Introduction

QEMU is seeking funding to participate as a mentoring organization in Outreachy 2015 December-March. This page contains our ideas list and information for candidates and mentors.

Find Us

• IRC: #qemu-outreachy on irc.oftc.net

• IRC (development):
  • QEMU: #qemu on irc.oftc.net
  • libvirt: #virt on irc.oftc.net
  • KVM: #kvm on chat.freenode.net

• Mailing lists:
  • QEMU: qemu-devel
  • libvirt: libvir-list
  • KVM: linux-kvm

Please contact the mentor for the project idea you are interested in. IRC is usually the quickest way to get an answer.

For general questions about QEMU in Outreachy, please contact the following people:

• Stefan Hajnoczi (stefanha on IRC)

How to get familiar with our software

See what people are developing and talking about on the mailing lists:

• qemu-devel
• libvir-list
• kvm

Grab the source code or browse it:

• qemu.git
• libvirt.git
• kvm.git

Build QEMU and run it: QEMU on Linux Hosts

Project Ideas

This is the listing of suggested project ideas. Applicants are free to suggest their own projects by emailing qemu-devel@nongnu.org and (optionally) CCing potential mentors.

QEMU/KVM projects

VT-d interrupt emulation with KVM support

Summary: Extend the existing VT-d model with support for interrupt remapping, including KVM irqchip support

QEMU has gained basic Intel IOMMU support (VT-d). DMA remapping (DMAR) works already, but interrupt remapping is still missing. There are some hacks that pleases Linux as well as the Jailhouse hypervisor (both shall serve as test cases here), but they are not upstream, lack error handling and only work if the KVM in-kernel irqchip is disabled.

This project shall overcome the limitations. It can start with addressing the open issues in -no-kvm-irqchip mode and get the changes upstream. Then it shall look into extending KVM to support interrupt remapping emulation as well.

The primary challenge here is to integrate with ongoing split irqchip work in KVM, handling irq remapping always in user space according to the user space VT-d model and its programming by the guest. This likely involves integrating with the qemu bits that use the new split irqchip kernel interface,

Possibly not much code needs to be written for this, but intensive interaction with KVM maintainers will be required because sensitive code will have to be touched. So this will be a unique chance to get deeply involved in the QEMU/KVM development process.

Links:

• VT-d emulation patches
• VT-d interrupt remapping hacks
• VT-d specification

Details:

• Skill level: intermediate to advanced
• Language: C
• Mentor: Jan Kiszka <jan.kiszka@web.de>
• Suggested by: Jan Kiszka

QEMU projects

AF_VSOCK packet capture in Linux and Wireshark

Summary: Develop a AF_VSOCK packet capture Linux device driver and Wireshark dissector

Wireshark and Linux's packet capture functionality support more than just Ethernet traffic dumping. USB device traffic and netlink software communication can also be captured.

The AF_VSOCK address family is currently not support by Wireshark because there is no Linux kernel device driver for packet capture. AF_VSOCK is the socket address family that is used by the virtio-vsock host/guest communication device that is currently in development. The aim of this project is to first implement a Linux device driver for AF_VSOCK packet capture and then a Wireshark dissector. Minor changes to tcpdump may be necessary too.

This will allow tcpdump and Wireshark to dump host/guest communication with virtio-vsock (and maybe also VMware VMSockets). Traffic capture is an essential debugging tool for network communication and has not been available to programs using AF_VSOCK.

This project is challenging because you need to work on multiple codebases. You must have experience with device driver development and network programming.

Links:

• How AF_NETLINK does packet capture: nlmon.c
• Wireshark dissector docs (I'm not a Wireshark expert, some research may be necessary)
• virtio-vsock: Zero-configuration host/guest communication (pdf) presentation on virtio-vsock

Details:

• Skill level: advanced
• Language: C
• Mentor: Stefan Hajnoczi <stefanha@redhat.com> (stefanha on IRC)

qemu-img fuzzing using afl-fuzz

Summary: Apply the afl-fuzz fuzz testing tool to qemu-img and submit patches fixing bugs discovered with afl-fuzz.

The qemu-img tool is used to convert between disk image file formats and inspect image files. It supports multiple file formats including qcow2, vmdk, vhdx, and parallels. Since this tool is often used on untrusted inputs (e.g. in a cloud or hosting environment where end-users can upload disk image files), it must not allow arbitrary code execution or other classes of security bugs.

afl-fuzz instruments the program to record codepaths taken for each input test file. This allows afl-fuzz to mutate inputs and choose the ones that explore new codepaths. The amount of prior knowledge that afl-fuzz needs about the input grammar is limited since it learns how inputs affect the codepath. This makes it possible to fuzz various disk image file formats without painstakingly writing grammars for each file format.

In Outreach Program for Women 2014, a qcow2-specific fuzzing tool was developed in Python and several bugs were discovered. This project aims to tackle the other file formats (especially vmdk, vhdx, and parallels).

This project is suitable for candidates interested in software security, software testing, compilers, and disk image file formats.

