From 4372d346ad845b6ee4ae2e13c147467a72e12a7b Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 08 2022 06:41:15 +0000 Subject: import libvirt-8.0.0-10.module+el8.7.0+16689+53d59bc2 --- diff --git a/SOURCES/libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch b/SOURCES/libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch index e1bf11f..b65e479 100644 --- a/SOURCES/libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch +++ b/SOURCES/libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch @@ -1,5 +1,5 @@ -From 2f3e89c97c7babc1d4da579eadf34979c8fc1725 Mon Sep 17 00:00:00 2001 -Message-Id: <2f3e89c97c7babc1d4da579eadf34979c8fc1725@dist-git> +From 9c2fd182a02d64004e30900c52e3fcdb550de0bd Mon Sep 17 00:00:00 2001 +Message-Id: <9c2fd182a02d64004e30900c52e3fcdb550de0bd@dist-git> From: Jiri Denemark Date: Wed, 22 Jun 2022 16:35:50 +0200 Subject: [PATCH] Add VIR_MIGRATE_ZEROCOPY flag @@ -14,7 +14,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Ján Tomko (cherry picked from commit 8744beecb36600e773c8a8c4823db2bf4b3e262d) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Conflicts: include/libvirt/libvirt-domain.h diff --git a/SOURCES/libvirt-RHEL-qemu_migration-Fix-restoring-memlock-limit-on-destination.patch b/SOURCES/libvirt-RHEL-qemu_migration-Fix-restoring-memlock-limit-on-destination.patch new file mode 100644 index 0000000..985f693 --- /dev/null +++ b/SOURCES/libvirt-RHEL-qemu_migration-Fix-restoring-memlock-limit-on-destination.patch @@ -0,0 +1,52 @@ +From b6c1f9ca8eb0ca8f7603ab205c7dc95b9f07b5a0 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Jiri Denemark +Date: Mon, 18 Jul 2022 16:01:20 +0200 +Subject: [PATCH] RHEL: qemu_migration: Fix restoring memlock limit on + destination + +Restoring memory locking limit on the destination host only makes sense +when migration succeeded as otherwise the QEMU process will be killed +anyway. Specifically if the migration fails because the process died, +touching the limit would produce rather unhelpful error message instead +of the real issue: + + cannot get locked memory limit of process -1: No such file or + directory + +This patch is RHEL-only caused by misplacing the call to +qemuDomainSetMaxMemLock when the "qemu_migration: Restore original +memory locking limit" upstream patch was backported to an older code +base. + +https://bugzilla.redhat.com/show_bug.cgi?id=2107954 + +Signed-off-by: Jiri Denemark +--- + src/qemu/qemu_migration.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c +index db5163e993..11f87296d6 100644 +--- a/src/qemu/qemu_migration.c ++++ b/src/qemu/qemu_migration.c +@@ -5895,6 +5895,8 @@ qemuMigrationDstFinish(virQEMUDriver *driver, + */ + if (inPostCopy) + g_clear_pointer(&priv->job.completed, qemuDomainJobInfoFree); ++ ++ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock); + } + + qemuMigrationParamsReset(driver, vm, QEMU_ASYNC_JOB_MIGRATION_IN, +@@ -5907,7 +5909,6 @@ qemuMigrationDstFinish(virQEMUDriver *driver, + cleanup: + g_clear_pointer(&jobInfo, qemuDomainJobInfoFree); + virPortAllocatorRelease(port); +- qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock); + if (priv->mon) + qemuMonitorSetDomainLog(priv->mon, NULL, NULL, NULL); + VIR_FREE(priv->origname); +-- +2.35.1 + diff --git a/SOURCES/libvirt-conf-Introduce-memory-allocation-threads.patch b/SOURCES/libvirt-conf-Introduce-memory-allocation-threads.patch index 76bff0e..add140c 100644 --- a/SOURCES/libvirt-conf-Introduce-memory-allocation-threads.patch +++ b/SOURCES/libvirt-conf-Introduce-memory-allocation-threads.patch @@ -1,5 +1,5 @@ -From e60a964e51cb0aecb060f1a1cc2884586e00ddeb Mon Sep 17 00:00:00 2001 -Message-Id: +From 19f7e6dc950baf346738f462ac5c6b815c04edcc Mon Sep 17 00:00:00 2001 +Message-Id: <19f7e6dc950baf346738f462ac5c6b815c04edcc@dist-git> From: Michal Privoznik Date: Mon, 21 Mar 2022 16:49:25 +0100 Subject: [PATCH] conf: Introduce memory allocation threads @@ -18,7 +18,7 @@ only complicate things for a little or no benefit. Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander (cherry picked from commit ba7f98126fa84d354ce72929b77cc111a9a557a9) -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569 +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126 Signed-off-by: Michal Privoznik --- docs/formatdomain.rst | 8 +++++--- diff --git a/SOURCES/libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch b/SOURCES/libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch index 6cd0e37..4edd02b 100644 --- a/SOURCES/libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch +++ b/SOURCES/libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch @@ -1,5 +1,5 @@ -From b4469bda27e54a948f0d2750637226afc2b2be61 Mon Sep 17 00:00:00 2001 -Message-Id: +From 00c5cab2b92b653edbf491d9ef60359578c3d59a Mon Sep 17 00:00:00 2001 +Message-Id: <00c5cab2b92b653edbf491d9ef60359578c3d59a@dist-git> From: Michal Privoznik Date: Wed, 11 May 2022 16:27:18 +0200 Subject: [PATCH] conf: Move virDomainObj::originalMemlock into @@ -15,7 +15,7 @@ Signed-off-by: Michal Privoznik Reviewed-by: Peter Krempa (cherry picked from commit 75df6d2c291c48d65c1e54dd93e3d2d3cb0712e7) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Signed-off-by: Jiri Denemark --- @@ -25,10 +25,10 @@ Signed-off-by: Jiri Denemark 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h -index 10af94e2e4..7e3255e41a 100644 +index d0d0fdc815..45976beb2b 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h -@@ -3030,9 +3030,6 @@ struct _virDomainObj { +@@ -3031,9 +3031,6 @@ struct _virDomainObj { int taint; size_t ndeprecations; char **deprecations; diff --git a/SOURCES/libvirt-conf-virtiofs-add-thread_pool-element.patch b/SOURCES/libvirt-conf-virtiofs-add-thread_pool-element.patch new file mode 100644 index 0000000..e03c66d --- /dev/null +++ b/SOURCES/libvirt-conf-virtiofs-add-thread_pool-element.patch @@ -0,0 +1,151 @@ +From 0c09e4225c511ce1b0ebe22e45962f83d5145e66 Mon Sep 17 00:00:00 2001 +Message-Id: <0c09e4225c511ce1b0ebe22e45962f83d5145e66@dist-git> +From: =?UTF-8?q?J=C3=A1n=20Tomko?= +Date: Fri, 10 Jun 2022 15:10:29 +0200 +Subject: [PATCH] conf: virtiofs: add thread_pool element +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add an element to configure the thread pool size: + +... + + + +... + +https://bugzilla.redhat.com/show_bug.cgi?id=2072905 + +Signed-off-by: Ján Tomko +Reviewed-by: Michal Privoznik +(cherry picked from commit 0df2e7df80452f81edbfeb0ee355235b533346a9) +Signed-off-by: Ján Tomko + +https://bugzilla.redhat.com/show_bug.cgi?id=2079582 +--- + docs/formatdomain.rst | 6 ++++++ + docs/schemas/domaincommon.rng | 9 +++++++++ + src/conf/domain_conf.c | 15 +++++++++++++++ + src/conf/domain_conf.h | 1 + + .../qemuxml2argvdata/vhost-user-fs-fd-memory.xml | 1 + + 5 files changed, 32 insertions(+) + +diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst +index 17e89a0c0d..e6cf2ec083 100644 +--- a/docs/formatdomain.rst ++++ b/docs/formatdomain.rst +@@ -3316,6 +3316,7 @@ A directory on the host that can be accessed directly from the guest. + + + ++ + + + +@@ -3449,6 +3450,11 @@ A directory on the host that can be accessed directly from the guest. + ``chroot``, see the + `virtiofsd documentation `__ + for more details. ( :since:`Since 7.2.0` ) ++ Element ``thread_pool`` accepts one attribute ``size`` which defines the ++ maximum thread pool size. A value of "0" disables the pool. ++ The thread pool helps increase the number of requests in flight when used with ++ storage that has a higher latency. However, it has an overhead, and so for ++ fast, low latency filesystems, it may be best to turn it off. ( :since:`Since 8.5.0` ) + ``source`` + The resource on the host that is being accessed in the guest. The ``name`` + attribute must be used with ``type='template'``, and the ``dir`` attribute +diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng +index c9c1529979..79c8979410 100644 +--- a/docs/schemas/domaincommon.rng ++++ b/docs/schemas/domaincommon.rng +@@ -3064,6 +3064,15 @@ + + + ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c +index 92510973e6..95afd9226e 100644 +--- a/src/conf/domain_conf.c ++++ b/src/conf/domain_conf.c +@@ -2447,6 +2447,8 @@ virDomainFSDefNew(virDomainXMLOption *xmlopt) + + ret->src = virStorageSourceNew(); + ++ ret->thread_pool_size = -1; ++ + if (xmlopt && + xmlopt->privateData.fsNew && + !