Merge branch 'c9' into a9-ppc64le
This commit is contained in:
commit
74c9ecb6e1
@ -0,0 +1,59 @@
|
||||
From 332386ae7bc02618d1860f726065448324a6734a Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <332386ae7bc02618d1860f726065448324a6734a@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Mon, 5 Sep 2022 12:37:16 +0200
|
||||
Subject: [PATCH] kbase: Document QEMU private mount NS limitations
|
||||
|
||||
There are two points I've taken for granted:
|
||||
|
||||
1) the mount points are set before starting a guest,
|
||||
2) the / and its submounts are marked as shared, so that mount
|
||||
events propagate into child namespaces when assumption 1) is
|
||||
not held.
|
||||
|
||||
But what's obvious to me might not be obvious to our users.
|
||||
Document these known limitations.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2123196
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit d3397885d589c25b8962ae221fd0a71ced5597cb)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2152083
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
docs/kbase/qemu-passthrough-security.rst | 22 ++++++++++++++++++++++
|
||||
1 file changed, 22 insertions(+)
|
||||
|
||||
diff --git a/docs/kbase/qemu-passthrough-security.rst b/docs/kbase/qemu-passthrough-security.rst
|
||||
index 4381d9f3a6..106c3cc5b9 100644
|
||||
--- a/docs/kbase/qemu-passthrough-security.rst
|
||||
+++ b/docs/kbase/qemu-passthrough-security.rst
|
||||
@@ -156,3 +156,25 @@ will affect all virtual machines. These settings are all made in
|
||||
|
||||
* Cgroups - set ``cgroup_device_acl`` to include the desired device node, or
|
||||
``cgroup_controllers = [...]`` to exclude the ``devices`` controller.
|
||||
+
|
||||
+Private monunt namespace
|
||||
+----------------------------
|
||||
+
|
||||
+As mentioned above, libvirt launches each QEMU process in its own ``mount``
|
||||
+namespace. It's recommended that all mount points are set up prior starting any
|
||||
+guest. For cases when that can't be assured, mount points in the namespace are
|
||||
+marked as slave so that mount events happening in the parent namespace are
|
||||
+propagated into this child namespace. But this may require an additional step:
|
||||
+mounts in the parent namespace need to be marked as shared (if the distribution
|
||||
+doesn't do that by default). This can be achieved by running the following
|
||||
+command before any guest is started:
|
||||
+
|
||||
+::
|
||||
+
|
||||
+ # mount --make-rshared /
|
||||
+
|
||||
+Another requirement for dynamic mount point propagation is to not place
|
||||
+``hugetlbfs`` mount points under ``/dev`` because these won't be propagated as
|
||||
+corresponding directories do not exist in the private namespace. Or just use
|
||||
+``memfd`` memory backend instead which does not require ``hugetlbfs`` mount
|
||||
+points.
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,48 @@
|
||||
From 08c8ef5eb30983d6ca004e84a11fe7f2547f984e Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <08c8ef5eb30983d6ca004e84a11fe7f2547f984e@dist-git>
|
||||
From: Jonathon Jongsma <jjongsma@redhat.com>
|
||||
Date: Tue, 23 Aug 2022 12:28:02 -0500
|
||||
Subject: [PATCH] nodedev: wait a bit longer for new node devices
|
||||
|
||||
Openstack developers reported that newly-created mdevs were not
|
||||
recognized by libvirt until after a libvirt daemon restart. The source
|
||||
of the problem appears to be that when libvirt gets the udev 'add'
|
||||
event, the sysfs tree for that device might not be ready and so libvirt
|
||||
waits 100ms for it to appear (max 100 waits of 1ms each). But in the
|
||||
OpenStack environment, the sysfs tree for new mediated devices was
|
||||
taking closer to 250ms to appear and therefore libvirt gave up waiting
|
||||
and didn't add these new devices to its list of nodedevs.
|
||||
|
||||
By changing the wait time to 1 second (max 100 waits of 10ms each), this
|
||||
should provide enough time to enable these deployments to recognize
|
||||
newly-created mediated devices, but it shouldn't increase the delay for
|
||||
more traditional deployments too much.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2109450
|
||||
|
||||
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
|
||||
Reviewed-by: Erik Skultety <eskultet@redhat.com>
|
||||
(cherry picked from commit e4f9682ebc442bb5dfee807ba618c8863355776d)
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2141364
|
||||
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
|
||||
---
|
||||
src/node_device/node_device_udev.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c
|
||||
index 3d69bdedae..1f63162e23 100644
|
||||
--- a/src/node_device/node_device_udev.c
|
||||
+++ b/src/node_device/node_device_udev.c
|
||||
@@ -1036,7 +1036,7 @@ udevProcessMediatedDevice(struct udev_device *dev,
|
||||
|
||||
linkpath = g_strdup_printf("%s/mdev_type", udev_device_get_syspath(dev));
|
||||
|
||||
- if (virFileWaitForExists(linkpath, 1, 100) < 0) {
|
||||
+ if (virFileWaitForExists(linkpath, 10, 100) < 0) {
|
||||
virReportSystemError(errno,
|
||||
_("failed to wait for file '%s' to appear"),
|
||||
linkpath);
|
||||
--
|
||||
2.38.1
|
||||
|
@ -0,0 +1,86 @@
|
||||
From 5da85fb944db3dd8213a7302deaffa3b294acd64 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <5da85fb944db3dd8213a7302deaffa3b294acd64@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 9 Aug 2022 16:16:09 +0200
|
||||
Subject: [PATCH] qemu: Implement qemuDomainGetStatsCpu fallback for
|
||||
qemu:///session
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
For domains started under session URI, we don't set up CGroups
|
||||
(well, how could we since we're not running as root anyways).
|
||||
Nevertheless, fetching CPU statistics exits early because of
|
||||
lacking cpuacct controller. But with recent extension to
|
||||
virProcessGetStatInfo() we can get the values we need from the
|
||||
proc filesystem. Implement the fallback for the session URI as
|
||||
some of virt tools rely on cpu.* stats to be reported (virt-top,
|
||||
virt-manager).
