2010-12-16 15:07:07 +00:00
|
|
|
/*
|
|
|
|
* qemu_command.h: QEMU command generation
|
|
|
|
*
|
2015-02-20 14:52:37 -05:00
|
|
|
* Copyright (C) 2006-2015 Red Hat, Inc.
|
2010-12-16 15:07:07 +00:00
|
|
|
* Copyright (C) 2006 Daniel P. Berrange
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
2012-09-20 16:30:55 -06:00
|
|
|
* License along with this library. If not, see
|
2012-07-21 18:06:23 +08:00
|
|
|
* <http://www.gnu.org/licenses/>.
|
2010-12-16 15:07:07 +00:00
|
|
|
*
|
|
|
|
* Author: Daniel P. Berrange <berrange@redhat.com>
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __QEMU_COMMAND_H__
|
|
|
|
# define __QEMU_COMMAND_H__
|
|
|
|
|
2014-05-10 20:35:24 +04:00
|
|
|
# include "domain_addr.h"
|
2010-12-16 15:07:07 +00:00
|
|
|
# include "domain_conf.h"
|
2012-12-12 16:27:01 +00:00
|
|
|
# include "vircommand.h"
|
2010-12-16 15:07:07 +00:00
|
|
|
# include "capabilities.h"
|
|
|
|
# include "qemu_conf.h"
|
2010-12-16 15:23:41 +00:00
|
|
|
# include "qemu_domain.h"
|
2012-08-20 17:44:14 +01:00
|
|
|
# include "qemu_capabilities.h"
|
2010-12-16 15:07:07 +00:00
|
|
|
|
|
|
|
/* Config type for XML import/export conversions */
|
|
|
|
# define QEMU_CONFIG_FORMAT_ARGV "qemu-argv"
|
|
|
|
|
|
|
|
# define QEMU_DRIVE_HOST_PREFIX "drive-"
|
|
|
|
# define QEMU_FSDEV_HOST_PREFIX "fsdev-"
|
|
|
|
|
2012-06-18 10:22:07 +02:00
|
|
|
/* These are only defaults, they can be changed now in qemu.conf and
|
2014-04-21 01:37:46 +05:30
|
|
|
* explicitly specified port is checked against these two (makes
|
2012-06-18 10:22:07 +02:00
|
|
|
* sense to limit the values).
|
|
|
|
*
|
|
|
|
* This limitation is mentioned in qemu.conf, so bear in mind that the
|
|
|
|
* configuration file should reflect any changes made to these values.
|
|
|
|
*/
|
2012-06-18 09:58:31 +02:00
|
|
|
# define QEMU_REMOTE_PORT_MIN 5900
|
|
|
|
# define QEMU_REMOTE_PORT_MAX 65535
|
2011-02-14 16:09:39 +00:00
|
|
|
|
2013-04-30 16:26:43 +02:00
|
|
|
# define QEMU_WEBSOCKET_PORT_MIN 5700
|
|
|
|
# define QEMU_WEBSOCKET_PORT_MAX 65535
|
|
|
|
|
2013-10-11 11:27:13 +08:00
|
|
|
# define QEMU_MIGRATION_PORT_MIN 49152
|
|
|
|
# define QEMU_MIGRATION_PORT_MAX 49215
|
|
|
|
|
2015-01-12 13:18:46 +01:00
|
|
|
# define QEMU_QXL_VGAMEM_DEFAULT 16 * 1024
|
|
|
|
|
2013-05-17 18:34:24 +08:00
|
|
|
typedef struct _qemuBuildCommandLineCallbacks qemuBuildCommandLineCallbacks;
|
|
|
|
typedef qemuBuildCommandLineCallbacks *qemuBuildCommandLineCallbacksPtr;
|
|
|
|
struct _qemuBuildCommandLineCallbacks {
|
2014-07-24 09:23:40 -04:00
|
|
|
char *(*qemuGetSCSIDeviceSgName) (const char *sysfs_prefix,
|
|
|
|
const char *adapter,
|
|
|
|
unsigned int bus,
|
|
|
|
unsigned int target,
|
|
|
|
unsigned int unit);
|
2013-05-17 18:34:24 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
extern qemuBuildCommandLineCallbacks buildCommandLineCallbacks;
|
2011-02-14 16:09:39 +00:00
|
|
|
|
2015-01-13 18:19:34 +01:00
|
|
|
char *qemuBuildObjectCommandlineFromJSON(const char *type,
|
|
|
|
const char *alias,
|
|
|
|
virJSONValuePtr props);
|
|
|
|
|
2010-12-16 15:07:07 +00:00
|
|
|
virCommandPtr qemuBuildCommandLine(virConnectPtr conn,
|
2012-11-28 16:43:10 +00:00
|
|
|
virQEMUDriverPtr driver,
|
2010-12-16 15:07:07 +00:00
|
|
|
virDomainDefPtr def,
|
2011-01-07 16:36:25 -07:00
|
|
|
virDomainChrSourceDefPtr monitor_chr,
|
2010-12-16 15:07:07 +00:00
|
|
|
bool monitor_json,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps,
|
2010-12-16 15:07:07 +00:00
|
|
|
const char *migrateFrom,
|
2010-12-22 15:13:29 -07:00
|
|
|