(ret->privateData = xmlopt->privateData.fsNew())) +@@ -9869,6 +9871,7 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt, + if (def->fsdriver == VIR_DOMAIN_FS_DRIVER_TYPE_VIRTIOFS) { + g_autofree char *queue_size = virXPathString("string(./driver/@queue)", ctxt); + g_autofree char *binary = virXPathString("string(./binary/@path)", ctxt); ++ g_autofree char *thread_pool_size = virXPathString("string(./binary/thread_pool/@size)", ctxt); + g_autofree char *xattr = virXPathString("string(./binary/@xattr)", ctxt); + g_autofree char *cache = virXPathString("string(./binary/cache/@mode)", ctxt); + g_autofree char *sandbox = virXPathString("string(./binary/sandbox/@mode)", ctxt); +@@ -9883,6 +9886,14 @@ virDomainFSDefParseXML(virDomainXMLOption *xmlopt, + goto error; + } + ++ if (thread_pool_size && ++ virStrToLong_i(thread_pool_size, NULL, 10, &def->thread_pool_size) < 0) { ++ virReportError(VIR_ERR_XML_ERROR, ++ _("cannot parse thread pool size '%s' for virtiofs"), ++ queue_size); ++ goto error; ++ } ++ + if (binary) + def->binary = virFileSanitizePath(binary); + +@@ -24205,6 +24216,10 @@ virDomainFSDefFormat(virBuffer *buf, + } + + virXMLFormatElement(&binaryBuf, "lock", &lockAttrBuf, NULL); ++ ++ if (def->thread_pool_size >= 0) ++ virBufferAsprintf(&binaryBuf, "\n", def->thread_pool_size); ++ + } + + virDomainVirtioOptionsFormat(&driverAttrBuf, def->virtio); +diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h +index 10af94e2e4..d0d0fdc815 100644 +--- a/src/conf/domain_conf.h ++++ b/src/conf/domain_conf.h +@@ -892,6 +892,7 @@ struct _virDomainFSDef { + virTristateSwitch posix_lock; + virTristateSwitch flock; + virDomainFSSandboxMode sandbox; ++ int thread_pool_size; + virDomainVirtioOptions *virtio; + virObject *privateData; + }; +diff --git a/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml b/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml +index abddf0870b..81de8c0dd7 100644 +--- a/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml ++++ b/tests/qemuxml2argvdata/vhost-user-fs-fd-memory.xml +@@ -32,6 +32,7 @@ + + + ++ + + + +-- +2.35.1 + diff --git a/SOURCES/libvirt-cpu_map-Disable-cpu64-rhel-for-host-model-and-baseline.patch b/SOURCES/libvirt-cpu_map-Disable-cpu64-rhel-for-host-model-and-baseline.patch index ba16500..7711d3b 100644 --- a/SOURCES/libvirt-cpu_map-Disable-cpu64-rhel-for-host-model-and-baseline.patch +++ b/SOURCES/libvirt-cpu_map-Disable-cpu64-rhel-for-host-model-and-baseline.patch @@ -1,5 +1,5 @@ -From d03c369dd75c747f25ecc34af3b9d79adf92ea0c Mon Sep 17 00:00:00 2001 -Message-Id: +From 46f4cfe513f0f893c862dca7f02ed7d7932b2115 Mon Sep 17 00:00:00 2001 +Message-Id: <46f4cfe513f0f893c862dca7f02ed7d7932b2115@dist-git> From: Jiri Denemark Date: Tue, 26 Apr 2022 12:50:41 +0200 Subject: [PATCH] cpu_map: Disable cpu64-rhel* for host-model and baseline @@ -12,7 +12,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Michal Privoznik (cherry picked from commit d2e4d66be35cd04da72e5f5129a8a4da6a931505) -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 +https://bugzilla.redhat.com/show_bug.cgi?id=1851227 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-cpu_x86-Consolidate-signature-match-in-x86DecodeUseCandidate.patch b/SOURCES/libvirt-cpu_x86-Consolidate-signature-match-in-x86DecodeUseCandidate.patch index dfd878b..2e9660e 100644 --- a/SOURCES/libvirt-cpu_x86-Consolidate-signature-match-in-x86DecodeUseCandidate.patch +++ b/SOURCES/libvirt-cpu_x86-Consolidate-signature-match-in-x86DecodeUseCandidate.patch @@ -1,5 +1,5 @@ -From e075af4319c7c30531421e6667845abd30cd28e9 Mon Sep 17 00:00:00 2001 -Message-Id: +From 99a298a4a0575bf0072f504c4b8e4551400c44c0 Mon Sep 17 00:00:00 2001 +Message-Id: <99a298a4a0575bf0072f504c4b8e4551400c44c0@dist-git> From: Jiri Denemark Date: Tue, 26 Apr 2022 11:58:07 +0200 Subject: [PATCH] cpu_x86: Consolidate signature match in x86DecodeUseCandidate @@ -12,7 +12,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Michal Privoznik (cherry picked from commit 35ce086667e68e8f546cf36473591dd7c19c72eb) -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 +https://bugzilla.redhat.com/show_bug.cgi?id=1851227 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-cpu_x86-Ignore-enabled-features-for-input-models-in-x86DecodeUseCandidate.patch b/SOURCES/libvirt-cpu_x86-Ignore-enabled-features-for-input-models-in-x86DecodeUseCandidate.patch index 98c9364..e1b8a79 100644 --- a/SOURCES/libvirt-cpu_x86-Ignore-enabled-features-for-input-models-in-x86DecodeUseCandidate.patch +++ b/SOURCES/libvirt-cpu_x86-Ignore-enabled-features-for-input-models-in-x86DecodeUseCandidate.patch @@ -1,5 +1,5 @@ -From 5b5f684bfceeed923e1733931b6c4c75d5ed4149 Mon Sep 17 00:00:00 2001 -Message-Id: <5b5f684bfceeed923e1733931b6c4c75d5ed4149@dist-git> +From 752c74eeae67d41e7550991cb3bbe289984ec9d3 Mon Sep 17 00:00:00 2001 +Message-Id: <752c74eeae67d41e7550991cb3bbe289984ec9d3@dist-git> From: Jiri Denemark Date: Fri, 29 Apr 2022 10:35:02 +0200 Subject: [PATCH] cpu_x86: Ignore enabled features for input models in @@ -22,7 +22,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Michal Privoznik (cherry picked from commit bb6cedd2082599323257ee0df18c93a6e0551b0b) -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 +https://bugzilla.redhat.com/show_bug.cgi?id=1851227 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-cpu_x86-Penalize-disabled-features-when-computing-CPU-model.patch b/SOURCES/libvirt-cpu_x86-Penalize-disabled-features-when-computing-CPU-model.patch index 59d8429..a778c81 100644 --- a/SOURCES/libvirt-cpu_x86-Penalize-disabled-features-when-computing-CPU-model.patch +++ b/SOURCES/libvirt-cpu_x86-Penalize-disabled-features-when-computing-CPU-model.patch @@ -1,5 +1,5 @@ -From 652e1798991dcb503abc9a2588b0f95c47b8e3df Mon Sep 17 00:00:00 2001 -Message-Id: <652e1798991dcb503abc9a2588b0f95c47b8e3df@dist-git> +From 5db9a525e3cec267544580d43554b2cf5779b6b9 Mon Sep 17 00:00:00 2001 +Message-Id: <5db9a525e3cec267544580d43554b2cf5779b6b9@dist-git> From: Jiri Denemark Date: Tue, 26 Apr 2022 15:06:30 +0200 Subject: [PATCH] cpu_x86: Penalize disabled features when computing CPU model @@ -39,8 +39,6 @@ Conflicts: tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml - not supported upstream anymore -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 - Signed-off-by: Jiri Denemark --- src/cpu/cpu_x86.c | 44 ++++++++++++++++--- diff --git a/SOURCES/libvirt-cpu_x86-Refactor-feature-list-comparison-in-x86DecodeUseCandidate.patch b/SOURCES/libvirt-cpu_x86-Refactor-feature-list-comparison-in-x86DecodeUseCandidate.patch index caf14d8..24591e6 100644 --- a/SOURCES/libvirt-cpu_x86-Refactor-feature-list-comparison-in-x86DecodeUseCandidate.patch +++ b/SOURCES/libvirt-cpu_x86-Refactor-feature-list-comparison-in-x86DecodeUseCandidate.patch @@ -1,5 +1,5 @@ -From d9736516378d1fbac451dd80a93bf25c85e74b50 Mon Sep 17 00:00:00 2001 -Message-Id: +From 3d7a4041d31e403dc9e762b34f7faf36f7f20a28 Mon Sep 17 00:00:00 2001 +Message-Id: <3d7a4041d31e403dc9e762b34f7faf36f7f20a28@dist-git> From: Jiri Denemark Date: Tue, 26 Apr 2022 15:02:51 +0200 Subject: [PATCH] cpu_x86: Refactor feature list comparison in @@ -12,7 +12,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Michal Privoznik (cherry picked from commit 1d6ca40ac23c039abc4392b668f256d0eda33280) -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 +https://bugzilla.redhat.com/show_bug.cgi?id=1851227 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-cputest-Add-some-real-world-baseline-tests.patch b/SOURCES/libvirt-cputest-Add-some-real-world-baseline-tests.patch