhat.com>
|
||||
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
||||
Date: Fri, 15 Mar 2024 10:47:50 +0000
|
||||
Subject: [PATCH] remote: check for negative array lengths before allocation
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
While the C API entry points will validate non-negative lengths
|
||||
for various parameters, the RPC server de-serialization code
|
||||
will need to allocate memory for arrays before entering the C
|
||||
API. These allocations will thus happen before the non-negative
|
||||
length check is performed.
|
||||
|
||||
Passing a negative length to the g_new0 function will usually
|
||||
result in a crash due to the negative length being treated as
|
||||
a huge positive number.
|
||||
|
||||
This was found and diagnosed by ALT Linux Team with AFLplusplus.
|
||||
|
||||
CVE-2024-2494
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Found-by: Alexandr Shashkin <dutyrok@altlinux.org>
|
||||
Co-developed-by: Alexander Kuznetsov <kuznetsovam@altlinux.org>
|
||||
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||
(cherry picked from commit 8a3f8d957507c1f8223fdcf25a3ff885b15557f2)
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
src/remote/remote_daemon_dispatch.c | 65 +++++++++++++++++++++++++++++
|
||||
src/rpc/gendispatch.pl | 5 +++
|
||||
2 files changed, 70 insertions(+)
|
||||
|
||||
diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c
|
||||
index 689001889e..c193227926 100644
|
||||
--- a/src/remote/remote_daemon_dispatch.c
|
||||
+++ b/src/remote/remote_daemon_dispatch.c
|
||||
@@ -2306,6 +2306,10 @@ remoteDispatchDomainGetSchedulerParameters(virNetServer *server G_GNUC_UNUSED,
|
||||
if (!conn)
|
||||
goto cleanup;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -2354,6 +2358,10 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServer *server G_GNUC_UNUS
|
||||
if (!conn)
|
||||
goto cleanup;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -2512,6 +2520,10 @@ remoteDispatchDomainBlockStatsFlags(virNetServer *server G_GNUC_UNUSED,
|
||||
goto cleanup;
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_BLOCK_STATS_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -2737,6 +2749,14 @@ remoteDispatchDomainGetVcpuPinInfo(virNetServer *server G_GNUC_UNUSED,
|
||||
if (!(dom = get_nonnull_domain(conn, args->dom)))
|
||||
goto cleanup;
|
||||
|
||||
+ if (args->ncpumaps < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("ncpumaps must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
+ if (args->maplen < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maplen must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->ncpumaps > REMOTE_VCPUINFO_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("ncpumaps > REMOTE_VCPUINFO_MAX"));
|
||||
goto cleanup;
|
||||
@@ -2831,6 +2851,11 @@ remoteDispatchDomainGetEmulatorPinInfo(virNetServer *server G_GNUC_UNUSED,
|
||||
if (!(dom = get_nonnull_domain(conn, args->dom)))
|
||||
goto cleanup;
|
||||
|
||||
+ if (args->maplen < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maplen must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
+
|
||||
/* Allocate buffers to take the results */
|
||||
if (args->maplen > 0)
|
||||
cpumaps = g_new0(unsigned char, args->maplen);
|
||||
@@ -2878,6 +2903,14 @@ remoteDispatchDomainGetVcpus(virNetServer *server G_GNUC_UNUSED,
|
||||
if (!(dom = get_nonnull_domain(conn, args->dom)))
|
||||
goto cleanup;
|
||||
|
||||
+ if (args->maxinfo < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
+ if (args->maplen < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->maxinfo > REMOTE_VCPUINFO_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo > REMOTE_VCPUINFO_MAX"));
|
||||
goto cleanup;
|
||||
@@ -3117,6 +3150,10 @@ remoteDispatchDomainGetMemoryParameters(virNetServer *server G_GNUC_UNUSED,
|
||||
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_MEMORY_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -3177,6 +3214,10 @@ remoteDispatchDomainGetNumaParameters(virNetServer *server G_GNUC_UNUSED,
|
||||
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_NUMA_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -3237,6 +3278,10 @@ remoteDispatchDomainGetBlkioParameters(virNetServer *server G_GNUC_UNUSED,
|
||||
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_BLKIO_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -3298,6 +3343,10 @@ remoteDispatchNodeGetCPUStats(virNetServer *server G_GNUC_UNUSED,
|
||||
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_NODE_CPU_STATS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -3365,6 +3414,10 @@ remoteDispatchNodeGetMemoryStats(virNetServer *server G_GNUC_UNUSED,
|
||||
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_NODE_MEMORY_STATS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -3545,6 +3598,10 @@ remoteDispatchDomainGetBlockIoTune(virNetServer *server G_GNUC_UNUSED,
|
||||
if (!conn)
|
||||
goto cleanup;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_BLOCK_IO_TUNE_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -5087,6 +5144,10 @@ remoteDispatchDomainGetInterfaceParameters(virNetServer *server G_GNUC_UNUSED,
|
