From nobody Tue Mar 3 03:04:38 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1771887213; cv=none; d=zohomail.com; s=zohoarc; b=XaLvJWi7N+j1TRI6QYx5/4WezofrD2ksPIJ+OmDXuqfMMQZ0DVu3p9JCZ2OShTxFpnaRDU9RDpBaXT08MiUO+g5g76hfGh8HlfoEvMSY/mcK/rTIkGWDsnUwm9WUQf9gA9rk8TI1dWLqbSuPKbbWWKp1aXSvMJSRSjSNfVKkV70= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1771887213; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Subject:Subject:To:To:Message-Id:Reply-To; bh=YUn8OvdQLHQFfBwcE9EoiGDqu4n3PR0mQwru5xEAksM=; b=cX3UGE7yfReGKZ1w41jPpsaTuBUSy3nrU1NqJC3KOVuJ4qvtYHu5XR/wdqAcj6c4WUp5RBev6jNsRzSm4SJBnHcqAB3W6xMhiWTeiZeSruyMkf12BV4oah4CGtlCvSFbI/K0ZjySpzgDzeWindhCH7r4Md4GSG2UDxnj/c3k0Yo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1771887213751448.59176041532817; Mon, 23 Feb 2026 14:53:33 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id B160A41C16; Mon, 23 Feb 2026 17:53:32 -0500 (EST) Received: from [172.19.199.9] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 793A241BFE; Mon, 23 Feb 2026 17:52:33 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 604C641B31; Mon, 23 Feb 2026 17:52:30 -0500 (EST) Received: from mail-vk1-f169.google.com (mail-vk1-f169.google.com [209.85.221.169]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 6BCA73FAB9 for ; Mon, 23 Feb 2026 17:52:29 -0500 (EST) Received: by mail-vk1-f169.google.com with SMTP id 71dfb90a1353d-5673fd077b4so2400706e0c.0 for ; Mon, 23 Feb 2026 14:52:29 -0800 (PST) Received: from localhost.localdomain ([2804:29b8:5090:5879:4cd3:397a:436f:4859]) by smtp.gmail.com with ESMTPSA id 71dfb90a1353d-568e58080d6sm10304158e0c.9.2026.02.23.14.52.25 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 23 Feb 2026 14:52:27 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,HELO_MISC_IP,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED, RCVD_IN_VALIDITY_RPBL_BLOCKED,RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1771887148; x=1772491948; darn=lists.libvirt.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=YUn8OvdQLHQFfBwcE9EoiGDqu4n3PR0mQwru5xEAksM=; b=T51/OD8qk39mEdgQNUDhpONWY6ija+m3A3bx8tLOQNb7zfES4gg1G6xjucawUzvBnW PeDPX7+9Bb0z7raTcIsl/0MzsIG8pdRtMknSDDdZM9V0F83usMmNgeinns2iBSJ4exNQ YrBFSL9xo1npgLdCXCOZdJsMzUJ7880LU7qvLdHjBYaaP4luLJnI2oPW2rRPYRI7UkEK DqDvUluszf24PavUdtCDK87yQWhUnV+yvh6Kwm1VT6Zd4EGaPVVmy43HSnE1Dj4Dw3dc S6AKHhXPKMHGsinvwzF1pYo5dR0uFUq8u6DgP2+8ocTVLMVLU23h+tqv+zUywbyZYd64 D+Iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771887148; x=1772491948; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=YUn8OvdQLHQFfBwcE9EoiGDqu4n3PR0mQwru5xEAksM=; b=xHuwl7VnXLv5qsSf38UATN7Mp+5IBqI52SzjXFUBJ6e/QjruKIabVHsdksD2LLK5Qq 0RFjDFKu/HXX2twOeyu5CENToqTdeXY+N+Vhs1iuKvyz1/qZOM5GA3Fw4X+unpaZQh6K Zd0BP3O+aWzUiTlNTYHuy2pVCFWazYf45UoYDUhVbX5KCxJA0a/Lm6IEzgYEiSx2ArIY OIrCXdJelPV3USyILOpL1x/8ecMfO7QmCPx2YdaABZ/9GSJgjSlAHEKzobQMnof30bj8 JJE0S9jpZXbyAKY8RDyBV2ALcH0VW51j7mqwrhy7H/51fc6x1hT2bYFDCKSUK/yWQCfF H7QA== X-Gm-Message-State: AOJu0YxOWLD7LmWRCaH/6l1OrFzstYWe0+u3Ihj1RE1w+EbZA48xH2V1 KkI5HdQK35BuAxOS6puCmZBGLx/AkgSWNgbtG6P6Mq38lcuEeKf5LB5F2f9q1w== X-Gm-Gg: ATEYQzxG5KDJrcINZp2BYEh6YdOmsWdCOnBeboR3kj0nXrPKoDHDmcZsnF+WYprz5z1 ockys4WcZ8mVjGUyZ585zDSxo3Ld2SUC/qgvoL1kmbvg2f9z652GPOvzI8+ppOFCMUki2f2LzNF 5ikgNkf7P+dbv3JIDNF7hfSqLpsFKhuQIVfqilyxvgSVGUbfWmDDqtlux3Ylq0NUsbcPRGgp4+M /QsApy5v+gn54ls0ix7GY1/JKO7qsjC2N/tG9vv5Lv9L/zW1myLXsxozf6oqDRyFT2p3o1VvCjz 6kyEOoIRpsHQTUJc7uBgxyauOiafJ7SnPm/a4l634WokW338ilarkym/hahHWyWcouMHxUZJIac kXQ2JL7IAiKMwgud6z+abD3XK938RkFIL4Gm14g+zBndH9UCqYClkgyInoo1eaZ7CKY/OhLMcm4 mAn49qnRGNo5dQ2JkaG6znUjJ8ccff6Gyk9Tqic/0ydATZrD481zqQbMn9A08= X-Received: by 2002:a05:6122:2191:b0:563:c3e7:6132 