forked from rpms/libvirt
		
	Compare commits
	
		
			6 Commits
		
	
	
		
			a8-stream-
			...
			c8-stream-
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 4d9cc064e0 | |||
| a32f3c4f37 | |||
| 0c3db8e72e | |||
| daae142f13 | |||
| ba8ac8bedf | |||
|  | a0765b7f70 | 
							
								
								
									
										135
									
								
								SOURCES/libvirt-conf-add-deprecated_features-attribute.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										135
									
								
								SOURCES/libvirt-conf-add-deprecated_features-attribute.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,135 @@ | ||||
| From 7a412cc71a4764f7e80bf475c39d999a584f41aa Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <7a412cc71a4764f7e80bf475c39d999a584f41aa.1749113304.git.jdenemar@redhat.com> | ||||
| From: Collin Walling <walling@linux.ibm.com> | ||||
| Date: Mon, 16 Dec 2024 18:03:58 -0500 | ||||
| Subject: [PATCH] conf: add deprecated_features attribute | ||||
| 
 | ||||
| Add a new a attribute, deprecated_features='on|off' to the <cpu> | ||||
| element.  This is used to toggle features flagged as deprecated on the | ||||
| CPU model on or off.  When this attribute is paired with 'on', | ||||
| deprecated features will not be filtered.  When paired with 'off', any | ||||
| CPU features that are flagged as deprecated will be listed under the | ||||
| CPU model with the 'disable' policy. | ||||
| 
 | ||||
| Example: | ||||
| 
 | ||||
|   <cpu mode='host-model' check='partial' deprecated_features='off'/> | ||||
| 
 | ||||
| The absence of this attribute is equivalent to the 'on' option. | ||||
| 
 | ||||
| The deprecated features that will populate the domain XML are the same | ||||
| features that result in the virsh domcapabilities command with the | ||||
| --disable-deprecated-features argument present.
 | ||||
| 
 | ||||
| It is recommended to define a domain XML with this attribute set to | ||||
| 'off' to ensure migration to machines that may outright drop these | ||||
| features in the future. | ||||
| 
 | ||||
| Signed-off-by: Collin Walling <walling@linux.ibm.com> | ||||
| Reviewed-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| (cherry picked from commit 62658bbf060784c757f96c9de3935f27885834aa) | ||||
| 
 | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Conflicts: | ||||
|     src/qemu/qemu_process.c | ||||
|     (contextual conflict) | ||||
|     tests/* | ||||
|     (dropped the changes to these files since they are of no use in | ||||
|      downstream - upstream testing code changed too much, so it's | ||||
|      not possible to get the related tests to work in downstream) | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  docs/schemas/cputypes.rng |  5 +++++ | ||||
|  src/conf/cpu_conf.c       | 11 +++++++++++ | ||||
|  src/conf/cpu_conf.h       |  1 + | ||||
|  src/qemu/qemu_process.c   | 11 +++++++++++ | ||||
|  4 files changed, 28 insertions(+) | ||||
| 
 | ||||
| diff --git a/docs/schemas/cputypes.rng b/docs/schemas/cputypes.rng
 | ||||
| index 056e66e1b4..2d831b423c 100644
 | ||||
| --- a/docs/schemas/cputypes.rng
 | ||||
| +++ b/docs/schemas/cputypes.rng
 | ||||
| @@ -395,6 +395,11 @@
 | ||||
|        <optional> | ||||
|          <ref name="cpuCheck"/> | ||||
|        </optional> | ||||
| +      <optional>
 | ||||
| +        <attribute name="deprecated_features">
 | ||||
| +          <ref name="virOnOff"/>
 | ||||
| +        </attribute>
 | ||||
| +      </optional>
 | ||||
|        <optional> | ||||
|          <attribute name="migratable"> | ||||
|            <ref name="virOnOff"/> | ||||
| diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
 | ||||
| index fbceac1657..1db0c978e2 100644
 | ||||
| --- a/src/conf/cpu_conf.c
 | ||||
| +++ b/src/conf/cpu_conf.c
 | ||||
| @@ -238,6 +238,7 @@ virCPUDefCopyWithoutModel(const virCPUDef *cpu)
 | ||||
|      copy->mode = cpu->mode; | ||||
|      copy->match = cpu->match; | ||||
|      copy->check = cpu->check; | ||||
| +    copy->deprecated_feats = cpu->deprecated_feats;
 | ||||
|      copy->fallback = cpu->fallback; | ||||
|      copy->sockets = cpu->sockets; | ||||
|      copy->dies = cpu->dies; | ||||
| @@ -431,6 +432,11 @@ virCPUDefParseXML(xmlXPathContextPtr ctxt,
 | ||||
|          if (virXMLPropEnum(ctxt->node, "check", virCPUCheckTypeFromString, | ||||
|                             VIR_XML_PROP_NONE, &def->check) < 0) | ||||
|              return -1; | ||||
| +
 | ||||
| +        if (virXMLPropTristateSwitch(ctxt->node, "deprecated_features",
 | ||||
| +                                     VIR_XML_PROP_NONE,
 | ||||
| +                                     &def->deprecated_feats) < 0)
 | ||||
| +            return -1;
 | ||||
|      } | ||||
|   | ||||
|      if (def->type == VIR_CPU_TYPE_HOST) { | ||||
| @@ -707,6 +713,11 @@ virCPUDefFormatBufFull(virBuffer *buf,
 | ||||
|              virBufferAsprintf(&attributeBuf, " migratable='%s'", | ||||
|                                virTristateSwitchTypeToString(def->migratable)); | ||||
|          } | ||||
| +
 | ||||
| +        if (def->deprecated_feats) {
 | ||||
| +            virBufferAsprintf(&attributeBuf, " deprecated_features='%s'",
 | ||||
| +                              virTristateSwitchTypeToString(def->deprecated_feats));
 | ||||
| +        }
 | ||||
|      } | ||||
|   | ||||
|      /* Format children */ | ||||
| diff --git a/src/conf/cpu_conf.h b/src/conf/cpu_conf.h
 | ||||
| index b0a81895be..a69ff724ca 100644
 | ||||
| --- a/src/conf/cpu_conf.h
 | ||||
| +++ b/src/conf/cpu_conf.h
 | ||||
| @@ -140,6 +140,7 @@ struct _virCPUDef {
 | ||||
|      virCPUCacheDef *cache; | ||||
|      virHostCPUTscInfo *tsc; | ||||
|      virTristateSwitch migratable; /* for host-passthrough mode */ | ||||
| +    virTristateSwitch deprecated_feats;
 | ||||
|  }; | ||||
|   | ||||
|  virCPUDef *virCPUDefNew(void); | ||||
| diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
 | ||||
| index 73d54f01cd..54afcbe53e 100644
 | ||||
| --- a/src/qemu/qemu_process.c
 | ||||
| +++ b/src/qemu/qemu_process.c
 | ||||
| @@ -6143,6 +6143,17 @@ qemuProcessUpdateGuestCPU(virDomainDef *def,
 | ||||
|              return -1; | ||||
|      } | ||||
|   | ||||
| +    if (def->cpu->deprecated_feats &&
 | ||||
| +        !virQEMUCapsGet(qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS)) {
 | ||||
| +        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
 | ||||
| +                       _("toggling deprecated features for CPU model is unsupported"));
 | ||||
| +        return -1;
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    if (def->cpu->deprecated_feats == VIR_TRISTATE_SWITCH_OFF) {
 | ||||
| +        virQEMUCapsUpdateCPUDeprecatedFeatures(qemuCaps, def->virtType, def->cpu);
 | ||||
| +    }
 | ||||
| +
 | ||||
|      return 0; | ||||
|  } | ||||
|   | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -0,0 +1,77 @@ | ||||
| From 08ddc711a2e6d94a0fce55fec8e012a434655d2c Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <08ddc711a2e6d94a0fce55fec8e012a434655d2c.1690812875.git.jdenemar@redhat.com> | ||||
| From: Michal Privoznik <mprivozn@redhat.com> | ||||
| Date: Fri, 1 Apr 2022 14:30:05 +0200 | ||||
| Subject: [PATCH] lib: Set up cpuset controller for restrictive numatune | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| The aim of 'restrictive' numatune mode is to rely solely on | ||||
| CGroups to have QEMU running on configured NUMA nodes.  However, | ||||
| we were never setting the cpuset controller when a domain was | ||||
| starting up. We are doing so only when | ||||
| virDomainSetNumaParameters() is called (aka live pinning). | ||||
| 
 | ||||
| This is obviously wrong. Fortunately, fix is simple as | ||||
| 'restrictive' is similar to 'strict' - every location where | ||||
| VIR_DOMAIN_NUMATUNE_MEM_STRICT occurs can be audited and | ||||
| VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE case can be added. | ||||
| 
 | ||||
| Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2070380 | ||||
| Signed-off-by: Michal Privoznik <mprivozn@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit 629282d8845407c1aff9a26f5dc026e15121f8cd) | ||||
| 
 | ||||
| Conflicts: | ||||
| - src/ch/ch_process.c: The CH driver diverged because it's
 | ||||
|   unsupported downstream. Just drop the conflicting hunk from | ||||
|   there. | ||||
| 
 | ||||
| Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2223464 | ||||
| Signed-off-by: Michal Privoznik <mprivozn@redhat.com> | ||||
| ---
 | ||||
|  src/lxc/lxc_controller.c | 3 ++- | ||||
|  src/qemu/qemu_process.c  | 6 ++++-- | ||||
|  2 files changed, 6 insertions(+), 3 deletions(-) | ||||
| 
 | ||||
| diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
 | ||||
| index 3c930eaacd..6fd8373256 100644
 | ||||
| --- a/src/lxc/lxc_controller.c
 | ||||
| +++ b/src/lxc/lxc_controller.c
 | ||||
| @@ -812,7 +812,8 @@ static int virLXCControllerSetupResourceLimits(virLXCController *ctrl)
 | ||||
|      virDomainNumatuneMemMode mode; | ||||
|   | ||||
|      if (virDomainNumatuneGetMode(ctrl->def->numa, -1, &mode) == 0) { | ||||
| -        if (mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT &&
 | ||||
| +        if ((mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT ||
 | ||||
| +             mode == VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) &&
 | ||||
|              virCgroupControllerAvailable(VIR_CGROUP_CONTROLLER_CPUSET)) { | ||||
|              /* Use virNuma* API iff necessary. Once set and child is exec()-ed, | ||||
|               * there's no way for us to change it. Rely on cgroups (if available | ||||
| diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
 | ||||
| index 0fb665bc82..73d54f01cd 100644
 | ||||
| --- a/src/qemu/qemu_process.c
 | ||||
| +++ b/src/qemu/qemu_process.c
 | ||||
| @@ -2645,7 +2645,8 @@ qemuProcessSetupPid(virDomainObj *vm,
 | ||||
|          virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_CPUSET)) { | ||||
|   | ||||
|          if (virDomainNumatuneGetMode(vm->def->numa, -1, &mem_mode) == 0 && | ||||
| -            mem_mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT &&
 | ||||
| +            (mem_mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT ||
 | ||||
| +             mem_mode == VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) &&
 | ||||
|              virDomainNumatuneMaybeFormatNodeset(vm->def->numa, | ||||
|                                                  priv->autoNodeset, | ||||
|                                                  &mem_mask, -1) < 0) | ||||
| @@ -3162,7 +3163,8 @@ static int qemuProcessHook(void *data)
 | ||||
|          goto cleanup; | ||||
|   | ||||
|      if (virDomainNumatuneGetMode(h->vm->def->numa, -1, &mode) == 0) { | ||||
| -        if (mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT &&
 | ||||
| +        if ((mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT ||
 | ||||
| +             mode == VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE) &&
 | ||||
|              h->cfg->cgroupControllers & (1 << VIR_CGROUP_CONTROLLER_CPUSET) && | ||||
|              virCgroupControllerAvailable(VIR_CGROUP_CONTROLLER_CPUSET)) { | ||||
|              /* Use virNuma* API iff necessary. Once set and child is exec()-ed, | ||||
| -- 
 | ||||
| 2.41.0 | ||||
| @ -0,0 +1,58 @@ | ||||
| From a47232facc446039ed509100f80ebb7de621fffa Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <a47232facc446039ed509100f80ebb7de621fffa.1749113303.git.jdenemar@redhat.com> | ||||
| From: Collin Walling <walling@linux.ibm.com> | ||||
| Date: Mon, 16 Dec 2024 18:03:55 -0500 | ||||
| Subject: [PATCH] libvirt-domain: introduce | ||||
|  VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES | ||||
| 
 | ||||
| Introduce domain flag used to filter deprecated features from the | ||||
| domain's CPU model. | ||||
| 
 | ||||
| Signed-off-by: Collin Walling <walling@linux.ibm.com> | ||||
| Reviewed-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| (cherry picked from commit 4e2c8de2047e21d98443944a2bfe94529b269efa) | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  include/libvirt/libvirt-domain.h | 12 ++++++++++++ | ||||
|  src/libvirt-domain.c             |  2 +- | ||||
|  2 files changed, 13 insertions(+), 1 deletion(-) | ||||
| 
 | ||||
| diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
 | ||||
| index 792973ce2d..d3101b112b 100644
 | ||||
| --- a/include/libvirt/libvirt-domain.h
 | ||||
| +++ b/include/libvirt/libvirt-domain.h
 | ||||
| @@ -1160,6 +1160,18 @@ int virDomainMigrateGetMaxSpeed(virDomainPtr domain,
 | ||||
|  int virDomainMigrateStartPostCopy(virDomainPtr domain, | ||||
|                                    unsigned int flags); | ||||
|   | ||||
| +/**
 | ||||
| + * virConnectGetDomainCapabilitiesFlags:
 | ||||
| + *
 | ||||
| + * Domain capabilities flags.
