Commit Graph

4376 Commits

Author SHA1 Message Date
Andrea Bolognani
18249f278a kbase: Always explicitly enable secure-boot firmware feature
It should be enough to enable or disable the enrolled-keys feature
to control whether Secure Boot is enforced, but there's a slight
complication: many distro packages for edk2 include, in addition
to general purpose firmware images, builds that are targeting the
Confidential Computing use case.

For those, the firmware descriptor will not advertise the
enrolled-keys feature, which will technically make them suitable
for satisfying a configuration such as

  <os firmware='efi'>
    <firmware>
      <feature state='off' name='enrolled-keys'/>
    </firmware>
  </os>

In practice, users will expect the general purpose build to be
used in this case. Explicitly asking for the secure-boot feature
to be enabled achieves that result at the cost of some slight
additional verbosity.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-08-04 14:39:11 +02:00
Dario Faggioli
e6c29f09e5 conf: Add support for specifying CPU max physical address size
This patch introduces the

    <maxphysaddr mode='passthrough'/>
    <maxphysaddr mode='emulate' bits='42'/>

sub element of /domain/cpu, which allows specifying the guest virtual CPU
address size. This can be useful if the guest needs to have a large amount
of memory.

If mode='passthrough', the virtual CPU will have the same number of address
bits as the host. If mode='emulate', the mandatory bits attribute specifies
the number of address bits.

Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-08-04 09:04:07 +02:00
Daniel P. Berrangé
578ac25c6a conf: support stateless UEFI firmware
Normally when an UEFI firmware is marked as read-only, an associated
NVRAM file will be created. Some builds of UEFI firmware, however, wish
to remain stateless and so will be read-only, but never have any NVRAM
file. To represent this concept a 'stateless' tristate bool attribute
is introduced on the <loader/> element.

There are rather a large number of permutations to consider.

With default firmware selection

  *  <os/>

     => Historic default, no change

  *  <os>
       <loader stateless='yes'/>
     </os>

     => Explicit version of historic default, no change

  *  <os>
       <loader stateless='no'/>
     </os>

      => Invalid, bios is always stateless

With manual legacy BIOS selection

  *  <os>
       <loader>/path/to/seabios</loader>
       ...
     </os>

     => Historic default, no change

  *  <os>
       <loader stateless='yes'>/path/to/seabios</loader>
       ...
     </os>

     => Explicit version of historic default, no change

  *  <os>
       <loader stateless='no'>/path/to/seabios</loader>
       ...
     </os>

      => Invalid, bios is always stateless

With manual UEFI selection

  *  <os>
       <loader type='pflash'>/path/to/edk2</loader>
       ...
     </os>

     => Historic default, no change

  *  <os>
       <loader type='pflash' stateless='yes'>/path/to/edk2</loader>
       ...
     </os>

     => Skip auto-filling NVRAM / template

  *  <os>
       <loader type='pflash' stateless='no'>/path/to/edk2</loader>
       ...
     </os>

     => Explicit version of historic default, no change

With automatic firmware selection

  *  <os firmware='bios'/>

     => Historic default, no change

  *  <os firmware='bios'>
       <loader stateless='yes'/>
     </os>

     => Explicit version of historic default, no change

  *  <os firmware='bios'>
       <loader stateless='no'/>
     </os>

      => Invalid, bios is always stateless

  *  <os firmware='uefi'/>

     => Historic default, no change

  *  <os firmware='uefi'>
       <loader stateless='yes'/>
     </os>

     => Skip auto-filling NVRAM / template

  *  <os firmware='uefi'>
       <loader stateless='no'/>
     </os>

     => Explicit version of historic default, no change

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-26 15:41:44 +01:00
Peter Krempa
429c15259c docs: Add article about handling upstream issues
Outline how upstream issues are triaged and explain what the states of
the issue means.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-07-26 16:35:57 +02:00
Peter Krempa
80e50315b4 docs: patches: Add a note about reviews and contacting developers
Add a note outling best practices around review and responding to it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-07-26 16:35:57 +02:00
Michal Privoznik
32b9d4390e coding-style: Allow some use of ternary operators
While we all understand that excessive use of ternary operator
may worsen code readability (e.g. nested, multi-line expression),
there are few cases where using it actually improves code
readability. For instance, when a function takes a long list of
arguments out of which one depends on a boolean expression, or
when formatting "yes"/"no" or "on"/"off" values based on a
boolean variable (although one can argue that the latter is a
subset of the former). Just consider alternatives to:

  virBufferAsprintf(buf, "<elem>%s</elem>\n", boolVar ? "yes" : "no");

In fact, this pattern occurs plenty in our code. Exempt it from
our "no ternary operators" rule.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-26 08:48:48 +02:00
Michal Privoznik
9e8601c464 lib: Use G_NO_INLINE instead of G_GNUC_NO_INLINE
The G_GNUC_NO_INLINE macro will eventually be marked as
deprecated [1] and we are recommended to use G_NO_INLINE instead.
Do the switch now, rather than waiting for compile time warning
to occur.