|
||||
|
||||
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/353
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1693707
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 044b8744d65f8571038f85685b3c4b241162977b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2157094
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_driver.c | 35 +++++++++++++++++++++++++++++++++--
|
||||
1 file changed, 33 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
||||
index 84cf2c6a4f..ac210d8069 100644
|
||||
--- a/src/qemu/qemu_driver.c
|
||||
+++ b/src/qemu/qemu_driver.c
|
||||
@@ -18042,6 +18042,30 @@ qemuDomainGetStatsCpuCgroup(virDomainObj *dom,
|
||||
return 0;
|
||||
}
|
||||
|
||||
+
|
||||
+static int
|
||||
+qemuDomainGetStatsCpuProc(virDomainObj *vm,
|
||||
+ virTypedParamList *params)
|
||||
+{
|
||||
+ unsigned long long cpuTime = 0;
|
||||
+ unsigned long long sysTime = 0;
|
||||
+ unsigned long long userTime = 0;
|
||||
+
|
||||
+ if (virProcessGetStatInfo(&cpuTime, &sysTime, &userTime,
|
||||
+ NULL, NULL, vm->pid, 0) < 0) {
|
||||
+ /* ignore error */
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ if (virTypedParamListAddULLong(params, cpuTime, "cpu.time") < 0 ||
|
||||
+ virTypedParamListAddULLong(params, userTime, "cpu.user") < 0 ||
|
||||
+ virTypedParamListAddULLong(params, sysTime, "cpu.system") < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static int
|
||||
qemuDomainGetStatsCpuHaltPollTime(virDomainObj *dom,
|
||||
virTypedParamList *params)
|
||||
@@ -18066,8 +18090,15 @@ qemuDomainGetStatsCpu(virQEMUDriver *driver,
|
||||
virTypedParamList *params,
|
||||
unsigned int privflags G_GNUC_UNUSED)
|
||||
{
|
||||
- if (qemuDomainGetStatsCpuCgroup(dom, params) < 0)
|
||||
- return -1;
|
||||
+ qemuDomainObjPrivate *priv = dom->privateData;
|
||||
+
|
||||
+ if (priv->cgroup) {
|
||||
+ if (qemuDomainGetStatsCpuCgroup(dom, params) < 0)
|
||||
+ return -1;
|
||||
+ } else {
|
||||
+ if (qemuDomainGetStatsCpuProc(dom, params) < 0)
|
||||
+ return -1;
|
||||
+ }
|
||||
|
||||
if (qemuDomainGetStatsCpuCache(driver, dom, params) < 0)
|
||||
return -1;
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,58 @@
|
||||
From 198f38fa5540c7545607b9d1beb0bfb689d56c3d Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <198f38fa5540c7545607b9d1beb0bfb689d56c3d@dist-git>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Thu, 1 Dec 2022 17:02:42 +0100
|
||||
Subject: [PATCH] qemuAgentGetDisks: Don't use virJSONValueObjectGetStringArray
|
||||
for optional data
|
||||
|
||||
The 'dependencies' field in the return data may be missing in some
|
||||
cases. Historically 'virJSONValueObjectGetStringArray' didn't report
|
||||
error in such case, but later refactor (commit 043b50b948ef3c2 ) added
|
||||
an error in order to use it in other places too.
|
||||
|
||||
Unfortunately this results in the error log being spammed with an
|
||||
irrelevant error in case when qemuAgentGetDisks is invoked on a VM
|
||||
running windows.
|
||||
|
||||
Replace the use of virJSONValueObjectGetStringArray by fetching the
|
||||
array first and calling virJSONValueArrayToStringList only when we have
|
||||
an array.
|
||||
|
||||
Fixes: 043b50b948ef3c2a4adf5fa32a93ec2589851ac6
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2149752
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 3b576601dfb924bb518870a01de5d1a421cbb467)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2154410
|
||||
---
|
||||
src/qemu/qemu_agent.c | 7 ++++++-
|
||||
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
|
||||
index d81f01ba77..7afef06694 100644
|
||||
--- a/src/qemu/qemu_agent.c
|
||||
+++ b/src/qemu/qemu_agent.c
|
||||
@@ -2544,6 +2544,7 @@ int qemuAgentGetDisks(qemuAgent *agent,
|
||||
for (i = 0; i < ndata; i++) {
|
||||
virJSONValue *addr;
|
||||
virJSONValue *entry = virJSONValueArrayGet(data, i);
|
||||
+ virJSONValue *dependencies;
|
||||
qemuAgentDiskInfo *disk;
|
||||
|
||||
if (!entry) {
|
||||
@@ -2569,7 +2570,11 @@ int qemuAgentGetDisks(qemuAgent *agent,
|
||||
goto error;
|
||||
}
|
||||
|
||||
- disk->dependencies = virJSONValueObjectGetStringArray(entry, "dependencies");
|
||||
+ if ((dependencies = virJSONValueObjectGetArray(entry, "dependencies"))) {
|
||||
+ if (!(disk->dependencies = virJSONValueArrayToStringList(dependencies)))
|
||||
+ goto error;
|
||||
+ }
|
||||
+
|
||||
disk->alias = g_strdup(virJSONValueObjectGetString(entry, "alias"));
|
||||
addr = virJSONValueObjectGetObject(entry, "address");
|
||||
if (addr) {
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,57 @@
|
||||
From b76623b5921238c9a4db9b3e1958b51a4d7e8b52 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <b76623b5921238c9a4db9b3e1958b51a4d7e8b52@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Wed, 28 Sep 2022 10:12:36 +0200
|
||||
Subject: [PATCH] qemuProcessReconnect: Don't build memory paths
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Let me take you on a short trip to history. A long time ago,
|
||||
libvirt would configure all QEMUs to use $hugetlbfs/libvirt/qemu
|
||||
for their hugepages setup. This was problematic, because it did
|
||||
not allow enough separation between guests. Therefore in
|
||||
v3.0.0-rc1~367 the path changed to a per-domain basis:
|
||||
|
||||
$hugetlbfs/libvirt/qemu/$domainShortName
|
||||
|
||||
And to help with migration on daemon restart a call to
|
||||
qemuProcessBuildDestroyMemoryPaths() was added to
|
||||
qemuProcessReconnect() (well, it was named
|
||||
qemuProcessBuildDestroyHugepagesPath() back then, see
|
||||
v3.10.0-rc1~174). This was desirable then, because the memory
|
||||
hotplug code did not call the function, it simply assumes
|
||||
per-domain paths to exist. But this changed in v3.5.0-rc1~92
|
||||
after which the per-domain paths are created on memory hotplug
|
||||
too.