 | ||||
| + *
 | ||||
| + * Since: 11.0.0
 | ||||
| + */
 | ||||
| +typedef enum {
 | ||||
| +    /* Report host model with deprecated features disabled. (Since: 11.0.0) */
 | ||||
| +    VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES = (1 << 0),
 | ||||
| +} virConnectGetDomainCapabilitiesFlags;
 | ||||
| +
 | ||||
|  char * virConnectGetDomainCapabilities(virConnectPtr conn, | ||||
|                                         const char *emulatorbin, | ||||
|                                         const char *arch, | ||||
| diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
 | ||||
| index 5912551a49..7083f10f04 100644
 | ||||
| --- a/src/libvirt-domain.c
 | ||||
| +++ b/src/libvirt-domain.c
 | ||||
| @@ -11573,7 +11573,7 @@ virDomainSetUserPassword(virDomainPtr dom,
 | ||||
|   * @arch: domain architecture | ||||
|   * @machine: machine type | ||||
|   * @virttype: virtualization type | ||||
| - * @flags: extra flags; not used yet, so callers should always pass 0
 | ||||
| + * @flags: extra flags; bitwise-OR of virConnectGetDomainCapabilitiesFlags
 | ||||
|   * | ||||
|   * Prior creating a domain (for instance via virDomainCreateXML | ||||
|   * or virDomainDefineXML) it may be suitable to know what the | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -21,7 +21,6 @@ Reviewed-by: Peter Krempa <pkrempa@redhat.com> | ||||
| (cherry picked from commit 64d32118540aca3d42bc5ee21c8b780cafe04bfa) | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-2700 | ||||
| Signed-off-by: Ján Tomko <jtomko@redhat.com> | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/conf/node_device_conf.c | 5 +++-- | ||||
|  1 file changed, 3 insertions(+), 2 deletions(-) | ||||
|  | ||||
							
								
								
									
										79
									
								
								SOURCES/libvirt-nodedev-update-transient-mdevs.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										79
									
								
								SOURCES/libvirt-nodedev-update-transient-mdevs.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,79 @@ | ||||
| From aebcc09c7060f6eace93821c6a782031cf107d85 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <aebcc09c7060f6eace93821c6a782031cf107d85.1687452713.git.jdenemar@redhat.com> | ||||
| From: Boris Fiuczynski <fiuczy@linux.ibm.com> | ||||
| Date: Mon, 8 May 2023 19:10:46 +0200 | ||||
| Subject: [PATCH] nodedev: update transient mdevs | ||||
| 
 | ||||
| Instead of updating defined mdevs only add another update for active | ||||
| devices as well to cover transient mdev devices as well. | ||||
| 
 | ||||
| Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2143158 | ||||
| Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com> | ||||
| Reviewed-by: Jonathon Jongsma <jjongsma@redhat.com> | ||||
| 
 | ||||
| Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2143160 | ||||
| 
 | ||||
| (cherry picked from commit 44a0f2f0c8ff5e78c238013ed297b8fce223ac5a) | ||||
| Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com> | ||||
| ---
 | ||||
|  src/node_device/node_device_driver.c | 31 ++++++++++++++++++++++++++++ | ||||
|  1 file changed, 31 insertions(+) | ||||
| 
 | ||||
| diff --git a/src/node_device/node_device_driver.c b/src/node_device/node_device_driver.c
 | ||||
| index e6ab4bb94c..943f6121a0 100644
 | ||||
| --- a/src/node_device/node_device_driver.c
 | ||||
| +++ b/src/node_device/node_device_driver.c
 | ||||
| @@ -1651,6 +1651,24 @@ virMdevctlListDefined(virNodeDeviceDef ***devs, char **errmsg)
 | ||||
|  } | ||||
|   | ||||
|   | ||||
| +static int
 | ||||
| +virMdevctlListActive(virNodeDeviceDef ***devs, char **errmsg)
 | ||||
| +{
 | ||||
| +    int status;
 | ||||
| +    g_autofree char *output = NULL;
 | ||||
| +    g_autoptr(virCommand) cmd = nodeDeviceGetMdevctlListCommand(false, &output, errmsg);
 | ||||
| +
 | ||||
| +    if (virCommandRun(cmd, &status) < 0 || status != 0) {
 | ||||
| +        return -1;
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    if (!output)
 | ||||
| +        return -1;
 | ||||
| +
 | ||||
| +    return nodeDeviceParseMdevctlJSON(output, devs);
 | ||||
| +}
 | ||||
| +
 | ||||
| +
 | ||||
|  typedef struct _virMdevctlForEachData virMdevctlForEachData; | ||||
|  struct _virMdevctlForEachData { | ||||
|      int ndefs; | ||||
| @@ -1712,6 +1730,8 @@ int
 | ||||
|  nodeDeviceUpdateMediatedDevices(void) | ||||
|  { | ||||
|      g_autofree virNodeDeviceDef **defs = NULL; | ||||
| +    g_autofree virNodeDeviceDef **act_defs = NULL;
 | ||||
| +    int act_ndefs = 0;
 | ||||
|      g_autofree char *errmsg = NULL; | ||||
|      g_autofree char *mdevctl = NULL; | ||||
|      virMdevctlForEachData data = { 0, }; | ||||
| @@ -1738,6 +1758,17 @@ nodeDeviceUpdateMediatedDevices(void)
 | ||||
|          if (nodeDeviceUpdateMediatedDevice(defs[i]) < 0) | ||||
|              return -1; | ||||
|   | ||||
| +    /* Update active/transient mdev devices */
 | ||||
| +    if ((act_ndefs = virMdevctlListActive(&act_defs, &errmsg)) < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR,
 | ||||
| +                       _("failed to query mdevs from mdevctl: %1$s"), errmsg);
 | ||||
| +        return -1;
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    for (i = 0; i < act_ndefs; i++)
 | ||||
| +        if (nodeDeviceUpdateMediatedDevice(act_defs[i]) < 0)
 | ||||
| +            return -1;
 | ||||
| +
 | ||||
|      return 0; | ||||
|  } | ||||
|   | ||||
| -- 
 | ||||
| 2.41.0 | ||||
| @ -14,7 +14,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit f9ae469a6ebb17e0990096e826f049c1c46cd760) | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2170472 | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_monitor.h      | 14 -------------- | ||||
|  src/qemu/qemu_monitor_json.c |  3 +++ | ||||
|  | ||||
| @ -15,7 +15,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit c5eb99a9d9af8683789e99cc904671e343580058) | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2170472 | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_monitor.h | 7 +------ | ||||
|  1 file changed, 1 insertion(+), 6 deletions(-) | ||||
|  | ||||
| @ -16,7 +16,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit 7c35c483eaa78eb847e0865cbb210d5355f75d7a) | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2170472 | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_monitor.c      | 50 --------------------------------- | ||||
|  src/qemu/qemu_monitor_priv.h | 54 ++++++++++++++++++++++++++++++++++++ | ||||
|  | ||||
| @ -19,7 +19,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit b0e4ad5263c73a926b8246028c76c552b07fca74) | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2170472 | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_monitor.c      | 4 +++- | ||||
|  src/qemu/qemu_monitor_priv.h | 2 ++ | ||||
|  | ||||
| @ -0,0 +1,214 @@ | ||||
| From 5289208127468cd34b5cb6ea7bb45bbeff45d537 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <5289208127468cd34b5cb6ea7bb45bbeff45d537.1749113303.git.jdenemar@redhat.com> | ||||
| From: Collin Walling <walling@linux.ibm.com> | ||||
| Date: Mon, 16 Dec 2024 18:03:53 -0500 | ||||
| Subject: [PATCH] qemu: parse deprecated-props from query-cpu-model-expansion | ||||
|  response | ||||
| 
 | ||||
| query-cpu-model-expansion may report an array of deprecated properties. | ||||
| This array is optional, and may not be supported for a particular | ||||
| architecture or reported for a particular CPU model. If the output is | ||||
| present, then capture it and store in a qemuMonitorCPUModelInfo struct | ||||
| for later use. | ||||
| 
 | ||||
| The deprecated features will be retained in qemuCaps->kvm->hostCPU.info | ||||
| and will be stored in the capabilities cache file under the <hostCPU> | ||||
| element using the following format: | ||||
| 
 | ||||
|         <deprecatedFeatures> | ||||
|                 <property name='bpb'/> | ||||
|                 <property name='csske'/> | ||||
|                 <property name='cte'/> | ||||
|                 <property name='te'/> | ||||
|         </deprecatedFeatures> | ||||
| 
 | ||||
| At this time the data is only queried, parsed, and cached.  The data | ||||
| will be utilized in a subsequent patch. | ||||
| 
 | ||||
| Signed-off-by: Collin Walling <walling@linux.ibm.com> | ||||
| Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> | ||||
| Reviewed-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| (cherry picked from commit 45140d293007c1b29f7563bf6ee9640e27769b96) | ||||
| 
 | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Conflicts: | ||||
|     tests/qemucapabilitiesdata/caps_9.1.0.s390x.xml | ||||
|     tests/qemucapabilitiesdata/caps_9.2.0.s390x.xml | ||||
|     (dropped the changes to these files since they are of no use in | ||||
|      downstream - upstream testing code changed too much, so it's | ||||
|      not possible to get the related tests to work in downstream) | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_capabilities.c | 31 +++++++++++++++++++++++++++++++ | ||||
|  src/qemu/qemu_monitor.c      |  3 +++ | ||||
|  src/qemu/qemu_monitor.h      |  1 + | ||||
|  src/qemu/qemu_monitor_json.c | 18 ++++++++++++++++++ | ||||
|  4 files changed, 53 insertions(+) | ||||
| 
 | ||||
| diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
 | ||||
| index c4f7db55c8..d616273406 100644
 | ||||
| --- a/src/qemu/qemu_capabilities.c
 | ||||
| +++ b/src/qemu/qemu_capabilities.c
 | ||||
| @@ -3766,6 +3766,7 @@ virQEMUCapsLoadHostCPUModelInfo(virQEMUCapsAccel *caps,
 | ||||
|  { | ||||
|      g_autofree char *migratability = NULL; | ||||
|      xmlNodePtr hostCPUNode; | ||||
| +    xmlNodePtr deprecated_props;
 | ||||
|      g_autofree xmlNodePtr *nodes = NULL; | ||||
|      VIR_XPATH_NODE_AUTORESTORE(ctxt) | ||||
|      g_autoptr(qemuMonitorCPUModelInfo) hostCPU = NULL; | ||||
| @@ -3870,6 +3871,24 @@ virQEMUCapsLoadHostCPUModelInfo(virQEMUCapsAccel *caps,
 | ||||
|          } | ||||
|      } | ||||
|   | ||||
| +    ctxt->node = hostCPUNode;
 | ||||
| +
 | ||||
| +    if ((deprecated_props = virXPathNode("./deprecatedFeatures", ctxt))) {
 | ||||
| +        g_autoptr(GPtrArray) props = virXMLNodeGetSubelementList(deprecated_props, NULL);
 | ||||
| +
 | ||||
| +        hostCPU->deprecated_props = g_new0(char *, props->len + 1);
 | ||||
| +
 | ||||
| +        for (i = 0; i < props->len; i++) {
 | ||||
| +            xmlNodePtr prop = g_ptr_array_index(props, i);
 | ||||
| +
 | ||||
| +            if (!(hostCPU->deprecated_props[i] = virXMLPropString(prop, "name"))) {
 | ||||
| +                virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
 | ||||
| +                               _("missing 'name' attribute for a host CPU model deprecated property in QEMU capabilities cache"));
 | ||||
| +                return -1;
 | ||||
| +            }
 | ||||
| +        }
 | ||||
| +    }
 | ||||
| +
 | ||||
|      caps->hostCPU.info = g_steal_pointer(&hostCPU); | ||||
|      return 0; | ||||
|  } | ||||
| @@ -4500,6 +4519,18 @@ virQEMUCapsFormatHostCPUModelInfo(virQEMUCapsAccel *caps,
 | ||||
|          virBufferAddLit(buf, "/>\n"); | ||||
|      } | ||||
|   | ||||
| +    if (model->deprecated_props) {
 | ||||
| +        virBufferAddLit(buf, "<deprecatedFeatures>\n");
 | ||||
| +        virBufferAdjustIndent(buf, 2);
 | ||||
| +
 | ||||
| +        for (i = 0; i < g_strv_length(model->deprecated_props); i++)
 | ||||
| +            virBufferAsprintf(buf, "<property name='%s'/>\n",
 | ||||
| +                              model->deprecated_props[i]);
 | ||||
| +
 | ||||
| +        virBufferAdjustIndent(buf, -2);
 | ||||
| +        virBufferAddLit(buf, "</deprecatedFeatures>\n");
 | ||||
| +    }
 | ||||
| +
 | ||||