1: 15cd0f0461
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2022-07-18 17:23:15 +02:00
Tim Wiederhake
57d263d6a3 docs: Fix typos
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
2022-07-18 11:10:55 +02:00
Erik Skultety
c341989fa1 docs: ci: Add a brief section on how to run the CI workload locally
This is just a glue to the testing article introduced in previous
commits.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-15 08:26:38 +02:00
Erik Skultety
659ac70281 docs: ci: Add a section on how to add a new platform to libvirt CI
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-15 08:26:34 +02:00
Erik Skultety
294b5a9821 docs: ci: Add info about the two major types of jobs our CI runs
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-15 08:26:29 +02:00
Erik Skultety
4df9845bb9 docs: Change the CI headline from "CI Testing" to "CI"
It's not just strategy the master CI article talks (or will talk in the
future) about.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-15 08:26:25 +02:00
Erik Skultety
77ab90f0a2 docs: Drop the testsuites article
The article was replaced with a new one in previous commit, so we don't
need this one anymore.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-15 08:26:25 +02:00
Erik Skultety
200ab55980 docs: Replace testsuites article with the new 'testing' article
The new article provides more in-depth information on testing options
in libvirt.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-15 08:26:25 +02:00
Erik Skultety
5d9e41ee77 docs: Provide an article on testing
Currently we don't have much information on how testing is done in
libvirt and the little we have is scattered among multiple files. This
patch creates a common landing page containing all important bits about
testing in libvirt, providing links to respective sections which
deserve their own articles.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-15 08:26:13 +02:00
Erik Skultety
1dc037ec17 docs: Provide an article on how to add a custom runner to the project
Since running our functional test suite in GitLab cannot make use of
the shared resources it makes sense to document the process of adding
own HW to run the custom libvirt executor that powers the integration
suite. This article will likely make even more sense in the future with
GitLab severely cutting down on shared CI resources.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-14 17:31:21 +02:00
Erik Skultety
0be5de986a docs: Provide more information about the TCK test suite
Most importantly, how to get it, how install dependencies and how
to run it.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-14 17:31:21 +02:00
Erik Skultety
983cf8c03b docs: Move the CI dashboard to its own RST module
The dashboard itself simply takes away focus from everything else that
makes sense to have in the CI article, so move it to it's own article
and link it from the main CI article.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-14 17:31:21 +02:00
Michal Privoznik
85ea114016 conf: Introduce @guestReset to hostdev's <source/>
Some USB devices have a buggy firmware that either crashes on
device reset, or make the device unusable in some other way.
Fortunately, QEMU offers a way to skip device reset either
completely, or if device is not initialized yet. Expose this
ability to users under:

    <hostdev mode='subsystem' type='usb'>
      <source guestReset='off'/>
    </hostdev>

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-07-13 16:00:50 +02:00
Daniel P. Berrangé
c748000cd1 docs: replace ARRAY_CARDINALITY with G_N_ELEMENTS
Fix docs illustrating call with an obsolete macro.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-13 12:18:06 +01:00
Daniel P. Berrangé
497d8555c4 docs: add info about factors affecting CPU compatibility
While libvirt solves most of the problem of ensuring compatibility, when
there is incompatibility it can be hard for users to track down the
cause. Everything knows to check the physical CPU model, but there are a
surprisingly large number of other factors influencing compatibility.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-07-13 11:04:29 +01:00
Michal Privoznik
1277a9c884 domcaps: Introduce TPM backendVersion
We accept TPM version in the domain XML. However, supported
version depends on the host (swtpm_setup binary) and thus it may
be tricky for users (or mgmt applications) chose a version.
Introduce machinery for reporting supported version in domain
capabilities.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-07-13 11:55:06 +02:00
Michal Privoznik
6a00c565c4 docs: Document TPM portion of domcaps
Surprisingly, we don't document TPM part of domain capabilities.
Fortunately, the information exposed is pretty much self
explanatory, but we should document it regardless.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-07-13 11:55:06 +02:00
Peter Krempa
b7e05cf966 docs: formatstorage: Format XML namespace definition as code block
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2022-07-12 11:33:37 +02:00
Peter Krempa
c37ebda93a kbase: debuglogs: Add a note about auto-shutdown of daemons
When using runtime setting of logging with 'virt-admin' it can be
confusing that the settings are discarded when the shutdown timeout of a
daemon is reached.