|
||||
|
||||
Therefore, it's no longer necessary to create these paths in
|
||||
qemuProcessReconnect(). They are created exactly when needed
|
||||
(domain startup and memory hotplug).
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit 3478cca80ea7382cfdbff836d5d0b92aa014297b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2152083
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_process.c | 3 ---
|
||||
1 file changed, 3 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index 062a0b6dac..979ad99f5a 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -9004,9 +9004,6 @@ qemuProcessReconnect(void *opaque)
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
- if (qemuProcessBuildDestroyMemoryPaths(driver, obj, NULL, true) < 0)
|
||||
- goto error;
|
||||
-
|
||||
if ((qemuDomainAssignAddresses(obj->def, priv->qemuCaps,
|
||||
driver, obj, false)) < 0) {
|
||||
goto error;
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,80 @@
|
||||
From 6b3a0480cf2de402abce168aa0b093a8dc4f7a57 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <6b3a0480cf2de402abce168aa0b093a8dc4f7a57@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:43:22 +0200
|
||||
Subject: [PATCH] qemu_namespace: Fix a corner case in
|
||||
qemuDomainGetPreservedMounts()
|
||||
|
||||
When setting up namespace for QEMU we look at mount points under
|
||||
/dev (like /dev/pts, /dev/mqueue/, etc.) because we want to
|
||||
preserve those (which is done by moving them to a temp location,
|
||||
unshare(), and then moving them back). We have a convenience
|
||||
helper - qemuDomainGetPreservedMounts() - that processes the
|
||||
mount table and (optionally) moves the other filesystems too.
|
||||
This helper is also used when attempting to create a path in NS,
|
||||
because the path, while starting with "/dev/" prefix, may
|
||||
actually lead to one of those filesystems that we preserved.
|
||||
|
||||
And here comes the corner case: while we require the parent mount
|
||||
table to be in shared mode (equivalent of `mount --make-rshared /'),
|
||||
these mount events propagate iff the target path exist inside the
|
||||
slave mount table (= QEMU's private namespace). And since we
|
||||
create only a subset of /dev nodes, well, that assumption is not
|
||||
always the case.
|
||||
|
||||
For instance, assume that a domain is already running, no
|
||||
hugepages were configured for it nor any hugetlbfs is mounted.
|
||||
Now, when a hugetlbfs is mounted into '/dev/hugepages', this is
|
||||
propagated into the QEMU's namespace, but since the target dir
|
||||
does not exist in the private /dev, the FS is not mounted in the
|
||||
namespace.
|
||||
|
||||
Fortunately, this difference between namespaces is visible when
|
||||
comparing /proc/mounts and /proc/$PID/mounts (where PID is the
|
||||
QEMU's PID). Therefore, if possible we should look at the latter.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 46b03819ae8d833b11c2aaccb2c2a0361727f51b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2152083
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_namespace.c | 10 +++++++++-
|
||||
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
|
||||
index 71e3366ca5..807ec37c91 100644
|
||||
--- a/src/qemu/qemu_namespace.c
|
||||
+++ b/src/qemu/qemu_namespace.c
|
||||
@@ -109,6 +109,8 @@ qemuDomainGetPreservedMountPath(virQEMUDriverConfig *cfg,
|
||||
* b) generate backup path for all the entries in a)
|
||||
*
|
||||
* Any of the return pointers can be NULL. Both arrays are NULL-terminated.
|
||||
+ * Get the mount table either from @vm's PID (if running), or from the
|
||||
+ * namespace we're in (if @vm's not running).