Links:

• afl-fuzz
• VMDK file format
• VHDX file format (docx)
• Existing qcow2 fuzzer in qemu.git: source code

Details:

• Skill level: intermediate
• Language: C
• Mentor: Stefan Hajnoczi <stefanha@redhat.com> (stefanha on IRC)
• Suggested by: Stefan Hajnoczi

Libvirt projects

Introducing job control to the storage driver

Summary: Currently, libvirt support job cancellation and progress reporting on domains. That is, if there's a long running job on a domain, e.g. migration, libvirt reports how much data has already been transferred to the destination and how much still needs to be transferred. However, libvirt lacks such information reporting in storage area, to which libvirt developers refer to as the storage driver. The aim is to report progress on several storage tasks, like volume wiping, file allocation an others.

• Component: libvirt
• Skill level: intermediate
• Language: C
• Mentor: Michal Privoznik <mprivozn@redhat.com>, mprivozn on IRC (#virt OFTC)
• Suggested by: Michal Privoznik <mprivozn@redhat.com>

Enhancing libvirt-designer

Summary: The project is in its very early stage of life. The libvirt-designer tries to ease generation of libvirt XML with coworking with libosinfo project. Contact me and we can find something suitable.

• Component: libvirt
• Skill level: beginner
• Language: C
• Mentor: Michal Privoznik <mprivozn@redhat.com>, mprivozn on IRC (#virt OFTC)
• Suggested by: Michal Privoznik <mprivozn@redhat.com>

Making virsh more bash like

Summary: If you have ever used virsh, you certainly reached the point where you stuggle with its user friendliness. Or unfriendliness I should rather say. Virsh is missing a lot of bash functionality that users consider natural: from automatic completion of object names, through redirecting command outputs through piping commands together. The aim would be to make these functions available in virsh and thus make user experience better.

• Component: libvirt
• Skill level: Advanced
• Language: C
• Mentor: Michal Privoznik <mprivozn@redhat.com>, mprivozn on IRC (#virt OFTC)
• Suggested by: Michal Privoznik <mprivozn@redhat.com>

Abstracting device address allocation

Summary: There are many types of addresses that devices can have in libvirt's XML description. Not all address types are properly assigned and checked for duplicates. The goal of this is to have an abstract data structure that would handle assigning all kinds of addresses, handle duplicates, etc.

• Component: libvirt
• Skill level: beginner/intermediate
• Language: C
• Mentor: Martin Kletzander <mkletzan@redhat.com>, mkletzan on IRC (#virt @ OFTC)
• Suggested by: Martin Kletzander <mkletzan@redhat.com>

LXC driver migration implementation

Summary: Live migration from one host to another is a feature libvirt already provides for the KVM driver, but it is still not implemented for LXC containers. The goal of this task is to implement it using CRIU. This is surely a difficult task and will possibly require patching CRIU as well as libvirt.

• Component: libvirt
• Skill level: advanced
• Language: C
• Mentor: Cédric Bosdonnat <cbosdonnat@suse.com>, cbosdonnat on IRC (#virt OFTC)
• Suggested by: Cédric Bosdonnat <cbosdonnat@suse.com>

virt-sandbox-image improvements

Summary: A Google Summer of Code 2015 project successfully bootstrapped a new virt-sandbox-image tool to easily run docker images with libvirt-sandbox/libvirt. This work still needs to be extended to support all docker containers features. It will also need to connect to more online image sources like the ones from virt-builder or the ones defined by the appc specification.

• Component: libvirt / libvirt-sandbox
• Skill level: beginner
• Language: Python and C
• Mentor: Cédric Bosdonnat <cbosdonnat@suse.com>, cbosdonnat on IRC (#virt OFTC)
• Suggested by: Cédric Bosdonnat <cbosdonnat@suse.com>

Your own idea

Just catch me (Michal Privoznik) on IRC and we can discuss what interests you.

• Component: libvirt
• Skill level: subject to negotiation
• Language: C
• Mentor: Michal Privoznik <mprivozn@redhat.com>, mprivozn on IRC (#virt OFTC)
• Suggested by: Michal Privoznik <mprivozn@redhat.com>

Links:

• http://libvirt.org/
• http://wiki.libvirt.org/page/Main_Page
• http://www.ibm.com/developerworks/linux/library/l-libvirt/index.html?ca=drs-
• https://www.berrange.com/topics/libvirt/
• https://www.redhat.com/archives/libvir-list/

Details:

• Component: libvirt
• Skill level: (see description to each item)
• Language: C
• Mentor: Michal Privoznik <mprivozn@redhat.com>, mprivozn on IRC (#virt OFTC)
• Suggested by: Michal Privoznik <mprivozn@redhat.com>

Project idea template

=== TITLE ===
 
 '''Summary:''' Short description of the project
 
 Detailed description of the project.
 
 '''Links:'''
 * Wiki links to relevant material
 * External links to mailing lists or web sites
 
 '''Details:'''
 * Skill level: beginner or intermediate or advanced
 * Language: C
 * Mentor: Email address and IRC nick
 * Suggested by: Person who suggested the idea

Information for mentors

Mentors are responsible for keeping in touch with their candidate and assessing the candidate's progress.

The mentor typically gives advice, reviews the candidate's code, and has regular communication with the candidate to ensure progress is being made.

Being a mentor is a significant time commitment, plan for 5 hours per week. Make sure you can make this commitment because backing out during the summer will affect the candidate's experience.

The mentor chooses their candidate by reviewing candidate application forms, giving out bite-sized tasks so applicants can submit a patch upstream, and conducting IRC interviews with candidates. Depending on the number of candidates, this can be time-consuming in itself. Choosing the right candidate is critical so that both the mentor and the candidate can have a successful experience.