Cloud-Hypervisor is a KVM virtualization using hypervisor. It
functions similarly to qemu and the libvirt Cloud-Hypervisor driver
uses a very similar structure to the libvirt driver.
The biggest difference from the libvirt perspective is that the
"monitor" socket is seperated into two sockets one that commands are
issued to and one that events are notified from. The current
implementation only uses the command socket (running over a REST API
with json encoded data) with future changes to add support for the
event socket (to better handle shutdowns from inside the VM).
This patch adds support for the following initial VM actions using the
Cloud-Hypervsior API:
* vm.create
* vm.delete
* vm.boot
* vm.shutdown
* vm.reboot
* vm.pause
* vm.resume
To use the Cloud-Hypervisor driver, the v15.0 release of
Cloud-Hypervisor is required to be installed.
Some additional notes:
* The curl handle is persistent but not useful to detect ch process
shutdown/crash (a future patch will address this shortcoming)
* On a 64-bit host Cloud-Hypervisor needs to support PVH and so can
emulate 32-bit mode but it isn't fully tested (a 64-bit kernel and
32-bit userspace is fine, a 32-bit kernel isn't validated)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: William Douglas <william.douglas@intel.com>
These checks look different than most similar ones for no
particular reason.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Similar knobs, such as firewalld_zone and sysctl_config, are
already features, so convert this one as well to comply with
expectations.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Attempting to enable apparmor_profiles when apparmor support
is not enabled should result in an error.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
This is the preferred way to figure out whether a library is
available, and for the most part we can just adopt it right
away; in a few cases, unfortunately, we're stuck with using
cc.find_library() until further down the road, when all our
target platforms ship with pkg-config enabled versions of the
various libraries.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
libacl is Linux-only, so we don't need to explicitly check for
either the target platform or header availability, and we can
simply rely on cc.find_library() instead. The corresponding
preprocessor define is renamed to more accurately reflect the
nature of the check.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
firewalld is Linux-only, so it should be disabled by default
everywhere else and attempts to explicitly enable firewalld
support on non-Linux targets should result in an error.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
This makes it possible to explicitly disable firewalld support
regardless of the platform that's being targeted.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
If the feature is disabled, the corresponding flags should not
show up in the compiler command line.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
The new version will report an error if the user asks for
polkit support to be enabled on Windows instead of silently
ignoring such requests.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
If the user explicitly asked for sanlock support to be enabled,
then failure to find the corresponding library should result in
an error.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
We're supposed to error out if the user has explicitly asked
for vstorage support to be enabled and that can't be done, but
we've been looking at the wrong option.
Fixes: 2127d53f2f
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Meson already knows how to look for pcap using pkg-config
first, and falling back to pcap-config if that didn't work.
https://mesonbuild.com/Dependencies.html#pcap
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Meson offers a native convenience method that can be used to
fetch pkg-config variables from a dependency, so we can use
that instead of calling pkg-config manually.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
If this looks familiar, that's because it's literally *the
same code* that we used to work around *the same issue* in
readline before 1635dca26f :)
Note that the issue only really affects people building from
source on Apple Silicon: on Intel, Homebrew installs header
files under directories that are part of the default search
path, which explains why our CI pipeline never ran into it.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Tested-by: Roman Bolshakov <r.bolshakov@yadro.com>
So far we have three places where glib version is recorded:
meson.build and then in config.h. The latter is so well hidden
that it's easy to miss when bumping minimal glib version in the
former. With a bit of python^Wmeson string magic
GLIB_VERSION_MIN_REQUIRED and GLIB_VERSION_MAX_ALLOWED macros can
be defined to match glib_version from meson.build.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Meson has its own mechanism to turn on -Werror with the --werror option.
If this is set, then there is no reason for libvirt to check for -Werror
itself.
We remove the summary line output because it is potentially misleading
when libvirt hasn't enabled -Werror, but meson has.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Meson defines a warning_level option which has the following behaviour
with C code
0: no warning flags
1: -Wall
2: -Wall -Wextra
3: -Wall -Wextra -Wpedantic
Currently we add our extra warning flags unconditionally if the compiler
supports them, regardless of the meson warning_level setting. This has
effectively nullified the warning_level setting in meson, and also
results in meson printing these messages:
meson.build:498: WARNING: Consider using the built-in warning_level option instead of using "-Wall".
meson.build:498: WARNING: Consider using the built-in warning_level option instead of using "-Wextra".
Semantically we can think of our huge list of flags as being an "extra"
set of warnings, and thus we ought to only add them when meson would
itself use -Wextra. aka warning_level == 2 or 3.
In practice libvirt code can't be built with -Wpedantic so we can ignore
meson warning_level 3, and only add our flags when warning_level==2.
In doing this change, we no longer have to check -Wall/-Wextra ourselves
as we can assume meson already set them.
-W is an alias of -Wextra so it is removed too.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
In several cases we check if a compiler flag is supported, and then add
it to the 'cc_flags' array. The entire 'cc_flags' array is then later
tested to see if each flag is supported, which duplicates the check in
some cases.