|
||||
*
|
||||
* Returns 0 on success, -1 otherwise (with error reported)
|
||||
*/
|
||||
@@ -123,12 +125,18 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfig *cfg,
|
||||
size_t nmounts = 0;
|
||||
g_auto(GStrv) paths = NULL;
|
||||
g_auto(GStrv) savePaths = NULL;
|
||||
+ g_autofree char *mountsPath = NULL;
|
||||
size_t i;
|
||||
|
||||
if (ndevPath)
|
||||
*ndevPath = 0;
|
||||
|
||||
- if (virFileGetMountSubtree(QEMU_PROC_MOUNTS, "/dev", &mounts, &nmounts) < 0)
|
||||
+ if (vm->pid > 0)
|
||||
+ mountsPath = g_strdup_printf("/proc/%lld/mounts", (long long) vm->pid);
|
||||
+ else
|
||||
+ mountsPath = g_strdup(QEMU_PROC_MOUNTS);
|
||||
+
|
||||
+ if (virFileGetMountSubtree(mountsPath, "/dev", &mounts, &nmounts) < 0)
|
||||
return -1;
|
||||
|
||||
if (nmounts == 0)
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,68 @@
|
||||
From c8379fdd0f13af84f4b2ed449f8de77117fd8bc7 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <c8379fdd0f13af84f4b2ed449f8de77117fd8bc7@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:43:58 +0200
|
||||
Subject: [PATCH] qemu_namespace: Introduce qemuDomainNamespaceSetupPath()
|
||||
|
||||
Sometimes it may come handy to just bind mount a directory/file
|
||||
into domain's namespace. Implement a thin wrapper over
|
||||
qemuNamespaceMknodPaths() which has all the logic we need.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 5853d707189005a4ea5b2215e80853867b822fd9)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2152083
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_namespace.c | 19 +++++++++++++++++++
|
||||
src/qemu/qemu_namespace.h | 4 ++++
|
||||
2 files changed, 23 insertions(+)
|
||||
|
||||
diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
|
||||
index 807ec37c91..09e235e120 100644
|
||||
--- a/src/qemu/qemu_namespace.c
|
||||
+++ b/src/qemu/qemu_namespace.c
|
||||
@@ -1424,6 +1424,25 @@ qemuNamespaceUnlinkPaths(virDomainObj *vm,
|
||||
}
|
||||
|
||||
|
||||
+int
|
||||
+qemuDomainNamespaceSetupPath(virDomainObj *vm,
|
||||
+ const char *path,
|
||||
+ bool *created)
|
||||
+{
|
||||
+ g_autoptr(virGSListString) paths = NULL;
|
||||
+
|
||||
+ if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
|
||||
+ return 0;
|
||||
+
|
||||
+ paths = g_slist_prepend(paths, g_strdup(path));
|
||||
+
|
||||
+ if (qemuNamespaceMknodPaths(vm, paths, created) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
int
|
||||
qemuDomainNamespaceSetupDisk(virDomainObj *vm,
|
||||
virStorageSource *src,
|
||||
diff --git a/src/qemu/qemu_namespace.h b/src/qemu/qemu_namespace.h
|
||||
index fbea865c70..85d990f460 100644
|
||||
--- a/src/qemu/qemu_namespace.h
|
||||
+++ b/src/qemu/qemu_namespace.h
|
||||
@@ -48,6 +48,10 @@ void qemuDomainDestroyNamespace(virQEMUDriver *driver,
|
||||
|
||||
bool qemuDomainNamespaceAvailable(qemuDomainNamespace ns);
|
||||
|
||||
+int qemuDomainNamespaceSetupPath(virDomainObj *vm,
|
||||
+ const char *path,
|
||||
+ bool *created);
|
||||
+
|
||||
int qemuDomainNamespaceSetupDisk(virDomainObj *vm,
|
||||
virStorageSource *src,
|
||||
bool *created);
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,45 @@
|
||||
From 1f0a6e441617da6a95e2188408ad1ed2dd4665e4 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <1f0a6e441617da6a95e2188408ad1ed2dd4665e4@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:37:23 +0200
|
||||
Subject: [PATCH] qemu_namespace: Tolerate missing ACLs when creating a path in
|
||||
namespace
|
||||
|
||||
When creating a path in a domain's mount namespace we try to set
|
||||
ACLs on it, so that it's a verbatim copy of the path in parent's
|
||||
namespace. The ACLs are queried upfront (by
|
||||
qemuNamespaceMknodItemInit()) but this is fault tolerant so the
|
||||
pointer to ACLs might be NULL (meaning no ACLs were queried, for
|
||||
instance because the underlying filesystem does not support
|
||||
them). But then we take this NULL and pass it to virFileSetACLs()
|
||||
which immediately returns an error because NULL is invalid value.
|
||||
|
||||
Mimic what we do with SELinux label - only set ACLs if they are
|
||||
non-NULL which includes symlinks.
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 687374959e160dc566bd4b6d43c7bf1beb470c59)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2152083
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/qemu/qemu_namespace.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c
|
||||
index 98cd794666..71e3366ca5 100644
|
||||
--- a/src/qemu/qemu_namespace.c
|
||||
+++ b/src/qemu/qemu_namespace.c
|
||||
@@ -1040,8 +1040,7 @@ qemuNamespaceMknodOne(qemuNamespaceMknodItem *data)
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
- /* Symlinks don't have ACLs. */
|
||||
- if (!isLink &&
|
||||
+ if (data->acl &&
|
||||
virFileSetACLs(data->file, data->acl) < 0 &&
|
||||
errno != ENOTSUP) {
|
||||
virReportSystemError(errno,
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,73 @@
|
||||
From 9842eb7301f985e4cc08001aff48c269492b2456 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <9842eb7301f985e4cc08001aff48c269492b2456@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 6 Sep 2022 13:45:51 +0200
|
||||
Subject: [PATCH] qemu_process.c: Propagate hugetlbfs mounts on reconnect
|
||||
|
||||
When reconnecting to a running QEMU process, we construct the
|
||||
per-domain path in all hugetlbfs mounts. This is a relict from
|
||||
the past (v3.4.0-100-g5b24d25062) where we switched to a
|
||||
per-domain path and we want to create those paths when libvirtd
|
||||
restarts on upgrade.
|
||||
|
||||
And with namespaces enabled there is one corner case where the
|
||||
path is not created. In fact an error is reported and the
|
||||
reconnect fails. Ideally, all mount events are propagated into
|
||||
the QEMU's namespace. And they probably are, except when the
|
||||
target path does not exist inside the namespace. Now, it's pretty
|
||||
common for users to mount hugetlbfs under /dev (e.g.
|
||||
/dev/hugepages), but if domain is started without hugepages (or
|
||||
more specifically - private hugetlbfs path wasn't created on
|
||||
domain startup), then the reconnect code tries to create it.
|
||||
But it fails to do so, well, it fails to set seclabels on the
|
||||
path because, because the path does not exist in the private
|
||||
namespace. And it doesn't exist because we specifically create
|
||||
only a subset of all possible /dev nodes. Therefore, the mount
|
||||
event, whilst propagated, is not successful and hence the
|
||||
filesystem is not mounted. We have to do it ourselves.