||||
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_DOMAIN_INTERFACE_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
@@ -5307,6 +5368,10 @@ remoteDispatchNodeGetMemoryParameters(virNetServer *server G_GNUC_UNUSED,
|
||||
|
||||
flags = args->flags;
|
||||
|
||||
+ if (args->nparams < 0) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
|
||||
+ goto cleanup;
|
||||
+ }
|
||||
if (args->nparams > REMOTE_NODE_MEMORY_PARAMETERS_MAX) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"));
|
||||
goto cleanup;
|
||||
diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl
|
||||
index 9f5bf0e316..aacab88808 100755
|
||||
--- a/src/rpc/gendispatch.pl
|
||||
+++ b/src/rpc/gendispatch.pl
|
||||
@@ -1074,6 +1074,11 @@ elsif ($mode eq "server") {
|
||||
print "\n";
|
||||
|
||||
if ($single_ret_as_list) {
|
||||
+ print " if (args->$single_ret_list_max_var < 0) {\n";
|
||||
+ print " virReportError(VIR_ERR_RPC,\n";
|
||||
+ print " \"%s\", _(\"max$single_ret_list_name must be non-negative\"));\n";
|
||||
+ print " goto cleanup;\n";
|
||||
+ print " }\n";
|
||||
print " if (args->$single_ret_list_max_var > $single_ret_list_max_define) {\n";
|
||||
print " virReportError(VIR_ERR_RPC,\n";
|
||||
print " \"%s\", _(\"max$single_ret_list_name > $single_ret_list_max_define\"));\n";
|
||||
--
|
||||
2.44.0
|
@ -0,0 +1,101 @@
|
||||
From b84d0a699f3976644d3090562ce62ede55335fbc Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <b84d0a699f3976644d3090562ce62ede55335fbc.1717684031.git.jdenemar@redhat.com>
|
||||
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
||||
Date: Tue, 30 Apr 2024 11:51:15 +0100
|
||||
Subject: [PATCH] rpc: ensure temporary GSource is removed from client event
|
||||
loop
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Users are seeing periodic segfaults from libvirt client apps,
|
||||
especially thread heavy ones like virt-manager. A typical
|
||||
stack trace would end up in the virNetClientIOEventFD method,
|
||||
with illegal access to stale stack data. eg
|
||||
|
||||
==238721==ERROR: AddressSanitizer: stack-use-after-return on address 0x75cd18709788 at pc 0x75cd3111f907 bp 0x75cd181ff550 sp 0x75cd181ff548
|
||||
WRITE of size 4 at 0x75cd18709788 thread T11
|
||||
#0 0x75cd3111f906 in virNetClientIOEventFD /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:1634:15
|
||||
#1 0x75cd3210d198 (/usr/lib/libglib-2.0.so.0+0x5a198) (BuildId: 0a2311dfbbc6c215dc36f4b6bdd2b4b6fbae55a2)
|
||||
#2 0x75cd3216c3be (/usr/lib/libglib-2.0.so.0+0xb93be) (BuildId: 0a2311dfbbc6c215dc36f4b6bdd2b4b6fbae55a2)
|
||||
#3 0x75cd3210ddc6 in g_main_loop_run (/usr/lib/libglib-2.0.so.0+0x5adc6) (BuildId: 0a2311dfbbc6c215dc36f4b6bdd2b4b6fbae55a2)
|
||||
#4 0x75cd3111a47c in virNetClientIOEventLoop /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:1722:9
|
||||
#5 0x75cd3111a47c in virNetClientIO /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:2002:10
|
||||
#6 0x75cd3111a47c in virNetClientSendInternal /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:2170:11
|
||||
#7 0x75cd311198a8 in virNetClientSendWithReply /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:2198:11
|
||||
#8 0x75cd31111653 in virNetClientProgramCall /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclientprogram.c:318:9
|
||||
#9 0x75cd31241c8f in callFull /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/remote/remote_driver.c:6054:10
|
||||
#10 0x75cd31241c8f in call /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/remote/remote_driver.c:6076:12
|
||||
#11 0x75cd31241c8f in remoteNetworkGetXMLDesc /usr/src/debug/libvirt/libvirt-10.2.0/build/src/remote/remote_client_bodies.h:5959:9
|
||||
#12 0x75cd31410ff7 in virNetworkGetXMLDesc /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/libvirt-network.c:952:15
|
||||
|
||||
The root cause is a bad assumption in the virNetClientIOEventLoop
|
||||
method. This method is run by whichever thread currently owns the
|
||||
buck, and is responsible for handling I/O. Inside a for(;;) loop,
|
||||
this method creates a temporary GSource, adds it to the event loop
|
||||
and runs g_main_loop_run(). When I/O is ready, the GSource callback
|
||||
(virNetClientIOEventFD) will fire and call g_main_loop_quit(), and
|
||||
return G_SOURCE_REMOVE which results in the temporary GSource being
|
||||
destroyed. A g_autoptr() will then remove the last reference.
|
||||
|
||||
What was overlooked, is that a second thread can come along and
|
||||
while it can't enter virNetClientIOEventLoop, it will register an
|
||||
idle source that uses virNetClientIOWakeup to interrupt the
|
||||
original thread's 'g_main_loop_run' call. When this happens the
|
||||
virNetClientIOEventFD callback never runs, and so the temporary
|
||||
GSource is not destroyed. The g_autoptr() will remove a reference,
|
||||
but by virtue of still being attached to the event context, there
|
||||
is an extra reference held causing GSource to be leaked. The
|
||||
next time 'g_main_loop_run' is called, the original GSource will
|
||||
trigger its callback, and access data that was allocated on the
|
||||
stack by the previous thread, and likely SEGV.
