[libvirt] [PATCH] news: Update for 5.7.0 release

Michal Privoznik posted 1 patch 2 weeks ago
Test syntax-check passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/0f44d81e01f481c32869d56b5ff2f9da4234b330.1567512546.git.mprivozn@redhat.com
docs/news.xml | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 133 insertions(+)

[libvirt] [PATCH] news: Update for 5.7.0 release

Posted by Michal Privoznik 2 weeks ago
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 docs/news.xml | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 133 insertions(+)

diff --git a/docs/news.xml b/docs/news.xml
index 0c79765fd0..f95af0f0e9 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -50,6 +50,30 @@
           for Hyper-V guests.
         </description>
       </change>
+      <change>
+        <summary>
+          lib: Add virDomainGetGuestInfo()
+        </summary>
+        <description>
+          This API is intended to aggregate several guest agent information
+          queries and is inspired by stats API
+          <code>virDomainListGetStats()</code>. It is anticipated that this
+          information will be provided by a guest agent
+          running within the domain. It's exposed as <code>virsh
+          guestinfo</code>.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Split libvirtd into separate daemons
+        </summary>
+        <description>
+          The big monolithic libvirtd daemon can now be replaced by smaller
+          per-driver daemons. Distributions can chose if they want the former
+          or the latter. The libvirtd is still kept around for backwards
+          compatibility.
+        </description>
+      </change>
     </section>
     <section title="Removed features">
       <change>
@@ -75,8 +99,117 @@
           <code>--bandwidth</code> parameter.
         </description>
       </change>
+      <change>
+        <summary>
+          libxl: Implement domain metadata getter/setter
+        </summary>
+        <description>
+          The libxl driver now supports <code>virDomainGetMetadata()</code> and
+          <code>virDomainSetMetadata()</code> APIs.
+        </description>
+      </change>
+      <change>
+        <summary>
+          test driver: Expand API coverage
+        </summary>
+        <description>
+          Additional APIs have been implemented in the test driver.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Report RNG device in domain capabilities XML
+        </summary>
+        <description>
+          Libvirt now reports if RNG device is supported by underlying
+          hypervisor in domain capabilities XML.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Stop linking virt-login-shell and NSS plugins with libvirt.so
+        </summary>
+        <description>
+          In order to allow libvirt abort on out of memory, we need to stop
+          link libvirt.so to virt-login-shell or the NSS plugins where we don't
+          want to abort. This change also resulted in smaller binaries and
+          libraries.
+        </description>
+      </change>
+      <change>
+        <summary>
+          qemu: Allow migration with disk cache on
+        </summary>
+        <description>
+          When QEMU supports flushing caches at the end of migration, we can
+          safely allow migration even if <code>disk/driver/@cache</code> is not
+          <code>none</code> nor <code>directsync</code>.
+        </description>
+      </change>
     </section>
     <section title="Bug fixes">
+      <change>
+        <summary>
+          Various security label remembering fixes
+        </summary>
+        <description>
+          In the previous release libvirt introduced remembering of original
+          owners and SELinux labels on files. However, the feature did not work
+          properly with snapshots, on migrations or on network filesystems.
+          This is now fixed.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Allow greater PCI domain numbers
+        </summary>
+        <description>
+          Libvirt used to require PCI domain number to be not greater than
+          0xFFFF. The code was changed to allow 32 bits long numbers.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Various D-Bus fixes
+        </summary>
+        <description>
+          When D-Bus is not available, Libvirt was reporting random errors.
+          These are now gone.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Prefer read only opening of PCI config files
+        </summary>
+        <description>
+          When enumerating PCI bus, Libvirt opens config files under
+          <code>sysfs</code> mount and parses them to learn various aspects of
+          the device (e.g. its capabilities). Only in a very limited number of
+          cases it is actually writing into the file. However, it used to open
+          the file also for writing even if it was only reading from it.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Fix AppArmor profile
+        </summary>
+        <description>
+          Since the <code>5.6.0</code> release, Libvirt uses
+          <code>procfs</code> to learn the list of opened file descriptors when
+          spawning a command. However, our AppArmor profile was not allowing
+          such access.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Don't block storage driver when starting or building a pool
+        </summary>
+        <description>
+          Starting or building a storage pool can take a long time to finish.
+          During this time the storage driver was blocked and thus no other API
+          involving the storage driver could run. This is now fixed.
+        </description>
+      </change>
     </section>
   </release>
   <release version="v5.6.0" date="2019-08-05">
-- 
2.21.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] news: Update for 5.7.0 release

Posted by Andrea Bolognani 2 weeks ago
On Tue, 2019-09-03 at 14:09 +0200, Michal Privoznik wrote:
> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
> ---
>  docs/news.xml | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 133 insertions(+)
> 
> diff --git a/docs/news.xml b/docs/news.xml
> index 0c79765fd0..f95af0f0e9 100644
> --- a/docs/news.xml
> +++ b/docs/news.xml
> @@ -50,6 +50,30 @@
[...]
> +        <summary>
> +          Split libvirtd into separate daemons
> +        </summary>
> +        <description>
> +          The big monolithic libvirtd daemon can now be replaced by smaller
> +          per-driver daemons. Distributions can chose if they want the former
> +          or the latter. The libvirtd is still kept around for backwards
> +          compatibility.

We might want to point out that things like SELinux support and
identity passing are not implemented yet, so distributions will
probably want to hold off using the split daemons by default for a
little while longer... Dan?