Move the check of cc_flags earlier, and for the extra flags append
directly to supported_cc_flags to avoid the duplicate check
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The split of arrays is fairly arbitrary and a hang over from the way we
had to structure lists of flags when we used GNULIB's compiler flag
checking m4 logic.
The separate lists leads to cases where we enable a flag in one list and
have contradictory setting in another list, which leads to confusion.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The virStrerror function no longer exists in libvirt so is not a
constraint. At the current stack limit of 4k, and default Linux
stack size of 8 MB, we have a recursion limit of 2048 in the
absolute worst case, and much higher in common case. Even with
smaller stack sizes, we're going to be fine as we don't deeply
recurse in code.
Thus it is not worth spending effort to optimize below our current
4k worst case limit. Removing the comment will stop encouraging
people to spend time on this in future.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
All other warning flags are checked for compiler support, so we
shouldn't blindly assume this one always exists.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
We're not using these warning flags with libvirt, and it is not worth
keeping them just to issue a warning if someone tries to enable them.
If someone does try to enable them, either libvirt will build cleanly
or it won't.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Upstream sheepdog changed collie to dog back in 2013 in version 0.7.0.
Looking into repology that version is no longer used by any distribution
supported by libvirt.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Both FreeBSD ports and Homebrew on macOS have readline 8.1 now,
and that version contains a correct pkg-config file so the kludge
is no longer necessary.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
To support domUs with more than 4TB memory it is required to use
LIBXL_API_VERSION >= 0x040800, which uses uint64_t for certained guest
memory related quantities.
Unfortunately this change is not straight forward. While most of the
code in libxl.h handles the various LIBXL_API_VERSION variants
correctly, the check for valid a LIBXL_API_VERSION at the beginning of
the file was broken between Xen 4.7 and 4.13 - it did not cover for
API changes introduced in Xen 4.7 and 4.8. This was fixed with
xen-project/xen@c3999835df, which for libvirt means in practice either
the libxl API from Xen 4.5 or 4.13+ can be used.
This change uses pkgconfig to decide which API can be safely selected.
Xen provides a pkgconfig file since Xen 4.6, which is also the lowest
version expected by libvirt.
Signed-off-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
The g_idle_add function adds a callback to the primary GMainContext.
To workaround the GSource unref bugs, we need to add our callbacks
to the GMainContext that is associated with the GSource being
unref'd. Thus code using the per-VM virEventThread must use its
private GMainContext.
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
In the past, we used to have this oomtrace.pl script that
attempted to print the stack trace of where an OOM error
occurred and it used addr2line for that. But since v5.8.0-rc1~189
we don't really care about OOM anymore and the script is long
gone so there's no need to check for addr2line program either.
Fixes: 2c52ecd960
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Allow the directory to be chosen at installation time, to support local
conventions e.g. versioning.
Signed-off-by: Chris Mayo <aklhfex@gmail.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This way it can be used from other places as well.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
There are a few uses of g_autoslist in the qemu driver and likely more
will come throughout the codebase in the future. g_autoslist first
appeared in glib 2.56, so bump the minimum version
https://developer.gnome.org/glib/stable/glib-Miscellaneous-Macros.html#g-autoslist
Bumping the minimum version is an opportune time to update the list of
minimum glib versions found on the distros targeted by libvirt's
platform support policy
RHEL-7: 2.56.1
RHEL-8: 2.56.4
Debian (Buster): 2.58.3
OpenBSD (Ports): 2.66.7
FreeBSD (Ports): 2.66.7
openSUSE Leap 15.2, SLE15-SP2: 2.62.6
Ubuntu (Bionic): 2.56.1
macOS (Homebrew): 2.66.7
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
According to meson.build the minimal version of curl needed is
7.18.0 which was released in January 2008. If the minimal version
is bumped to 7.19.1 (released in November 2008) we can drop some
workarounds because this newer version provides APIs we need.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This header is not present on several non-Linux targets that
nonetheless support aarch64.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
placing "-Dnetcf=disabled" on the meson commandline was ignored,
meaning that even with that option the build would get WITH_NETCF if
the netcf-devel package was found - the only way to disable it was to
uninstall netcf-devel.
This patch adds the small bit of logic to check the netcf meson
commandline option (in addition to whether netcf-devel is installed)
before defining WITH_NETCF.
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
dtrace invokes the C compiler, so when cross-building we need
to make sure that $CC is set in the environment and that it
points to the cross-compiler rather than the native one.
Until https://github.com/mesonbuild/meson/issues/266
is addressed, the workaround is to call dtrace via env(1).
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980334
Signed-off-by: Helmut Grohne <helmut@subdivi.de>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This should fix CI error:
../dist-unpack/libvirt-7.1.0/src/storage/storage_backend_vstorage.c:10:10: fatal error: 'mntent.h' file not found
#include <mntent.h>
^~~~~~~~~~
on freebsd and mac.
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>