|
||||
|
||||
To solve this, the thread calling 'g_main_loop_run' must call
|
||||
g_source_destroy, immediately upon return, to guarantee that
|
||||
the temporary GSource is removed.
|
||||
|
||||
CVE-2024-4418
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
Reported-by: Martin Shirokov <shirokovmartin@gmail.com>
|
||||
Tested-by: Martin Shirokov <shirokovmartin@gmail.com>
|
||||
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
||||
(cherry picked from commit 8074d64dc2eca846d6a61efe1a9b7428a0ce1dd1)
|
||||
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
---
|
||||
src/rpc/virnetclient.c | 14 +++++++++++++-
|
||||
1 file changed, 13 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
|
||||
index f526ad89ec..b9490072c3 100644
|
||||
--- a/src/rpc/virnetclient.c
|
||||
+++ b/src/rpc/virnetclient.c
|
||||
@@ -1664,7 +1664,7 @@ static int virNetClientIOEventLoop(virNetClient *client,
|
||||
#endif /* !WIN32 */
|
||||
int timeout = -1;
|
||||
virNetMessage *msg = NULL;
|
||||
- g_autoptr(GSource) G_GNUC_UNUSED source = NULL;
|
||||
+ g_autoptr(GSource) source = NULL;
|
||||
GIOCondition ev = 0;
|
||||
struct virNetClientIOEventData data = {
|
||||
.client = client,
|
||||
@@ -1728,6 +1728,18 @@ static int virNetClientIOEventLoop(virNetClient *client,
|
||||
|
||||
g_main_loop_run(client->eventLoop);
|
||||
|
||||
+ /*
|
||||
+ * If virNetClientIOEventFD ran, this GSource will already be
|
||||
+ * destroyed due to G_SOURCE_REMOVE. It is harmless to re-destroy
|
||||
+ * it, since we still own a reference.
|
||||
+ *
|
||||
+ * If virNetClientIOWakeup ran, it will have interrupted the
|
||||
+ * g_main_loop_run call, before virNetClientIOEventFD could
|
||||
+ * run, and thus the GSource is still registered, and we need
|
||||
+ * to destroy it since it is referencing stack memory for 'data'
|
||||
+ */
|
||||
+ g_source_destroy(source);
|
||||
+
|
||||
#ifndef WIN32
|
||||
ignore_value(pthread_sigmask(SIG_SETMASK, &oldmask, NULL));
|
||||
#endif /* !WIN32 */
|
||||
--
|
||||
2.45.1
|
@ -0,0 +1,39 @@
|
||||
From ffbae27bd15ae9475fd4f0e79b492a7e03bca93e Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <ffbae27bd15ae9475fd4f0e79b492a7e03bca93e.1717684031.git.jdenemar@redhat.com>
|
||||
From: Jonathon Jongsma <jjongsma@redhat.com>
|
||||
Date: Fri, 22 Sep 2023 14:23:10 -0500
|
||||
Subject: [PATCH] util: Fix error return for virProcessKillPainfullyDelay()
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Commit 93af79fb removed a cleanup label in favor of returning error
|
||||
values directly in certain cases. But the final return value was changed
|
||||
from -1 to 0. If we get to the end of the function, that means that
|
||||
we've waited for the process to exit but it still exists. So we should
|
||||
return -1. The error message was still being set correctly, but we were
|
||||
returning a success status (0).
|
||||
|
||||
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 51a074e74c6ef2fb95e6f53d41315e3f1e00be77)
|
||||
https://issues.redhat.com/browse/RHEL-36064
|
||||
---
|
||||
src/util/virprocess.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/util/virprocess.c b/src/util/virprocess.c
|
||||
index b559a4257e..f3933a2d16 100644
|
||||
--- a/src/util/virprocess.c
|
||||
+++ b/src/util/virprocess.c
|
||||
@@ -471,7 +471,7 @@ virProcessKillPainfullyDelay(pid_t pid, bool force, unsigned int extradelay, boo
|
||||
_("Failed to terminate process %lld with SIG%s"),
|
||||
(long long)pid, signame);
|
||||
|
||||
- return 0;
|
||||
+ return -1;
|
||||
}
|
||||
|
||||
|
||||
--
|
||||
2.45.1
|
@ -0,0 +1,104 @@
|
||||
From 534bb6a049e7ad227d143457ddcfe828238cea18 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <534bb6a049e7ad227d143457ddcfe828238cea18.1749113303.git.jdenemar@redhat.com>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Mon, 13 Feb 2023 15:53:23 +0100
|
||||
Subject: [PATCH] util: xml: Introduce virXMLNodeGetSubelementList
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The new helper is similar to virXPathNodeSet list but for cases where we
|
||||
want to get subelements directly rather than using XPath.
