From nobody Tue Nov 26 17:40:11 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1570482724; cv=none; d=zoho.com; s=zohoarc; b=PfKm+kKKxcVQ5+mW9BhdXdoJsATZBrwdLv/yt04Y/R2E+9OFxtbU6qrCGFPWu2pJ7TgZBj7V5MdtABhGDCpTAgyUjwwvmaa3k9TwmRt0taCXaubueSpatqMe+58eRqL37guCSht7fRpWLKv15673smqZQykXrYxzMu/z4t70zPo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1570482724; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=3Fm75UVUDKJbwGiwlsRCbNFOlnWt7TsfMChYATPtajU=; b=aDaAKlQ/18wfhgXx06Yd7oCpd19citYjDezeyu/Yvf+IFxU8tGYazFzs8Cu44/MkZ6lsVeMUDBV4VXh1g9BTpA+WHw9W6U695gysKD3t8McDVsnCnaSfUyRCZc9lUUY44+w6oEPfepkrZcIlQm8DZbkp+oPAQpUb+npcsrcVbAI= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1570482724660977.4013699676547; Mon, 7 Oct 2019 14:12:04 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 71EF6308624A; Mon, 7 Oct 2019 21:12:01 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4A95360A9F; Mon, 7 Oct 2019 21:12:01 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9680A4EE6A; Mon, 7 Oct 2019 21:11:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x97LBt78012219 for ; Mon, 7 Oct 2019 17:11:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id 82E005DA8C; Mon, 7 Oct 2019 21:11:55 +0000 (UTC) Received: from mx1.redhat.com (ext-mx20.extmail.prod.ext.phx2.redhat.com [10.5.110.49]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7D3975D9CD for ; Mon, 7 Oct 2019 21:11:53 +0000 (UTC) Received: from mail-qt1-f176.google.com (mail-qt1-f176.google.com [209.85.160.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C0F613086258 for ; Mon, 7 Oct 2019 21:11:51 +0000 (UTC) Received: by mail-qt1-f176.google.com with SMTP id i26so4382856qtm.8 for ; Mon, 07 Oct 2019 14:11:51 -0700 (PDT) Received: from rekt.ibmuc.com ([2804:431:c7c6:e8e7:3739:3e28:be31:8030]) by smtp.gmail.com with ESMTPSA id i30sm11333409qte.27.2019.10.07.14.11.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 07 Oct 2019 14:11:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nexZithRkBdruu7W25yRYIGliv6sRCVvCMSEyNiFteE=; b=GL8VQX3FB9ig6IcBz19TmNbBebHUrSnt798XaiSQoxNMKpjlO2qdTQojqS65xMT5Ne HiGwdLxxR/W5s83J893OmqfLxsyf/oyi3sI4bU5AdEcDKLhSnI8d8h1WfRQ+TDo3tN9F ba2jInqsRZHTctCuBF5U9DR7qNv67Ji+Njd19nD9VBHHJqDf69DbzLlvWftrNJAyFmph kCT3hJmtu+aZ4wE8bJ0ZbiV1gLazOEuRYr3q7IajWODYfsr5Qmjk4Trad71CcdnsmQPA 3p94AHli4MNIiyOjcfeqxFtKAPvoA4irhQgN93By0OuAM1QLbNL4NJJN4h0goelFozha HH6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nexZithRkBdruu7W25yRYIGliv6sRCVvCMSEyNiFteE=; b=KP7Mb4oGYSGcKwjtO7lAQ+WkRz0IJNms5yNdMHFCmYLGPFfwVPUHzFVIetYAM+n27D 3dLiXerWz5QAFrhYuWSBFlXdS6FRZbMjcGRMRaEDAjRH9NxJg81dzzUhKv8KMb4/5JE4 CDqScA+kbIicePaWj7+hM586UtLdVj80ttRwkHGYsyIhhAH0BqbayYZd7l2/HmtftuWi 9buN2XLOTDdBdAAn+Sov/picsmehXOdtXRJ+NahExQCIDbeTWTl/PVLkbbzp498PwLnT 3Uq8zo8qD/uZm9Ruwez8SdOr5O5LxnIRl/v5lhdgOrjE0ZvGz/zbErd/VyNLO6TqwpOT n5ew== X-Gm-Message-State: APjAAAXWr90322F4h5nceav9cie4IEbf8ncK6ssUqFV14MGVt6FJl9OS 56nIlBderIo52Q5uS3JTRzm98mnv X-Google-Smtp-Source: APXvYqyvkMldyc2PQF3bW3fhCxCudiC5mEQEX9tMLuupiW1HgBixS98w8ScBNHR7QWtoa94NQ+SVTg== X-Received: by 2002:ac8:43cc:: with SMTP id w12mr22758494qtn.301.1570482710466; Mon, 07 Oct 2019 14:11:50 -0700 (PDT) From: Daniel Henrique Barboza To: libvir-list@redhat.com Date: Mon, 7 Oct 2019 18:11:34 -0300 Message-Id: <20191007211136.16730-3-danielhb413@gmail.com> In-Reply-To: <20191007211136.16730-1-danielhb413@gmail.com> References: <20191007211136.16730-1-danielhb413@gmail.com> MIME-Version: 1.0 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]); Mon, 07 Oct 2019 21:11:52 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]); Mon, 07 Oct 2019 21:11:52 +0000 (UTC) for IP:'209.85.160.176' DOMAIN:'mail-qt1-f176.google.com' HELO:'mail-qt1-f176.google.com' FROM:'danielhb413@gmail.com' RCPT:'' X-RedHat-Spam-Score: 0.15 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_PASS) 209.85.160.176 mail-qt1-f176.google.com 209.85.160.176 mail-qt1-f176.google.