int migrateFd,
|
2010-12-16 15:07:07 +00:00
|
|
|
virDomainSnapshotObjPtr current_snapshot,
|
2014-04-26 21:15:22 -03:00
|
|
|
virNetDevVPortProfileOp vmop,
|
2014-03-13 14:23:56 -04:00
|
|
|
qemuBuildCommandLineCallbacksPtr callbacks,
|
2014-09-18 17:38:32 +02:00
|
|
|
bool forXMLToArgv,
|
2014-10-30 07:34:30 +01:00
|
|
|
bool enableFips,
|
2015-01-16 11:25:50 +00:00
|
|
|
virBitmapPtr nodeset,
|
|
|
|
size_t *nnicindexes,
|
|
|
|
int **nicindexes)
|
2013-05-17 18:34:24 +08:00
|
|
|
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(11);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2013-03-13 16:20:34 +01:00
|
|
|
/* Generate '-device' string for chardev device */
|
|
|
|
int
|
|
|
|
qemuBuildChrDeviceStr(char **deviceStr,
|
|
|
|
virDomainDefPtr vmdef,
|
|
|
|
virDomainChrDefPtr chr,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2011-11-21 18:20:42 +05:30
|
|
|
|
2010-12-16 15:07:07 +00:00
|
|
|
/* With vlan == -1, use netdev syntax, else old hostnet */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildHostNetStr(virDomainNetDefPtr net,
|
|
|
|
virQEMUDriverPtr driver,
|
|
|
|
char type_sep,
|
|
|
|
int vlan,
|
|
|
|
char **tapfd,
|
2014-11-12 15:42:02 +00:00
|
|
|
size_t tapfdSize,
|
2014-07-24 09:23:40 -04:00
|
|
|
char **vhostfd,
|
2014-11-12 15:42:02 +00:00
|
|
|
size_t vhostfdSize);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
|
|
|
/* Legacy, pre device support */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildNicStr(virDomainNetDefPtr net,
|
|
|
|
const char *prefix,
|
|
|
|
int vlan);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
|
|
|
/* Current, best practice */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildNicDevStr(virDomainDefPtr def,
|
|
|
|
virDomainNetDefPtr net,
|
|
|
|
int vlan,
|
|
|
|
int bootindex,
|
2014-11-12 15:42:02 +00:00
|
|
|
size_t vhostfdSize,
|
2014-07-24 09:23:40 -04:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
|
|
|
char *qemuDeviceDriveHostAlias(virDomainDiskDefPtr disk,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
|
|
|
/* Both legacy & current support */
|
2011-10-31 13:06:23 -06:00
|
|
|
char *qemuBuildDriveStr(virConnectPtr conn,
|
|
|
|
virDomainDiskDefPtr disk,
|
2011-05-26 17:15:01 +03:00
|
|
|
bool bootable,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
char *qemuBuildFSStr(virDomainFSDefPtr fs,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
|
|
|
/* Current, best practice */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildDriveDevStr(virDomainDefPtr def,
|
|
|
|
virDomainDiskDefPtr disk,
|
|
|
|
int bootindex,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
|
|
|
char *qemuBuildFSDevStr(virDomainDefPtr domainDef,
|
|
|
|
virDomainFSDefPtr fs,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
/* Current, best practice */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildControllerDevStr(virDomainDefPtr domainDef,
|
|
|
|
virDomainControllerDefPtr def,
|
|
|
|
virQEMUCapsPtr qemuCaps,
|
|
|
|
int *nusbcontroller);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildWatchdogDevStr(virDomainDefPtr domainDef,
|
|
|
|
virDomainWatchdogDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildMemballoonDevStr(virDomainDefPtr domainDef,
|
|
|
|
virDomainMemballoonDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildUSBInputDevStr(virDomainDefPtr domainDef,
|
|
|
|
virDomainInputDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildSoundDevStr(virDomainDefPtr domainDef,
|
|
|
|
virDomainSoundDefPtr sound,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2014-10-13 00:28:58 +02:00