|
||||
|
||||
If hugetlbfs is mount anywhere else there's no problem and this
|
||||
is effectively a dead code.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2123196
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
||||
(cherry picked from commit 0377177c7856bb87a9d8aa1324b54f5fbe9f1e5b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2152083
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
docs/kbase/qemu-passthrough-security.rst | 6 ------
|
||||
src/qemu/qemu_process.c | 3 +++
|
||||
2 files changed, 3 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/docs/kbase/qemu-passthrough-security.rst b/docs/kbase/qemu-passthrough-security.rst
|
||||
index 106c3cc5b9..ef10d8af9b 100644
|
||||
--- a/docs/kbase/qemu-passthrough-security.rst
|
||||
+++ b/docs/kbase/qemu-passthrough-security.rst
|
||||
@@ -172,9 +172,3 @@ command before any guest is started:
|
||||
::
|
||||
|
||||
# mount --make-rshared /
|
||||
-
|
||||
-Another requirement for dynamic mount point propagation is to not place
|
||||
-``hugetlbfs`` mount points under ``/dev`` because these won't be propagated as
|
||||
-corresponding directories do not exist in the private namespace. Or just use
|
||||
-``memfd`` memory backend instead which does not require ``hugetlbfs`` mount
|
||||
-points.
|
||||
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
||||
index 4b52d664c7..062a0b6dac 100644
|
||||
--- a/src/qemu/qemu_process.c
|
||||
+++ b/src/qemu/qemu_process.c
|
||||
@@ -4039,6 +4039,9 @@ qemuProcessBuildDestroyMemoryPathsImpl(virQEMUDriver *driver,
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (qemuDomainNamespaceSetupPath(vm, path, NULL) < 0)
|
||||
+ return -1;
|
||||
+
|
||||
if (qemuSecurityDomainSetPathLabel(driver, vm, path, true) < 0)
|
||||
return -1;
|
||||
} else {
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,65 @@
|
||||
From d9b1f47fc3139bccd08838064f4b233b7cff5f29 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <d9b1f47fc3139bccd08838064f4b233b7cff5f29@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Thu, 8 Dec 2022 08:39:24 +0100
|
||||
Subject: [PATCH] tools: Fix install_mode for some scripts
|
||||
|
||||
Scripts from the following list were installed with group write
|
||||
bit set: virt-xml-validate, virt-pki-validate,
|
||||
virt-sanlock-cleanup, libvirt-guests.sh. This is very unusual and
|
||||
in contrast with the way other scripts/binaries are installed.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2151202
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
|
||||
(cherry picked from commit e771e32f15ff2b263ca70306d93080541a96792b)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2158208
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
tools/meson.build | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/tools/meson.build b/tools/meson.build
|
||||
index bb28a904dc..8a3dd63271 100644
|
||||
--- a/tools/meson.build
|
||||
+++ b/tools/meson.build
|
||||
@@ -249,7 +249,7 @@ configure_file(
|
||||
configuration: tools_conf,
|
||||
install: true,
|
||||
install_dir: bindir,
|
||||
- install_mode: 'rwxrwxr-x',
|
||||
+ install_mode: 'rwxr-xr-x',
|
||||
)
|
||||
|
||||
configure_file(
|
||||
@@ -258,7 +258,7 @@ configure_file(
|
||||
configuration: tools_conf,
|
||||
install: true,
|
||||
install_dir: bindir,
|
||||
- install_mode: 'rwxrwxr-x',
|
||||
+ install_mode: 'rwxr-xr-x',
|
||||
)
|
||||
|
||||
executable(
|
||||
@@ -295,7 +295,7 @@ if conf.has('WITH_SANLOCK')
|
||||
configuration: tools_conf,
|
||||
install: true,
|
||||
install_dir: sbindir,
|
||||
- install_mode: 'rwxrwxr-x',
|
||||
+ install_mode: 'rwxr-xr-x',
|
||||
)
|
||||
endif
|
||||
|
||||
@@ -306,7 +306,7 @@ if conf.has('WITH_LIBVIRTD')
|
||||
configuration: tools_conf,
|
||||
install: true,
|
||||
install_dir: libexecdir,
|
||||
- install_mode: 'rwxrwxr-x',
|
||||
+ install_mode: 'rwxr-xr-x',
|
||||
)
|
||||
|
||||
if init_script == 'systemd'
|
||||
--
|
||||
2.39.1
|
||||
|
@ -0,0 +1,165 @@
|
||||
From b7a08f453fc448415ce320532907e61fa34f95b7 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <b7a08f453fc448415ce320532907e61fa34f95b7@dist-git>
|
||||
From: Michal Privoznik <mprivozn@redhat.com>
|
||||
Date: Tue, 9 Aug 2022 16:15:55 +0200
|
||||
Subject: [PATCH] util: Extend virProcessGetStatInfo() for sysTime and userTime
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The virProcessGetStatInfo() helper parses /proc stat file for
|
||||
given PID and/or TID and reports cumulative cpuTime which is just
|
||||
a sum of user and sys times. But in near future, we'll need those
|
||||
times separately, so make the function return them too (if caller
|
||||
desires).