index 01a9d1b..6007a0f 100644 --- a/SOURCES/libvirt-cputest-Add-some-real-world-baseline-tests.patch +++ b/SOURCES/libvirt-cputest-Add-some-real-world-baseline-tests.patch @@ -1,5 +1,5 @@ -From 8f7e267c7b98b378e301519b10aa3d18f0ceb45c Mon Sep 17 00:00:00 2001 -Message-Id: <8f7e267c7b98b378e301519b10aa3d18f0ceb45c@dist-git> +From b37a398da4323407de24d19afac937eac80170cc Mon Sep 17 00:00:00 2001 +Message-Id: From: Jiri Denemark Date: Thu, 21 Apr 2022 18:25:15 +0200 Subject: [PATCH] cputest: Add some real world baseline tests @@ -8,7 +8,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Michal Privoznik (cherry picked from commit 63d633b9a4fc42da7e2acaf45501914607d968a5) -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 +https://bugzilla.redhat.com/show_bug.cgi?id=1851227 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-cputest-Drop-some-old-artificial-baseline-tests.patch b/SOURCES/libvirt-cputest-Drop-some-old-artificial-baseline-tests.patch index e602981..997dad8 100644 --- a/SOURCES/libvirt-cputest-Drop-some-old-artificial-baseline-tests.patch +++ b/SOURCES/libvirt-cputest-Drop-some-old-artificial-baseline-tests.patch @@ -1,5 +1,5 @@ -From 039e6627a7ee53973da64405b79cc0c0f6111fc7 Mon Sep 17 00:00:00 2001 -Message-Id: <039e6627a7ee53973da64405b79cc0c0f6111fc7@dist-git> +From 50d94f13286ca19ef1f457be72debdbf77547df6 Mon Sep 17 00:00:00 2001 +Message-Id: <50d94f13286ca19ef1f457be72debdbf77547df6@dist-git> From: Jiri Denemark Date: Wed, 4 May 2022 16:21:38 +0200 Subject: [PATCH] cputest: Drop some old artificial baseline tests @@ -8,7 +8,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Michal Privoznik (cherry picked from commit 6aff36019bbaf643f451779621c6c88cab0e64a7) -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 +https://bugzilla.redhat.com/show_bug.cgi?id=1851227 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-cputest-Give-better-names-to-baseline-tests.patch b/SOURCES/libvirt-cputest-Give-better-names-to-baseline-tests.patch index a127f6a..ece2b12 100644 --- a/SOURCES/libvirt-cputest-Give-better-names-to-baseline-tests.patch +++ b/SOURCES/libvirt-cputest-Give-better-names-to-baseline-tests.patch @@ -1,5 +1,5 @@ -From 89272567fd9e2b87133333f5565c1d9e2befb350 Mon Sep 17 00:00:00 2001 -Message-Id: <89272567fd9e2b87133333f5565c1d9e2befb350@dist-git> +From 6cf9cd8f6d9e90eadd58d8a37129e7401876e4e8 Mon Sep 17 00:00:00 2001 +Message-Id: <6cf9cd8f6d9e90eadd58d8a37129e7401876e4e8@dist-git> From: Jiri Denemark Date: Wed, 4 May 2022 16:28:03 +0200 Subject: [PATCH] cputest: Give better names to baseline tests @@ -8,7 +8,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Michal Privoznik (cherry picked from commit 3daa68e26514dc114d71f4c44f7d728e93a53cd0) -https://bugzilla.redhat.com/show_bug.cgi?id=2084030 +https://bugzilla.redhat.com/show_bug.cgi?id=1851227 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch b/SOURCES/libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch index 4783fab..f9c61bb 100644 --- a/SOURCES/libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch +++ b/SOURCES/libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch @@ -1,5 +1,5 @@ -From bfd8d181d45a22731ae5b1f05f3cb9488a2c7939 Mon Sep 17 00:00:00 2001 -Message-Id: +From 296343c5a950668d790f9cd5ebd7b466e8156d03 Mon Sep 17 00:00:00 2001 +Message-Id: <296343c5a950668d790f9cd5ebd7b466e8156d03@dist-git> From: Peter Krempa Date: Tue, 14 Jun 2022 13:23:29 +0200 Subject: [PATCH] domain_validate: Split out validation of disk startup policy @@ -14,7 +14,6 @@ Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko (cherry picked from commit 3603a18bcec18842cedecbd8329723062b87795c) https://bugzilla.redhat.com/show_bug.cgi?id=2095758 -https://bugzilla.redhat.com/show_bug.cgi?id=2109571 --- src/conf/domain_validate.c | 45 ++++++++++++++++++++++++-------------- src/conf/domain_validate.h | 2 ++ diff --git a/SOURCES/libvirt-nwfilter-fix-crash-when-counting-number-of-network-filters.patch b/SOURCES/libvirt-nwfilter-fix-crash-when-counting-number-of-network-filters.patch new file mode 100644 index 0000000..3e5c4f3 --- /dev/null +++ b/SOURCES/libvirt-nwfilter-fix-crash-when-counting-number-of-network-filters.patch @@ -0,0 +1,55 @@ +From dc6ab8b51ff53ba22abfb84f24641aa87320038a Mon Sep 17 00:00:00 2001 +Message-Id: +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 8 Mar 2022 17:28:38 +0000 +Subject: [PATCH] nwfilter: fix crash when counting number of network filters +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The virNWFilterObjListNumOfNWFilters method iterates over the +driver->nwfilters, accessing virNWFilterObj instances. As such +it needs to be protected against concurrent modification of +the driver->nwfilters object. + +This API allows unprivileged users to connect, so users with +read-only access to libvirt can cause a denial of service +crash if they are able to race with a call of virNWFilterUndefine. +Since network filters are usually statically defined, this is +considered a low severity problem. + +This is assigned CVE-2022-0897. + +Reviewed-by: Eric Blake +Signed-off-by: Daniel P. Berrangé +(cherry picked from commit a4947e8f63c3e6b7b067b444f3d6cf674c0d7f36) +https://bugzilla.redhat.com/show_bug.cgi?id=2063902 +--- + src/nwfilter/nwfilter_driver.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c +index 200451d6b1..956aca6421 100644 +--- a/src/nwfilter/nwfilter_driver.c ++++ b/src/nwfilter/nwfilter_driver.c +@@ -478,11 +478,15 @@ nwfilterLookupByName(virConnectPtr conn, + static int + nwfilterConnectNumOfNWFilters(virConnectPtr conn) + { ++ int ret; + if (virConnectNumOfNWFiltersEnsureACL(conn) < 0) + return -1; + +- return virNWFilterObjListNumOfNWFilters(driver->nwfilters, conn, +- virConnectNumOfNWFiltersCheckACL); ++ nwfilterDriverLock(); ++ ret = virNWFilterObjListNumOfNWFilters(driver->nwfilters, conn, ++ virConnectNumOfNWFiltersCheckACL); ++ nwfilterDriverUnlock(); ++ return ret; + } + + +-- +2.35.1 + diff --git a/SOURCES/libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch b/SOURCES/libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch index 740f4f1..1bb549c 100644 --- a/SOURCES/libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch +++ b/SOURCES/libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch @@ -1,5 +1,5 @@ -From 7f5b89a15bfcd964c7f2b6ccbf3c03fd867f93b5 Mon Sep 17 00:00:00 2001 -Message-Id: <7f5b89a15bfcd964c7f2b6ccbf3c03fd867f93b5@dist-git> +From 2595c7716b19214b2729b41b86656f96a2cd18bc Mon Sep 17 00:00:00 2001 +Message-Id: <2595c7716b19214b2729b41b86656f96a2cd18bc@dist-git> From: Jiri Denemark Date: Wed, 22 Jun 2022 15:21:30 +0200 Subject: [PATCH] qemu: Add qemuDomainSetMaxMemLock helper @@ -15,7 +15,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Ján Tomko (cherry picked from commit dff51c7f5760ded8235076f55d082fe4363f2f78) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-qemu-virtiofs-format-thread-pool-size.patch b/SOURCES/libvirt-qemu-virtiofs-format-thread-pool-size.patch new file mode 100644 index 0000000..afda4b8 --- /dev/null +++ b/SOURCES/libvirt-qemu-virtiofs-format-thread-pool-size.patch @@ -0,0 +1,37 @@ +From 44f83782ba882f9eb037a54fb75231c305d98712 Mon Sep 17 00:00:00 2001 +Message-Id: <44f83782ba882f9eb037a54fb75231c305d98712@dist-git> +From: =?UTF-8?q?J=C3=A1n=20Tomko?= +Date: Fri, 10 Jun 2022 15:25:00 +0200 +Subject: [PATCH] qemu: virtiofs: format --thread-pool-size +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +https://bugzilla.redhat.com/show_bug.cgi?id=2079582 + +Signed-off-by: Ján Tomko +Reviewed-by: Michal Privoznik +(cherry picked from commit 2753eba20ce76d3d8785b23a6e940574ca12fe3c) +Signed-off-by: Ján Tomko +--- + src/qemu/qemu_virtiofs.