|
|
|
int qemuBuildMemoryBackendStr(unsigned long long size,
|
|
|
|
unsigned long long pagesize,
|
|
|
|
int guestNode,
|
|
|
|
virBitmapPtr userNodeset,
|
|
|
|
virBitmapPtr autoNodeset,
|
|
|
|
virDomainDefPtr def,
|
|
|
|
virQEMUCapsPtr qemuCaps,
|
|
|
|
virQEMUDriverConfigPtr cfg,
|
|
|
|
const char **backendType,
|
|
|
|
virJSONValuePtr *backendProps,
|
|
|
|
bool force);
|
|
|
|
|
|
|
|
char *qemuBuildMemoryDeviceStr(virDomainMemoryDefPtr mem,
|
2015-04-28 17:15:43 +02:00
|
|
|
virDomainDefPtr def,
|
2014-10-13 00:28:58 +02:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
|
|
|
|
2010-12-16 15:07:07 +00:00
|
|
|
/* Legacy, pre device support */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildPCIHostdevPCIDevStr(virDomainHostdevDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
/* Current, best practice */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildPCIHostdevDevStr(virDomainDefPtr def,
|
|
|
|
virDomainHostdevDefPtr dev,
|
|
|
|
const char *configfd,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2015-01-17 13:09:31 +08:00
|
|
|
char *qemuBuildRNGDevStr(virDomainDefPtr def,
|
|
|
|
virDomainRNGDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
2015-01-17 13:09:37 +08:00
|
|
|
int qemuBuildRNGBackendProps(virDomainRNGDefPtr rng,
|
|
|
|
virQEMUCapsPtr qemuCaps,
|
|
|
|
const char **type,
|
|
|
|
virJSONValuePtr *props);
|
2015-01-17 13:09:31 +08:00
|
|
|
|
2010-12-16 15:07:07 +00:00
|
|
|
int qemuOpenPCIConfig(virDomainHostdevDefPtr dev);
|
|
|
|
|
|
|
|
/* Legacy, pre device support */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildUSBHostdevUSBDevStr(virDomainHostdevDefPtr dev);
|
2010-12-16 15:07:07 +00:00
|
|
|
/* Current, best practice */
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildUSBHostdevDevStr(virDomainDefPtr def,
|
|
|
|
virDomainHostdevDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
|
|
|
|
|
|
|
char *qemuBuildSCSIHostdevDrvStr(virConnectPtr conn,
|
|
|
|
virDomainHostdevDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps,
|
|
|
|
qemuBuildCommandLineCallbacksPtr callbacks)
|
|
|
|
ATTRIBUTE_NONNULL(4);
|
|
|
|
char *qemuBuildSCSIHostdevDevStr(virDomainDefPtr def,
|
2013-08-02 13:48:50 -04:00
|
|
|
virDomainHostdevDefPtr dev,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2014-07-24 09:23:40 -04:00
|
|
|
char *qemuBuildHubDevStr(virDomainDefPtr def,
|
|
|
|
virDomainHubDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
|
|
|
char *qemuBuildRedirdevDevStr(virDomainDefPtr def,
|
|
|
|
virDomainRedirdevDefPtr dev,
|
|
|
|
virQEMUCapsPtr qemuCaps);
|
audit: audit use of /dev/net/tun, /dev/tapN, /dev/vhost-net
Opening raw network devices with the intent of passing those fds to
qemu is worth an audit point. This makes a multi-part audit: first,
we audit the device(s) that libvirt opens on behalf of the MAC address
of a to-be-created interface (which can independently succeed or
fail), then we audit whether qemu actually started the network device
with the same MAC (so searching backwards for successful audits with
the same MAC will show which fd(s) qemu is actually using). Note that
it is possible for the fd to be successfully opened but no attempt
made to pass the fd to qemu (for example, because intermediate
nwfilter operations failed) - no interface start audit will occur in
that case; so the audit for a successful opened fd does not imply
rights given to qemu unless there is a followup audit about the
attempt to start a new interface.