|      virBufferAdjustIndent(buf, -2); | ||||
|      virBufferAddLit(buf, "</hostCPU>\n"); | ||||
|  } | ||||
| diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
 | ||||
| index 99667fdf2f..8f72fc5bd9 100644
 | ||||
| --- a/src/qemu/qemu_monitor.c
 | ||||
| +++ b/src/qemu/qemu_monitor.c
 | ||||
| @@ -3487,6 +3487,7 @@ qemuMonitorCPUModelInfoFree(qemuMonitorCPUModelInfo *model_info)
 | ||||
|              g_free(model_info->props[i].value.string); | ||||
|      } | ||||
|   | ||||
| +    g_strfreev(model_info->deprecated_props);
 | ||||
|      g_free(model_info->props); | ||||
|      g_free(model_info->name); | ||||
|      g_free(model_info); | ||||
| @@ -3531,6 +3532,8 @@ qemuMonitorCPUModelInfoCopy(const qemuMonitorCPUModelInfo *orig)
 | ||||
|          } | ||||
|      } | ||||
|   | ||||
| +    copy->deprecated_props = g_strdupv(orig->deprecated_props);
 | ||||
| +
 | ||||
|      return copy; | ||||
|  } | ||||
|   | ||||
| diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
 | ||||
| index d00967d84f..5b9ea336ec 100644
 | ||||
| --- a/src/qemu/qemu_monitor.h
 | ||||
| +++ b/src/qemu/qemu_monitor.h
 | ||||
| @@ -1238,6 +1238,7 @@ struct _qemuMonitorCPUModelInfo {
 | ||||
|      char *name; | ||||
|      size_t nprops; | ||||
|      qemuMonitorCPUProperty *props; | ||||
| +    GStrv deprecated_props;
 | ||||
|      bool migratability; | ||||
|  }; | ||||
|   | ||||
| diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
 | ||||
| index 487f8028d9..9a3ca3d186 100644
 | ||||
| --- a/src/qemu/qemu_monitor_json.c
 | ||||
| +++ b/src/qemu/qemu_monitor_json.c
 | ||||
| @@ -5500,6 +5500,7 @@ qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
 | ||||
|                                            bool fail_no_props, | ||||
|                                            virJSONValue **cpu_model, | ||||
|                                            virJSONValue **cpu_props, | ||||
| +                                          virJSONValue **cpu_deprecated_props,
 | ||||
|                                            const char **cpu_name) | ||||
|  { | ||||
|      if (qemuMonitorJSONParseCPUModelData(data, "query-cpu-model-expansion", | ||||
| @@ -5507,6 +5508,12 @@ qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
 | ||||
|                                           cpu_name) < 0) | ||||
|          return -1; | ||||
|   | ||||
| +    /*
 | ||||
| +     * Unconditionally check for the deprecated-props array, as
 | ||||
| +     * it is not a guarantee response even if QEMU supports it.
 | ||||
| +     */
 | ||||
| +    *cpu_deprecated_props = virJSONValueObjectGetArray(data, "deprecated-props");
 | ||||
| +
 | ||||
|      return 0; | ||||
|  } | ||||
|   | ||||
| @@ -5514,6 +5521,7 @@ qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
 | ||||
|  static int | ||||
|  qemuMonitorJSONParseCPUModelExpansion(const char *cpu_name, | ||||
|                                        virJSONValue *cpu_props, | ||||
| +                                      virJSONValue *cpu_deprecated_props,
 | ||||
|                                        qemuMonitorCPUModelInfo **model_info) | ||||
|  { | ||||
|      g_autoptr(qemuMonitorCPUModelInfo) expanded_model = NULL; | ||||
| @@ -5521,6 +5529,12 @@ qemuMonitorJSONParseCPUModelExpansion(const char *cpu_name,
 | ||||
|      if (qemuMonitorJSONParseCPUModel(cpu_name, cpu_props, &expanded_model) < 0) | ||||
|          return -1; | ||||
|   | ||||
| +    if (cpu_deprecated_props &&
 | ||||
| +        virJSONValueArraySize(cpu_deprecated_props) &&
 | ||||
| +        (!(expanded_model->deprecated_props = virJSONValueArrayToStringList(cpu_deprecated_props)))) {
 | ||||
| +        return -1;
 | ||||
| +    }
 | ||||
| +
 | ||||
|      *model_info = g_steal_pointer(&expanded_model); | ||||
|      return 0; | ||||
|  } | ||||
| @@ -5584,6 +5598,7 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
 | ||||
|      g_autoptr(virJSONValue) fullData = NULL; | ||||
|      virJSONValue *cpu_model; | ||||
|      virJSONValue *cpu_props = NULL; | ||||
| +    virJSONValue *cpu_deprecated_props = NULL;
 | ||||
|      const char *cpu_name = ""; | ||||
|      int rc; | ||||
|   | ||||
| @@ -5597,6 +5612,7 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
 | ||||
|   | ||||
|      if (qemuMonitorJSONParseCPUModelExpansionData(data, fail_no_props, | ||||
|                                                    &cpu_model, &cpu_props, | ||||
| +                                                  &cpu_deprecated_props,
 | ||||
|                                                    &cpu_name) < 0) | ||||
|          return -1; | ||||
|   | ||||
| @@ -5615,11 +5631,13 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
 | ||||
|   | ||||
|          if (qemuMonitorJSONParseCPUModelExpansionData(fullData, fail_no_props, | ||||
|                                                        &cpu_model, &cpu_props, | ||||
| +                                                      &cpu_deprecated_props,
 | ||||
|                                                        &cpu_name) < 0) | ||||
|              return -1; | ||||
|      } | ||||
|   | ||||
|      return qemuMonitorJSONParseCPUModelExpansion(cpu_name, cpu_props, | ||||
| +                                                 cpu_deprecated_props,
 | ||||
|                                                   model_info); | ||||
|  } | ||||
|   | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -20,7 +20,6 @@ Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
|     - qemuDomainObjEnter/ExitMonitor still needs 'driver' | ||||
| 
 | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2170472 | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_block.c | 7 ++----- | ||||
|  1 file changed, 2 insertions(+), 5 deletions(-) | ||||
|  | ||||
| @ -0,0 +1,65 @@ | ||||
| From e9418cec1ba24b6cf78f85bbbef8586ed612692a Mon Sep 17 00:00:00 2001 | ||||
| Message-Id: <e9418cec1ba24b6cf78f85bbbef8586ed612692a@dist-git> | ||||
| From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> | ||||
| Date: Mon, 13 Mar 2023 13:56:47 +0100 | ||||
| Subject: [PATCH] qemu: relax shared memory check for vhostuser daemons | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| For some vhostuser daemons, we validate that the guest memory is shared | ||||
| with the host. | ||||
| 
 | ||||
| With earlier versions of QEMU, it was only possible to mark memory | ||||
| as shared by defining an explicit NUMA topology.  Later, QEMU exposed | ||||
| the name of the default memory backend (defaultRAMid) so we can mark | ||||
| that memory as shared. | ||||
| 
 | ||||
| Since libvirt commit: | ||||
|   commit bff2ad5d6b1f25da02802273934d2a519159fec7 | ||||
|     qemu: Relax validation for mem->access if guest has no NUMA | ||||
| we already check for the case when user requests shared memory, | ||||
| but QEMU did not expose defaultRAMid. | ||||
| 
 | ||||
| Drop the duplicit check from vhostuser device validation, to make | ||||
| it pass on hotplug even after libvirtd restart. | ||||
| 
 | ||||
| This avoids the need to store the defaultRAMid, since we don't really | ||||
| need it for anything after the VM has been already started. | ||||
| 
 | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2078693 | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2177701 | ||||
| 
 | ||||
| Signed-off-by: Ján Tomko <jtomko@redhat.com> | ||||
| Reviewed-by: Michal Privoznik <mprivozn@redhat.com> | ||||
| (cherry picked from commit d5c7b7870e45575f81fffcb611c2546d0e02e778) | ||||
| Signed-off-by: Ján Tomko <jtomko@redhat.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_validate.c | 8 ++------ | ||||
|  1 file changed, 2 insertions(+), 6 deletions(-) | ||||
| 
 | ||||
| diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
 | ||||
| index 7bc14293d6..4069f47c12 100644
 | ||||
| --- a/src/qemu/qemu_validate.c
 | ||||
| +++ b/src/qemu/qemu_validate.c
 | ||||
| @@ -1588,16 +1588,12 @@ qemuValidateDomainVirtioOptions(const virDomainVirtioOptions *virtio,
 | ||||
|  static int | ||||
|  qemuValidateDomainDefVhostUserRequireSharedMemory(const virDomainDef *def, | ||||
|                                                    const char *name, | ||||
| -                                                  virQEMUCaps *qemuCaps)
 | ||||
| +                                                  virQEMUCaps *qemuCaps G_GNUC_UNUSED)
 | ||||
|  { | ||||
| -    const char *defaultRAMId = virQEMUCapsGetMachineDefaultRAMid(qemuCaps,
 | ||||
| -                                                                 def->virtType,
 | ||||
| -                                                                 def->os.machine);
 | ||||
|      size_t numa_nodes = virDomainNumaGetNodeCount(def->numa); | ||||
|      size_t i; | ||||
|   | ||||
| -    if (numa_nodes == 0 &&
 | ||||
| -        !(defaultRAMId && def->mem.access == VIR_DOMAIN_MEMORY_ACCESS_SHARED)) {
 | ||||
| +    if (numa_nodes == 0 && def->mem.access != VIR_DOMAIN_MEMORY_ACCESS_SHARED) {
 | ||||
|          virReportError(VIR_ERR_CONFIG_UNSUPPORTED, | ||||
|                         _("'%s' requires shared memory"), name); | ||||
|          return -1; | ||||
| -- 
 | ||||
| 2.40.1 | ||||
| @ -20,7 +20,6 @@ Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit bbd4d4899391b3bd1906cce61a3634f42f4b1bdf) | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=2170472 | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_monitor_json.c | 2 +- | ||||
|  1 file changed, 1 insertion(+), 1 deletion(-) | ||||
|  | ||||
| @ -0,0 +1,100 @@ | ||||
| From ed03cdb563ee30bff2f4f8a66f7778b5e55a4683 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <ed03cdb563ee30bff2f4f8a66f7778b5e55a4683.1749113303.git.jdenemar@redhat.com> | ||||
| From: Collin Walling <walling@linux.ibm.com> | ||||
| Date: Mon, 16 Dec 2024 18:03:52 -0500 | ||||
| Subject: [PATCH] qemuMonitorJSONGetCPUModelExpansion: refactor parsing | ||||
|  functions | ||||
| 
 | ||||
| Refactor the CPU Model parsing functions within | ||||
| qemuMonitorJSONGetCPUModelExpansion.  The new functions, | ||||
| qemuMonitorJSONParseCPUModelExpansionData and | ||||
| qemuMonitorJSONParseCPUModelExpansion invoke the functions they | ||||
| replace and leave room for a subsequent patch to handle parsing the | ||||
| (optional) deprecated_props field resulting from the command. | ||||
| 
 | ||||
| Signed-off-by: Collin Walling <walling@linux.ibm.com> | ||||
| Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> | ||||
| Reviewed-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| (cherry picked from commit 60e407deb5cd88e5f1564d1c9145e374001cf34f) | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_monitor_json.c | 46 ++++++++++++++++++++++++++++++------ | ||||
|  1 file changed, 39 insertions(+), 7 deletions(-) | ||||
| 
 | ||||
| diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
 | ||||
| index 789554e225..487f8028d9 100644
 | ||||
| --- a/src/qemu/qemu_monitor_json.c
 | ||||
| +++ b/src/qemu/qemu_monitor_json.c
 | ||||
| @@ -5495,6 +5495,37 @@ qemuMonitorJSONParseCPUModel(const char *cpu_name,
 | ||||
|  } | ||||
|   | ||||
|   | ||||
| +static int
 | ||||
| +qemuMonitorJSONParseCPUModelExpansionData(virJSONValue *data,
 | ||||
| +                                          bool fail_no_props,
 | ||||
| +                                          virJSONValue **cpu_model,
 | ||||
| +                                          virJSONValue **cpu_props,
 | ||||
| +                                          const char **cpu_name)
 | ||||
| +{
 | ||||
| +    if (qemuMonitorJSONParseCPUModelData(data, "query-cpu-model-expansion",
 | ||||
| +                                         fail_no_props, cpu_model, cpu_props,
 | ||||