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/qemu/qemu_virtiofs.c b/src/qemu/qemu_virtiofs.c +index 1b853a5a59..1ee3781286 100644 +--- a/src/qemu/qemu_virtiofs.c ++++ b/src/qemu/qemu_virtiofs.c +@@ -163,6 +163,10 @@ qemuVirtioFSBuildCommandLine(virQEMUDriverConfig *cfg, + virBufferAddLit(&opts, ",no_posix_lock"); + + virCommandAddArgBuffer(cmd, &opts); ++ ++ if (fs->thread_pool_size >= 0) ++ virCommandAddArgFormat(cmd, "--thread-pool-size=%i", fs->thread_pool_size); ++ + if (cfg->virtiofsdDebug) + virCommandAddArg(cmd, "-d"); + +-- +2.35.1 + diff --git a/SOURCES/libvirt-qemuProcessReconnect-Don-t-build-memory-paths.patch b/SOURCES/libvirt-qemuProcessReconnect-Don-t-build-memory-paths.patch deleted file mode 100644 index 8f35b10..0000000 --- a/SOURCES/libvirt-qemuProcessReconnect-Don-t-build-memory-paths.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 9e5559fb4056507ecfc5e7dd758c3837283feb39 Mon Sep 17 00:00:00 2001 -Message-Id: <9e5559fb4056507ecfc5e7dd758c3837283feb39@dist-git> -From: Michal Privoznik -Date: Wed, 28 Sep 2022 10:12:36 +0200 -Subject: [PATCH] qemuProcessReconnect: Don't build memory paths -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Let me take you on a short trip to history. A long time ago, -libvirt would configure all QEMUs to use $hugetlbfs/libvirt/qemu -for their hugepages setup. This was problematic, because it did -not allow enough separation between guests. Therefore in -v3.0.0-rc1~367 the path changed to a per-domain basis: - - $hugetlbfs/libvirt/qemu/$domainShortName - -And to help with migration on daemon restart a call to -qemuProcessBuildDestroyMemoryPaths() was added to -qemuProcessReconnect() (well, it was named -qemuProcessBuildDestroyHugepagesPath() back then, see -v3.10.0-rc1~174). This was desirable then, because the memory -hotplug code did not call the function, it simply assumes -per-domain paths to exist. But this changed in v3.5.0-rc1~92 -after which the per-domain paths are created on memory hotplug -too. - -Therefore, it's no longer necessary to create these paths in -qemuProcessReconnect(). They are created exactly when needed -(domain startup and memory hotplug). - -Signed-off-by: Michal Privoznik -Reviewed-by: Ján Tomko -(cherry picked from commit 3478cca80ea7382cfdbff836d5d0b92aa014297b) -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177 -Signed-off-by: Michal Privoznik ---- - src/qemu/qemu_process.c | 3 --- - 1 file changed, 3 deletions(-) - -diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c -index 1164340aa9..0fb665bc82 100644 ---- a/src/qemu/qemu_process.c -+++ b/src/qemu/qemu_process.c -@@ -8869,9 +8869,6 @@ qemuProcessReconnect(void *opaque) - goto cleanup; - } - -- if (qemuProcessBuildDestroyMemoryPaths(driver, obj, NULL, true) < 0) -- goto error; -- - if ((qemuDomainAssignAddresses(obj->def, priv->qemuCaps, - driver, obj, false)) < 0) { - goto error; --- -2.37.2 - diff --git a/SOURCES/libvirt-qemu_capabilities-Detect-memory-backend-.prealloc-threads-property.patch b/SOURCES/libvirt-qemu_capabilities-Detect-memory-backend-.prealloc-threads-property.patch index 91d50fc..4916fd9 100644 --- a/SOURCES/libvirt-qemu_capabilities-Detect-memory-backend-.prealloc-threads-property.patch +++ b/SOURCES/libvirt-qemu_capabilities-Detect-memory-backend-.prealloc-threads-property.patch @@ -1,5 +1,5 @@ -From 9f9fcbc842846c6f2579ca52190f506060e191d8 Mon Sep 17 00:00:00 2001 -Message-Id: <9f9fcbc842846c6f2579ca52190f506060e191d8@dist-git> +From c387e7680c07d7dbb934dbe972e99ab78cebad28 Mon Sep 17 00:00:00 2001 +Message-Id: From: Michal Privoznik Date: Mon, 21 Mar 2022 16:55:05 +0100 Subject: [PATCH] qemu_capabilities: Detect memory-backend-*.prealloc-threads @@ -36,7 +36,7 @@ tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml tests/qemucapabilitiesdata/caps_7.0.0.ppc64.xml tests/qemucapabilitiesdata/caps_7.0.0.x86_64.xml -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569 +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126 Signed-off-by: Michal Privoznik --- src/qemu/qemu_capabilities.c | 2 ++ diff --git a/SOURCES/libvirt-qemu_command-Generate-prealloc-threads-property.patch b/SOURCES/libvirt-qemu_command-Generate-prealloc-threads-property.patch index 16b656c..0a7bc32 100644 --- a/SOURCES/libvirt-qemu_command-Generate-prealloc-threads-property.patch +++ b/SOURCES/libvirt-qemu_command-Generate-prealloc-threads-property.patch @@ -1,5 +1,5 @@ -From f9c8097e8a836052239c51552d943a76b8164de3 Mon Sep 17 00:00:00 2001 -Message-Id: +From e52b12a986de8ac469b98135b2c1d2a8a63b9052 Mon Sep 17 00:00:00 2001 +Message-Id: From: Michal Privoznik Date: Mon, 21 Mar 2022 17:10:15 +0100 Subject: [PATCH] qemu_command: Generate prealloc-threads property @@ -16,7 +16,7 @@ tests/qemuxml2argvdata/memfd-memory-numa.x86_64-latest.args: Upstream has moved some cmd line arguments (v8.0.0-260-gaf23241cfe) but that is not backported. -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569 +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126 Signed-off-by: Michal Privoznik --- src/qemu/qemu_command.c | 5 ++++- diff --git a/SOURCES/libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch b/SOURCES/libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch index b1c20ff..d35edd1 100644 --- a/SOURCES/libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch +++ b/SOURCES/libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch @@ -1,5 +1,5 @@ -From cbfe812a4affe5be7677bf28764b58dc7f99c969 Mon Sep 17 00:00:00 2001 -Message-Id: +From b221b3ab6d881efedc544e0e0ed9c507e21fd178 Mon Sep 17 00:00:00 2001 +Message-Id: From: Michal Privoznik Date: Wed, 11 May 2022 16:37:27 +0200 Subject: [PATCH] qemu_domain: Format qemuDomainObjPrivate::originalMemlock @@ -12,7 +12,7 @@ Signed-off-by: Michal Privoznik Reviewed-by: Peter Krempa (cherry picked from commit 21aec91790ae14d24512856b20cff49764ede637) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Signed-off-by: Jiri Denemark --- diff --git a/SOURCES/libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch b/SOURCES/libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch index e1d38c3..0f91c7d 100644 --- a/SOURCES/libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch +++ b/SOURCES/libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch @@ -1,5 +1,5 @@ -From 34dc905251ca0f00d92e8419adc63580c6266394 Mon Sep 17 00:00:00 2001 -Message-Id: <34dc905251ca0f00d92e8419adc63580c6266394@dist-git> +From 35f06623b82d99dd380340eef465394975dd1c80 Mon Sep 17 00:00:00 2001 +Message-Id: <35f06623b82d99dd380340eef465394975dd1c80@dist-git> From: Jiri Denemark Date: Wed, 22 Jun 2022 16:37:31 +0200 Subject: [PATCH] qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag @@ -13,7 +13,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Ján Tomko (cherry picked from commit d375993ab314a41bca7ef6c846e07afc18c37774) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Conflicts: src/qemu/qemu_migration.c @@ -29,7 +29,7 @@ Signed-off-by: Jiri Denemark 4 files changed, 29 insertions(+) diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c -index 01102c4300..11f87296d6 100644 +index 35ad201580..db5163e993 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -2366,6 +2366,12 @@ qemuMigrationSrcBeginPhase(virQEMUDriver *driver, diff --git a/SOURCES/libvirt-qemu_migration-Restore-original-memory-locking-limit.patch b/SOURCES/libvirt-qemu_migration-Restore-original-memory-locking-limit.patch index 3011e5f..c8afc02 100644 --- a/SOURCES/libvirt-qemu_migration-Restore-original-memory-locking-limit.patch +++ b/SOURCES/libvirt-qemu_migration-Restore-original-memory-locking-limit.patch @@ -1,5 +1,5 @@ -From 7cbfdb081de6e4eb684447ba48869082df798419 Mon Sep 17 00:00:00 2001 -Message-Id: <7cbfdb081de6e4eb684447ba48869082df798419@dist-git> +From 8cccd9634ecd91a5b7343eddc037e0fa7de2f9f6 Mon Sep 17 00:00:00 2001 +Message-Id: <8cccd9634ecd91a5b7343eddc037e0fa7de2f9f6@dist-git> From: Jiri Denemark Date: Wed, 22 Jun 2022 16:12:02 +0200 Subject: [PATCH] qemu_migration: Restore original memory locking limit @@ -15,22 +15,18 @@ Signed-off-by: Jiri Denemark Reviewed-by: Ján Tomko (cherry picked from commit