|
||||
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit dcd49d2cd65c9fe58d3df536fa258fc70c633d7e)
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Conflicts:
|
||||
Trivial contextual conflicts in all files
|
||||
(due to missing other patches in downstream)
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
src/libvirt_private.syms | 1 +
|
||||
src/util/virxml.c | 35 +++++++++++++++++++++++++++++++++++
|
||||
src/util/virxml.h | 6 ++++++
|
||||
3 files changed, 42 insertions(+)
|
||||
|
||||
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
|
||||
index 7c558ad364..3af1b33a6c 100644
|
||||
--- a/src/libvirt_private.syms
|
||||
+++ b/src/libvirt_private.syms
|
||||
@@ -3619,6 +3619,7 @@ virXMLFormatElementEmpty;
|
||||
virXMLFormatMetadata;
|
||||
virXMLNewNode;
|
||||
virXMLNodeContentString;
|
||||
+virXMLNodeGetSubelementList;
|
||||
virXMLNodeNameEqual;
|
||||
virXMLNodeSanitizeNamespaces;
|
||||
virXMLNodeToString;
|
||||
diff --git a/src/util/virxml.c b/src/util/virxml.c
|
||||
index 4b09374107..b57462e2d0 100644
|
||||
--- a/src/util/virxml.c
|
||||
+++ b/src/util/virxml.c
|
||||
@@ -838,6 +838,41 @@ virXPathBoolean(const char *xpath,
|
||||
return obj->boolval;
|
||||
}
|
||||
|
||||
+
|
||||
+/**
|
||||
+ * virXMLNodeGetSubelementList:
|
||||
+ * @node: node to get subelement of
|
||||
+ * @name: name of subelement to fetch (NULL to fetch all sub-elements)
|
||||
+ * @list: If non-NULL, filled with a list of pointers to the nodes. Caller is
|
||||
+ * responsible for freeing the list but not the members.
|
||||
+ *
|
||||
+ * Find and return a sub-elements node of @node named @name in a list.
|
||||
+ * Returns the number of subelements with @name
|
||||
+ */
|
||||
+size_t
|
||||
+virXMLNodeGetSubelementList(xmlNodePtr node,
|
||||
+ const char *name,
|
||||
+ xmlNodePtr **list)
|
||||
+{
|
||||
+ xmlNodePtr n;
|
||||
+ size_t nelems = 0;
|
||||
+
|
||||
+ for (n = node->children; n; n = n->next) {
|
||||
+ if (n->type == XML_ELEMENT_NODE) {
|
||||
+ if (name && !virXMLNodeNameEqual(n, name))
|
||||
+ continue;
|
||||
+
|
||||
+ if (list)
|
||||
+ VIR_APPEND_ELEMENT_COPY(*list, nelems, n);
|
||||
+ else
|
||||
+ nelems++;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ return nelems;
|
||||
+}
|
||||
+
|
||||
+
|
||||
/**
|
||||
* virXPathNode:
|
||||
* @xpath: the XPath string to evaluate
|
||||
diff --git a/src/util/virxml.h b/src/util/virxml.h
|
||||
index c39eae6282..7b60551898 100644
|
||||
--- a/src/util/virxml.h
|
||||
+++ b/src/util/virxml.h
|
||||
@@ -83,6 +83,12 @@ int
|
||||
virXPathULongHex(const char *xpath,
|
||||
xmlXPathContextPtr ctxt,
|
||||
unsigned long *value);
|
||||
+
|
||||
+size_t
|
||||
+virXMLNodeGetSubelementList(xmlNodePtr node,
|
||||
+ const char *name,
|
||||
+ xmlNodePtr **list);
|
||||
+
|
||||
xmlNodePtr
|
||||
virXPathNode(const char *xpath,
|
||||
xmlXPathContextPtr ctxt);
|
||||
--
|
||||
2.49.0
|
@ -0,0 +1,92 @@
|
||||
From f3c75e44ad85fb01473c78adfc2a6d2c53f4f358 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <f3c75e44ad85fb01473c78adfc2a6d2c53f4f358.1749113303.git.jdenemar@redhat.com>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Mon, 13 Feb 2023 15:53:23 +0100
|
||||
Subject: [PATCH] util: xml: Return GPtrArray from virXMLNodeGetSubelement
|
||||
[partial]
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Rework the helper to use a GPtrArray structure to simplify callers.
|
||||
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 08a7fc834c7c505e73bfcfa11c4a841a972d4f5d)
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Conflicts:
|
||||
src/conf/*.c
|
||||
Dropped the hunks that modify the callers
|
||||
(since these are not available in downstream yet)
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
src/util/virxml.c | 21 ++++++++-------------
|
||||
src/util/virxml.h | 5 ++---
|
||||
2 files changed, 10 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/src/util/virxml.c b/src/util/virxml.c
|
||||
index b57462e2d0..46afcf2146 100644
|
||||
--- a/src/util/virxml.c
|
||||
+++ b/src/util/virxml.c
|
||||
@@ -843,33 +843,28 @@ virXPathBoolean(const char *xpath,
|
||||
* virXMLNodeGetSubelementList:
|
||||
* @node: node to get subelement of
|
||||
* @name: name of subelement to fetch (NULL to fetch all sub-elements)
|
||||
- * @list: If non-NULL, filled with a list of pointers to the nodes. Caller is
|
||||
- * responsible for freeing the list but not the members.
|
||||
*
|
||||
- * Find and return a sub-elements node of @node named @name in a list.