| +                                         cpu_name) < 0)
 | ||||
| +        return -1;
 | ||||
| +
 | ||||
| +    return 0;
 | ||||
| +}
 | ||||
| +
 | ||||
| +
 | ||||
| +static int
 | ||||
| +qemuMonitorJSONParseCPUModelExpansion(const char *cpu_name,
 | ||||
| +                                      virJSONValue *cpu_props,
 | ||||
| +                                      qemuMonitorCPUModelInfo **model_info)
 | ||||
| +{
 | ||||
| +    g_autoptr(qemuMonitorCPUModelInfo) expanded_model = NULL;
 | ||||
| +
 | ||||
| +    if (qemuMonitorJSONParseCPUModel(cpu_name, cpu_props, &expanded_model) < 0)
 | ||||
| +        return -1;
 | ||||
| +
 | ||||
| +    *model_info = g_steal_pointer(&expanded_model);
 | ||||
| +    return 0;
 | ||||
| +}
 | ||||
| +
 | ||||
| +
 | ||||
|  static int | ||||
|  qemuMonitorJSONQueryCPUModelExpansionOne(qemuMonitor *mon, | ||||
|                                           qemuMonitorCPUModelExpansionType type, | ||||
| @@ -5564,9 +5595,9 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
 | ||||
|      if ((rc = qemuMonitorJSONQueryCPUModelExpansionOne(mon, type, &model, &data)) <= 0) | ||||
|          return rc; | ||||
|   | ||||
| -    if (qemuMonitorJSONParseCPUModelData(data, "query-cpu-model-expansion",
 | ||||
| -                                         fail_no_props, &cpu_model, &cpu_props,
 | ||||
| -                                         &cpu_name) < 0)
 | ||||
| +    if (qemuMonitorJSONParseCPUModelExpansionData(data, fail_no_props,
 | ||||
| +                                                  &cpu_model, &cpu_props,
 | ||||
| +                                                  &cpu_name) < 0)
 | ||||
|          return -1; | ||||
|   | ||||
|      /* QEMU_MONITOR_CPU_MODEL_EXPANSION_STATIC_FULL requests "full" expansion | ||||
| @@ -5582,13 +5613,14 @@ qemuMonitorJSONGetCPUModelExpansion(qemuMonitor *mon,
 | ||||
|          if ((rc = qemuMonitorJSONQueryCPUModelExpansionOne(mon, type, &fullModel, &fullData)) <= 0) | ||||
|              return rc; | ||||
|   | ||||
| -        if (qemuMonitorJSONParseCPUModelData(fullData, "query-cpu-model-expansion",
 | ||||
| -                                             fail_no_props, &cpu_model, &cpu_props,
 | ||||
| -                                             &cpu_name) < 0)
 | ||||
| +        if (qemuMonitorJSONParseCPUModelExpansionData(fullData, fail_no_props,
 | ||||
| +                                                      &cpu_model, &cpu_props,
 | ||||
| +                                                      &cpu_name) < 0)
 | ||||
|              return -1; | ||||
|      } | ||||
|   | ||||
| -    return qemuMonitorJSONParseCPUModel(cpu_name, cpu_props, model_info);
 | ||||
| +    return qemuMonitorJSONParseCPUModelExpansion(cpu_name, cpu_props,
 | ||||
| +                                                 model_info);
 | ||||
|  } | ||||
|   | ||||
|   | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -0,0 +1,95 @@ | ||||
| From 59ec9c201e8849f7231557c6019e1fabd0893240 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <59ec9c201e8849f7231557c6019e1fabd0893240.1749113303.git.jdenemar@redhat.com> | ||||
| From: Collin Walling <walling@linux.ibm.com> | ||||
| Date: Mon, 16 Dec 2024 18:03:56 -0500 | ||||
| Subject: [PATCH] qemu_capabilities: filter deprecated features if requested | ||||
| 
 | ||||
| If flag VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES | ||||
| is passed to qemuConnectGetDomainCapabilities, then the domain's CPU | ||||
| model features will be updated to set any deprecated features to the | ||||
| 'disabled' policy. | ||||
| 
 | ||||
| Signed-off-by: Collin Walling <walling@linux.ibm.com> | ||||
| Reviewed-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| (cherry picked from commit cd1e837c22182dcadfe17b469c931f9fc9745a46) | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_capabilities.c | 20 ++++++++++++++++++++ | ||||
|  src/qemu/qemu_capabilities.h |  3 +++ | ||||
|  src/qemu/qemu_driver.c       |  8 +++++++- | ||||
|  3 files changed, 30 insertions(+), 1 deletion(-) | ||||
| 
 | ||||
| diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
 | ||||
| index 98773d2a0a..389b43ab3d 100644
 | ||||
| --- a/src/qemu/qemu_capabilities.c
 | ||||
| +++ b/src/qemu/qemu_capabilities.c
 | ||||
| @@ -3152,6 +3152,26 @@ virQEMUCapsGetCPUFeatures(virQEMUCaps *qemuCaps,
 | ||||
|  } | ||||
|   | ||||
|   | ||||
| +void
 | ||||
| +virQEMUCapsUpdateCPUDeprecatedFeatures(virQEMUCaps *qemuCaps,
 | ||||
| +                                       virDomainVirtType virtType,
 | ||||
| +                                       virCPUDef *cpu)
 | ||||
| +{
 | ||||
| +    qemuMonitorCPUModelInfo *modelInfo;
 | ||||
| +    size_t i;
 | ||||
| +
 | ||||
| +    modelInfo = virQEMUCapsGetCPUModelInfo(qemuCaps, virtType);
 | ||||
| +
 | ||||
| +    if (!modelInfo || !modelInfo->deprecated_props)
 | ||||
| +        return;
 | ||||
| +
 | ||||
| +    for (i = 0; i < g_strv_length(modelInfo->deprecated_props); i++) {
 | ||||
| +        virCPUDefUpdateFeature(cpu, modelInfo->deprecated_props[i],
 | ||||
| +                               VIR_CPU_FEATURE_DISABLE);
 | ||||
| +    }
 | ||||
| +}
 | ||||
| +
 | ||||
| +
 | ||||
|  struct tpmTypeToCaps { | ||||
|      int type; | ||||
|      virQEMUCapsFlags caps; | ||||
| diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
 | ||||
| index 4a7fb2c726..249adf66fa 100644
 | ||||
| --- a/src/qemu/qemu_capabilities.h
 | ||||
| +++ b/src/qemu/qemu_capabilities.h
 | ||||
| @@ -702,6 +702,9 @@ int virQEMUCapsGetCPUFeatures(virQEMUCaps *qemuCaps,
 | ||||
|                                virDomainVirtType virtType, | ||||
|                                bool migratable, | ||||
|                                char ***features); | ||||
| +void virQEMUCapsUpdateCPUDeprecatedFeatures(virQEMUCaps *qemuCaps,
 | ||||
| +                                            virDomainVirtType virtType,
 | ||||
| +                                            virCPUDef *cpu);
 | ||||
|   | ||||
|  virDomainVirtType virQEMUCapsGetVirtType(virQEMUCaps *qemuCaps); | ||||
|   | ||||
| diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
 | ||||
| index d3d76c003f..315abe57b0 100644
 | ||||
| --- a/src/qemu/qemu_driver.c
 | ||||
| +++ b/src/qemu/qemu_driver.c
 | ||||
| @@ -17383,7 +17383,8 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
 | ||||
|      virDomainVirtType virttype; | ||||
|      g_autoptr(virDomainCaps) domCaps = NULL; | ||||
|   | ||||
| -    virCheckFlags(0, NULL);
 | ||||
| +    virCheckFlags(VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES,
 | ||||
| +                  NULL);
 | ||||
|   | ||||
|      if (virConnectGetDomainCapabilitiesEnsureACL(conn) < 0) | ||||
|          return NULL; | ||||
| @@ -17402,6 +17403,11 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
 | ||||
|                                                         arch, virttype))) | ||||
|          return NULL; | ||||
|   | ||||
| +    if (flags & VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES) {
 | ||||
| +        virQEMUCapsUpdateCPUDeprecatedFeatures(qemuCaps, virttype,
 | ||||
| +                                               domCaps->cpu.hostModel);
 | ||||
| +    }
 | ||||
| +
 | ||||
|      return virDomainCapsFormat(domCaps); | ||||
|  } | ||||
|   | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -0,0 +1,128 @@ | ||||
| From 4ad452d843406b9bb8423a47987f4180d565f11a Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <4ad452d843406b9bb8423a47987f4180d565f11a.1749113303.git.jdenemar@redhat.com> | ||||
| From: Collin Walling <walling@linux.ibm.com> | ||||
| Date: Mon, 16 Dec 2024 18:03:54 -0500 | ||||
| Subject: [PATCH] qemu_capabilities: query deprecated features for host-model | ||||
| 
 | ||||
| Add QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS for detecting | ||||
| if query-cpu-model-expansion can report deprecated CPU model properties. | ||||
| QEMU introduced this capability in 9.1 release.  Add flag and deprecated | ||||
| features to the capabilities test data for QEMU 9.1 and 9.2 replies/XML | ||||
| since it can now be accounted for. | ||||
| 
 | ||||
| When probing for the host CPU, perform a full CPU model expansion to | ||||
| retrieve the list of features deprecated across the entire architecture. | ||||
| The list and count are stored in the host's CPU model info within the | ||||
| QEMU capabilities.  Other info resulting from this query (e.g. model | ||||
| name, etc) is ignored. | ||||
| 
 | ||||
| The new capabilities flag is used to fence off the extra query for | ||||
| architectures/QEMU binaries that do not report deprecated CPU model | ||||
| features. | ||||
| 
 | ||||
| Signed-off-by: Collin Walling <walling@linux.ibm.com> | ||||
| Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> | ||||
| Reviewed-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| (cherry picked from commit 51c098347d7f2af9b4386ac0adc4431997d06f3d) | ||||
| 
 | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Conflicts: | ||||
|     src/qemu/qemu_capabilities.c | ||||
|     src/qemu/qemu_capabilities.h | ||||
|     (Contextual conflicts due to missing other patches in downstream | ||||
|      and qemuMonitorGetCPUModelExpansion() having one parameter less | ||||
|      in downstream) | ||||
|     tests/qemucapabilitiesdata/caps_9.* | ||||
|     (dropped the changes to these files since they are of no use in | ||||
|      downstream - upstream testing code changed too much, so it's | ||||
|      not possible to get the related tests to work in downstream) | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  src/qemu/qemu_capabilities.c | 38 ++++++++++++++++++++++++++++++++++++ | ||||
|  src/qemu/qemu_capabilities.h |  1 + | ||||
|  2 files changed, 39 insertions(+) | ||||
| 
 | ||||
| diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
 | ||||
| index d616273406..98773d2a0a 100644
 | ||||
| --- a/src/qemu/qemu_capabilities.c
 | ||||
| +++ b/src/qemu/qemu_capabilities.c
 | ||||
| @@ -658,6 +658,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
 | ||||
|                /* 420 */ | ||||
|                "blockdev-reopen.__com.redhat_rhel-av-8_2_0-api", /* QEMU_CAPS_BLOCKDEV_REOPEN_COM_REDHAT_AV_8_2_0_API */ | ||||
|                "memory-backend-file.prealloc-threads", /* QEMU_CAPS_MEMORY_BACKEND_PREALLOC_THREADS */ | ||||
| +              "query-cpu-model-expansion.deprecated-props", /* QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS */
 | ||||
|      ); | ||||
|   | ||||
|   | ||||
| @@ -1579,6 +1580,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsQMPSchemaQueries[] = {
 | ||||
|      { "screendump/arg-type/device", QEMU_CAPS_SCREENDUMP_DEVICE }, | ||||
|      { "set-numa-node/arg-type/+hmat-lb", QEMU_CAPS_NUMA_HMAT }, | ||||
|      { "object-add/arg-type/+sev-guest/kernel-hashes", QEMU_CAPS_SEV_GUEST_KERNEL_HASHES }, | ||||
| +    { "query-cpu-model-expansion/ret-type/deprecated-props", QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS },
 | ||||
|  }; | ||||
|   | ||||
|  typedef struct _virQEMUCapsObjectTypeProps virQEMUCapsObjectTypeProps; | ||||
| @@ -2982,6 +2984,38 @@ virQEMUCapsProbeCPUDefinitionsTest(virQEMUCaps *qemuCaps,
 | ||||
|  } | ||||
|   | ||||
|   | ||||
| +/**
 | ||||
| + * virQEMUCapsProbeFullDeprecatedProperties
 | ||||
| + * @mon: QEMU monitor
 | ||||
| + * @cpu: CPU definition to be expanded
 | ||||
| + * @props: the array to be filled with deprecated features
 | ||||
| + *
 | ||||
| + * Performs a full CPU model expansion to retrieve an array of deprecated
 | ||||
| + * properties. If the expansion succeeds, then data previously stored in
 | ||||
| + * @props is freed.