Add a note about this behaviour along with a suggestion to use
virt-admin to disable the behaviour if needed.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-07-07 14:35:30 +02:00
Peter Krempa
fe69f5074a virt-admin: Introduce 'daemon-timeout'
Add a simple command to drive the new 'virAdmConnectSetDaemonTimeout'
API.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-07-07 14:35:30 +02:00
Han Han
2ee82b3dfb docs: Fix syntax error in defaultiothread example
Signed-off-by: Han Han <hhan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-07-07 12:14:02 +02:00
Michal Privoznik
92678703ce docs: Document <address/> for IOMMU device
The commit v8.3.0-rc1~199 introduced <address/> to <iommu/>
device. And while it updated the RNG it forgot to update the
docs. Fix that.

Fixes: b0eb1e193f
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-07-04 13:21:16 +02:00
Tim Wiederhake
58e6bb8be8 Fix spelling
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
2022-07-04 10:07:47 +02:00
Peter Krempa
c44930d932 storage: pool: Allow more intricate nfs protocol versions
Treat the 'protocolVer' field as a string so that e.g. '4.1' can be
used. Forbid only ',' in the string as it's a separator of arguments for
mount options.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-07-01 16:15:23 +02:00
Andrea Bolognani
7d285059f4 docs: Add kbase page for Secure Boot
Provide simple recipes for the most common high-level tasks.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-07-01 15:10:43 +02:00
Jonathon Jongsma
4260a642d3 docs: clarify 'readahead' and 'timeout' for disks
Document the format of the 'readahead' and 'timeout' XML elements more
accurately.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-06-24 09:03:54 -05:00
Jiri Denemark
efa3baeae7 virsh: Add support for VIR_MIGRATE_ZEROCOPY flag
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-06-23 16:45:39 +02:00
Ján Tomko
be4047d051 docs: update links to listman
The mailman for mailing lists hosted by Red Hat seems to have moved
to listman.redhat.com. While the old links still seem to work,
point our docs to the new location to avoid the redirect.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-06-22 15:29:44 +02:00
Daniel P. Berrangé
8603b3d76c tools: add '--xpath EXPRESSION --wrap' args to all dumpxml commands
While you can chain the virsh output up to a later 'xmllint' or 'xpath'
command, integrating it into virsh avoids needs for installing extra
binaries which we've often found to be missing on production installs
of libvirt. It also gives better response if the initial virsh command
hits an error, as you don't get an aborted pipeline.

    $ virsh pool-dumpxml --xpath //permissions default
    <permissions>
      <mode>0711</mode>
      <owner>1000</owner>
      <group>1000</group>
      <label>unconfined_u:object_r:svirt_home_t:s0</label>
    </permissions>

If multiple nodes match, they are emitted individually:

    $ virsh dumpxml --xpath '//devices/*/address[@type="pci"]' --wrap demo
    <address type="pci" domain="0x0000" bus="0x05" slot="0x00" function="0x0"/>
    <address type="pci" domain="0x0000" bus="0x03" slot="0x00" function="0x0"/>
    ...snip...
    <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x0" multifunction="on"/>
    <address type="pci" domain="0x0000" bus="0x07" slot="0x00" function="0x0"/>

but if intending to post-process the output further, the results
can be wrapped in a parent node

    $ virsh dumpxml --xpath '//devices/*/address[@type="pci"]' --wrap demo
    <nodes>
      <address type="pci" domain="0x0000" bus="0x05" slot="0x00" function="0x0"/>
      <address type="pci" domain="0x0000" bus="0x03" slot="0x00" function="0x0"/>
      ...snip...
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x0" multifunction="on"/>
      <address type="pci" domain="0x0000" bus="0x07" slot="0x00" function="0x0"/>
    </nodes>

Fixes https://gitlab.com/libvirt/libvirt/-/issues/244
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-06-20 10:40:45 +01:00
Ján Tomko
0df2e7df80 conf: virtiofs: add thread_pool element
Add an element to configure the thread pool size:

...
<binary>
  <thread_pool size='16'/>
</binary>
...

https://bugzilla.redhat.com/show_bug.cgi?id=2072905

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-06-16 14:58:25 +02:00
Yalan Zhang
261f106100 docs: formatdomain: update hostdev interface section a bit
Update the default "driver" value for hostdev interface since
the default is not "KVM" anymore (refer to "Host device
asssignment" part and by test results). And update the mac
address in one xml example.