> +        <summary>
> +          Report RNG device in domain capabilities XML
> +        </summary>
> +        <description>
> +          Libvirt now reports if RNG device is supported by underlying
> +          hypervisor in domain capabilities XML.

Libvirt now reports if RNG devices are supported by the underlying
hypervisor in the domain capabilities XML.

> +        <summary>
> +          Stop linking virt-login-shell and NSS plugins with libvirt.so
> +        </summary>
> +        <description>
> +          In order to allow libvirt abort on out of memory, we need to stop
> +          link libvirt.so to virt-login-shell or the NSS plugins where we don't

In order to allow libvirt to abort on out of memory, we need to stop
linking...

> +        <summary>
> +          qemu: Allow migration with disk cache on
> +        </summary>
> +        <description>
> +          When QEMU supports flushing caches at the end of migration, we can
> +          safely allow migration even if <code>disk/driver/@cache</code> is not

s/not/neither/

> +        <summary>
> +          Various D-Bus fixes
> +        </summary>
> +        <description>
> +          When D-Bus is not available, Libvirt was reporting random errors.

s/Libvirt/libvirt/

> +        <summary>
> +          Prefer read only opening of PCI config files

s/read only/read-only/

> +        </summary>
> +        <description>
> +          When enumerating PCI bus, Libvirt opens config files under

s/Libvirt/libvirt/

> +        <summary>
> +          Fix AppArmor profile
> +        </summary>
> +        <description>
> +          Since the <code>5.6.0</code> release, Libvirt uses

s/Libvirt/libvirt/


With the nits above fixed,

  Reviewed-by: Andrea Bolognani <abologna@redhat.com>

and safe for freeze. Thanks a lot for agreeing to be volunteered to
take care of this ;)


And since you've already spent quite some time on this, I took the
liberty of addressing all of the above locally and pushing, so that
you don't have to do anything else. Thanks again!

-- 
Andrea Bolognani / Red Hat / Virtualization

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] news: Update for 5.7.0 release

Posted by Daniel P. Berrangé 2 weeks ago
On Tue, Sep 03, 2019 at 02:26:23PM +0200, Andrea Bolognani wrote:
> On Tue, 2019-09-03 at 14:09 +0200, Michal Privoznik wrote:
> > Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
> > ---
> >  docs/news.xml | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++
> >  1 file changed, 133 insertions(+)
> > 
> > diff --git a/docs/news.xml b/docs/news.xml
> > index 0c79765fd0..f95af0f0e9 100644
> > --- a/docs/news.xml
> > +++ b/docs/news.xml
> > @@ -50,6 +50,30 @@
> [...]
> > +        <summary>
> > +          Split libvirtd into separate daemons
> > +        </summary>
> > +        <description>
> > +          The big monolithic libvirtd daemon can now be replaced by smaller
> > +          per-driver daemons. Distributions can chose if they want the former
> > +          or the latter. The libvirtd is still kept around for backwards
> > +          compatibility.
> 
> We might want to point out that things like SELinux support and
> identity passing are not implemented yet, so distributions will
> probably want to hold off using the split daemons by default for a
> little while longer... Dan?

Yep, the traditional libvirtd is stil the default.

We should say that the split daemons are "experimental" at this
stage. 


> > +        <summary>
> > +          Stop linking virt-login-shell and NSS plugins with libvirt.so
> > +        </summary>
> > +        <description>
> > +          In order to allow libvirt abort on out of memory, we need to stop
> > +          link libvirt.so to virt-login-shell or the NSS plugins where we don't
> 
> In order to allow libvirt to abort on out of memory, we need to stop
> linking...

I would not mention OOM abort here, since that's not in this version.

I'd just say that we have simiplified the dependancies of these two
parts to make them self-contained. For the NSS plugin this reduces
amount of code & 3rd party libs loaded into every process For the
login shell this makes the thing simpler to audit for security.


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] news: Update for 5.7.0 release

Posted by Andrea Bolognani 2 weeks ago
On Tue, 2019-09-03 at 13:36 +0100, Daniel P. Berrangé wrote:
> On Tue, Sep 03, 2019 at 02:26:23PM +0200, Andrea Bolognani wrote:
> > On Tue, 2019-09-03 at 14:09 +0200, Michal Privoznik wrote:
> > > +          The big monolithic libvirtd daemon can now be replaced by smaller
> > > +          per-driver daemons. Distributions can chose if they want the former
> > > +          or the latter. The libvirtd is still kept around for backwards
> > > +          compatibility.
> > 
> > We might want to point out that things like SELinux support and
> > identity passing are not implemented yet, so distributions will
> > probably want to hold off using the split daemons by default for a
> > little while longer... Dan?
> 
> Yep, the traditional libvirtd is stil the default.
> 
> We should say that the split daemons are "experimental" at this
> stage. 

We could have a section called "Experimental features" and move this
entry there.

> > In order to allow libvirt to abort on out of memory, we need to stop
> > linking...
> 
> I would not mention OOM abort here, since that's not in this version.
> 
> I'd just say that we have simiplified the dependancies of these two
> parts to make them self-contained. For the NSS plugin this reduces
> amount of code & 3rd party libs loaded into every process For the
> login shell this makes the thing simpler to audit for security.

That's more accurate, I agree.

I have already pushed Michal's patch, but we can fix it with a
follow-up before release I think. Care to quickly cook up something?

-- 
Andrea Bolognani / Red Hat / Virtualization

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list