Likewise, when a network device is hot-unplugged, there is only one
audit message about the MAC being discontinued; again, searching back
to the earlier device open audits will show which fds that qemu quits
using (and yes, I checked via /proc/<qemu-pid>/fd that qemu _does_
close out the fds associated with an interface on hot-unplug). The
code would require much more refactoring to be able to definitively
state which device(s) were discontinued at that point, since we
currently don't record anywhere in the XML whether /dev/vhost-net was
opened for a given interface.
* src/qemu/qemu_audit.h (qemuAuditNetDevice): New prototype.
* src/qemu/qemu_audit.c (qemuAuditNetDevice): New function.
* src/qemu/qemu_command.h (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Adjust prototype.
* src/qemu/qemu_command.c (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Add audit points and
adjust parameters.
(qemuBuildCommandLine): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
2011-03-08 11:00:59 -07:00
|
|
|
int qemuNetworkIfaceConnect(virDomainDefPtr def,
|
2012-11-28 16:43:10 +00:00
|
|
|
virQEMUDriverPtr driver,
|
2010-12-16 15:07:07 +00:00
|
|
|
virDomainNetDefPtr net,
|
2013-05-21 15:50:09 +02:00
|
|
|
virQEMUCapsPtr qemuCaps,
|
|
|
|
int *tapfd,
|
2015-02-20 14:52:37 -05:00
|
|
|
size_t *tapfdSize)
|
audit: audit use of /dev/net/tun, /dev/tapN, /dev/vhost-net
Opening raw network devices with the intent of passing those fds to
qemu is worth an audit point. This makes a multi-part audit: first,
we audit the device(s) that libvirt opens on behalf of the MAC address
of a to-be-created interface (which can independently succeed or
fail), then we audit whether qemu actually started the network device
with the same MAC (so searching backwards for successful audits with
the same MAC will show which fd(s) qemu is actually using). Note that
it is possible for the fd to be successfully opened but no attempt
made to pass the fd to qemu (for example, because intermediate
nwfilter operations failed) - no interface start audit will occur in
that case; so the audit for a successful opened fd does not imply
rights given to qemu unless there is a followup audit about the
attempt to start a new interface.
Likewise, when a network device is hot-unplugged, there is only one
audit message about the MAC being discontinued; again, searching back
to the earlier device open audits will show which fds that qemu quits
using (and yes, I checked via /proc/<qemu-pid>/fd that qemu _does_
close out the fds associated with an interface on hot-unplug). The
code would require much more refactoring to be able to definitively
state which device(s) were discontinued at that point, since we
currently don't record anywhere in the XML whether /dev/vhost-net was
opened for a given interface.
* src/qemu/qemu_audit.h (qemuAuditNetDevice): New prototype.
* src/qemu/qemu_audit.c (qemuAuditNetDevice): New function.
* src/qemu/qemu_command.h (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Adjust prototype.
* src/qemu/qemu_command.c (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Add audit points and
adjust parameters.
(qemuBuildCommandLine): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
2011-03-08 11:00:59 -07:00
|
|
|
ATTRIBUTE_NONNULL(2);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
audit: audit use of /dev/net/tun, /dev/tapN, /dev/vhost-net
Opening raw network devices with the intent of passing those fds to
qemu is worth an audit point. This makes a multi-part audit: first,
we audit the device(s) that libvirt opens on behalf of the MAC address
of a to-be-created interface (which can independently succeed or
fail), then we audit whether qemu actually started the network device
with the same MAC (so searching backwards for successful audits with
the same MAC will show which fd(s) qemu is actually using). Note that
it is possible for the fd to be successfully opened but no attempt
made to pass the fd to qemu (for example, because intermediate
nwfilter operations failed) - no interface start audit will occur in
that case; so the audit for a successful opened fd does not imply
rights given to qemu unless there is a followup audit about the
attempt to start a new interface.
Likewise, when a network device is hot-unplugged, there is only one
audit message about the MAC being discontinued; again, searching back
to the earlier device open audits will show which fds that qemu quits
using (and yes, I checked via /proc/<qemu-pid>/fd that qemu _does_
close out the fds associated with an interface on hot-unplug). The
code would require much more refactoring to be able to definitively
state which device(s) were discontinued at that point, since we
currently don't record anywhere in the XML whether /dev/vhost-net was
opened for a given interface.