d4d3bb813031275c2c7cf72724b83c97ce82ab7a) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Conflicts: src/qemu/qemu_migration.c - post-copy resovery not backported -The original 8.7.0 backport contained a bug which was later fixed by -"qemu_migration: Fix restoring memlock limit on destination". This -backport includes the follow up fix squashed in. - Signed-off-by: Jiri Denemark --- src/qemu/qemu_domain.c | 12 ++++++++++++ src/qemu/qemu_domain.h | 3 +++ - src/qemu/qemu_migration.c | 11 +++++++++-- - 3 files changed, 24 insertions(+), 2 deletions(-) + src/qemu/qemu_migration.c | 10 ++++++++-- + 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index a81789f194..c24d1e4d53 100644 @@ -77,7 +73,7 @@ index 6d1d23439a..d6e8a7a0fb 100644 virChrdevs *devs; diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c -index 10338f8e87..01102c4300 100644 +index 10338f8e87..35ad201580 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -2974,7 +2974,8 @@ qemuMigrationDstPrepareAny(virQEMUDriver *driver, @@ -124,15 +120,14 @@ index 10338f8e87..01102c4300 100644 qemuMigrationJobFinish(driver, vm); } else { qemuMigrationJobContinue(vm); -@@ -5869,6 +5874,8 @@ qemuMigrationDstFinish(virQEMUDriver *driver, - */ - if (inPostCopy) - g_clear_pointer(&priv->job.completed, qemuDomainJobInfoFree); -+ -+ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock); - } - - qemuMigrationParamsReset(driver, vm, QEMU_ASYNC_JOB_MIGRATION_IN, +@@ -5881,6 +5886,7 @@ qemuMigrationDstFinish(virQEMUDriver *driver, + cleanup: + g_clear_pointer(&jobInfo, qemuDomainJobInfoFree); + virPortAllocatorRelease(port); ++ qemuDomainSetMaxMemLock(vm, 0, &priv->preMigrationMemlock); + if (priv->mon) + qemuMonitorSetDomainLog(priv->mon, NULL, NULL, NULL); + VIR_FREE(priv->origname); -- 2.35.1 diff --git a/SOURCES/libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch b/SOURCES/libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch index 2b853a2..88a871b 100644 --- a/SOURCES/libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch +++ b/SOURCES/libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch @@ -1,5 +1,5 @@ -From ad3f1dceac21369b9c18b6032a4ff859dc79bbc7 Mon Sep 17 00:00:00 2001 -Message-Id: +From 8354fa1d2e471699331961272bc38f5e4cfe7cb8 Mon Sep 17 00:00:00 2001 +Message-Id: <8354fa1d2e471699331961272bc38f5e4cfe7cb8@dist-git> From: Jiri Denemark Date: Wed, 22 Jun 2022 09:04:04 +0200 Subject: [PATCH] qemu_migration: Use qemuDomainSetMaxMemLock @@ -15,7 +15,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Ján Tomko (cherry picked from commit 22ee8cbf090c45f999b76e3f8dc7a45065fc9edf) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Conflicts: src/qemu/qemu_migration.c diff --git a/SOURCES/libvirt-qemu_namespace-Fix-a-corner-case-in-qemuDomainGetPreservedMounts.patch b/SOURCES/libvirt-qemu_namespace-Fix-a-corner-case-in-qemuDomainGetPreservedMounts.patch deleted file mode 100644 index d7f692a..0000000 --- a/SOURCES/libvirt-qemu_namespace-Fix-a-corner-case-in-qemuDomainGetPreservedMounts.patch +++ /dev/null @@ -1,80 +0,0 @@ -From d32d74310b652295fa23ccf8f096dd6c997dee05 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Michal Privoznik -Date: Tue, 6 Sep 2022 13:43:22 +0200 -Subject: [PATCH] qemu_namespace: Fix a corner case in - qemuDomainGetPreservedMounts() - -When setting up namespace for QEMU we look at mount points under -/dev (like /dev/pts, /dev/mqueue/, etc.) because we want to -preserve those (which is done by moving them to a temp location, -unshare(), and then moving them back). We have a convenience -helper - qemuDomainGetPreservedMounts() - that processes the -mount table and (optionally) moves the other filesystems too. -This helper is also used when attempting to create a path in NS, -because the path, while starting with "/dev/" prefix, may -actually lead to one of those filesystems that we preserved. - -And here comes the corner case: while we require the parent mount -table to be in shared mode (equivalent of `mount --make-rshared /'), -these mount events propagate iff the target path exist inside the -slave mount table (= QEMU's private namespace). And since we -create only a subset of /dev nodes, well, that assumption is not -always the case. - -For instance, assume that a domain is already running, no -hugepages were configured for it nor any hugetlbfs is mounted. -Now, when a hugetlbfs is mounted into '/dev/hugepages', this is -propagated into the QEMU's namespace, but since the target dir -does not exist in the private /dev, the FS is not mounted in the -namespace. - -Fortunately, this difference between namespaces is visible when -comparing /proc/mounts and /proc/$PID/mounts (where PID is the -QEMU's PID). Therefore, if possible we should look at the latter. - -Signed-off-by: Michal Privoznik -Reviewed-by: Martin Kletzander -(cherry picked from commit 46b03819ae8d833b11c2aaccb2c2a0361727f51b) -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177 -Signed-off-by: Michal Privoznik ---- - src/qemu/qemu_namespace.c | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c -index 4bff325a2c..fc286ab0be 100644 ---- a/src/qemu/qemu_namespace.c -+++ b/src/qemu/qemu_namespace.c -@@ -110,6 +110,8 @@ qemuDomainGetPreservedMountPath(virQEMUDriverConfig *cfg, - * b) generate backup path for all the entries in a) - * - * Any of the return pointers can be NULL. Both arrays are NULL-terminated. -+ * Get the mount table either from @vm's PID (if running), or from the -+ * namespace we're in (if @vm's not running). - * - * Returns 0 on success, -1 otherwise (with error reported) - */ -@@ -124,12 +126,18 @@ qemuDomainGetPreservedMounts(virQEMUDriverConfig *cfg, - size_t nmounts = 0; - g_auto(GStrv) paths = NULL; - g_auto(GStrv) savePaths = NULL; -+ g_autofree char *mountsPath = NULL; - size_t i; - - if (ndevPath) - *ndevPath = 0; - -- if (virFileGetMountSubtree(QEMU_PROC_MOUNTS, "/dev", &mounts, &nmounts) < 0) -+ if (vm->pid > 0) -+ mountsPath = g_strdup_printf("/proc/%lld/mounts", (long long) vm->pid); -+ else -+ mountsPath = g_strdup(QEMU_PROC_MOUNTS); -+ -+ if (virFileGetMountSubtree(mountsPath, "/dev", &mounts, &nmounts) < 0) - return -1; - - if (nmounts == 0) --- -2.37.2 - diff --git a/SOURCES/libvirt-qemu_namespace-Introduce-qemuDomainNamespaceSetupPath.patch b/SOURCES/libvirt-qemu_namespace-Introduce-qemuDomainNamespaceSetupPath.patch deleted file mode 100644 index 5e2a39c..0000000 --- a/SOURCES/libvirt-qemu_namespace-Introduce-qemuDomainNamespaceSetupPath.patch +++ /dev/null @@ -1,68 +0,0 @@ -From edca5497554ccf8016681884aa732156a9773061 Mon Sep 17 00:00:00 2001 -Message-Id: -From: Michal Privoznik -Date: Tue, 6 Sep 2022 13:43:58 +0200 -Subject: [PATCH] qemu_namespace: Introduce qemuDomainNamespaceSetupPath() - -Sometimes it may come handy to just bind mount a directory/file -into domain's namespace. Implement a thin wrapper over -qemuNamespaceMknodPaths() which has all the logic we need. - -Signed-off-by: Michal Privoznik -Reviewed-by: Martin Kletzander -(cherry picked from commit 5853d707189005a4ea5b2215e80853867b822fd9) -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177 -Signed-off-by: Michal Privoznik ---- - src/qemu/qemu_namespace.c | 19 +++++++++++++++++++ - src/qemu/qemu_namespace.h | 4 ++++ - 2 files changed, 23 insertions(+) - -diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c -index fc286ab0be..74ffd6fb90 100644 ---- a/src/qemu/qemu_namespace.c -+++ b/src/qemu/qemu_namespace.c -@@ -1398,6 +1398,25 @@ qemuNamespaceUnlinkPaths(virDomainObj *vm, - } - - -+int -+qemuDomainNamespaceSetupPath(virDomainObj *vm, -+ const char *path, -+ bool *created) -+{ -+ g_autoptr(virGSListString) paths = NULL; -+ -+ if (!qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) -+ return 0; -+ -+ paths = g_slist_prepend(paths, g_strdup(path)); -+ -+ if (qemuNamespaceMknodPaths(vm, paths, created) < 0) -+ return -1; -+ -+ return 0; -+} -+ -+ - int - qemuDomainNamespaceSetupDisk(virDomainObj *vm, - virStorageSource *src, -diff --git a/src/qemu/qemu_namespace.h b/src/qemu/qemu_namespace.h -index 020aca13d8..1ab9322061 100644 ---- a/src/qemu/qemu_namespace.h -+++ b/src/qemu/qemu_namespace.h -@@ -49,6 +49,10 @@ void qemuDomainDestroyNamespace(virQEMUDriver *driver, - - bool qemuDomainNamespaceAvailable(qemuDomainNamespace ns); - -+int qemuDomainNamespaceSetupPath(virDomainObj *vm, -+ const char *path, -+ bool *created); -+ - int qemuDomainNamespaceSetupDisk(virDomainObj *vm, - virStorageSource *src, - bool *created); --- -2.37.2 - diff --git a/SOURCES/libvirt-qemu_namespace-Tolerate-missing-ACLs-when-creating-a-path-in-namespace.patch b/SOURCES/libvirt-qemu_namespace-Tolerate-missing-ACLs-when-creating-a-path-in-namespace.patch deleted file mode 100644 index 6159834..0000000 --- a/SOURCES/libvirt-qemu_namespace-Tolerate-missing-ACLs-when-creating-a-path-in-namespace.