 | ||||
| + *
 | ||||
| + * Returns: -1 if the expansion failed; otherwise 0.
 | ||||
| + */
 | ||||
| +static int
 | ||||
| +virQEMUCapsProbeFullDeprecatedProperties(qemuMonitor *mon,
 | ||||
| +                                         virCPUDef *cpu,
 | ||||
| +                                         GStrv *props)
 | ||||
| +{
 | ||||
| +    g_autoptr(qemuMonitorCPUModelInfo) propsInfo = NULL;
 | ||||
| +
 | ||||
| +    if (qemuMonitorGetCPUModelExpansion(mon, QEMU_MONITOR_CPU_MODEL_EXPANSION_FULL,
 | ||||
| +                                        cpu, true, false, &propsInfo) < 0)
 | ||||
| +        return -1;
 | ||||
| +
 | ||||
| +    if (propsInfo && propsInfo->deprecated_props) {
 | ||||
| +        g_free(*props);
 | ||||
| +        *props = g_steal_pointer(&propsInfo->deprecated_props);
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    return 0;
 | ||||
| +}
 | ||||
| +
 | ||||
| +
 | ||||
|  static int | ||||
|  virQEMUCapsProbeQMPHostCPU(virQEMUCaps *qemuCaps, | ||||
|                             virQEMUCapsAccel *accel, | ||||
| @@ -3065,6 +3099,10 @@ virQEMUCapsProbeQMPHostCPU(virQEMUCaps *qemuCaps,
 | ||||
|          modelInfo->migratability = true; | ||||
|      } | ||||
|   | ||||
| +    if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS) &&
 | ||||
| +        virQEMUCapsProbeFullDeprecatedProperties(mon, cpu, &modelInfo->deprecated_props) < 0)
 | ||||
| +        return -1;
 | ||||
| +
 | ||||
|      accel->hostCPU.info = g_steal_pointer(&modelInfo); | ||||
|      return 0; | ||||
|  } | ||||
| diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
 | ||||
| index 8e65635e0d..4a7fb2c726 100644
 | ||||
| --- a/src/qemu/qemu_capabilities.h
 | ||||
| +++ b/src/qemu/qemu_capabilities.h
 | ||||
| @@ -637,6 +637,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */
 | ||||
|      /* 420 */ | ||||
|      QEMU_CAPS_BLOCKDEV_REOPEN_COM_REDHAT_AV_8_2_0_API, /* downstream support for blockdev reopen in rhel-av-8.2.0 */ | ||||
|      QEMU_CAPS_MEMORY_BACKEND_PREALLOC_THREADS, /* -object memory-backend-*.prealloc-threads */ | ||||
| +    QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION_DEPRECATED_PROPS, /* query-cpu-model-expansion may report deprecated CPU properties */
 | ||||
|   | ||||
|      QEMU_CAPS_LAST /* this must always be the last item */ | ||||
|  } virQEMUCapsFlags; | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -0,0 +1,218 @@ | ||||
| From cb42cd98d347deeee7c225d8d1e9f71f232cad29 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <cb42cd98d347deeee7c225d8d1e9f71f232cad29.1712647819.git.jdenemar@redhat.com> | ||||
| From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> | ||||
| Date: Fri, 15 Mar 2024 10:47:50 +0000 | ||||
| Subject: [PATCH] remote: check for negative array lengths before allocation | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| While the C API entry points will validate non-negative lengths | ||||
| for various parameters, the RPC server de-serialization code | ||||
| will need to allocate memory for arrays before entering the C | ||||
| API. These allocations will thus happen before the non-negative | ||||
| length check is performed. | ||||
| 
 | ||||
| Passing a negative length to the g_new0 function will usually | ||||
| result in a crash due to the negative length being treated as | ||||
| a huge positive number. | ||||
| 
 | ||||
| This was found and diagnosed by ALT Linux Team with AFLplusplus. | ||||
| 
 | ||||
| CVE-2024-2494 | ||||
| Reviewed-by: Michal Privoznik <mprivozn@redhat.com> | ||||
| Found-by: Alexandr Shashkin <dutyrok@altlinux.org> | ||||
| Co-developed-by: Alexander Kuznetsov <kuznetsovam@altlinux.org> | ||||
| Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> | ||||
| (cherry picked from commit 8a3f8d957507c1f8223fdcf25a3ff885b15557f2) | ||||
| Signed-off-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| ---
 | ||||
|  src/remote/remote_daemon_dispatch.c | 65 +++++++++++++++++++++++++++++ | ||||
|  src/rpc/gendispatch.pl              |  5 +++ | ||||
|  2 files changed, 70 insertions(+) | ||||
| 
 | ||||
| diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c
 | ||||
| index 689001889e..c193227926 100644
 | ||||
| --- a/src/remote/remote_daemon_dispatch.c
 | ||||
| +++ b/src/remote/remote_daemon_dispatch.c
 | ||||
| @@ -2306,6 +2306,10 @@ remoteDispatchDomainGetSchedulerParameters(virNetServer *server G_GNUC_UNUSED,
 | ||||
|      if (!conn) | ||||
|          goto cleanup; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -2354,6 +2358,10 @@ remoteDispatchDomainGetSchedulerParametersFlags(virNetServer *server G_GNUC_UNUS
 | ||||
|      if (!conn) | ||||
|          goto cleanup; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -2512,6 +2520,10 @@ remoteDispatchDomainBlockStatsFlags(virNetServer *server G_GNUC_UNUSED,
 | ||||
|          goto cleanup; | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_BLOCK_STATS_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -2737,6 +2749,14 @@ remoteDispatchDomainGetVcpuPinInfo(virNetServer *server G_GNUC_UNUSED,
 | ||||
|      if (!(dom = get_nonnull_domain(conn, args->dom))) | ||||
|          goto cleanup; | ||||
|   | ||||
| +    if (args->ncpumaps < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("ncpumaps must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
| +    if (args->maplen < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maplen must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->ncpumaps > REMOTE_VCPUINFO_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("ncpumaps > REMOTE_VCPUINFO_MAX")); | ||||
|          goto cleanup; | ||||
| @@ -2831,6 +2851,11 @@ remoteDispatchDomainGetEmulatorPinInfo(virNetServer *server G_GNUC_UNUSED,
 | ||||
|      if (!(dom = get_nonnull_domain(conn, args->dom))) | ||||
|          goto cleanup; | ||||
|   | ||||
| +    if (args->maplen < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maplen must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
| +
 | ||||
|      /* Allocate buffers to take the results */ | ||||
|      if (args->maplen > 0) | ||||
|          cpumaps = g_new0(unsigned char, args->maplen); | ||||
| @@ -2878,6 +2903,14 @@ remoteDispatchDomainGetVcpus(virNetServer *server G_GNUC_UNUSED,
 | ||||
|      if (!(dom = get_nonnull_domain(conn, args->dom))) | ||||
|          goto cleanup; | ||||
|   | ||||
| +    if (args->maxinfo < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
| +    if (args->maplen < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->maxinfo > REMOTE_VCPUINFO_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("maxinfo > REMOTE_VCPUINFO_MAX")); | ||||
|          goto cleanup; | ||||
| @@ -3117,6 +3150,10 @@ remoteDispatchDomainGetMemoryParameters(virNetServer *server G_GNUC_UNUSED,
 | ||||
|   | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_MEMORY_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -3177,6 +3214,10 @@ remoteDispatchDomainGetNumaParameters(virNetServer *server G_GNUC_UNUSED,
 | ||||
|   | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_NUMA_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -3237,6 +3278,10 @@ remoteDispatchDomainGetBlkioParameters(virNetServer *server G_GNUC_UNUSED,
 | ||||
|   | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_BLKIO_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -3298,6 +3343,10 @@ remoteDispatchNodeGetCPUStats(virNetServer *server G_GNUC_UNUSED,
 | ||||
|   | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_NODE_CPU_STATS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -3365,6 +3414,10 @@ remoteDispatchNodeGetMemoryStats(virNetServer *server G_GNUC_UNUSED,
 | ||||
|   | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_NODE_MEMORY_STATS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -3545,6 +3598,10 @@ remoteDispatchDomainGetBlockIoTune(virNetServer *server G_GNUC_UNUSED,
 | ||||
|      if (!conn) | ||||
|          goto cleanup; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_BLOCK_IO_TUNE_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -5087,6 +5144,10 @@ remoteDispatchDomainGetInterfaceParameters(virNetServer *server G_GNUC_UNUSED,
 | ||||
|   | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_DOMAIN_INTERFACE_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| @@ -5307,6 +5368,10 @@ remoteDispatchNodeGetMemoryParameters(virNetServer *server G_GNUC_UNUSED,
 | ||||
|   | ||||
|      flags = args->flags; | ||||
|   | ||||
| +    if (args->nparams < 0) {
 | ||||
| +        virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams must be non-negative"));
 | ||||
| +        goto cleanup;
 | ||||
| +    }
 | ||||
|      if (args->nparams > REMOTE_NODE_MEMORY_PARAMETERS_MAX) { | ||||
|          virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large")); | ||||
|          goto cleanup; | ||||
| diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl
 | ||||
| index 9f5bf0e316..aacab88808 100755
 | ||||
| --- a/src/rpc/gendispatch.pl
 | ||||
| +++ b/src/rpc/gendispatch.pl
 | ||||
| @@ -1074,6 +1074,11 @@ elsif ($mode eq "server") {
 | ||||
|          print "\n"; | ||||
|   | ||||
|          if ($single_ret_as_list) { | ||||
| +            print "    if (args->$single_ret_list_max_var < 0) {\n";
 | ||||
| +            print "        virReportError(VIR_ERR_RPC,\n";
 | ||||
| +            print "                       \"%s\", _(\"max$single_ret_list_name must be non-negative\"));\n";
 | ||||
| +            print "        goto cleanup;\n";
 | ||||
| +            print "    }\n";
 | ||||
|              print "    if (args->$single_ret_list_max_var > $single_ret_list_max_define) {\n"; | ||||
|              print "        virReportError(VIR_ERR_RPC,\n"; | ||||
|              print "                       \"%s\", _(\"max$single_ret_list_name > $single_ret_list_max_define\"));\n"; | ||||
| -- 
 | ||||
| 2.44.0 | ||||
| @ -0,0 +1,101 @@ | ||||
| From b84d0a699f3976644d3090562ce62ede55335fbc Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <b84d0a699f3976644d3090562ce62ede55335fbc.1717684031.git.jdenemar@redhat.com> | ||||
| From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> | ||||
| Date: Tue, 30 Apr 2024 11:51:15 +0100 | ||||
| Subject: [PATCH] rpc: ensure temporary GSource is removed from client event | ||||
|  loop | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| Users are seeing periodic segfaults from libvirt client apps, | ||||
| especially thread heavy ones like virt-manager. A typical | ||||
| stack trace would end up in the virNetClientIOEventFD method, | ||||
| with illegal access to stale stack data. eg | ||||
| 
 | ||||
| ==238721==ERROR: AddressSanitizer: stack-use-after-return on address 0x75cd18709788 at pc 0x75cd3111f907 bp 0x75cd181ff550 sp 0x75cd181ff548
 | ||||
| WRITE of size 4 at 0x75cd18709788 thread T11 | ||||
|     #0 0x75cd3111f906 in virNetClientIOEventFD /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:1634:15 | ||||
|     #1 0x75cd3210d198  (/usr/lib/libglib-2.0.so.0+0x5a198) (BuildId: 0a2311dfbbc6c215dc36f4b6bdd2b4b6fbae55a2) | ||||
|     #2 0x75cd3216c3be  (/usr/lib/libglib-2.0.so.0+0xb93be) (BuildId: 0a2311dfbbc6c215dc36f4b6bdd2b4b6fbae55a2) | ||||
|     #3 0x75cd3210ddc6 in g_main_loop_run (/usr/lib/libglib-2.0.so.0+0x5adc6) (BuildId: 0a2311dfbbc6c215dc36f4b6bdd2b4b6fbae55a2) | ||||
|     #4 0x75cd3111a47c in virNetClientIOEventLoop /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:1722:9 | ||||
|     #5 0x75cd3111a47c in virNetClientIO /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:2002:10 | ||||
|     #6 0x75cd3111a47c in virNetClientSendInternal /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:2170:11 | ||||
|     #7 0x75cd311198a8 in virNetClientSendWithReply /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclient.c:2198:11 | ||||