* src/qemu/qemu_audit.h (qemuAuditNetDevice): New prototype.
* src/qemu/qemu_audit.c (qemuAuditNetDevice): New function.
* src/qemu/qemu_command.h (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Adjust prototype.
* src/qemu/qemu_command.c (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Add audit points and
adjust parameters.
(qemuBuildCommandLine): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
2011-03-08 11:00:59 -07:00
|
|
|
int qemuPhysIfaceConnect(virDomainDefPtr def,
|
2012-11-28 16:43:10 +00:00
|
|
|
virQEMUDriverPtr driver,
|
2010-12-16 15:07:07 +00:00
|
|
|
virDomainNetDefPtr net,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps,
|
2014-04-26 21:15:22 -03:00
|
|
|
virNetDevVPortProfileOp vmop);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
audit: audit use of /dev/net/tun, /dev/tapN, /dev/vhost-net
Opening raw network devices with the intent of passing those fds to
qemu is worth an audit point. This makes a multi-part audit: first,
we audit the device(s) that libvirt opens on behalf of the MAC address
of a to-be-created interface (which can independently succeed or
fail), then we audit whether qemu actually started the network device
with the same MAC (so searching backwards for successful audits with
the same MAC will show which fd(s) qemu is actually using). Note that
it is possible for the fd to be successfully opened but no attempt
made to pass the fd to qemu (for example, because intermediate
nwfilter operations failed) - no interface start audit will occur in
that case; so the audit for a successful opened fd does not imply
rights given to qemu unless there is a followup audit about the
attempt to start a new interface.
Likewise, when a network device is hot-unplugged, there is only one
audit message about the MAC being discontinued; again, searching back
to the earlier device open audits will show which fds that qemu quits
using (and yes, I checked via /proc/<qemu-pid>/fd that qemu _does_
close out the fds associated with an interface on hot-unplug). The
code would require much more refactoring to be able to definitively
state which device(s) were discontinued at that point, since we
currently don't record anywhere in the XML whether /dev/vhost-net was
opened for a given interface.
* src/qemu/qemu_audit.h (qemuAuditNetDevice): New prototype.
* src/qemu/qemu_audit.c (qemuAuditNetDevice): New function.
* src/qemu/qemu_command.h (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Adjust prototype.
* src/qemu/qemu_command.c (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Add audit points and
adjust parameters.
(qemuBuildCommandLine): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
2011-03-08 11:00:59 -07:00
|
|
|
int qemuOpenVhostNet(virDomainDefPtr def,
|
|
|
|
virDomainNetDefPtr net,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps,
|
2013-05-21 15:50:09 +02:00
|
|
|
int *vhostfd,
|
2014-11-12 15:42:02 +00:00
|
|
|
size_t *vhostfdSize);
|
2011-03-08 21:43:33 -07:00
|
|
|
|
qemu: allocate network connections sooner during domain startup
VFIO device assignment requires a cgroup ACL to be setup for access to
the /dev/vfio/nn "group" device for any devices that will be assigned
to a guest. In the case of a host device that is allocated from a
pool, it was being allocated during qemuBuildCommandLine(), which is
called by qemuProcessStart() *after* the all-encompassing
qemuSetupCgroup() was called, meaning that the standard Cgroup ACL
setup wasn't creating ACLs for these devices allocated from pools.
One possible solution was to manually add a single ACL down inside
qemuBuildCommandLine() when networkAllocateActualDevice() is called,
but that has two problems: 1) the function that adds the cgroup ACL
requires a virDomainObjPtr, which isn't available in
qemuBuildCommandLine(), and 2) we really shouldn't be doing network
device setup inside qemuBuildCommandLine() anyway.
Instead, I've created a new function called
qemuNetworkPrepareDevices() which is called just before
qemuPrepareHostDevices() during qemuProcessStart() (explanation of
ordering in the comments), i.e. well before the call to
qemuSetupCgroup(). To minimize code churn in a patch that will be
backported to 1.0.5-maint, qemuNetworkPrepareDevices only does
networkAllocateActualDevice() and the bare amount of setup required
for type='hostdev network devices, but it eventually should do *all*
device setup for guest network devices.
Note that some of the code that was previously needed in
qemuBuildCommandLine() is no longer required when
networkAllocateActualDevice() is called earlier:
* qemuAssignDeviceHostdevAlias() is already done further down in
qemuProcessStart().