|
||||
- * Returns the number of subelements with @name
|
||||
+ * Find and return a sub-elements node of @node named @name in a GPtrArray
|
||||
+ * populated with the xmlNodePtr objects. Caller is responsible for freeing the
|
||||
+ * array but not the contained xmlNode objects.
|
||||
*/
|
||||
-size_t
|
||||
+GPtrArray *
|
||||
virXMLNodeGetSubelementList(xmlNodePtr node,
|
||||
- const char *name,
|
||||
- xmlNodePtr **list)
|
||||
+ const char *name)
|
||||
{
|
||||
+ GPtrArray *ret = g_ptr_array_new();
|
||||
xmlNodePtr n;
|
||||
- size_t nelems = 0;
|
||||
|
||||
for (n = node->children; n; n = n->next) {
|
||||
if (n->type == XML_ELEMENT_NODE) {
|
||||
if (name && !virXMLNodeNameEqual(n, name))
|
||||
continue;
|
||||
|
||||
- if (list)
|
||||
- VIR_APPEND_ELEMENT_COPY(*list, nelems, n);
|
||||
- else
|
||||
- nelems++;
|
||||
+ g_ptr_array_add(ret, n);
|
||||
}
|
||||
}
|
||||
|
||||
- return nelems;
|
||||
+ return ret;
|
||||
}
|
||||
|
||||
|
||||
diff --git a/src/util/virxml.h b/src/util/virxml.h
|
||||
index 7b60551898..03677afc33 100644
|
||||
--- a/src/util/virxml.h
|
||||
+++ b/src/util/virxml.h
|
||||
@@ -84,10 +84,9 @@ virXPathULongHex(const char *xpath,
|
||||
xmlXPathContextPtr ctxt,
|
||||
unsigned long *value);
|
||||
|
||||
-size_t
|
||||
+GPtrArray *
|
||||
virXMLNodeGetSubelementList(xmlNodePtr node,
|
||||
- const char *name,
|
||||
- xmlNodePtr **list);
|
||||
+ const char *name);
|
||||
|
||||
xmlNodePtr
|
||||
virXPathNode(const char *xpath,
|
||||
--
|
||||
2.49.0
|
@ -0,0 +1,51 @@
|
||||
From afbf59c823a04b417b4ae66edb99e15e6e8ba877 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <afbf59c823a04b417b4ae66edb99e15e6e8ba877.1730898528.git.jdenemar@redhat.com>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Tue, 8 Aug 2023 15:53:53 +0200
|
||||
Subject: [PATCH] virStorageBackendLogicalCheckPool: Properly mark empty
|
||||
logical pools as active
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The '/dev' filesystem convenience directory for a LVM volume group is
|
||||
not created when the volume group is empty.
|
||||
|
||||
The logic in 'virStorageBackendLogicalCheckPool' which is used to see
|
||||
whether a pool is active was first checking presence of the directory,
|
||||
which failed for an empty VG.
|
||||
|
||||
Since the second step is virStorageBackendLogicalMatchPoolSource which
|
||||
is checking mapping between configured PVs and the VG, we can simply
|
||||
rely on the function to also check presence of the pool.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2228223
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit fa1a54baa59d244289ce666f9dc52d9eabca47f1)
|
||||
https://issues.redhat.com/browse/RHEL-65771
|
||||
---
|
||||
src/storage/storage_backend_logical.c | 8 +-------
|
||||
1 file changed, 1 insertion(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/storage/storage_backend_logical.c b/src/storage/storage_backend_logical.c
|
||||
index 3f27e63aeb..b7e3ba2498 100644
|
||||
--- a/src/storage/storage_backend_logical.c
|
||||
+++ b/src/storage/storage_backend_logical.c
|
||||
@@ -628,13 +628,7 @@ static int
|
||||
virStorageBackendLogicalCheckPool(virStoragePoolObj *pool,
|
||||
bool *isActive)
|
||||
{
|
||||
- virStoragePoolDef *def = virStoragePoolObjGetDef(pool);
|
||||
-
|
||||
- /* If we can find the target.path as well as ensure that the
|
||||
- * pool's def source
|
||||
- */
|
||||
- *isActive = virFileExists(def->target.path) &&
|
||||
- virStorageBackendLogicalMatchPoolSource(pool);
|
||||
+ *isActive = virStorageBackendLogicalMatchPoolSource(pool);
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
2.47.0
|
@ -0,0 +1,68 @@
|
||||
From f3ae3ac1807549c1eb4cc5a0286047ff019e14a0 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <f3ae3ac1807549c1eb4cc5a0286047ff019e14a0.1702401900.git.jdenemar@redhat.com>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Fri, 24 Nov 2023 11:59:32 +0100
|
||||
Subject: [PATCH] virnuma: Avoid integer overflow in virNumaGetPages()
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
On systems with humongous pages (16GiB) and 32bit int it's easy
|
||||
to hit integer overflow in virNumaGetPages(). What happens is,
|
||||
inside of virNumaGetPages() as we process hugepages for given
|
||||
NUMA node (e.g. in order to produce capabilities XML), we keep a
|
||||
sum of sizes of pools in an ULL variable (huge_page_sum). In each
|
||||
iteration, the variable is incremented by 1024 * page_size *
|
||||
page_avail. Now, page_size is just an uint, so we have:
|
||||
|
||||
ULL += U * U * ULL;
|
||||
|
||||
and because of associativity, U * U is computed first and since
|
||||
we have two operands of the same type, no type expansion happens.