|
||||
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
||||
(cherry picked from commit cdc22d9a21e472a02dae8157e3cca5832f161feb)
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2157094
|
||||
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
---
|
||||
src/ch/ch_driver.c | 1 +
|
||||
src/qemu/qemu_driver.c | 4 +++-
|
||||
src/util/virprocess.c | 33 ++++++++++++++++++++++-----------
|
||||
src/util/virprocess.h | 2 ++
|
||||
4 files changed, 28 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/ch/ch_driver.c b/src/ch/ch_driver.c
|
||||
index e7c172c894..bde148075d 100644
|
||||
--- a/src/ch/ch_driver.c
|
||||
+++ b/src/ch/ch_driver.c
|
||||
@@ -1075,6 +1075,7 @@ chDomainHelperGetVcpus(virDomainObj *vm,
|
||||
vcpuinfo->number = i;
|
||||
vcpuinfo->state = VIR_VCPU_RUNNING;
|
||||
if (virProcessGetStatInfo(&vcpuinfo->cpuTime,
|
||||
+ NULL, NULL,
|
||||
&vcpuinfo->cpu, NULL,
|
||||
vm->pid, vcpupid) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
|
||||
index ebd6365f52..84cf2c6a4f 100644
|
||||
--- a/src/qemu/qemu_driver.c
|
||||
+++ b/src/qemu/qemu_driver.c
|
||||
@@ -1359,6 +1359,7 @@ qemuDomainHelperGetVcpus(virDomainObj *vm,
|
||||
vcpuinfo->state = VIR_VCPU_RUNNING;
|
||||
|
||||
if (virProcessGetStatInfo(&vcpuinfo->cpuTime,
|
||||
+ NULL, NULL,
|
||||
&vcpuinfo->cpu, NULL,
|
||||
vm->pid, vcpupid) < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
@@ -2528,6 +2529,7 @@ qemuDomainGetInfo(virDomainPtr dom,
|
||||
|
||||
if (virDomainObjIsActive(vm)) {
|
||||
if (virProcessGetStatInfo(&(info->cpuTime), NULL, NULL,
|
||||
+ NULL, NULL,
|
||||
vm->pid, 0) < 0) {
|
||||
virReportError(VIR_ERR_OPERATION_FAILED, "%s",
|
||||
_("cannot read cputime for domain"));
|
||||
@@ -10770,7 +10772,7 @@ qemuDomainMemoryStatsInternal(virQEMUDriver *driver,
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
- if (virProcessGetStatInfo(NULL, NULL, &rss, vm->pid, 0) < 0) {
|
||||
+ if (virProcessGetStatInfo(NULL, NULL, NULL, NULL, &rss, vm->pid, 0) < 0) {
|
||||
virReportError(VIR_ERR_OPERATION_FAILED, "%s",
|
||||
_("cannot get RSS for domain"));
|
||||
} else {
|
||||
diff --git a/src/util/virprocess.c b/src/util/virprocess.c
|
||||
index 013afd91b4..11f36e00a8 100644
|
||||
--- a/src/util/virprocess.c
|
||||
+++ b/src/util/virprocess.c
|
||||
@@ -1737,32 +1737,37 @@ virProcessGetStat(pid_t pid,
|
||||
#ifdef __linux__
|
||||
int
|
||||
virProcessGetStatInfo(unsigned long long *cpuTime,
|
||||
+ unsigned long long *userTime,
|
||||
+ unsigned long long *sysTime,
|
||||
int *lastCpu,
|
||||
long *vm_rss,
|
||||
pid_t pid,
|
||||
pid_t tid)
|
||||
{
|
||||
g_auto(GStrv) proc_stat = virProcessGetStat(pid, tid);
|
||||
- unsigned long long usertime = 0, systime = 0;
|
||||
+ unsigned long long utime = 0;
|
||||
+ unsigned long long stime = 0;
|
||||
+ const unsigned long long jiff2nsec = 1000ull * 1000ull * 1000ull /
|
||||
+ (unsigned long long) sysconf(_SC_CLK_TCK);
|
||||
long rss = 0;
|
||||
int cpu = 0;
|
||||
|
||||
if (!proc_stat ||
|
||||
- virStrToLong_ullp(proc_stat[VIR_PROCESS_STAT_UTIME], NULL, 10, &usertime) < 0 ||
|
||||
- virStrToLong_ullp(proc_stat[VIR_PROCESS_STAT_STIME], NULL, 10, &systime) < 0 ||
|
||||
+ virStrToLong_ullp(proc_stat[VIR_PROCESS_STAT_UTIME], NULL, 10, &utime) < 0 ||
|
||||
+ virStrToLong_ullp(proc_stat[VIR_PROCESS_STAT_STIME], NULL, 10, &stime) < 0 ||
|
||||
virStrToLong_l(proc_stat[VIR_PROCESS_STAT_RSS], NULL, 10, &rss) < 0 ||
|
||||
virStrToLong_i(proc_stat[VIR_PROCESS_STAT_PROCESSOR], NULL, 10, &cpu) < 0) {
|
||||
VIR_WARN("cannot parse process status data");
|
||||
}
|
||||
|
||||
- /* We got jiffies
|
||||
- * We want nanoseconds
|
||||
- * _SC_CLK_TCK is jiffies per second
|
||||
- * So calculate thus....