* qemuPrepareHostdevPCIDevices() is called by
qemuPrepareHostDevices() which is called after
qemuNetworkPrepareDevices() in qemuProcessStart().
As hinted above, this new function should be moved into a separate
qemu_network.c (or similarly named) file along with
qemuPhysIfaceConnect(), qemuNetworkIfaceConnect(), and
qemuOpenVhostNet(), and expanded to call those functions as well, then
the nnets loop in qemuBuildCommandLine() should be reduced to only
build the commandline string (which itself can be in a separate
qemuInterfaceBuilldCommandLine() function as suggested by
Michal). However, this will require storing away an array of tapfd and
vhostfd that are needed for the commandline, so I would rather do that
in a separate patch and leave this patch at the minimum to fix the
bug.
2013-05-06 15:43:56 -04:00
|
|
|
int qemuNetworkPrepareDevices(virDomainDefPtr def);
|
|
|
|
|
2011-06-17 15:31:02 +01:00
|
|
|
/*
|
|
|
|
* NB: def->name can be NULL upon return and the caller
|
|
|
|
* *must* decide how to fill in a name in this case
|
|
|
|
*/
|
2013-02-01 13:48:58 +00:00
|
|
|
virDomainDefPtr qemuParseCommandLineString(virCapsPtr qemuCaps,
|
2013-03-31 20:03:42 +02:00
|
|
|
virDomainXMLOptionPtr xmlopt,
|
2011-06-17 15:31:02 +01:00
|
|
|
const char *args,
|
|
|
|
char **pidfile,
|
|
|
|
virDomainChrSourceDefPtr *monConfig,
|
|
|
|
bool *monJSON);
|
2013-02-01 13:48:58 +00:00
|
|
|
virDomainDefPtr qemuParseCommandLinePid(virCapsPtr qemuCaps,
|
2013-03-31 20:03:42 +02:00
|
|
|
virDomainXMLOptionPtr xmlopt,
|
build: use correct type for pid and similar types
No thanks to 64-bit windows, with 64-bit pid_t, we have to avoid
constructs like 'int pid'. Our API in libvirt-qemu cannot be
changed without breaking ABI; but then again, libvirt-qemu can
only be used on systems that support UNIX sockets, which rules
out Windows (even if qemu could be compiled there) - so for all
points on the call chain that interact with this API decision,
we require a different variable name to make it clear that we
audited the use for safety.
Adding a syntax-check rule only solves half the battle; anywhere
that uses printf on a pid_t still needs to be converted, but that
will be a separate patch.
* cfg.mk (sc_correct_id_types): New syntax check.
* src/libvirt-qemu.c (virDomainQemuAttach): Document why we didn't
use pid_t for pid, and validate for overflow.
* include/libvirt/libvirt-qemu.h (virDomainQemuAttach): Tweak name
for syntax check.
* src/vmware/vmware_conf.c (vmwareExtractPid): Likewise.
* src/driver.h (virDrvDomainQemuAttach): Likewise.
* tools/virsh.c (cmdQemuAttach): Likewise.
* src/remote/qemu_protocol.x (qemu_domain_attach_args): Likewise.
* src/qemu_protocol-structs (qemu_domain_attach_args): Likewise.
* src/util/cgroup.c (virCgroupPidCode, virCgroupKillInternal):
Likewise.
* src/qemu/qemu_command.c(qemuParseProcFileStrings): Likewise.
(qemuParseCommandLinePid): Use pid_t for pid.
* daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
* src/conf/domain_conf.h (_virDomainObj): Likewise.
* src/probes.d (rpc_socket_new): Likewise.
* src/qemu/qemu_command.h (qemuParseCommandLinePid): Likewise.
* src/qemu/qemu_driver.c (qemudGetProcessInfo, qemuDomainAttach):
Likewise.
* src/qemu/qemu_process.c (qemuProcessAttach): Likewise.
* src/qemu/qemu_process.h (qemuProcessAttach): Likewise.
* src/uml/uml_driver.c (umlGetProcessInfo): Likewise.
* src/util/virnetdev.h (virNetDevSetNamespace): Likewise.
* src/util/virnetdev.c (virNetDevSetNamespace): Likewise.
* tests/testutils.c (virtTestCaptureProgramOutput): Likewise.