|     #8 0x75cd31111653 in virNetClientProgramCall /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/rpc/virnetclientprogram.c:318:9 | ||||
|     #9 0x75cd31241c8f in callFull /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/remote/remote_driver.c:6054:10 | ||||
|     #10 0x75cd31241c8f in call /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/remote/remote_driver.c:6076:12 | ||||
|     #11 0x75cd31241c8f in remoteNetworkGetXMLDesc /usr/src/debug/libvirt/libvirt-10.2.0/build/src/remote/remote_client_bodies.h:5959:9 | ||||
|     #12 0x75cd31410ff7 in virNetworkGetXMLDesc /usr/src/debug/libvirt/libvirt-10.2.0/build/../src/libvirt-network.c:952:15 | ||||
| 
 | ||||
| The root cause is a bad assumption in the virNetClientIOEventLoop | ||||
| method. This method is run by whichever thread currently owns the | ||||
| buck, and is responsible for handling I/O. Inside a for(;;) loop, | ||||
| this method creates a temporary GSource, adds it to the event loop | ||||
| and runs g_main_loop_run(). When I/O is ready, the GSource callback | ||||
| (virNetClientIOEventFD) will fire and call g_main_loop_quit(), and | ||||
| return G_SOURCE_REMOVE which results in the temporary GSource being | ||||
| destroyed. A g_autoptr() will then remove the last reference. | ||||
| 
 | ||||
| What was overlooked, is that a second thread can come along and | ||||
| while it can't enter virNetClientIOEventLoop, it will register an | ||||
| idle source that uses virNetClientIOWakeup to interrupt the | ||||
| original thread's 'g_main_loop_run' call. When this happens the | ||||
| virNetClientIOEventFD callback never runs, and so the temporary | ||||
| GSource is not destroyed. The g_autoptr() will remove a reference, | ||||
| but by virtue of still being attached to the event context, there | ||||
| is an extra reference held causing GSource to be leaked. The | ||||
| next time 'g_main_loop_run' is called, the original GSource will | ||||
| trigger its callback, and access data that was allocated on the | ||||
| stack by the previous thread, and likely SEGV. | ||||
| 
 | ||||
| To solve this, the thread calling 'g_main_loop_run' must call | ||||
| g_source_destroy, immediately upon return, to guarantee that | ||||
| the temporary GSource is removed. | ||||
| 
 | ||||
| CVE-2024-4418 | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| Reported-by: Martin Shirokov <shirokovmartin@gmail.com> | ||||
| Tested-by: Martin Shirokov <shirokovmartin@gmail.com> | ||||
| Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> | ||||
| (cherry picked from commit 8074d64dc2eca846d6a61efe1a9b7428a0ce1dd1) | ||||
| Signed-off-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| ---
 | ||||
|  src/rpc/virnetclient.c | 14 +++++++++++++- | ||||
|  1 file changed, 13 insertions(+), 1 deletion(-) | ||||
| 
 | ||||
| diff --git a/src/rpc/virnetclient.c b/src/rpc/virnetclient.c
 | ||||
| index f526ad89ec..b9490072c3 100644
 | ||||
| --- a/src/rpc/virnetclient.c
 | ||||
| +++ b/src/rpc/virnetclient.c
 | ||||
| @@ -1664,7 +1664,7 @@ static int virNetClientIOEventLoop(virNetClient *client,
 | ||||
|  #endif /* !WIN32 */ | ||||
|          int timeout = -1; | ||||
|          virNetMessage *msg = NULL; | ||||
| -        g_autoptr(GSource) G_GNUC_UNUSED source = NULL;
 | ||||
| +        g_autoptr(GSource) source = NULL;
 | ||||
|          GIOCondition ev = 0; | ||||
|          struct virNetClientIOEventData data = { | ||||
|              .client = client, | ||||
| @@ -1728,6 +1728,18 @@ static int virNetClientIOEventLoop(virNetClient *client,
 | ||||
|   | ||||
|          g_main_loop_run(client->eventLoop); | ||||
|   | ||||
| +        /*
 | ||||
| +         * If virNetClientIOEventFD ran, this GSource will already be
 | ||||
| +         * destroyed due to G_SOURCE_REMOVE. It is harmless to re-destroy
 | ||||
| +         * it, since we still own a reference.
 | ||||
| +         *
 | ||||
| +         * If virNetClientIOWakeup ran, it will have interrupted the
 | ||||
| +         * g_main_loop_run call, before virNetClientIOEventFD could
 | ||||
| +         * run, and thus the GSource is still registered, and we need
 | ||||
| +         * to destroy it since it is referencing stack memory for 'data'
 | ||||
| +         */
 | ||||
| +        g_source_destroy(source);
 | ||||
| +
 | ||||
|  #ifndef WIN32 | ||||
|          ignore_value(pthread_sigmask(SIG_SETMASK, &oldmask, NULL)); | ||||
|  #endif /* !WIN32 */ | ||||
| -- 
 | ||||
| 2.45.1 | ||||
| @ -0,0 +1,39 @@ | ||||
| From ffbae27bd15ae9475fd4f0e79b492a7e03bca93e Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <ffbae27bd15ae9475fd4f0e79b492a7e03bca93e.1717684031.git.jdenemar@redhat.com> | ||||
| From: Jonathon Jongsma <jjongsma@redhat.com> | ||||
| Date: Fri, 22 Sep 2023 14:23:10 -0500 | ||||
| Subject: [PATCH] util: Fix error return for virProcessKillPainfullyDelay() | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| Commit 93af79fb removed a cleanup label in favor of returning error | ||||
| values directly in certain cases. But the final return value was changed | ||||
| from -1 to 0. If we get to the end of the function, that means that | ||||
| we've waited for the process to exit but it still exists. So we should | ||||
| return -1. The error message was still being set correctly, but we were | ||||
| returning a success status (0). | ||||
| 
 | ||||
| Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit 51a074e74c6ef2fb95e6f53d41315e3f1e00be77) | ||||
| https://issues.redhat.com/browse/RHEL-36064 | ||||
| ---
 | ||||
|  src/util/virprocess.c | 2 +- | ||||
|  1 file changed, 1 insertion(+), 1 deletion(-) | ||||
| 
 | ||||
| diff --git a/src/util/virprocess.c b/src/util/virprocess.c
 | ||||
| index b559a4257e..f3933a2d16 100644
 | ||||
| --- a/src/util/virprocess.c
 | ||||
| +++ b/src/util/virprocess.c
 | ||||
| @@ -471,7 +471,7 @@ virProcessKillPainfullyDelay(pid_t pid, bool force, unsigned int extradelay, boo
 | ||||
|                           _("Failed to terminate process %lld with SIG%s"), | ||||
|                           (long long)pid, signame); | ||||
|   | ||||
| -    return 0;
 | ||||
| +    return -1;
 | ||||
|  } | ||||
|   | ||||
|   | ||||
| -- 
 | ||||
| 2.45.1 | ||||
| @ -0,0 +1,104 @@ | ||||
| From 534bb6a049e7ad227d143457ddcfe828238cea18 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <534bb6a049e7ad227d143457ddcfe828238cea18.1749113303.git.jdenemar@redhat.com> | ||||
| From: Peter Krempa <pkrempa@redhat.com> | ||||
| Date: Mon, 13 Feb 2023 15:53:23 +0100 | ||||
| Subject: [PATCH] util: xml: Introduce virXMLNodeGetSubelementList | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| The new helper is similar to virXPathNodeSet list but for cases where we | ||||
| want to get subelements directly rather than using XPath. | ||||
| 
 | ||||
| Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit dcd49d2cd65c9fe58d3df536fa258fc70c633d7e) | ||||
| 
 | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Conflicts: | ||||
|     Trivial contextual conflicts in all files | ||||
|     (due to missing other patches in downstream) | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  src/libvirt_private.syms |  1 + | ||||
|  src/util/virxml.c        | 35 +++++++++++++++++++++++++++++++++++ | ||||
|  src/util/virxml.h        |  6 ++++++ | ||||
|  3 files changed, 42 insertions(+) | ||||
| 
 | ||||
| diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
 | ||||
| index 7c558ad364..3af1b33a6c 100644
 | ||||
| --- a/src/libvirt_private.syms
 | ||||
| +++ b/src/libvirt_private.syms
 | ||||
| @@ -3619,6 +3619,7 @@ virXMLFormatElementEmpty;
 | ||||
|  virXMLFormatMetadata; | ||||
|  virXMLNewNode; | ||||
|  virXMLNodeContentString; | ||||
| +virXMLNodeGetSubelementList;
 | ||||
|  virXMLNodeNameEqual; | ||||
|  virXMLNodeSanitizeNamespaces; | ||||
|  virXMLNodeToString; | ||||
| diff --git a/src/util/virxml.c b/src/util/virxml.c
 | ||||
| index 4b09374107..b57462e2d0 100644
 | ||||
| --- a/src/util/virxml.c
 | ||||
| +++ b/src/util/virxml.c
 | ||||
| @@ -838,6 +838,41 @@ virXPathBoolean(const char *xpath,
 | ||||
|      return obj->boolval; | ||||
|  } | ||||
|   | ||||
| +
 | ||||
| +/**
 | ||||
| + * virXMLNodeGetSubelementList:
 | ||||
| + * @node: node to get subelement of
 | ||||
| + * @name: name of subelement to fetch (NULL to fetch all sub-elements)
 | ||||
| + * @list: If non-NULL, filled with a list of pointers to the nodes. Caller is
 | ||||
| + *        responsible for freeing the list but not the members.
 | ||||
| + *
 | ||||
| + * Find and return a sub-elements node of @node named @name in a list.
 | ||||
| + * Returns the number of subelements with @name
 | ||||
| + */
 | ||||
| +size_t
 | ||||
| +virXMLNodeGetSubelementList(xmlNodePtr node,
 | ||||
| +                            const char *name,
 | ||||
| +                            xmlNodePtr **list)
 | ||||
| +{
 | ||||
| +    xmlNodePtr n;
 | ||||
| +    size_t nelems = 0;
 | ||||
| +
 | ||||
| +    for (n = node->children; n; n = n->next) {
 | ||||
| +        if (n->type == XML_ELEMENT_NODE) {
 | ||||
| +            if (name && !virXMLNodeNameEqual(n, name))
 | ||||
| +                continue;
 | ||||
| +
 | ||||
| +            if (list)
 | ||||
| +                VIR_APPEND_ELEMENT_COPY(*list, nelems, n);
 | ||||
| +            else
 | ||||
| +                nelems++;
 | ||||
| +        }
 | ||||
| +    }
 | ||||
| +
 | ||||
| +    return nelems;
 | ||||
| +}
 | ||||
| +
 | ||||
| +
 | ||||
|  /** | ||||
|   * virXPathNode: | ||||
|   * @xpath: the XPath string to evaluate | ||||
| diff --git a/src/util/virxml.h b/src/util/virxml.h
 | ||||
| index c39eae6282..7b60551898 100644
 | ||||
| --- a/src/util/virxml.h
 | ||||
| +++ b/src/util/virxml.h
 | ||||
| @@ -83,6 +83,12 @@ int
 | ||||
|  virXPathULongHex(const char *xpath, | ||||
|                   xmlXPathContextPtr ctxt, | ||||
|                   unsigned long *value); | ||||
| +
 | ||||
| +size_t
 | ||||
| +virXMLNodeGetSubelementList(xmlNodePtr node,
 | ||||
| +                            const char *name,
 | ||||
| +                            xmlNodePtr **list);
 | ||||
| +
 | ||||
|  xmlNodePtr | ||||
|  virXPathNode(const char *xpath, | ||||
|               xmlXPathContextPtr ctxt); | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -0,0 +1,92 @@ | ||||
| From f3c75e44ad85fb01473c78adfc2a6d2c53f4f358 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <f3c75e44ad85fb01473c78adfc2a6d2c53f4f358.1749113303.git.jdenemar@redhat.com> | ||||
| From: Peter Krempa <pkrempa@redhat.com> | ||||
| Date: Mon, 13 Feb 2023 15:53:23 +0100 | ||||
| Subject: [PATCH] util: xml: Return GPtrArray from virXMLNodeGetSubelement | ||||
|  [partial] | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| Rework the helper to use a GPtrArray structure to simplify callers. | ||||
| 
 | ||||
| Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit 08a7fc834c7c505e73bfcfa11c4a841a972d4f5d) | ||||
| 
 | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Conflicts: | ||||
|     src/conf/*.c | ||||
|     Dropped the hunks that modify the callers | ||||
|     (since these are not available in downstream yet) | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  src/util/virxml.c | 21 ++++++++------------- | ||||
|  src/util/virxml.h |  5 ++--- | ||||
|  2 files changed, 10 insertions(+), 16 deletions(-) | ||||
| 
 | ||||
| diff --git a/src/util/virxml.c b/src/util/virxml.c
 | ||||
| index b57462e2d0..46afcf2146 100644
 | ||||
| --- a/src/util/virxml.c
 | ||||
| +++ b/src/util/virxml.c
 | ||||
| @@ -843,33 +843,28 @@ virXPathBoolean(const char *xpath,
 | ||||
|   * virXMLNodeGetSubelementList: | ||||
|   * @node: node to get subelement of | ||||
|   * @name: name of subelement to fetch (NULL to fetch all sub-elements) | ||||
| - * @list: If non-NULL, filled with a list of pointers to the nodes. Caller is
 | ||||
| - *        responsible for freeing the list but not the members.
