Version Libvirt Private _6.0.0 39; Not Found
Sherman Desrosiers
The aim of pstore device is to provide a bit of NVRAM storage for guestkernel to record oops/panic logs just before it crashes. Typical usageincludes usage in combination with a watchdog so that the logs can beinspected after the watchdog rebooted the machine.
The virt-pki-validate shell script has been rewritten as a C program,providing an output format that matches virt-host-validate, removingthe dependency on certtool and providing more comprehensive checksof the certificate properties.
Sometimes in release hook it is useful to know if the VM shutdown wasgraceful or not. This is especially useful to do cleanup based on the VMshutdown failure reason in release hook. Starting with this release thelast argument 'extra' is used to pass VM shutoff reason in the call torelease hook.
In newer DASD driver versions the ID_TYPE tag is supported. This tag ismissing after a system reboot but when the ccw device is set offline andonline the tag is included. To fix this version independently we need tocheck if a device detected as type disk is actually a DASD to maintain thenode object consistency and not end up with multiple node objects forDASDs.
The network driver can now use nftables rules for the virtualnetwork firewalls, rather than iptables. With the standard buildoptions, nftables is preferred over iptables (with fallback toiptables if nftables isn't installed), but this can be modified atbuild time, or at runtime via the firewall_backend setting innetwork.conf. (NB: the nwfilter driver still usesebtables/iptables).
When starting a domain, by default libvirt sets affinity of QEMU process toall online CPUs. This also included isolated CPUs (isolcpus=) which iswrong. As of this release, isolated CPUs are left untouched, unlessexplicitly configured in domain XML.
Previously, the network device hotplug logic would try to ensure only CCWor PCI addresses. With recent support for the usb-net model, USB addressesfor usb-net network devices are assigned automatically.
The bug was introduced in v10.3.0 (2024-05-02) when attempting to rejectunsupported configurations. During hotplug the addresses areassigned after validation and thus errorneously reject valid configs.
Some PCI devices have large non-prefetchable memory. This can be a problemin case when such device needs to be hotplugged as the firmware can'tforesee such situation. The user thus can override the value calculated atstart to accomodate for such devices.
Libvirt 10.2.0 would sometimes complain about incompatible CPU definitionwhen trying to migrate or save a domain and passing a custom XML eventhough such XML was properly generated as migratable. Hitting this bugdepends on the guest CPU definition and the host on which a particulardomain was running.
In certain scenarios (parallel migration, newly also post-copy migration)libvirt would wrongly pass an empty hostname to QEMU to be used for TLScertificate hostname validation, which would result into failure of thenon-shared storage migration step:
The ch driver now supports basic save and restore operations. This isfunctional on domains without any network, host device config defined.The path parameter for save and restore should be a directory.
It is now possible for libvirt to run loongarch64 guests, including onother architectures via TCG. For the best results, it is recommended touse the upcoming QEMU 9.0.0 release together with the development versionof edk2.
Reloading the graphics display is now supported for QEMU guests usingVNC. This is useful to make QEMU reload the TLS certificates withoutrestarting the guest. Available via the virDomainGraphicsReload APIand the domdisplay-reload virsh command.
A domain with vmx feature enabled (which may be even done automaticallywith mode='host-model') started by libvirt 9.9.0 or older cannot bemigrated to libvirt 9.10.0, 10.0.0, and 10.1.0 as the target host wouldcomplain about a lot of extra vmx-* features. Migration of similardomains started by the affected releases to libvirt 9.9.0 and olderdoes not work either. Since libvirt 10.2.0 migration works again withlibvirt 9.9.0 and older in both directions. Migration from the affectedreleases to 10.2.0 works as well, but the other direction remains brokenunless the fix is backported.
In libvirt-1.0.0 there were couple of interface listing APIsintroduced which had an off-by-one error. That error could lead to avery rare crash if an array was passed to those functions which didnot fit all the interfaces.
In libvirt-5.10 a check for non-NULL arrays has been adjusted toallow for NULL arrays with size 0 instead of rejecting all NULLarrays. However that made the above issue significantly worse sincethat off-by-one error now did not write beyond an array, butdereferenced said NULL pointer making the crash certain in aspecific scenario in which a NULL array of size 0 was passed to theaforementioned functions.