|
||||
- */
|
||||
+ utime *= jiff2nsec;
|
||||
+ stime *= jiff2nsec;
|
||||
if (cpuTime)
|
||||
- *cpuTime = 1000ull * 1000ull * 1000ull * (usertime + systime)
|
||||
- / (unsigned long long) sysconf(_SC_CLK_TCK);
|
||||
+ *cpuTime = utime + stime;
|
||||
+ if (userTime)
|
||||
+ *userTime = utime;
|
||||
+ if (sysTime)
|
||||
+ *sysTime = stime;
|
||||
if (lastCpu)
|
||||
*lastCpu = cpu;
|
||||
|
||||
@@ -1771,7 +1776,7 @@ virProcessGetStatInfo(unsigned long long *cpuTime,
|
||||
|
||||
|
||||
VIR_DEBUG("Got status for %d/%d user=%llu sys=%llu cpu=%d rss=%ld",
|
||||
- (int) pid, tid, usertime, systime, cpu, rss);
|
||||
+ (int) pid, tid, utime, stime, cpu, rss);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -1844,6 +1849,8 @@ virProcessGetSchedInfo(unsigned long long *cpuWait,
|
||||
#else
|
||||
int
|
||||
virProcessGetStatInfo(unsigned long long *cpuTime,
|
||||
+ unsigned long long *userTime,
|
||||
+ unsigned long long *sysTime,
|
||||
int *lastCpu,
|
||||
long *vm_rss,
|
||||
pid_t pid G_GNUC_UNUSED,
|
||||
@@ -1853,6 +1860,10 @@ virProcessGetStatInfo(unsigned long long *cpuTime,
|
||||
* platforms, so just report neutral values */
|
||||
if (cpuTime)
|
||||
*cpuTime = 0;
|
||||
+ if (userTime)
|
||||
+ *userTime = 0;
|
||||
+ if (sysTime)
|
||||
+ *sysTime = 0;
|
||||
if (lastCpu)
|
||||
*lastCpu = 0;
|
||||
if (vm_rss)
|
||||
diff --git a/src/util/virprocess.h b/src/util/virprocess.h
|
||||
index 086fbe0e4d..f5a4a4e508 100644
|
||||
--- a/src/util/virprocess.h
|
||||
+++ b/src/util/virprocess.h
|
||||
@@ -195,6 +195,8 @@ typedef enum {
|
||||
int virProcessNamespaceAvailable(unsigned int ns);
|
||||
|
||||
int virProcessGetStatInfo(unsigned long long *cpuTime,
|
||||
+ unsigned long long *userTime,
|
||||
+ unsigned long long *sysTime,
|
||||
int *lastCpu,
|
||||
long *vm_rss,
|
||||
pid_t pid,
|
||||
--
|
||||
2.39.0
|
||||
|
@ -0,0 +1,124 @@
|
||||
From 38ad84afdbeab479d0beee24e7bef87a64db1ce3 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <38ad84afdbeab479d0beee24e7bef87a64db1ce3@dist-git>
|
||||
From: Peter Krempa <pkrempa@redhat.com>
|
||||
Date: Thu, 1 Dec 2022 13:32:07 +0100
|
||||
Subject: [PATCH] util: json: Split out array->strinlist conversion from
|
||||
virJSONValueObjectGetStringArray
|
||||
|
||||
Introduce virJSONValueArrayToStringList which does only the conversion
|
||||
from an array to a stringlist.
|
||||
|
||||
This will allow refactoring the callers to be more careful in case when
|
||||
they want to handle the existance of the member in the parent object
|
||||
differently.
|
||||
|
||||
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
|
||||
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
|
||||
(cherry picked from commit 6765bdeaf7e9cbdb4c39d47f3b77fb28a498408a)
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=2154410
|
||||
---
|
||||
src/libvirt_private.syms | 1 +
|
||||
src/util/virjson.c | 43 ++++++++++++++++++++++------------------
|
||||
src/util/virjson.h | 2 ++
|
||||
3 files changed, 27 insertions(+), 19 deletions(-)
|
||||
|
||||
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
|
||||
index 76bcc64eb0..288310b75a 100644
|
||||
--- a/src/libvirt_private.syms
|
||||
+++ b/src/libvirt_private.syms
|
||||
@@ -2543,6 +2543,7 @@ virJSONValueArrayForeachSteal;
|
||||
virJSONValueArrayGet;
|
||||
virJSONValueArraySize;
|
||||
virJSONValueArraySteal;
|
||||
+virJSONValueArrayToStringList;
|
||||
virJSONValueCopy;
|
||||
virJSONValueFree;
|
||||
virJSONValueFromString;
|
||||
diff --git a/src/util/virjson.c b/src/util/virjson.c
|
||||
index 53f8cdff95..fcbc173ffa 100644
|
||||
--- a/src/util/virjson.c
|
||||
+++ b/src/util/virjson.c
|
||||
@@ -1316,10 +1316,7 @@ virJSONValueObjectStealObject(virJSONValue *object,
|
||||
char **
|
||||
virJSONValueObjectGetStringArray(virJSONValue *object, const char *key)
|
||||
{
|
||||
- g_auto(GStrv) ret = NULL;
|
||||
virJSONValue *data;
|
||||
- size_t n;
|
||||
- size_t i;
|
||||
|
||||
data = virJSONValueObjectGetArray(object, key);
|
||||
if (!data) {
|
||||
@@ -1329,32 +1326,40 @@ virJSONValueObjectGetStringArray(virJSONValue *object, const char *key)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
- n = virJSONValueArraySize(data);
|
||||
- ret = g_new0(char *, n + 1);
|
||||
+ return virJSONValueArrayToStringList(data);
|
||||
+}
|
||||
+
|
||||
+
|
||||
+/**
|
||||
+ * virJSONValueArrayToStringList:
|
||||
+ * @data: a JSON array containing strings to convert
|
||||
+ *
|
||||
+ * Converts @data a JSON array containing strings to a NULL-terminated string
|
||||
+ * list. @data must be a JSON array. In case @data is doesn't contain only
|
||||
+ * strings an error is reported.