Signed-off-by: Yalan Zhang <yalzhang@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-06-16 07:18:56 +02:00
Rohit Kumar
468a0a6027 conf: Add support to parse/format <source> for NVRAM
This patch introduces the logic to format and parse remote NVRAM.

Update NVRAM element schema, and docs for supporting network backed
NVRAM. NVRAM backed over network would give the flexibility to start
the VM on any host without having to worry about where to get the latest
nvram image.

<nvram type='network'>
  <source protocol='iscsi' name='iqn.2013-07.com.example:iscsi-nopool/0'>
    <host name='example.com' port='6000'/>
  </source>
</nvram>

or

<nvram type='file'>
  <source file='/var/lib/libvirt/nvram/guest_VARS.fd'/>
</nvram>

In the qemu driver we will support the new definition only with qemu's
supporting -blockdev.

Signed-off-by: Prerna Saxena <prerna.saxena@nutanix.com>
Signed-off-by: Florian Schmidt <flosch@nutanix.com>
Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com>
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Tested-by: Rohit Kumar <rohit.kumar3@nutanix.com>
2022-06-14 15:53:11 +02:00
Peter Krempa
f5c5b16d5d kbase: launch_security_sev: Break up overly long line
Standard text is aligned to 80 colums in all .rst files.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2022-06-13 16:09:32 +02:00
Cole Robinson
d823f27597 docs: kbase/launch_security_sev: QEMU 6.0+ sets iommu=on for us
Reviewed-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2022-06-13 09:12:35 -04:00
Michal Privoznik
3e4bebb9d1 conf: Introduce <defaultiothread/>
As of v7.0.0-877-g70ac26b9e5 QEMU exposes its default event loop
for devices with no IOThread assigned as an QMP object. In the
very next commit (v7.0.0-878-g71ad4713cc) it was extended for
thread-pool-min and thread-pool-max attributes. Expose them under
new <defaultiothread/> element.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-06-10 14:01:03 +02:00
Michal Privoznik
7162cee68a virsh: Wire up new virDomainSetIOThreadParams parameters
Since virsh implements a wrapper over virDomainSetIOThreadParams()
(command iothreadset) let's wire up new typed parameters there too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-06-10 14:00:59 +02:00
Michal Privoznik
568503edf1 conf: Introduce thread_pool_min and thread_pool_max attributes to IOThread
At least in case of QEMU an IOThread is actually a pool of
threads (see iothread_set_aio_context_params() in QEMU's code
base). As such, it can have minimal and maximal number of worker
threads. Allow setting them in domain XML.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-06-10 13:59:46 +02:00
Jiri Denemark
ce34977c1f virsh: Add --postcopy option for domjobabort command
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2022-06-07 17:40:21 +02:00
Jiri Denemark
6280246971 virsh: Add --postcopy-resume option for migrate command
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2022-06-07 17:40:20 +02:00
Ján Tomko
4539530034 docs: contact: recommend the TLS port for IRC
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-06-07 15:22:32 +02:00
Peter Krempa
3299e00298 docs: domain: Remove extraneous quotes
Certain documentation bits tried to put a reference of a value into
quotes, but that's not needed for both the pure view of the rST source
and the rendered output.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-06-01 12:27:10 +02:00
Peter Krempa
8452124669 docs: Add HTML reference checker
In many cases we move around or rename internal anchors which may break
links leading to the content.

docutils handle the case of links inside a document, but we are lacking
the same form of checking between documents.

Introduce a script which cross-checks all the anchors and links in HTML
output files and prints problems and use it as a test case for the
'docs' directory.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-06-01 12:27:10 +02:00
Peter Krempa
dcff02d797 docs: formatstorageencryption: Use correct anchor into formatsecret page
The link was most likely broken when 'formatsecret' was converted to
RST.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-06-01 12:27:10 +02:00
Peter Krempa
602c14fdf5 uri: Fix link to qemu KVM example config
Link into the examples of the qemu driver.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-06-01 12:27:10 +02:00