 | ||||
|   * | ||||
| - * Find and return a sub-elements node of @node named @name in a list.
 | ||||
| - * Returns the number of subelements with @name
 | ||||
| + * Find and return a sub-elements node of @node named @name in a GPtrArray
 | ||||
| + * populated with the xmlNodePtr objects. Caller is responsible for freeing the
 | ||||
| + * array but not the contained xmlNode objects.
 | ||||
|   */ | ||||
| -size_t
 | ||||
| +GPtrArray *
 | ||||
|  virXMLNodeGetSubelementList(xmlNodePtr node, | ||||
| -                            const char *name,
 | ||||
| -                            xmlNodePtr **list)
 | ||||
| +                            const char *name)
 | ||||
|  { | ||||
| +    GPtrArray *ret = g_ptr_array_new();
 | ||||
|      xmlNodePtr n; | ||||
| -    size_t nelems = 0;
 | ||||
|   | ||||
|      for (n = node->children; n; n = n->next) { | ||||
|          if (n->type == XML_ELEMENT_NODE) { | ||||
|              if (name && !virXMLNodeNameEqual(n, name)) | ||||
|                  continue; | ||||
|   | ||||
| -            if (list)
 | ||||
| -                VIR_APPEND_ELEMENT_COPY(*list, nelems, n);
 | ||||
| -            else
 | ||||
| -                nelems++;
 | ||||
| +            g_ptr_array_add(ret, n);
 | ||||
|          } | ||||
|      } | ||||
|   | ||||
| -    return nelems;
 | ||||
| +    return ret;
 | ||||
|  } | ||||
|   | ||||
|   | ||||
| diff --git a/src/util/virxml.h b/src/util/virxml.h
 | ||||
| index 7b60551898..03677afc33 100644
 | ||||
| --- a/src/util/virxml.h
 | ||||
| +++ b/src/util/virxml.h
 | ||||
| @@ -84,10 +84,9 @@ virXPathULongHex(const char *xpath,
 | ||||
|                   xmlXPathContextPtr ctxt, | ||||
|                   unsigned long *value); | ||||
|   | ||||
| -size_t
 | ||||
| +GPtrArray *
 | ||||
|  virXMLNodeGetSubelementList(xmlNodePtr node, | ||||
| -                            const char *name,
 | ||||
| -                            xmlNodePtr **list);
 | ||||
| +                            const char *name);
 | ||||
|   | ||||
|  xmlNodePtr | ||||
|  virXPathNode(const char *xpath, | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -0,0 +1,51 @@ | ||||
| From afbf59c823a04b417b4ae66edb99e15e6e8ba877 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <afbf59c823a04b417b4ae66edb99e15e6e8ba877.1730898528.git.jdenemar@redhat.com> | ||||
| From: Peter Krempa <pkrempa@redhat.com> | ||||
| Date: Tue, 8 Aug 2023 15:53:53 +0200 | ||||
| Subject: [PATCH] virStorageBackendLogicalCheckPool: Properly mark empty | ||||
|  logical pools as active | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| The '/dev' filesystem convenience directory for a LVM volume group is | ||||
| not created when the volume group is empty. | ||||
| 
 | ||||
| The logic in 'virStorageBackendLogicalCheckPool' which is used to see | ||||
| whether a pool is active was first checking presence of the directory, | ||||
| which failed for an empty VG. | ||||
| 
 | ||||
| Since the second step is virStorageBackendLogicalMatchPoolSource which | ||||
| is checking mapping between configured PVs and the VG, we can simply | ||||
| rely on the function to also check presence of the pool. | ||||
| 
 | ||||
| Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2228223 | ||||
| Signed-off-by: Peter Krempa <pkrempa@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit fa1a54baa59d244289ce666f9dc52d9eabca47f1) | ||||
| https://issues.redhat.com/browse/RHEL-65771 | ||||
| ---
 | ||||
|  src/storage/storage_backend_logical.c | 8 +------- | ||||
|  1 file changed, 1 insertion(+), 7 deletions(-) | ||||
| 
 | ||||
| diff --git a/src/storage/storage_backend_logical.c b/src/storage/storage_backend_logical.c
 | ||||
| index 3f27e63aeb..b7e3ba2498 100644
 | ||||
| --- a/src/storage/storage_backend_logical.c
 | ||||
| +++ b/src/storage/storage_backend_logical.c
 | ||||
| @@ -628,13 +628,7 @@ static int
 | ||||
|  virStorageBackendLogicalCheckPool(virStoragePoolObj *pool, | ||||
|                                    bool *isActive) | ||||
|  { | ||||
| -    virStoragePoolDef *def = virStoragePoolObjGetDef(pool);
 | ||||
| -
 | ||||
| -    /* If we can find the target.path as well as ensure that the
 | ||||
| -     * pool's def source
 | ||||
| -     */
 | ||||
| -    *isActive = virFileExists(def->target.path) &&
 | ||||
| -                virStorageBackendLogicalMatchPoolSource(pool);
 | ||||
| +    *isActive = virStorageBackendLogicalMatchPoolSource(pool);
 | ||||
|      return 0; | ||||
|  } | ||||
|   | ||||
| -- 
 | ||||
| 2.47.0 | ||||
| @ -0,0 +1,68 @@ | ||||
| From f3ae3ac1807549c1eb4cc5a0286047ff019e14a0 Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <f3ae3ac1807549c1eb4cc5a0286047ff019e14a0.1702401900.git.jdenemar@redhat.com> | ||||
| From: Michal Privoznik <mprivozn@redhat.com> | ||||
| Date: Fri, 24 Nov 2023 11:59:32 +0100 | ||||
| Subject: [PATCH] virnuma: Avoid integer overflow in virNumaGetPages() | ||||
| MIME-Version: 1.0 | ||||
| Content-Type: text/plain; charset=UTF-8 | ||||
| Content-Transfer-Encoding: 8bit | ||||
| 
 | ||||
| On systems with humongous pages (16GiB) and 32bit int it's easy | ||||
| to hit integer overflow in virNumaGetPages(). What happens is, | ||||
| inside of virNumaGetPages() as we process hugepages for given | ||||
| NUMA node (e.g. in order to produce capabilities XML), we keep a | ||||
| sum of sizes of pools in an ULL variable (huge_page_sum). In each | ||||
| iteration, the variable is incremented by 1024 * page_size * | ||||
| page_avail. Now, page_size is just an uint, so we have: | ||||
| 
 | ||||
|   ULL += U * U * ULL; | ||||
| 
 | ||||
| and because of associativity, U * U is computed first and since | ||||
| we have two operands of the same type, no type expansion happens. | ||||
| But this means, for humongous pages (like 16GiB) the | ||||
| multiplication overflows. | ||||
| 
 | ||||
| Therefore, move the multiplication out of the loop. This helps in | ||||
| two ways: | ||||
| 
 | ||||
| 1) now we have ULL += U * ULL; which expands the uint in | ||||
|    multiplication, | ||||
| 
 | ||||
| 2) it saves couple of CPU cycles. | ||||
| 
 | ||||
| Resolves: https://issues.redhat.com/browse/RHEL-16749 | ||||
| Signed-off-by: Michal Privoznik <mprivozn@redhat.com> | ||||
| Reviewed-by: Ján Tomko <jtomko@redhat.com> | ||||
| (cherry picked from commit 9694d1ca6a4ef7a37ac20249eb8b85c1bb48ef6b) | ||||
| Signed-off-by: Michal Privoznik <mprivozn@redhat.com> | ||||
| ---
 | ||||
|  src/util/virnuma.c | 7 ++++--- | ||||
|  1 file changed, 4 insertions(+), 3 deletions(-) | ||||
| 
 | ||||
| diff --git a/src/util/virnuma.c b/src/util/virnuma.c
 | ||||
| index 7c892d6267..e0938867f9 100644
 | ||||
| --- a/src/util/virnuma.c
 | ||||
| +++ b/src/util/virnuma.c
 | ||||
| @@ -806,9 +806,7 @@ virNumaGetPages(int node,
 | ||||
|          tmp_free[ntmp] = page_free; | ||||
|          ntmp++; | ||||
|   | ||||
| -        /* page_size is in kibibytes while we want huge_page_sum
 | ||||
| -         * in just bytes. */
 | ||||
| -        huge_page_sum += 1024 * page_size * page_avail;
 | ||||
| +        huge_page_sum += page_size * page_avail;
 | ||||
|      } | ||||
|   | ||||
|      if (direrr < 0) | ||||
| @@ -819,6 +817,9 @@ virNumaGetPages(int node,
 | ||||
|      VIR_REALLOC_N(tmp_avail, ntmp + 1); | ||||
|      VIR_REALLOC_N(tmp_free, ntmp + 1); | ||||
|   | ||||
| +    /* page_size is in kibibytes while we want huge_page_sum in just bytes. */
 | ||||
| +    huge_page_sum *= 1024;
 | ||||
| +
 | ||||
|      if (virNumaGetPageInfo(node, system_page_size, huge_page_sum, | ||||
|                             &tmp_avail[ntmp], &tmp_free[ntmp]) < 0) | ||||
|          return -1; | ||||
| -- 
 | ||||
| 2.43.0 | ||||
| @ -36,7 +36,6 @@ https://bugzilla.redhat.com/show_bug.cgi?id=2196351 | ||||
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-2700 | ||||
| 
 | ||||
| Signed-off-by: Ján Tomko <jtomko@redhat.com> | ||||
| Signed-off-by: David Sloboda <david.x.sloboda@oracle.com> | ||||
| ---
 | ||||
|  src/util/virpci.c | 1 + | ||||
|  1 file changed, 1 insertion(+) | ||||
|  | ||||
| @ -0,0 +1,83 @@ | ||||
| From 16a50b3a73f496be8cd2bb9b9c0b88ca9a84ed0e Mon Sep 17 00:00:00 2001 | ||||
| Message-ID: <16a50b3a73f496be8cd2bb9b9c0b88ca9a84ed0e.1749113304.git.jdenemar@redhat.com> | ||||
| From: Collin Walling <walling@linux.ibm.com> | ||||
| Date: Mon, 16 Dec 2024 18:03:57 -0500 | ||||
| Subject: [PATCH] virsh: add --disable-deprecated-features flag to | ||||
|  domcapabilities | ||||
| 
 | ||||
| Add a new flag, --disable-deprecated-features, to the domcapabilities | ||||
| command.  This will modify the output to show the 'host-model' CPU | ||||
| with features flagged as deprecated paired with the 'disable' policy. | ||||
| 
 | ||||
| virsh domcapabilities --disable-deprecated-features | ||||
| 
 | ||||
| Signed-off-by: Collin Walling <walling@linux.ibm.com> | ||||
| Reviewed-by: Jiri Denemark <jdenemar@redhat.com> | ||||
| (cherry picked from commit 15d45964e453e04f1761e527266af45554f58fcc) | ||||
| 
 | ||||
| JIRA: https://issues.redhat.com/browse/RHEL-88716 | ||||
| Conflicts: | ||||
|     docs/manpages/virsh.rst | ||||
|     tools/virsh-host.c | ||||
|     (Simple contextual conflicts due to other missing patches in downstream) | ||||
| Signed-off-by: Thomas Huth <thuth@redhat.com> | ||||
| ---
 | ||||
|  docs/manpages/virsh.rst | 6 ++++++ | ||||
|  tools/virsh-host.c      | 9 ++++++++- | ||||
|  2 files changed, 14 insertions(+), 1 deletion(-) | ||||
| 
 | ||||
| diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
 | ||||
| index d24e7774a6..3adbf42280 100644
 | ||||
| --- a/docs/manpages/virsh.rst
 | ||||
| +++ b/docs/manpages/virsh.rst
 | ||||
| @@ -562,6 +562,7 @@ domcapabilities
 | ||||
|  :: | ||||
|   | ||||
|     domcapabilities [virttype] [emulatorbin] [arch] [machine] | ||||
| +                   [--disable-deprecated-features]
 | ||||
|   | ||||
|   | ||||
|  Print an XML document describing the domain capabilities for the | ||||
| @@ -596,6 +597,11 @@ supplied along with either the *emulatorbin* or *arch* in order to
 | ||||
|  generate output for the default *machine*.  Supplying a *machine* | ||||
|  value will generate output for the specific machine. | ||||
|   | ||||
| +The **--disable-deprecated-features** argument will modify the contents
 | ||||
| +of host-model CPU XML, updating the features list with any features
 | ||||
| +flagged as deprecated for the CPU model by the hypervisor. These
 | ||||
| +features will be paired with the "disable" policy.