The node device driver has been extended to allow updating mediated nodedevices. Options are available to target the update against the persistent,active or both configurations of a mediated device.Note: The support is only available with at least mdevctl v1.3.0 installed.
When starting a virtual network with a new register='yes' attributein the element, libvirt will configure systemd-resolvedto resolve names of the connected guests using the name server startedfor this network.
QEMU now allows setting .dynamic-memslots attribute for virtio-mem-pcidevices. When turned on, it allows memory exposed to guest to be split intomultiple memory slots and thus smaller memory footprint (see the originalcommit for detailed explanation).
If trustGuestRxFilters is enabled for a vNIC that doesn't support it,libvirt may throw an error when such domain is being started, loaded from asaved state, migrated, etc. These errors are now silenced, but make sure tofix such configurations (after previous release it is even possible tochange trustGuestRxFilters value on live domains viavirDomainUpdateDeviceFlags() or virsh device-update).
Turns out, fileName attribute (which contains path to CDROM image) canbe set to an empty string ("") to denote a state in which the CDROM hasno medium in it. Libvirt used to reject such configuration file, but notanymore.
When starting a domain, libvirt tracks what resources it created for it andwhich were pre-existing and uses this information to preserve pre-existingresources when cleaning up after said domain is shut off. But for macvtapsthis information was lost after the macvtap device was changed (e.g. viavirsh update-device).
Post-copy migrations are now started with postcopy-preemptcapability enabled as long as it is supported by both sides of migration.This should enable faster migration of memory pages that the destinationtries to read before they are migrated from the source.
QEMU added the possibility to map multiple iothreads to a singlevirtio-blk device and map them even to specific virtqueues. Libvirtadds a subelement of the element thatusers can use to configure the mapping.
When a device is assigned to a guest using VFIO with , libvirt will now search the running kernel'smodules.alias file for the most specific match to that device fora VFIO driver, and bind that driver to the device rather thanvfio-pci. A specific driver can also be forced, using the attribute.
Since the new nbdkit support requires a recent selinux policy that is notwidely available yet, it is now possible to build libvirt with nbdkitsupport for remote disks but disabled at runtime. This behavior iscontrolled via the storage_use_nbdkit option of the qemu driverconfiguration file. The option will default to being disabled, but this maychange in a future release and can be customized with thenbdkit_config_default build option.
When migrating a VM with a custom migration XML, use it as a base forpersisting it on the destination as users could have changed non-ABIbreaking facts which would prevent subsequent start if the old XML were used.
The phase of copying storage during migration without shared storagerequires that both the source and destination image are identical in size.This may not be possible if the destination is backed by a block deviceand the source image size is not a multiple of the block device block size.
On device-update, when a user requested change of trustGuestRxFilters for adomain's libvirt did nothing. It did not throw an error nordid it reflect the change. Starting with this release, the change isreflected.
QEMU allows creating images where the 'backing file format' is actually aprotocol name such as 'file'/'host_device'/'nbd'/etc.. Adapt libvirt toproperly handle such images and don't assume automatic format probing isnecessary, which is in many cases forbidden due to security implications.
Reverting external snapshots is now possible using the existing APIvirDomainSnapshotRevert(). Management application can check hostcapabilities for element within the list ofguest features to see if the current libvirt supports both deletingand reverting external snapshots.
Up until now, libvirt supported network disks (http, ftp, ssh) by passingthe URL to qemu and having the appropriate qemu block drivers handle thedisk I/O. However, by handling the network I/O outside of the qemu process,we get several advantages, such as reduced attack surface and improvedstability of qemu. Therefore, when available, libvirt will use nbdkit as abackend for these network disks and export an NBD disk to qemu.
A VFIO variant driver is a device-specific driver that canbe used in place of the generic vfio-pci driver, and providesextra functionality to support things like live migration ofguests with vfio-assigned devices. It can currently be used by:
The network object adds two more user defined metadata fields and .Two new APIs virNetworkGetMetadata() and virNetworkSetMetadata() can beused to view and modify the above including the existing field.
In libvirt-8.3 a bug was introduced which in rare cases could causelibvirtd or virtstoraged to crash if multiple clients attempted tolook up a storage volume by key, path or target path, while other clientsattempted to access something from the same storage pool.
c80f0f1006