|
||||
+ */
|
||||
+char **
|
||||
+virJSONValueArrayToStringList(virJSONValue *data)
|
||||
+{
|
||||
+ size_t n = virJSONValueArraySize(data);
|
||||
+ g_auto(GStrv) ret = g_new0(char *, n + 1);
|
||||
+ size_t i;
|
||||
+
|
||||
for (i = 0; i < n; i++) {
|
||||
virJSONValue *child = virJSONValueArrayGet(data, i);
|
||||
- const char *tmp;
|
||||
|
||||
- if (!child) {
|
||||
- virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
- _("%s array element is missing item %zu"),
|
||||
- key, i);
|
||||
+ if (!child ||
|
||||
+ !(ret[i] = g_strdup(virJSONValueGetString(child)))) {
|
||||
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
||||
+ _("JSON string array contains non-string element"));
|
||||
return NULL;
|
||||
}
|
||||
-
|
||||
- if (!(tmp = virJSONValueGetString(child))) {
|
||||
- virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
- _("%s array element does not contain a string"),
|
||||
- key);
|
||||
- return NULL;
|
||||
- }
|
||||
-
|
||||
- ret[i] = g_strdup(tmp);
|
||||
}
|
||||
|
||||
return g_steal_pointer(&ret);
|
||||
}
|
||||
|
||||
+
|
||||
/**
|
||||
* virJSONValueObjectForeachKeyValue:
|
||||
* @object: JSON object to iterate
|
||||
diff --git a/src/util/virjson.h b/src/util/virjson.h
|
||||
index aced48a538..c9f83ab2bc 100644
|
||||
--- a/src/util/virjson.h
|
||||
+++ b/src/util/virjson.h
|
||||
@@ -172,6 +172,8 @@ virJSONValueObjectGetString(virJSONValue *object,
|
||||
char **
|
||||
virJSONValueObjectGetStringArray(virJSONValue *object,
|
||||
const char *key);
|
||||
+char **
|
||||
+virJSONValueArrayToStringList(virJSONValue *data);
|
||||
const char *
|
||||
virJSONValueObjectGetStringOrNumber(virJSONValue *object,
|
||||
const char *key);
|
||||
--
|
||||
2.39.0
|
||||
|
@ -227,7 +227,7 @@
|
||||
Summary: Library providing a simple virtualization API
|
||||
Name: libvirt
|
||||
Version: 8.5.0
|
||||
Release: 7%{?dist}%{?extra_release}
|
||||
Release: 7.4%{?dist}%{?extra_release}.alma
|
||||
License: LGPLv2+
|
||||
URL: https://libvirt.org/
|
||||
|
||||
@ -270,6 +270,18 @@ Patch31: libvirt-qemu-don-t-call-qemuMigrationSrcIsAllowedHostdev-from-qemuMigra
|
||||
Patch32: libvirt-rpc-Pass-OPENSSL_CONF-through-to-ssh-invocations.patch
|
||||
Patch33: libvirt-qemu_process-Destroy-domain-s-namespace-after-killing-QEMU.patch
|
||||
Patch34: libvirt-security_selinux-Don-t-ignore-NVMe-disks-when-setting-image-label.patch
|
||||
Patch35: libvirt-nodedev-wait-a-bit-longer-for-new-node-devices.patch
|
||||
Patch36: libvirt-kbase-Document-QEMU-private-mount-NS-limitations.patch
|
||||
Patch37: libvirt-qemu_namespace-Tolerate-missing-ACLs-when-creating-a-path-in-namespace.patch
|
||||
Patch38: libvirt-qemu_namespace-Fix-a-corner-case-in-qemuDomainGetPreservedMounts.patch
|
||||
Patch39: libvirt-qemu_namespace-Introduce-qemuDomainNamespaceSetupPath.patch
|
||||
Patch40: libvirt-qemu_process.c-Propagate-hugetlbfs-mounts-on-reconnect.patch
|
||||
Patch41: libvirt-qemuProcessReconnect-Don-t-build-memory-paths.patch
|
||||
Patch42: libvirt-util-json-Split-out-array-strinlist-conversion-from-virJSONValueObjectGetStringArray.patch
|
||||
Patch43: libvirt-qemuAgentGetDisks-Don-t-use-virJSONValueObjectGetStringArray-for-optional-data.patch
|
||||
Patch44: libvirt-util-Extend-virProcessGetStatInfo-for-sysTime-and-userTime.patch
|
||||
Patch45: libvirt-qemu-Implement-qemuDomainGetStatsCpu-fallback-for-qemu-session.patch
|
||||
Patch46: libvirt-tools-Fix-install_mode-for-some-scripts.patch
|
||||
|
||||
|
||||
Requires: libvirt-daemon = %{version}-%{release}
|
||||
@ -2176,9 +2188,30 @@ exit 0
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Dec 19 2022 Eduard Abdullin <eabdullin@almalinux.org> - 8.5.0-7.alma
|
||||
* Mon Dec 19 2022 Eduard Abdullin <eabdullin@almalinux.org> - 8.5.0-7.4.el9_1.alma
|
||||
- Enable for ppc64le
|
||||
|
||||
* Tue Jan 31 2023 Jiri Denemark <jdenemar@redhat.com> - 8.5.0-7.4.el9_1
|
||||
- tools: Fix install_mode for some scripts (rhbz#2158208)
|
||||
|
||||
* Thu Jan 5 2023 Jiri Denemark <jdenemar@redhat.com> - 8.5.0-7.3.el9_1
|
||||
- util: json: Split out array->strinlist conversion from virJSONValueObjectGetStringArray (rhbz#2154410)
|
||||
- qemuAgentGetDisks: Don't use virJSONValueObjectGetStringArray for optional data (rhbz#2154410)
|
||||
- util: Extend virProcessGetStatInfo() for sysTime and userTime (rhbz#2157094)
|
||||
- qemu: Implement qemuDomainGetStatsCpu fallback for qemu:///session (rhbz#2157094)
|
||||
- RHEL: rpminspect: Disable abidiff inspection
|
||||
|
||||
* Wed Dec 14 2022 Jiri Denemark <jdenemar@redhat.com> - 8.5.0-7.2.el9_1
|
||||
- kbase: Document QEMU private mount NS limitations (rhbz#2152083)
|
||||
- qemu_namespace: Tolerate missing ACLs when creating a path in namespace (rhbz#2152083)
|
||||
- qemu_namespace: Fix a corner case in qemuDomainGetPreservedMounts() (rhbz#2152083)
|
||||
- qemu_namespace: Introduce qemuDomainNamespaceSetupPath() (rhbz#2152083)
|
||||
- qemu_process.c: Propagate hugetlbfs mounts on reconnect (rhbz#2152083)
|
||||
- qemuProcessReconnect: Don't build memory paths (rhbz#2152083)
|
||||
|
||||
* Fri Nov 11 2022 Jiri Denemark <jdenemar@redhat.com> - 8.5.0-7.1.el9_1
|
||||
- nodedev: wait a bit longer for new node devices (rhbz#2141364)
|
||||
|
||||
* Mon Sep 26 2022 Jiri Denemark <jdenemar@redhat.com> - 8.5.0-7
|
||||
- security_selinux: Don't ignore NVMe disks when setting image label (rhbz#2121441)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user