|
||||
But this means, for humongous pages (like 16GiB) the
|
||||
multiplication overflows.
|
||||
|
||||
Therefore, move the multiplication out of the loop. This helps in
|
||||
two ways:
|
||||
|
||||
1) now we have ULL += U * ULL; which expands the uint in
|
||||
multiplication,
|
||||
|
||||
2) it saves couple of CPU cycles.
|
||||
|
||||
Resolves: https://issues.redhat.com/browse/RHEL-16749
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 9694d1ca6a4ef7a37ac20249eb8b85c1bb48ef6b)
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/util/virnuma.c | 7 ++++---
|
||||
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/util/virnuma.c b/src/util/virnuma.c
|
||||
index 7c892d6267..e0938867f9 100644
|
||||
--- a/src/util/virnuma.c
|
||||
+++ b/src/util/virnuma.c
|
||||
@@ -806,9 +806,7 @@ virNumaGetPages(int node,
|
||||
tmp_free[ntmp] = page_free;
|
||||
ntmp++;
|
||||
|
||||
- /* page_size is in kibibytes while we want huge_page_sum
|
||||
- * in just bytes. */
|
||||
- huge_page_sum += 1024 * page_size * page_avail;
|
||||
+ huge_page_sum += page_size * page_avail;
|
||||
}
|
||||
|
||||
if (direrr < 0)
|
||||
@@ -819,6 +817,9 @@ virNumaGetPages(int node,
|
||||
VIR_REALLOC_N(tmp_avail, ntmp + 1);
|
||||
VIR_REALLOC_N(tmp_free, ntmp + 1);
|
||||
|
||||
+ /* page_size is in kibibytes while we want huge_page_sum in just bytes. */
|
||||
+ huge_page_sum *= 1024;
|
||||
+
|
||||
if (virNumaGetPageInfo(node, system_page_size, huge_page_sum,
|
||||
&tmp_avail[ntmp], &tmp_free[ntmp]) < 0)
|
||||
return -1;
|
||||
--
|
||||
2.43.0
|
@ -36,7 +36,6 @@ https://bugzilla.redhat.com/show_bug.cgi?id=2196351
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-2700
|
||||
|
||||
Signed-off-by: Ján Tomko <jtomko@redhat.com>
|
||||
Signed-off-by: David Sloboda <david.x.sloboda@oracle.com>
|
||||
---
|
||||
src/util/virpci.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
@ -0,0 +1,83 @@
|
||||
From 16a50b3a73f496be8cd2bb9b9c0b88ca9a84ed0e Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <16a50b3a73f496be8cd2bb9b9c0b88ca9a84ed0e.1749113304.git.jdenemar@redhat.com>
|
||||
From: Collin Walling <walling@linux.ibm.com>
|
||||
Date: Mon, 16 Dec 2024 18:03:57 -0500
|
||||
Subject: [PATCH] virsh: add --disable-deprecated-features flag to
|
||||
domcapabilities
|
||||
|
||||
Add a new flag, --disable-deprecated-features, to the domcapabilities
|
||||
command. This will modify the output to show the 'host-model' CPU
|
||||
with features flagged as deprecated paired with the 'disable' policy.
|
||||
|
||||
virsh domcapabilities --disable-deprecated-features
|
||||
|
||||
Signed-off-by: Collin Walling <walling@linux.ibm.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit 15d45964e453e04f1761e527266af45554f58fcc)
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-88716
|
||||
Conflicts:
|
||||
docs/manpages/virsh.rst
|
||||
tools/virsh-host.c
|
||||
(Simple contextual conflicts due to other missing patches in downstream)
|
||||
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||
---
|
||||
docs/manpages/virsh.rst | 6 ++++++
|
||||
tools/virsh-host.c | 9 ++++++++-
|
||||
2 files changed, 14 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
|
||||
index d24e7774a6..3adbf42280 100644
|
||||
--- a/docs/manpages/virsh.rst
|
||||
+++ b/docs/manpages/virsh.rst
|
||||
@@ -562,6 +562,7 @@ domcapabilities
|
||||
::
|
||||
|
||||
domcapabilities [virttype] [emulatorbin] [arch] [machine]
|
||||
+ [--disable-deprecated-features]
|
||||
|
||||
|
||||
Print an XML document describing the domain capabilities for the
|
||||
@@ -596,6 +597,11 @@ supplied along with either the *emulatorbin* or *arch* in order to
|
||||
generate output for the default *machine*. Supplying a *machine*
|
||||
value will generate output for the specific machine.
|
||||
|
||||
+The **--disable-deprecated-features** argument will modify the contents
|
||||
+of host-model CPU XML, updating the features list with any features
|
||||
+flagged as deprecated for the CPU model by the hypervisor. These
|
||||
+features will be paired with the "disable" policy.