with SMTP id 71dfb90a1353d-568e4880bbdmr3560548e0c.10.1771887148104; Mon, 23 Feb 2026 14:52:28 -0800 (PST) From: Lucas Amaral To: devel@lists.libvirt.org Subject: [PATCH] qemu: add automatic port allocation for pull-mode backup NBD servers Date: Mon, 23 Feb 2026 19:52:22 -0300 Message-ID: <20260223225222.31103-1-lucaaamaral@gmail.com> X-Mailer: git-send-email 2.52.0 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 27BPVBDFTLIPBWEJRKGCX53XF5RTBNKH X-Message-ID-Hash: 27BPVBDFTLIPBWEJRKGCX53XF5RTBNKH X-MailFrom: lucaaamaral@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Lucas Amaral X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1771887215135158500 Content-Type: text/plain; charset="utf-8" Previously, users had to manually specify a TCP port when starting a pull-mode backup with an NBD server. A TODO comment in qemuBackupPrepare() noted this limitation and pointed toward using virPortAllocator, as done for migration, VNC, and SPICE ports. Add backup_port_min and backup_port_max configuration options to qemu.conf, defaulting to 10809-10872 (10809 is the IANA-assigned NBD port; range of 64 matches the migration port pattern). When a pull-mode backup is started without specifying a TCP port, a port is now acquired automatically from the configured range via virPortAllocatorAcquire(). The port is released when the backup ends or if startup fails. Signed-off-by: Lucas Amaral --- Build-tested and passed full test suite on CentOS Stream 9 (298 OK, 0 failures). Runtime-validated against an actual patched virtqemud instance running inside a privileged container (CentOS Stream 9, QEMU 10.1.0) with a live aarch64/virt guest. Config parsing validation: - Default config (no backup_port_* set): daemon starts OK - Custom range (backup_port_min=3D20000, backup_port_max=3D20010): daemon starts OK - Invalid (min > max): daemon correctly refuses to start - Invalid (min =3D 0): daemon correctly refuses to start - Invalid (max > 65535): daemon correctly refuses to start Port auto-allocation (live VM backup): - Pull-mode backup WITHOUT port specified: backup-begin succeeds, backup-dumpxml shows auto-allocated port=3D'10809' from default range. Previously this would fail with: " must specify TCP port for now" - Pull-mode backup WITH explicit port=3D10809: backup-begin succeeds, backup-dumpxml shows port=3D'10809'. Behavior unchanged from before the patch. Port conflict and exhaustion (range set to 10809-10810, 3 VMs): - Auto-allocate on vm1 (got 10809), then manual port=3D10809 on vm2: QEMU correctly rejects with "Address already in use" - Auto-allocate vm1=3D10809, vm2=3D10810 (range full), vm3 attempt: "Unable to find an unused port in range 'backup' (10809-10810)" - After aborting vm1 backup (releasing 10809), vm3 retries and gets 10809: port release and reuse works correctly docs/formatbackup.rst | 3 ++- src/qemu/libvirtd_qemu.aug | 2 ++ src/qemu/qemu.conf.in | 9 ++++++++ src/qemu/qemu_backup.c | 33 +++++++++++++++++++++--------- src/qemu/qemu_conf.c | 25 ++++++++++++++++++++++ src/qemu/qemu_conf.h | 6 ++++++ src/qemu/qemu_domain.h | 1 + src/qemu/qemu_driver.c | 6 ++++++ src/qemu/test_libvirtd_qemu.aug.in | 2 ++ 9 files changed, 76 insertions(+), 11 deletions(-) diff --git a/docs/formatbackup.rst b/docs/formatbackup.rst index df6392e3bd..24857eaf72 100644 --- a/docs/formatbackup.rst +++ b/docs/formatbackup.rst @@ -42,7 +42,8 @@ were supplied). The following child elements and attribut= es are supported: ```protocol`` element of a disk `__ attached via NBD in the domain (such as transport, socket, name, port, or tls), necessary to set up an NBD server that