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 8806d4dd0f0c7c20a42513b2a1ff310455decdc6 Mon Sep 17 00:00:00 2001 -Message-Id: <8806d4dd0f0c7c20a42513b2a1ff310455decdc6@dist-git> -From: Michal Privoznik -Date: Tue, 6 Sep 2022 13:37:23 +0200 -Subject: [PATCH] qemu_namespace: Tolerate missing ACLs when creating a path in - namespace - -When creating a path in a domain's mount namespace we try to set -ACLs on it, so that it's a verbatim copy of the path in parent's -namespace. The ACLs are queried upfront (by -qemuNamespaceMknodItemInit()) but this is fault tolerant so the -pointer to ACLs might be NULL (meaning no ACLs were queried, for -instance because the underlying filesystem does not support -them). But then we take this NULL and pass it to virFileSetACLs() -which immediately returns an error because NULL is invalid value. - -Mimic what we do with SELinux label - only set ACLs if they are -non-NULL which includes symlinks. - -Signed-off-by: Michal Privoznik -Reviewed-by: Martin Kletzander -(cherry picked from commit 687374959e160dc566bd4b6d43c7bf1beb470c59) -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177 -Signed-off-by: Michal Privoznik ---- - src/qemu/qemu_namespace.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c -index 94453033f5..4bff325a2c 100644 ---- a/src/qemu/qemu_namespace.c -+++ b/src/qemu/qemu_namespace.c -@@ -1023,8 +1023,7 @@ qemuNamespaceMknodOne(qemuNamespaceMknodItem *data) - goto cleanup; - } - -- /* Symlinks don't have ACLs. */ -- if (!isLink && -+ if (data->acl && - virFileSetACLs(data->file, data->acl) < 0 && - errno != ENOTSUP) { - virReportSystemError(errno, --- -2.37.2 - diff --git a/SOURCES/libvirt-qemu_process-Don-t-require-a-hugetlbfs-mount-for-memfd.patch b/SOURCES/libvirt-qemu_process-Don-t-require-a-hugetlbfs-mount-for-memfd.patch deleted file mode 100644 index 4d4314f..0000000 --- a/SOURCES/libvirt-qemu_process-Don-t-require-a-hugetlbfs-mount-for-memfd.patch +++ /dev/null @@ -1,50 +0,0 @@ -From a2cb0eca44996e1a7a397f028d44994f2e402a2e Mon Sep 17 00:00:00 2001 -Message-Id: -From: Michal Privoznik -Date: Mon, 5 Sep 2022 10:34:44 +0200 -Subject: [PATCH] qemu_process: Don't require a hugetlbfs mount for memfd - -The aim of qemuProcessNeedHugepagesPath() is to determine whether -a hugetlbfs mount point is required for given domain (as in -whether qemuBuildMemoryBackendProps() picks up -memory-backend-file pointing to a hugetlbfs mount point). Well, -when domain is configured to use memfd backend then that -condition can never be true. Therefore, skip creating domain's -private path under hugetlbfs mount points. - -Signed-off-by: Michal Privoznik -Reviewed-by: Martin Kletzander -(cherry picked from commit f14f8dff9330ed51d817f190a2ee9ac76dfac00b) -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177 -Signed-off-by: Michal Privoznik ---- - src/qemu/qemu_process.c | 12 +++++++++++- - 1 file changed, 11 insertions(+), 1 deletion(-) - -diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c -index 5c6657a876..540eee9ff0 100644 ---- a/src/qemu/qemu_process.c -+++ b/src/qemu/qemu_process.c -@@ -3810,8 +3810,18 @@ qemuProcessNeedHugepagesPath(virDomainDef *def, - const long system_pagesize = virGetSystemPageSizeKB(); - size_t i; - -- if (def->mem.source == VIR_DOMAIN_MEMORY_SOURCE_FILE) -+ switch ((virDomainMemorySource)def->mem.source) { -+ case VIR_DOMAIN_MEMORY_SOURCE_FILE: -+ /* This needs a hugetlbfs mount. */ - return true; -+ case VIR_DOMAIN_MEMORY_SOURCE_MEMFD: -+ /* memfd works without a hugetlbfs mount */ -+ return false; -+ case VIR_DOMAIN_MEMORY_SOURCE_NONE: -+ case VIR_DOMAIN_MEMORY_SOURCE_ANONYMOUS: -+ case VIR_DOMAIN_MEMORY_SOURCE_LAST: -+ break; -+ } - - for (i = 0; i < def->mem.nhugepages; i++) { - if (def->mem.hugepages[i].size != system_pagesize) --- -2.37.2 - diff --git a/SOURCES/libvirt-qemu_process.c-Propagate-hugetlbfs-mounts-on-reconnect.patch b/SOURCES/libvirt-qemu_process.c-Propagate-hugetlbfs-mounts-on-reconnect.patch deleted file mode 100644 index 1fe77c7..0000000 --- a/SOURCES/libvirt-qemu_process.c-Propagate-hugetlbfs-mounts-on-reconnect.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 347606bc80f40c22712d0ffe61a149c3266bf131 Mon Sep 17 00:00:00 2001 -Message-Id: <347606bc80f40c22712d0ffe61a149c3266bf131@dist-git> -From: Michal Privoznik -Date: Tue, 6 Sep 2022 13:45:51 +0200 -Subject: [PATCH] qemu_process.c: Propagate hugetlbfs mounts on reconnect - -When reconnecting to a running QEMU process, we construct the -per-domain path in all hugetlbfs mounts. This is a relict from -the past (v3.4.0-100-g5b24d25062) where we switched to a -per-domain path and we want to create those paths when libvirtd -restarts on upgrade. - -And with namespaces enabled there is one corner case where the -path is not created. In fact an error is reported and the -reconnect fails. Ideally, all mount events are propagated into -the QEMU's namespace. And they probably are, except when the -target path does not exist inside the namespace. Now, it's pretty -common for users to mount hugetlbfs under /dev (e.g. -/dev/hugepages), but if domain is started without hugepages (or -more specifically - private hugetlbfs path wasn't created on -domain startup), then the reconnect code tries to create it. -But it fails to do so, well, it fails to set seclabels on the -path because, because the path does not exist in the private -namespace. And it doesn't exist because we specifically create -only a subset of all possible /dev nodes. Therefore, the mount -event, whilst propagated, is not successful and hence the -filesystem is not mounted. We have to do it ourselves. - -If hugetlbfs is mount anywhere else there's no problem and this -is effectively a dead code. - -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2123196 -Signed-off-by: Michal Privoznik -Reviewed-by: Martin Kletzander -(cherry picked from commit 0377177c7856bb87a9d8aa1324b54f5fbe9f1e5b) - -Conflicts: -- docs/kbase/qemu-passthrough-security.rst: Well, v8.8.0-rc1~32 - isn't backported, thus we can't remove a paragraph that the - backported commit did. It's a documentation after all, so no - harm. - -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177 -Signed-off-by: Michal Privoznik ---- - src/qemu/qemu_process.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c -index 540eee9ff0..1164340aa9 100644 ---- a/src/qemu/qemu_process.c -+++ b/src/qemu/qemu_process.c -@@ -3906,6 +3906,9 @@ qemuProcessBuildDestroyMemoryPathsImpl(virQEMUDriver *driver, - return -1; - } - -+ if (qemuDomainNamespaceSetupPath(vm, path, NULL) < 0) -+ return -1; -+ - if (qemuSecurityDomainSetPathLabel(driver, vm, path, true) < 0) - return -1; - } else { --- -2.37.2 - diff --git a/SOURCES/libvirt-qemu_validate-Validate-prealloc-threads-against-qemuCpas.patch b/SOURCES/libvirt-qemu_validate-Validate-prealloc-threads-against-qemuCpas.patch index 979286d..0f8d752 100644 --- a/SOURCES/libvirt-qemu_validate-Validate-prealloc-threads-against-qemuCpas.patch +++ b/SOURCES/libvirt-qemu_validate-Validate-prealloc-threads-against-qemuCpas.patch @@ -1,5 +1,5 @@ -From d1a1a95343946fbe0736a14073b63831320d55d2 Mon Sep 17 00:00:00 2001 -Message-Id: +From 088ba382d7a099ddbebe37e5486ce648e24266db Mon Sep 17 00:00:00 2001 +Message-Id: <088ba382d7a099ddbebe37e5486ce648e24266db@dist-git> From: Michal Privoznik Date: Mon, 21 Mar 2022 17:09:40 +0100 Subject: [PATCH] qemu_validate: Validate prealloc threads against qemuCpas @@ -10,7 +10,7 @@ preallocation threads. Validate this assumption. Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander (cherry picked from commit 75a4e0165ef199809974e97b507d3953e1de01d1) -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075569 +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2067126 Signed-off-by: Michal Privoznik --- src/qemu/qemu_validate.c | 7 +++++++ diff --git a/SOURCES/libvirt-security_selinux.c-Relabel-existing-mode-bind-UNIX-sockets.patch b/SOURCES/libvirt-security_selinux.c-Relabel-existing-mode-bind-UNIX-sockets.patch new file mode 100644 index 0000000..8332ee9 --- /dev/null +++ b/SOURCES/libvirt-security_selinux.c-Relabel-existing-mode-bind-UNIX-sockets.patch @@ -0,0 +1,64 @@ +From 07fb786e0d17bd395333d276ebbaad42c72ee358 Mon Sep 17 00:00:00 2001 +Message-Id: <07fb786e0d17bd395333d276ebbaad42c72ee358@dist-git> +From: David Michael +Date: Tue, 28 Jun 2022 08:33:41 -0400 +Subject: [PATCH] security_selinux.c: Relabel existing mode="bind" UNIX sockets + +This supports sockets created by libvirt and passed by FD using the +same method as in security_dac.c. + +Signed-off-by: David Michael +Signed-off-by: Michal Privoznik +Reviewed-by: Michal Privoznik +(cherry picked from commit 9f13f54a6348b54170f7de3595039c99b9da72c7) + +https://bugzilla.redhat.com/show_bug.cgi?id=2101575 + +Signed-off-by: Michal Privoznik +--- + src/security/security_selinux.c | 9 +++++++-- + tests/securityselinuxlabeldata/chardev.txt | 2 +- + 2 files changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c +index 0952431064..b90e819fd2 100644 +--- a/src/security/security_selinux.c ++++ b/src/security/security_selinux.c +@@ -2545,7 +2545,12 @@ virSecuritySELinuxSetChardevLabel(virSecurityManager *mgr, + break; + + case VIR_DOMAIN_CHR_TYPE_UNIX: +- if (!dev_source->data.nix.listen) { ++ if (!dev_source->data.nix.listen || ++ (dev_source->data.nix.path && ++ virFileExists(dev_source->data.nix.path))) { ++ /* Also label mode='bind' sockets if they exist, ++ * e.g. because they were created by libvirt ++ * and passed via FD */ + if (virSecuritySELinuxSetFilecon(mgr, + dev_source->data.nix.path, + imagelabel, +@@ -2622,7 +2627,7 @@ virSecuritySELinuxRestoreChardevLabel(virSecurityManager *mgr, + case VIR_DOMAIN_CHR_TYPE_UNIX: + if (!dev_source->data.nix.listen) { + if (virSecuritySELinuxRestoreFileLabel(mgr, +- dev_source->data.file.path, ++ dev_source->data.nix.path, + true) < 0) + goto done; + } +diff --git a/tests/securityselinuxlabeldata/chardev.txt b/tests/securityselinuxlabeldata/chardev.txt +index 3f4b6302b9..bdb367f7a5 100644 +--- a/tests/securityselinuxlabeldata/chardev.txt ++++ b/tests/securityselinuxlabeldata/chardev.txt +@@ -2,6 +2,6 @@ + /plain.dev;system_u:object_r:svirt_image_t:s0:c41,c264 + /plain.fifo;system_u:object_r:svirt_image_t:s0:c41,c264 + /nolabel.sock; +-/plain.sock; ++/plain.sock;system_u:object_r:svirt_image_t:s0:c41,c264 + /yeslabel.sock;system_u:object_r:svirt_image_t:s0:c41,c264 + /altlabel.sock;system_u:object_r:svirt_image_custom_t:s0:c41,c264 +-- +2.35.1 + diff --git a/SOURCES/libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch b/SOURCES/libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch index 015d22d..a6076a1 100644 --- a/SOURCES/libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch +++ b/SOURCES/libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch @@ -1,5 +1,5 @@ -From 4c57d8399b86c07ee0b1bafd2f8bf0ba10ff384f Mon Sep 17 00:00:00 2001 -Message-Id: <4c57d8399b86c07ee0b1bafd2f8bf0ba10ff384f@dist-git> +From 41247c87fd47f2e55825d62c697da810ba5062f5 Mon Sep 17 00:00:00 2001 +Message-Id: <41247c87fd47f2e55825d62c697da810ba5062f5@dist-git> From: Peter Krempa Date: Tue, 14 Jun 2022 13:13:48 +0200 Subject: [PATCH] virDomainDiskDefValidate: Improve error messages for @@ -15,7 +15,6 @@ Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko (cherry picked from commit 9a480737c8adf92c332aa850c5269191ceb04eb9) https://bugzilla.redhat.com/show_bug.cgi?id=2095758 -https://bugzilla.redhat.com/show_bug.cgi?id=2109571 --- src/conf/domain_validate.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/SOURCES/libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch b/SOURCES/libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch index 78b4dd1..f57195b 100644 --- a/SOURCES/libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch +++ b/SOURCES/libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch @@ -1,5 +1,5 @@ -From a5cdca9995a05ac45e882ad3e1ca1e4ab53a2c34 Mon Sep 17 00:00:00 2001 -Message-Id: +From 26daf647925213a05509cc302d9151fe4525febb Mon Sep 17 00:00:00 2001 +Message-Id: <26daf647925213a05509cc302d9151fe4525febb@dist-git> From: Peter Krempa Date: Tue, 14 Jun 2022 14:07:47 +0200 Subject: [PATCH] virDomainDiskDefValidateStartupPolicy: Validate disk type @@ -17,7 +17,6 @@ Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko (cherry picked from commit b90d0f0a1e4ee52c828fb683c14c14e241e6fcbb) https://bugzilla.redhat.com/show_bug.cgi?id=2095758 -https://bugzilla.redhat.com/show_bug.cgi?id=2109571 --- src/conf/domain_validate.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/SOURCES/libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch b/SOURCES/libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch index 8db5803..d8ab75e 100644 --- a/SOURCES/libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch +++ b/SOURCES/libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch @@ -1,5 +1,5 @@ -From d56c0a4b1b57d9547d40088b6787d7503c09e2b9 Mon Sep 17 00:00:00 2001 -Message-Id: +From 2ea89fb18aa9d2dac1e651869736fede7a2ec434 Mon Sep 17 00:00:00 2001 +Message-Id: <2ea89fb18aa9d2dac1e651869736fede7a2ec434@dist-git> From: Peter Krempa Date: Tue, 14 Jun 2022 14:21:33 +0200 Subject: [PATCH] virDomainDiskTranslateSourcePool: Fix check of @@ -23,7 +23,6 @@ Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2095758 Signed-off-by: Peter Krempa Reviewed-by: Ján Tomko (cherry picked from commit ed8984306e1cd44c424fda3ed412a4177dd7b84d) -https://bugzilla.redhat.com/show_bug.cgi?id=2109571 --- src/conf/domain_conf.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/SOURCES/libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch b/SOURCES/libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch index a3211db..c16422a 100644 --- a/SOURCES/libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch +++ b/SOURCES/libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch @@ -1,5 +1,5 @@ -From eb87264dc41a7147fb88fdc4d666ef8d0e9bb882 Mon Sep 17 00:00:00 2001 -Message-Id: +From 20c1c86f96dd7293734888ef6f8b75c11cda5fae Mon Sep 17 00:00:00 2001 +Message-Id: <20c1c86f96dd7293734888ef6f8b75c11cda5fae@dist-git> From: Jiri Denemark Date: Wed, 22 Jun 2022 16:36:53 +0200 Subject: [PATCH] virsh: Add support for VIR_MIGRATE_ZEROCOPY flag @@ -11,7 +11,7 @@ Signed-off-by: Jiri Denemark Reviewed-by: Ján Tomko (cherry picked from commit efa3baeae70fbdf4ab032ca485cb9272ee96bd50) -https://bugzilla.redhat.com/show_bug.cgi?id=2117272 +https://bugzilla.redhat.com/show_bug.cgi?id=2089433 Conflicts: docs/manpages/virsh.rst diff --git a/SPECS/libvirt.spec b/SPECS/libvirt.spec index e2e621b..530b2cb 100644 --- a/SPECS/libvirt.spec +++ b/SPECS/libvirt.spec @@ -210,7 +210,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 8.0.0 -Release: 5.5%{?dist}%{?extra_release} +Release: 10%{?dist}%{?extra_release} License: LGPLv2+ URL: https://libvirt.org/ @@ -250,24 +250,23 @@ Patch27: libvirt-cpu_x86-Consolidate-signature-match-in-x86DecodeUseCandidate.pa Patch28: libvirt-cpu_x86-Refactor-feature-list-comparison-in-x86DecodeUseCandidate.patch