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.49 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Cc: Daniel Henrique Barboza , laine@laine.org Subject: [libvirt] [PATCH 2/4] Introducing assigned='yes|no' hostdev attribute X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.49]); Mon, 07 Oct 2019 21:12:02 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" The idea of having an attribute that declares that a hostdev is not to be assigned to the guest seems counterintuitive, but it has a niche use with multifunction PCI devices. The current use of this kind of device in Libvirt is to declare all of the functions in the XML. This is not ideal though - some devices might have functions that are security sensitive to be shared to guests, but at the same time the user might want to passthrough the other functions to a guest. This is what we call 'partial assignment'. Libvirt does not have proper support for this scenario: when using managed=3D'yes', this partial assignment will cause the code inside virhostdev.c to not detach all the IOMMU devices - given that we do not want all of them in the guest - and then we face a QEMU error because we didn't detached the whole IOMMU. An idea was discussed in [1] where Libvirt would automatically detach all the IOMMU devices in case any multifunction PCI hostdev is used in the guest, but this idea was discarded because removing user agency in this case is undesirable. The user must be aware of all the functions that are going to be detached from the host, even if they're not being assigned to the guest, to avoid scenarios in which Libvirt "all of a sudden" detaches something that the user didn't want to. This patch implements a new attribute called 'assigned' that indicates whether a hostdev is going to be assigned to the guest or not. To keep its use less intrusive for every other hostdev that does not need such control, the attribute can only be set by PCI multifunction devices. For existing domains prior to this change, assign=3D'yes' will be implied. If the user decides not to assign a specific function to the guest using assign=3D'no', the
field becomes unavailable and throws a parsing error if used. In the next patch we'll use this attribute to avoid assigning an assigned=3D'no' device to QEMU at boot. Signed-off-by: Daniel Henrique Barboza --- Note: the changes in the .config files were done because the existing .config data files weren't being recognized as multifunction PCI devices after we started reading the PCI header. docs/schemas/domaincommon.rng | 5 +++ src/conf/domain_conf.c | 36 +++++++++++++++++- src/conf/domain_conf.h | 1 + .../hostdev-pci-multifunction.args | 7 ++-- .../hostdev-pci-multifunction.xml | 6 +++ .../hostdev-pci-multifunction.xml | 23 +++++++---- .../qemuxml2xmloutdata/pseries-hostdevs-1.xml | 4 +- .../qemuxml2xmloutdata/pseries-hostdevs-2.xml | 4 +- .../qemuxml2xmloutdata/pseries-hostdevs-3.xml | 4 +- tests/virpcitestdata/0005-90-01.1.config | Bin 256 -> 256 bytes tests/virpcitestdata/0005-90-01.2.config | Bin 256 -> 256 bytes tests/virpcitestdata/0005-90-01.3.config | Bin 0 -> 256 bytes