exposes the content of each disk= at - the time the backup is started. + the time the backup is started. For TCP transport, if ``port`` is omitt= ed, a + port is allocated automatically from the range configured in ``/etc/lib= virt/qemu.conf``. =20 In addition to the above the NBD server used for backups allows using ``transport=3D'fd' fdgroup=3D'NAME'`` where ``NAME`` is the name used w= ith diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug index 0286582169..eb790d48be 100644 --- a/src/qemu/libvirtd_qemu.aug +++ b/src/qemu/libvirtd_qemu.aug @@ -146,6 +146,8 @@ module Libvirtd_qemu =3D | int_entry "migration_port_min" | int_entry "migration_port_max" | str_entry "migration_host" + | int_entry "backup_port_min" + | int_entry "backup_port_max" =20 let log_entry =3D bool_entry "log_timestamp" =20 diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in index 2d1c67034d..5eacd70022 100644 --- a/src/qemu/qemu.conf.in +++ b/src/qemu/qemu.conf.in @@ -969,6 +969,15 @@ #migration_port_max =3D 49215 =20 =20 +# Port range used for automatic allocation of NBD backup server ports. +# When a pull-mode backup is started without specifying a TCP port, a +# port from this range will be assigned automatically. The NBD standard +# port is 10809. +# +#backup_port_min =3D 10809 +#backup_port_max =3D 10872 + + # Timestamp QEMU's log messages (if QEMU supports it) # # Defaults to 1. diff --git a/src/qemu/qemu_backup.c b/src/qemu/qemu_backup.c index 44514d08fc..12ef64b14e 100644 --- a/src/qemu/qemu_backup.c +++ b/src/qemu/qemu_backup.c @@ -32,6 +32,7 @@ #include "storage_source.h" #include "storage_source_conf.h" #include "virerror.h" +#include "virportallocator.h" #include "virlog.h" #include "virbuffer.h" #include "backup_conf.h" @@ -71,16 +72,7 @@ qemuBackupPrepare(virDomainBackupDef *def) =20 switch (def->server->transport) { case VIR_STORAGE_NET_HOST_TRANS_TCP: - /* TODO: Update qemu.conf to provide a port range, - * probably starting at 10809, for obtaining automatic - * port via virPortAllocatorAcquire, as well as store - * somewhere if we need to call virPortAllocatorRelease - * during BackupEnd. Until then, user must provide port */ - if (!def->server->port) { - virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", - _(" must specify TCP port for= now")); - return -1; - } + /* port is auto-allocated if not set */ break; =20 case VIR_STORAGE_NET_HOST_TRANS_UNIX: @@ -841,6 +833,16 @@ qemuBackupBegin(virDomainObj *vm, if (qemuBackupPrepare(def) < 0) goto endjob; =20 + if (pull && def->server && + def->server->transport =3D=3D VIR_STORAGE_NET_HOST_TRANS_TCP && + !def->server->port) { + unsigned short port =3D 0; + if (virPortAllocatorAcquire(priv->driver->backupPorts, &port) < 0) + goto endjob; + def->server->port =3D port; + priv->backupNBDPort =3D port; + } + if (qemuBackupBeginPrepareTLS(vm, cfg, def, &tlsProps, &tlsSecretProps= ) < 0) goto endjob; =20 @@ -969,6 +971,11 @@ qemuBackupBegin(virDomainObj *vm, qemuDomainObjExitMonitor(vm); } =20 + if (ret < 0 && priv->backupNBDPort) { + virPortAllocatorRelease(priv->backupNBDPort); + priv->backupNBDPort =3D 0; + } + if (ret < 0 && !job_started && priv->backup) def =3D g_steal_pointer(&priv->backup); =20 @@ -1026,6 +1033,12 @@ qemuBackupNotifyBlockjobEndStopNBD(virDomainObj *vm, qemuDomainObjExitMonitor(vm); =20 backup->nbdStopped =3D true; + + if (priv->backupNBDPort) { + virPortAllocatorRelease(priv->backupNBDPort); + priv->backupNBDPort =3D 0; + backup->server->port =3D 0; + } } =20 =20 diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index de6e51177a..99e6a29148 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -74,6 +74,9 @@ VIR_LOG_INIT("qemu.qemu_conf"); #define QEMU_MIGRATION_PORT_MIN 49152 #define QEMU_MIGRATION_PORT_MAX 49215 =20 +#define QEMU_BACKUP_PORT_MIN 10809 +#define QEMU_BACKUP_PORT_MAX 10872 + VIR_ENUM_IMPL(virQEMUSchedCore, QEMU_SCHED_CORE_LAST, "none", @@ -265,6 +268,9 @@ virQEMUDriverConfig *virQEMUDriverConfigNew(bool privil= eged, cfg->migrationPortMin =3D QEMU_MIGRATION_PORT_MIN; cfg->migrationPortMax =3D QEMU_MIGRATION_PORT_MAX; =20 + cfg->backupPortMin =3D QEMU_BACKUP_PORT_MIN; + cfg->backupPortMax =3D QEMU_BACKUP_PORT_MAX; + /* For privileged driver, try and find hugetlbfs mounts automatically. * Non-privileged driver requires admin to create a dir for the * user, chown it, and then let user configure it manually. */ @@ -985,6 +991,25 @@ virQEMUDriverConfigLoadNetworkEntry(virQEMUDriverConfi= g *cfg, return -1; } =20 + if (virConfGetValueUInt(conf, "backup_port_min", &cfg->backupPortMin) = < 0) + return -1; + if (cfg->backupPortMin <=3D 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("%1$s: backup_port_min: port must be greater than= 0"), + filename); + return -1; + } + + if (virConfGetValueUInt(conf, "backup_port_max", &cfg->backupPortMax) = < 0) + return -1; + if (cfg->backupPortMax > 65535 || + cfg->backupPortMax < cfg->backupPortMin) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("%1$s: backup_port_max: port must be between the= minimal port %2$d and 65535"), + filename, cfg->backupPortMin); + return -1; + } + if (virConfGetValueString(conf, "migration_host", &cfg->migrateHost) <= 0) return -1; virStringStripIPv6Brackets(cfg->migrateHost); diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index c284e108a1..2e68f1de14 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -240,6 +240,9 @@ struct _virQEMUDriverConfig { unsigned int migrationPortMin; unsigned int migrationPortMax; =20 + unsigned int backupPortMin; + unsigned int backupPortMax; + bool logTimestamp; bool stdioLogD; =20 @@ -338,6 +341,9 @@ struct _virQEMUDriver { /* Immutable pointer, immutable object */ virPortAllocatorRange *migrationPorts; =20 + /* Immutable pointer, immutable object */ + virPortAllocatorRange *backupPorts; + /* Immutable pointer, lockless APIs */ virSysinfoDef *hostsysinfo; =20 diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 5755d2adb0..1153d8c6e0 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -147,6 +147,7 @@ struct _qemuDomainObjPrivate { char *origname; int nbdPort; /* Port used for migration with NBD */ unsigned short migrationPort; + unsigned short backupNBDPort; int preMigrationState; unsigned long long preMigrationMemlock; /* Original RLIMIT_MEMLOCK in = case it was changed for the curr= ent diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index c5eedeedfa..a8034b4f26 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -714,6 +714,12 @@ qemuStateInitialize(bool privileged, cfg->migrationPortMax)) =3D=3D NULL) goto error; =20 + if ((qemu_driver->backupPorts =3D + virPortAllocatorRangeNew(_("backup"), + cfg->backupPortMin, + cfg->backupPortMax)) =3D=3D NULL) + goto error; + if (qemuSecurityInit(qemu_driver) < 0) goto error; =20 diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qe= mu.aug.in index 82cfec3b4b..2582c6a09c 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -110,6 +110,8 @@ module Test_libvirtd_qemu =3D { "migration_host" =3D "host.example.com" } { "migration_port_min" =3D "49152" } { "migration_port_max" =3D "49215" } +{ "backup_port_min" =3D "10809" } +{ "backup_port_max" =3D "10872" } { "log_timestamp" =3D "0" } { "nvram" { "1" =3D "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd" } --=20 2.52.0