Patch29: libvirt-cpu_x86-Penalize-disabled-features-when-computing-CPU-model.patch Patch30: libvirt-cpu_x86-Ignore-enabled-features-for-input-models-in-x86DecodeUseCandidate.patch -Patch31: libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch -Patch32: libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch -Patch33: libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch -Patch34: libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch -Patch35: libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch -Patch36: libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch -Patch37: libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch -Patch38: libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch -Patch39: libvirt-qemu_migration-Restore-original-memory-locking-limit.patch -Patch40: libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch -Patch41: libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch -Patch42: libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch -Patch43: libvirt-qemu_process-Don-t-require-a-hugetlbfs-mount-for-memfd.patch -Patch44: libvirt-qemu_namespace-Tolerate-missing-ACLs-when-creating-a-path-in-namespace.patch -Patch45: libvirt-qemu_namespace-Fix-a-corner-case-in-qemuDomainGetPreservedMounts.patch -Patch46: libvirt-qemu_namespace-Introduce-qemuDomainNamespaceSetupPath.patch -Patch47: libvirt-qemu_process.c-Propagate-hugetlbfs-mounts-on-reconnect.patch -Patch48: libvirt-qemuProcessReconnect-Don-t-build-memory-paths.patch +Patch31: libvirt-nwfilter-fix-crash-when-counting-number-of-network-filters.patch +Patch32: libvirt-virDomainDiskDefValidate-Improve-error-messages-for-startupPolicy-checks.patch +Patch33: libvirt-domain_validate-Split-out-validation-of-disk-startup-policy.patch +Patch34: libvirt-virDomainDiskDefValidateStartupPolicy-Validate-disk-type-better.patch +Patch35: libvirt-virDomainDiskTranslateSourcePool-Fix-check-of-startupPolicy-definition.patch +Patch36: libvirt-conf-virtiofs-add-thread_pool-element.patch +Patch37: libvirt-qemu-virtiofs-format-thread-pool-size.patch +Patch38: libvirt-conf-Move-virDomainObj-originalMemlock-into-qemuDomainObjPrivate.patch +Patch39: libvirt-qemu_domain-Format-qemuDomainObjPrivate-originalMemlock.patch +Patch40: libvirt-qemu-Add-qemuDomainSetMaxMemLock-helper.patch +Patch41: libvirt-qemu_migration-Use-qemuDomainSetMaxMemLock.patch +Patch42: libvirt-qemu_migration-Restore-original-memory-locking-limit.patch +Patch43: libvirt-Add-VIR_MIGRATE_ZEROCOPY-flag.patch +Patch44: libvirt-virsh-Add-support-for-VIR_MIGRATE_ZEROCOPY-flag.patch +Patch45: libvirt-qemu_migration-Implement-VIR_MIGRATE_ZEROCOPY-flag.patch +Patch46: libvirt-security_selinux.c-Relabel-existing-mode-bind-UNIX-sockets.patch +Patch47: libvirt-RHEL-qemu_migration-Fix-restoring-memlock-limit-on-destination.patch Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -2141,45 +2140,44 @@ exit 0 %changelog -* Thu Oct 6 2022 Jiri Denemark - 8.0.0-5.5.el8 -- qemu_process: Don't require a hugetlbfs mount for memfd (rhbz#2132177) -- qemu_namespace: Tolerate missing ACLs when creating a path in namespace (rhbz#2132177) -- qemu_namespace: Fix a corner case in qemuDomainGetPreservedMounts() (rhbz#2132177) -- qemu_namespace: Introduce qemuDomainNamespaceSetupPath() (rhbz#2132177) -- qemu_process.c: Propagate hugetlbfs mounts on reconnect (rhbz#2132177) -- qemuProcessReconnect: Don't build memory paths (rhbz#2132177) - -* Thu Aug 18 2022 Jiri Denemark - 8.0.0-5.4.el8 -- conf: Move virDomainObj::originalMemlock into qemuDomainObjPrivate (rhbz#2117272) -- qemu_domain: Format qemuDomainObjPrivate::originalMemlock (rhbz#2117272) -- qemu: Add qemuDomainSetMaxMemLock helper (rhbz#2117272) -- qemu_migration: Use qemuDomainSetMaxMemLock (rhbz#2117272) -- qemu_migration: Restore original memory locking limit (rhbz#2117272) -- Add VIR_MIGRATE_ZEROCOPY flag (rhbz#2117272) -- virsh: Add support for VIR_MIGRATE_ZEROCOPY flag (rhbz#2117272) -- qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag (rhbz#2117272) - -* Fri Jul 29 2022 Jiri Denemark - 8.0.0-5.3.el8 -- virDomainDiskDefValidate: Improve error messages for 'startupPolicy' checks (rhbz#2109571) -- domain_validate: Split out validation of disk startup policy (rhbz#2109571) -- virDomainDiskDefValidateStartupPolicy: Validate disk type better (rhbz#2109571) -- virDomainDiskTranslateSourcePool: Fix check of 'startupPolicy' definition (rhbz#2109571) - -* Tue May 17 2022 Jiri Denemark - 8.0.0-5.2.el8 -- cpu_map: Disable cpu64-rhel* for host-model and baseline (rhbz#2084030) -- cputest: Drop some old artificial baseline tests (rhbz#2084030) -- cputest: Give better names to baseline tests (rhbz#2084030) -- cputest: Add some real world baseline tests (rhbz#2084030) -- cpu_x86: Consolidate signature match in x86DecodeUseCandidate (rhbz#2084030) -- cpu_x86: Refactor feature list comparison in x86DecodeUseCandidate (rhbz#2084030) -- cpu_x86: Penalize disabled features when computing CPU model (rhbz#2084030) -- cpu_x86: Ignore enabled features for input models in x86DecodeUseCandidate (rhbz#2084030) - -* Wed Apr 27 2022 Jiri Denemark - 8.0.0-5.1.el8 -- conf: Introduce memory allocation threads (rhbz#2075569) -- qemu_capabilities: Detect memory-backend-*.prealloc-threads property (rhbz#2075569) -- qemu_validate: Validate prealloc threads against qemuCpas (rhbz#2075569) -- qemu_command: Generate prealloc-threads property (rhbz#2075569) +* Mon Jul 25 2022 Jiri Denemark - 8.0.0-10 +- security_selinux.c: Relabel existing mode="bind" UNIX sockets (rhbz#2101575) +- RHEL: qemu_migration: Fix restoring memlock limit on destination (rhbz#2107954) + +* Thu Jun 30 2022 Jiri Denemark - 8.0.0-9 +- conf: virtiofs: add thread_pool element (rhbz#2079582) +- qemu: virtiofs: format --thread-pool-size (rhbz#2079582) +- conf: Move virDomainObj::originalMemlock into qemuDomainObjPrivate (rhbz#2089433) +- qemu_domain: Format qemuDomainObjPrivate::originalMemlock (rhbz#2089433) +- qemu: Add qemuDomainSetMaxMemLock helper (rhbz#2089433) +- qemu_migration: Use qemuDomainSetMaxMemLock (rhbz#2089433) +- qemu_migration: Restore original memory locking limit (rhbz#2089433) +- Add VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433) +- virsh: Add support for VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433) +- qemu_migration: Implement VIR_MIGRATE_ZEROCOPY flag (rhbz#2089433) + +* Wed Jun 15 2022 Jiri Denemark - 8.0.0-8 +- nwfilter: fix crash when counting number of network filters (CVE-2022-0897, rhbz#2063902) +- virDomainDiskDefValidate: Improve error messages for 'startupPolicy' checks (rhbz#2095758) +- domain_validate: Split out validation of disk startup policy (rhbz#2095758) +- virDomainDiskDefValidateStartupPolicy: Validate disk type better (rhbz#2095758) +- virDomainDiskTranslateSourcePool: Fix check of 'startupPolicy' definition (rhbz#2095758) + +* Tue May 17 2022 Jiri Denemark - 8.0.0-7 +- cpu_map: Disable cpu64-rhel* for host-model and baseline (rhbz#1851227) +- cputest: Drop some old artificial baseline tests (rhbz#1851227) +- cputest: Give better names to baseline tests (rhbz#1851227) +- cputest: Add some real world baseline tests (rhbz#1851227) +- cpu_x86: Consolidate signature match in x86DecodeUseCandidate (rhbz#1851227) +- cpu_x86: Refactor feature list comparison in x86DecodeUseCandidate (rhbz#1851227) +- cpu_x86: Penalize disabled features when computing CPU model (rhbz#1851227) +- cpu_x86: Ignore enabled features for input models in x86DecodeUseCandidate (rhbz#1851227) + +* Wed Apr 27 2022 Jiri Denemark - 8.0.0-6 +- conf: Introduce memory allocation threads (rhbz#2067126) +- qemu_capabilities: Detect memory-backend-*.prealloc-threads property (rhbz#2067126) +- qemu_validate: Validate prealloc threads against qemuCpas (rhbz#2067126) +- qemu_command: Generate prealloc-threads property (rhbz#2067126) * Fri Feb 25 2022 Jiri Denemark - 8.0.0-5 - node_device: Rework udevKludgeStorageType() (rhbz#2056673)