 | ||||
| +
 | ||||
|   | ||||
|  pool-capabilities | ||||
|  ----------------- | ||||
| diff --git a/tools/virsh-host.c b/tools/virsh-host.c
 | ||||
| index 5ee3834de2..874875b378 100644
 | ||||
| --- a/tools/virsh-host.c
 | ||||
| +++ b/tools/virsh-host.c
 | ||||
| @@ -91,6 +91,10 @@ static const vshCmdOptDef opts_domcapabilities[] = {
 | ||||
|       .type = VSH_OT_STRING, | ||||
|       .help = N_("machine type (/domain/os/type/@machine)"), | ||||
|      }, | ||||
| +    {.name = "disable-deprecated-features",
 | ||||
| +     .type = VSH_OT_BOOL,
 | ||||
| +     .help = N_("report host CPU model with deprecated features disabled"),
 | ||||
| +    },
 | ||||
|      {.name = NULL} | ||||
|  }; | ||||
|   | ||||
| @@ -102,9 +106,12 @@ cmdDomCapabilities(vshControl *ctl, const vshCmd *cmd)
 | ||||
|      const char *emulatorbin = NULL; | ||||
|      const char *arch = NULL; | ||||
|      const char *machine = NULL; | ||||
| -    const unsigned int flags = 0; /* No flags so far */
 | ||||
| +    unsigned int flags = 0;
 | ||||
|      virshControl *priv = ctl->privData; | ||||
|   | ||||
| +    if (vshCommandOptBool(cmd, "disable-deprecated-features"))
 | ||||
| +        flags |= VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES;
 | ||||
| +
 | ||||
|      if (vshCommandOptStringReq(ctl, cmd, "virttype", &virttype) < 0 || | ||||
|          vshCommandOptStringReq(ctl, cmd, "emulatorbin", &emulatorbin) < 0 || | ||||
|          vshCommandOptStringReq(ctl, cmd, "arch", &arch) < 0 || | ||||
| -- 
 | ||||
| 2.49.0 | ||||
| @ -210,7 +210,7 @@ | ||||
| Summary: Library providing a simple virtualization API | ||||
| Name: libvirt | ||||
| Version: 8.0.0 | ||||
| Release: 19.2%{?dist}%{?extra_release}.alma | ||||
| Release: 23.4%{?dist}%{?extra_release} | ||||
| License: LGPLv2+ | ||||
| URL: https://libvirt.org/ | ||||
| 
 | ||||
| @ -306,15 +306,31 @@ Patch83: libvirt-vircpi-Add-PCIe-5.0-and-6.0-link-speeds.patch | ||||
| Patch84: libvirt-conf-Make-VIR_DOMAIN_NET_TYPE_ETHERNET-not-share-host-view.patch | ||||
| Patch85: libvirt-qemu-domain-Fix-logic-when-tainting-domain.patch | ||||
| Patch86: libvirt-qemu-agent-Make-fetching-of-can-offline-member-from-guest-query-vcpus-optional.patch | ||||
| # Patches taken from Oracle Linux libvirt-8.0.0-19.0.2.module+el8.8.0+21112+1cc1a24b.src.rpm | ||||
| Patch87: libvirt-qemu-monitor-Drop-old-monitor-fields-from-struct-_qemuMonitorMessage.patch | ||||
| Patch88: libvirt-qemu-Make-struct-_qemuMonitorMessage-private.patch | ||||
| Patch89: libvirt-qemu-monitor-Move-declaration-of-struct-_qemuMonitor-to-qemu_monitor_priv.h.patch | ||||
| Patch90: libvirt-qemu-qemuBlockGetNamedNodeData-Remove-pointless-error-path.patch | ||||
| Patch91: libvirt-qemu-monitor-Store-whether-query-named-block-nodes-supports-flat-parameter.patch | ||||
| Patch92: libvirt-qemuMonitorJSONBlockStatsUpdateCapacityBlockdev-Use-flat-mode-of-query-named-block-nodes.patch | ||||
| Patch93: libvirt-virpci-Resolve-leak-in-virPCIVirtualFunctionList-cleanup.patch | ||||
| Patch94: libvirt-node_device_conf-Avoid-memleak-in-virNodeDeviceGetPCIVPDDynamicCap.patch | ||||
| Patch93: libvirt-qemu-relax-shared-memory-check-for-vhostuser-daemons.patch | ||||
| Patch94: libvirt-virpci-Resolve-leak-in-virPCIVirtualFunctionList-cleanup.patch | ||||
| Patch95: libvirt-node_device_conf-Avoid-memleak-in-virNodeDeviceGetPCIVPDDynamicCap.patch | ||||
| Patch96: libvirt-nodedev-update-transient-mdevs.patch | ||||
| Patch97: libvirt-lib-Set-up-cpuset-controller-for-restrictive-numatune.patch | ||||
| Patch98: libvirt-virnuma-Avoid-integer-overflow-in-virNumaGetPages.patch | ||||
| Patch99: libvirt-remote-check-for-negative-array-lengths-before-allocation.patch | ||||
| Patch100: libvirt-util-Fix-error-return-for-virProcessKillPainfullyDelay.patch | ||||
| Patch101: libvirt-rpc-ensure-temporary-GSource-is-removed-from-client-event-loop.patch | ||||
| Patch102: libvirt-virStorageBackendLogicalCheckPool-Properly-mark-empty-logical-pools-as-active.patch | ||||
| Patch103: libvirt-util-xml-Introduce-virXMLNodeGetSubelementList.patch | ||||
| Patch104: libvirt-util-xml-Return-GPtrArray-from-virXMLNodeGetSubelement-partial.patch | ||||
| Patch105: libvirt-qemuMonitorJSONGetCPUModelExpansion-refactor-parsing-functions.patch | ||||
| Patch106: libvirt-qemu-parse-deprecated-props-from-query-cpu-model-expansion-response.patch | ||||
| Patch107: libvirt-qemu_capabilities-query-deprecated-features-for-host-model.patch | ||||
| Patch108: libvirt-libvirt-domain-introduce-VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES.patch | ||||
| Patch109: libvirt-qemu_capabilities-filter-deprecated-features-if-requested.patch | ||||
| Patch110: libvirt-virsh-add-disable-deprecated-features-flag-to-domcapabilities.patch | ||||
| Patch111: libvirt-conf-add-deprecated_features-attribute.patch | ||||
| 
 | ||||
| Requires: libvirt-daemon = %{version}-%{release} | ||||
| Requires: libvirt-daemon-config-network = %{version}-%{release} | ||||
| @ -2194,15 +2210,46 @@ exit 0 | ||||
| 
 | ||||
| 
 | ||||
| %changelog | ||||
| * Wed Jul 12 2023 Andrew Lukoshko <alukoshko@almalinux.org> - 8.0.0-19.2.alma | ||||
| - qemu: monitor: Drop old monitor fields from 'struct _qemuMonitorMessage' | ||||
| - qemu: Make 'struct _qemuMonitorMessage' private | ||||
| - qemu: monitor: Move declaration of struct _qemuMonitor to qemu_monitor_priv.h | ||||
| - qemu: qemuBlockGetNamedNodeData: Remove pointless error path | ||||
| - qemu: monitor: Store whether 'query-named-block-nodes' supports 'flat' parameter | ||||
| - qemuMonitorJSONBlockStatsUpdateCapacityBlockdev: Use 'flat' mode of query-named-block-nodes | ||||
| - virpci: Resolve leak in virPCIVirtualFunctionList cleanup [CVE-2023-2700] | ||||
| - node_device_conf: Avoid memleak in virNodeDeviceGetPCIVPDDynamicCap() [CVE-2023-2700] | ||||
| * Thu Jun  5 2025 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.4.el8 | ||||
| - util: xml: Introduce virXMLNodeGetSubelementList (RHEL-88716) | ||||
| - util: xml: Return GPtrArray from virXMLNodeGetSubelement [partial] (RHEL-88716) | ||||
| - qemuMonitorJSONGetCPUModelExpansion: refactor parsing functions (RHEL-88716) | ||||
| - qemu: parse deprecated-props from query-cpu-model-expansion response (RHEL-88716) | ||||
| - qemu_capabilities: query deprecated features for host-model (RHEL-88716) | ||||
| - libvirt-domain: introduce VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES (RHEL-88716) | ||||
| - qemu_capabilities: filter deprecated features if requested (RHEL-88716) | ||||
| - virsh: add --disable-deprecated-features flag to domcapabilities (RHEL-88716) | ||||
| - conf: add deprecated_features attribute (RHEL-88716) | ||||
| 
 | ||||
| * Wed Nov  6 2024 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.3.el8 | ||||
| - virStorageBackendLogicalCheckPool: Properly mark empty logical pools as active (RHEL-65771) | ||||
| 
 | ||||
| * Thu Jun  6 2024 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.2.el8 | ||||
| - util: Fix error return for virProcessKillPainfullyDelay() (RHEL-36064) | ||||
| - rpc: ensure temporary GSource is removed from client event loop (CVE-2024-4418) | ||||
| 
 | ||||
| * Tue Apr  9 2024 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23.1.el8 | ||||
| - remote: check for negative array lengths before allocation (CVE-2024-2494) | ||||
| 
 | ||||
| * Tue Dec 12 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-23 | ||||
| - virnuma: Avoid integer overflow in virNumaGetPages() (rhbz#RHEL-16749) | ||||
| 
 | ||||
| * Mon Jul 31 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-22 | ||||
| - lib: Set up cpuset controller for restrictive numatune (rhbz#2223464) | ||||
| 
 | ||||
| * Thu Jun 22 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-21 | ||||
| - nodedev: update transient mdevs (rhbz#2143160) | ||||
| 
 | ||||
| * Fri May 19 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-20 | ||||
| - qemu: monitor: Drop old monitor fields from 'struct _qemuMonitorMessage' (rhbz#2170472) | ||||
| - qemu: Make 'struct _qemuMonitorMessage' private (rhbz#2170472) | ||||
| - qemu: monitor: Move declaration of struct _qemuMonitor to qemu_monitor_priv.h (rhbz#2170472) | ||||
| - qemu: qemuBlockGetNamedNodeData: Remove pointless error path (rhbz#2170472) | ||||
| - qemu: monitor: Store whether 'query-named-block-nodes' supports 'flat' parameter (rhbz#2170472) | ||||
| - qemuMonitorJSONBlockStatsUpdateCapacityBlockdev: Use 'flat' mode of query-named-block-nodes (rhbz#2170472) | ||||
| - qemu: relax shared memory check for vhostuser daemons (rhbz#2177701) | ||||
| - virpci: Resolve leak in virPCIVirtualFunctionList cleanup (CVE-2023-2700) | ||||
| - node_device_conf: Avoid memleak in virNodeDeviceGetPCIVPDDynamicCap() (CVE-2023-2700) | ||||
| 
 | ||||
| * Tue Mar 14 2023 Jiri Denemark <jdenemar@redhat.com> - 8.0.0-19 | ||||
| - qemu: domain: Fix logic when tainting domain (rhbz#2174447) | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user