|
||||
+
|
||||
|
||||
pool-capabilities
|
||||
-----------------
|
||||
diff --git a/tools/virsh-host.c b/tools/virsh-host.c
|
||||
index 5ee3834de2..874875b378 100644
|
||||
--- a/tools/virsh-host.c
|
||||
+++ b/tools/virsh-host.c
|
||||
@@ -91,6 +91,10 @@ static const vshCmdOptDef opts_domcapabilities[] = {
|
||||
.type = VSH_OT_STRING,
|
||||
.help = N_("machine type (/domain/os/type/@machine)"),
|
||||
},
|
||||
+ {.name = "disable-deprecated-features",
|
||||
+ .type = VSH_OT_BOOL,
|
||||
+ .help = N_("report host CPU model with deprecated features disabled"),
|
||||
+ },
|
||||
{.name = NULL}
|
||||
};
|
||||
|
||||
@@ -102,9 +106,12 @@ cmdDomCapabilities(vshControl *ctl, const vshCmd *cmd)
|
||||
const char *emulatorbin = NULL;
|
||||
const char *arch = NULL;
|
||||
const char *machine = NULL;
|
||||
- const unsigned int flags = 0; /* No flags so far */
|
||||
+ unsigned int flags = 0;
|
||||
virshControl *priv = ctl->privData;
|
||||
|
||||
+ if (vshCommandOptBool(cmd, "disable-deprecated-features"))
|
||||
+ flags |= VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES;
|
||||
+
|
||||
if (vshCommandOptStringReq(ctl, cmd, "virttype", &virttype) < 0 ||
|
||||
vshCommandOptStringReq(ctl, cmd, "emulatorbin", &emulatorbin) < 0 ||
|
||||
vshCommandOptStringReq(ctl, cmd, "arch", &arch) < 0 ||
|
||||
--
|
||||
2.49.0
|
@ -210,7 +210,7 @@
|
||||
Summary: Library providing a simple virtualization API
|
||||
Name: libvirt
|
||||
Version: 8.0.0
|
||||
Release: 19.2%{?dist}%{?extra_release}.alma
|
||||
Release: 23.4%{?dist}%{?extra_release}
|
||||
License: LGPLv2+
|
||||
URL: https://libvirt.org/
|
||||
|
||||
@ -306,15 +306,31 @@ Patch83: libvirt-vircpi-Add-PCIe-5.0-and-6.0-link-speeds.patch
|
||||
Patch84: libvirt-conf-Make-VIR_DOMAIN_NET_TYPE_ETHERNET-not-share-host-view.patch
|
||||
Patch85: libvirt-qemu-domain-Fix-logic-when-tainting-domain.patch
|
||||
Patch86: libvirt-qemu-agent-Make-fetching-of-can-offline-member-from-guest-query-vcpus-optional.patch
|
||||
# Patches taken from Oracle Linux libvirt-8.0.0-19.0.2.module+el8.8.0+21112+1cc1a24b.src.rpm
|
||||
Patch87: libvirt-qemu-monitor-Drop-old-monitor-fields-from-struct-_qemuMonitorMessage.patch
|
||||
Patch88: libvirt-qemu-Make-struct-_qemuMonitorMessage-private.patch
|
||||
Patch89: libvirt-qemu-monitor-Move-declaration-of-struct-_qemuMonitor-to-qemu_monitor_priv.h.patch
|
||||
Patch90: libvirt-qemu-qemuBlockGetNamedNodeData-Remove-pointless-error-path.patch
|
||||
Patch91: libvirt-qemu-monitor-Store-whether-query-named-block-nodes-supports-flat-parameter.patch
|
||||
Patch92: libvirt-qemuMonitorJSONBlockStatsUpdateCapacityBlockdev-Use-flat-mode-of-query-named-block-nodes.patch
|
||||
Patch93: libvirt-virpci-Resolve-leak-in-virPCIVirtualFunctionList-cleanup.patch
|
||||
Patch94: libvirt-node_device_conf-Avoid-memleak-in-virNodeDeviceGetPCIVPDDynamicCap.patch
|
||||
Patch93: libvirt-qemu-relax-shared-memory-check-for-vhostuser-daemons.patch
|
||||
Patch94: libvirt-virpci-Resolve-leak-in-virPCIVirtualFunctionList-cleanup.patch
|
||||
Patch95: libvirt-node_device_conf-Avoid-memleak-in-virNodeDeviceGetPCIVPDDynamicCap.patch
|
||||
Patch96: libvirt-nodedev-update-transient-mdevs.patch
|
||||
Patch97: libvirt-lib-Set-up-cpuset-controller-for-restrictive-numatune.patch
|
||||
Patch98: libvirt-virnuma-Avoid-integer-overflow-in-virNumaGetPages.patch
|
||||
Patch99: libvirt-remote-check-for-negative-array-lengths-before-allocation.patch
|
||||
Patch100: libvirt-util-Fix-error-return-for-virProcessKillPainfullyDelay.patch
|
||||
Patch101: libvirt-rpc-ensure-temporary-GSource-is-removed-from-client-event-loop.patch
|
||||
Patch102: libvirt-virStorageBackendLogicalCheckPool-Properly-mark-empty-logical-pools-as-active.patch
|
||||
Patch103: libvirt-util-xml-Introduce-virXMLNodeGetSubelementList.patch
|
||||
Patch104: libvirt-util-xml-Return-GPtrArray-from-virXMLNodeGetSubelement-partial.patch
|
||||
Patch105: libvirt-qemuMonitorJSONGetCPUModelExpansion-refactor-parsing-functions.patch
|
||||
Patch106: libvirt-qemu-parse-deprecated-props-from-query-cpu-model-expansion-response.patch
|
||||
Patch107: libvirt-qemu_capabilities-query-deprecated-features-for-host-model.patch
|
||||
Patch108: libvirt-libvirt-domain-introduce-VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES.patch