tools/virsh-domain.c | 5 +++ 13 files changed, 76 insertions(+), 19 deletions(-) create mode 100644 tests/virpcitestdata/0005-90-01.3.config diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 40eb4a2d75..d1a5c051e3 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -4629,6 +4629,11 @@ pci + + + + + diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index a53cd6a725..8d80824a0a 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -7755,7 +7755,6 @@ virDomainHostdevSubsysPCIDefParseXML(xmlNodePtr node, if (virXMLNodeNameEqual(cur, "address")) { virPCIDeviceAddressPtr addr =3D &def->source.subsys.u.pci.addr; - if (virPCIDeviceAddressParseXML(cur, addr) < 0) goto out; } else if ((flags & VIR_DOMAIN_DEF_PARSE_STATUS) && @@ -8147,7 +8146,7 @@ virDomainHostdevDefParseXMLSubsys(xmlNodePtr node, virDomainHostdevDefPtr def, unsigned int flags) { - xmlNodePtr sourcenode; + xmlNodePtr sourcenode, addressnode; int backend; virDomainHostdevSubsysPCIPtr pcisrc =3D &def->source.subsys.u.pci; virDomainHostdevSubsysSCSIPtr scsisrc =3D &def->source.subsys.u.scsi; @@ -8159,6 +8158,8 @@ virDomainHostdevDefParseXMLSubsys(xmlNodePtr node, VIR_AUTOFREE(char *) backendStr =3D NULL; VIR_AUTOFREE(char *) model =3D NULL; VIR_AUTOFREE(char *) display =3D NULL; + VIR_AUTOFREE(char *) assigned =3D NULL; + =20 /* @managed can be read from the xml document - it is always an * attribute of the toplevel element, no matter what type of @@ -8289,6 +8290,32 @@ virDomainHostdevDefParseXMLSubsys(xmlNodePtr node, if (virDomainHostdevSubsysPCIDefParseXML(sourcenode, def, flags) <= 0) return -1; =20 + /* @assigned can only be set for multifunction PCI devices. + * In case the attribute is missing, always assume + * assigned =3D true. + */ + def->assigned =3D true; + + if ((assigned =3D virXMLPropString(node, "assigned")) !=3D NULL) { + if (!virHostdevIsPCIMultifunctionDevice(def)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("'assigned' can only be set for multifunc= tion " + "PCI devices")); + return -1; + } + + if (STREQ(assigned, "no")) + def->assigned =3D false; + + if ((addressnode =3D virXPathNode("./address", ctxt)) && + !def->assigned) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("unable to set
element " + "for assign=3D'no' hostdev")); + return -1; + } + } + backend =3D VIR_DOMAIN_HOSTDEV_PCI_BACKEND_DEFAULT; if ((backendStr =3D virXPathString("string(./driver/@name)", ctxt)= ) && (((backend =3D virDomainHostdevSubsysPCIBackendTypeFromString(= backendStr)) < 0) || @@ -27254,6 +27281,11 @@ virDomainHostdevDefFormat(virBufferPtr buf, virBufferAsprintf(buf, " managed=3D'%s'", def->managed ? "yes" : "no"); =20 + if (def->source.subsys.type =3D=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_= PCI && + virHostdevIsPCIMultifunctionDevice(def)) + virBufferAsprintf(buf, " assigned=3D'%s'", + def->assigned ? "yes" : "no"); + if (def->source.subsys.type =3D=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_= SCSI && scsisrc->sgio) virBufferAsprintf(buf, " sgio=3D'%s'", diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 2884af49d8..e2f6f640b9 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -343,6 +343,7 @@ struct _virDomainHostdevDef { bool missing; bool readonly; bool shareable; + bool assigned; union { virDomainHostdevSubsys subsys; virDomainHostdevCaps caps; diff --git a/tests/qemuxml2argvdata/hostdev-pci-multifunction.args b/tests/= qemuxml2argvdata/hostdev-pci-multifunction.args index d8690c010b..3cef177c00 100644 --- a/tests/qemuxml2argvdata/hostdev-pci-multifunction.args +++ b/tests/qemuxml2argvdata/hostdev-pci-multifunction.args @@ -30,6 +30,7 @@ server,nowait \ -device vfio-pci,host=3D0001:01:00.0,id=3Dhostdev2,bus=3Dpci.0,addr=3D0x5 \ -device vfio-pci,host=3D0005:90:01.2,id=3Dhostdev3,bus=3Dpci.0,addr=3D0x6 \ -device vfio-pci,host=3D0005:90:01.3,id=3Dhostdev4,bus=3Dpci.0,addr=3D0x7 \ --device vfio-pci,host=3D0000:06:12.1,id=3Dhostdev5,bus=3Dpci.0,addr=3D0x8 \ --device vfio-pci,host=3D0000:06:12.2,id=3Dhostdev6,bus=3Dpci.0,addr=3D0x9 \ --device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0xa +-device vfio-pci,host=3D0000:06:12.0,id=3Dhostdev5,bus=3Dpci.0,addr=3D0x8 \ +-device vfio-pci,host=3D0000:06:12.1,id=3Dhostdev6,bus=3Dpci.0,addr=3D0x9 \ +-device vfio-pci,host=3D0000:06:12.2,id=3Dhostdev7,bus=3Dpci.0,addr=3D0xa \ +-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0xb diff --git a/tests/qemuxml2argvdata/hostdev-pci-multifunction.xml b/tests/q= emuxml2argvdata/hostdev-pci-multifunction.xml index 06c889c64d..f4813961b3 100644 --- a/tests/qemuxml2argvdata/hostdev-pci-multifunction.xml +++ b/tests/qemuxml2argvdata/hostdev-pci-multifunction.xml @@ -43,6 +43,12 @@
+ + + +
+ + diff --git a/tests/qemuxml2xmloutdata/hostdev-pci-multifunction.xml b/tests= /qemuxml2xmloutdata/hostdev-pci-multifunction.xml index 52ed86e305..079e0513c1 100644 --- a/tests/qemuxml2xmloutdata/hostdev-pci-multifunction.xml +++ b/tests/qemuxml2xmloutdata/hostdev-pci-multifunction.xml @@ -23,35 +23,35 @@ - +
- +
- +
- +
- +
@@ -61,19 +61,26 @@ -
+
-
+
- + + + +
+
+ + +
diff --git a/tests/qemuxml2xmloutdata/pseries-hostdevs-1.xml b/tests/qemuxm= l2xmloutdata/pseries-hostdevs-1.xml index e77a060a38..94472b38e4 100644 --- a/tests/qemuxml2xmloutdata/pseries-hostdevs-1.xml +++ b/tests/qemuxml2xmloutdata/pseries-hostdevs-1.xml @@ -35,14 +35,14 @@
- +
- +
diff --git a/tests/qemuxml2xmloutdata/pseries-hostdevs-2.xml b/tests/qemuxm= l2xmloutdata/pseries-hostdevs-2.xml index cfa395b001..f2fe94d2fb 100644 --- a/tests/qemuxml2xmloutdata/pseries-hostdevs-2.xml +++ b/tests/qemuxml2xmloutdata/pseries-hostdevs-2.xml @@ -30,14 +30,14 @@ - +
- +
diff --git a/tests/qemuxml2xmloutdata/pseries-hostdevs-3.xml b/tests/qemuxm= l2xmloutdata/pseries-hostdevs-3.xml index f91959b805..0893ecd887 100644 --- a/tests/qemuxml2xmloutdata/pseries-hostdevs-3.xml +++ b/tests/qemuxml2xmloutdata/pseries-hostdevs-3.xml @@ -27,14 +27,14 @@ - +
- +
diff --git a/tests/virpcitestdata/0005-90-01.1.config b/tests/virpcitestdat= a/0005-90-01.1.config index beee76534041a7020c08ae9ac03d9a349c6ea12e..a60599bd342d3ebcdc7b8367ca3= 6ad337f602fde 100644 GIT binary patch delta 44 ycmZo*YG4vE7BFRCV-R3+7GUOK;Amg~f~JXq5)*X<85t+qEn;Cc-jFjfPzC^<7YL>R delta 39 ucmZo*YG4vE7BFRCV-R3+7GUOK;9y{25MXGU7$`AON05CJ=3D!Q7z5RUfCHEW5{!&mj0{Y5Fz#TaS&cX3;ByxM DCDjDB literal 256 zcmXpOc)-BMAi%_;z|6zo!oa|wz|aIFu>xbDS`csmlR$!5K#7rosSd`)Mk^@TV-u#E T7_0Gy9FS#<5E~CbCCJ=3D!Q7z5RUfCHEW5{!&mj0{Y5Fz#TaS&cX3;ByxM DCDjDB literal 0 HcmV?d00001 diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index fbfdc09c0d..1453d7f024 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -858,6 +858,11 @@ static const vshCmdOptDef opts_attach_interface[] =3D { .type =3D VSH_OT_BOOL, .help =3D N_("libvirt will automatically detach/attach the device fro= m/to host") }, + {.name =3D "assigned", + .type =3D VSH_OT_BOOL, + .help =3D N_("hostdev virtual function will be assigned to the guest " + "(multifunction PCI device only)") + }, {.name =3D NULL} }; =20 --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list