|
||||
Patch109: libvirt-qemu_capabilities-filter-deprecated-features-if-requested.patch
|
||||
Patch110: libvirt-virsh-add-disable-deprecated-features-flag-to-domcapabilities.patch
|
||||
Patch111: libvirt-conf-add-deprecated_features-attribute.patch
|
||||
|
||||
Requires: libvirt-daemon = %{version}-%{release}
|
||||
Requires: libvirt-daemon-config-network = %{version}-%{release}
|
||||
@ -2194,15 +2210,46 @@ exit 0
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Jul 12 2023 Andrew Lukoshko <alukoshko@almalinux.org> - 8.0.0-19.2.alma
|
||||
- qemu: monitor: Drop old monitor fields from 'struct _qemuMonitorMessage'
|
||||
- qemu: Make 'struct _qemuMonitorMessage' private
|
||||
- qemu: monitor: Move declaration of struct _qemuMonitor to qemu_monitor_priv.h
|
||||
- qemu: qemuBlockGetNamedNodeData: Remove pointless error path
|
||||
- qemu: monitor: Store whether 'query-named-block-nodes' supports 'flat' parameter
|
||||
- qemuMonitorJSONBlockStatsUpdateCapacityBlockdev: Use 'flat' mode of query-named-block-nodes
|
||||
- virpci: Resolve leak in virPCIVirtualFunctionList cleanup [CVE-2023-2700]
|
||||
- node_device_conf: Avoid memleak in virNodeDeviceGetPCIVPDDynamicCap() [CVE-2023-2700]
|
||||
* Thu Jun 5 2025 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.4.el8
|
||||
- util: xml: Introduce virXMLNodeGetSubelementList (RHEL-88716)
|
||||
- util: xml: Return GPtrArray from virXMLNodeGetSubelement [partial] (RHEL-88716)
|
||||
- qemuMonitorJSONGetCPUModelExpansion: refactor parsing functions (RHEL-88716)
|
||||
- qemu: parse deprecated-props from query-cpu-model-expansion response (RHEL-88716)
|
||||
- qemu_capabilities: query deprecated features for host-model (RHEL-88716)
|
||||
- libvirt-domain: introduce VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES (RHEL-88716)
|
||||
- qemu_capabilities: filter deprecated features if requested (RHEL-88716)
|
||||
- virsh: add --disable-deprecated-features flag to domcapabilities (RHEL-88716)
|
||||
- conf: add deprecated_features attribute (RHEL-88716)
|
||||
|
||||
* Wed Nov 6 2024 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.3.el8
|
||||
- virStorageBackendLogicalCheckPool: Properly mark empty logical pools as active (RHEL-65771)
|
||||
|
||||
* Thu Jun 6 2024 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.2.el8
|
||||
- util: Fix error return for virProcessKillPainfullyDelay() (RHEL-36064)
|
||||
- rpc: ensure temporary GSource is removed from client event loop (CVE-2024-4418)
|
||||
|
||||
* Tue Apr 9 2024 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.1.el8
|
||||
- remote: check for negative array lengths before allocation (CVE-2024-2494)
|
||||
|
||||
* Tue Dec 12 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23
|
||||
- virnuma: Avoid integer overflow in virNumaGetPages() (rhbz#RHEL-16749)
|
||||
|
||||
* Mon Jul 31 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-22
|
||||
- lib: Set up cpuset controller for restrictive numatune (rhbz#2223464)
|
||||
|
||||
* Thu Jun 22 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-21
|
||||
- nodedev: update transient mdevs (rhbz#2143160)
|
||||
|
||||
* Fri May 19 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-20
|
||||
- qemu: monitor: Drop old monitor fields from 'struct _qemuMonitorMessage' (rhbz#2170472)
|
||||
- qemu: Make 'struct _qemuMonitorMessage' private (rhbz#2170472)
|
||||
- qemu: monitor: Move declaration of struct _qemuMonitor to qemu_monitor_priv.h (rhbz#2170472)
|
||||
- qemu: qemuBlockGetNamedNodeData: Remove pointless error path (rhbz#2170472)
|
||||
- qemu: monitor: Store whether 'query-named-block-nodes' supports 'flat' parameter (rhbz#2170472)
|
||||
- qemuMonitorJSONBlockStatsUpdateCapacityBlockdev: Use 'flat' mode of query-named-block-nodes (rhbz#2170472)
|
||||
- qemu: relax shared memory check for vhostuser daemons (rhbz#2177701)
|
||||
- virpci: Resolve leak in virPCIVirtualFunctionList cleanup (CVE-2023-2700)
|
||||
- node_device_conf: Avoid memleak in virNodeDeviceGetPCIVPDDynamicCap() (CVE-2023-2700)
|
||||
|
||||
* Tue Mar 14 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-19
|
||||
- qemu: domain: Fix logic when tainting domain (rhbz#2174447)
|
||||
|
Loading…
Reference in New Issue
Block a user