* src/conf/storage_conf.h (_virStoragePerms): Use mode_t, uid_t,
and gid_t rather than int.
* src/security/security_dac.c (virSecurityDACSetOwnership): Likewise.
* src/conf/storage_conf.c (virStorageDefParsePerms): Avoid
compiler warning.
2012-02-10 16:08:11 -07:00
|
|
|
pid_t pid,
|
2011-06-17 15:34:00 +01:00
|
|
|
char **pidfile,
|
|
|
|
virDomainChrSourceDefPtr *monConfig,
|
|
|
|
bool *monJSON);
|
2011-12-08 17:41:26 +11:00
|
|
|
|
2012-06-29 17:02:03 +02:00
|
|
|
int qemuDomainAssignAddresses(virDomainDefPtr def,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps,
|
2012-08-22 15:39:54 +01:00
|
|
|
virDomainObjPtr obj)
|
|
|
|
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
|
2012-08-08 15:06:33 +08:00
|
|
|
int qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
2013-07-09 22:30:57 +02:00
|
|
|
void qemuDomainReleaseDeviceAddress(virDomainObjPtr vm,
|
|
|
|
virDomainDeviceInfoPtr info,
|
|
|
|
const char *devstr);
|
|
|
|
|
qemu: set/validate slot/connection type when assigning slots for PCI devices
Since PCI bridges, PCIe bridges, PCIe switches, and PCIe root ports
all share the same namespace, they are all defined as controllers of
type='pci' in libvirt (but with a differing model attribute). Each of
these controllers has a certain connection type upstream, allows
certain connection types downstream, and each can either allow a
single downstream connection at slot 0, or connections from slot 1 -
31.
Right now, we only support the pci-root and pci-bridge devices, both
of which only allow PCI devices to connect, and both which have usable
slots 1 - 31. In preparation for adding other types of controllers
that have different capabilities, this patch 1) adds info to the
qemuDomainPCIAddressBus object to indicate the capabilities, 2) sets
those capabilities appropriately for pci-root and pci-bridge devices,
and 3) validates that the controller being connected to is the proper
type when allocating slots or validating that a user-selected slot is
appropriate for a device..
Having this infrastructure in place will make it much easier to add
support for the other PCI controller types.
While it would be possible to do all the necessary checking by just
storing the controller model in the qemyuDomainPCIAddressBus, it
greatly simplifies all the validation code to also keep a "flags",
"minSlot" and "maxSlot" for each - that way we can just check those
attributes rather than requiring a nearly identical switch statement
everywhere we need to validate compatibility.
You may notice many places where the flags are seemingly hard-coded to
QEMU_PCI_CONNECT_HOTPLUGGABLE | QEMU_PCI_CONNECT_TYPE_PCI
This is currently the correct value for all PCI devices, and in the
future will be the default, with small bits of code added to change to
the flags for the few devices which are the exceptions to this rule.
Finally, there are a few places with "FIXME" comments. Note that these
aren't indicating places that are broken according to the currently
supported devices, they are places that will need fixing when support
for new PCI controller models is added.
To assure that there was no regression in the auto-allocation of PCI
addresses or auto-creation of integrated pci-root, ide, and usb
controllers, a new test case (pci-bridge-many-disks) has been added to
both the qemuxml2argv and qemuxml2xml tests. This new test defines a
domain with several dozen virtio disks but no pci-root or
pci-bridges. The .args file of the new test case was created using
libvirt sources from before this patch, and the test still passes
after this patch has been applied.
2013-07-14 20:09:44 -04:00
|
|
|
|
2012-06-29 17:02:03 +02:00
|
|
|
int qemuDomainAssignPCIAddresses(virDomainDefPtr def,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps,
|
2012-06-29 17:02:03 +02:00
|
|
|
virDomainObjPtr obj);
|
2014-05-10 20:35:24 +04:00
|
|
|
virDomainPCIAddressSetPtr qemuDomainPCIAddressSetCreate(virDomainDefPtr def,
|
|
|
|
unsigned int nbuses,
|
|
|
|
bool dryRun);
|
2014-05-13 20:10:40 +04:00
|
|
|
|
2014-06-17 16:17:41 +02:00
|
|
|
int qemuAssignDevicePCISlots(virDomainDefPtr def,
|
|
|
|
virDomainPCIAddressSetPtr addrs);
|
2013-03-05 16:44:21 +01:00
|
|
|
|
2013-02-01 13:48:58 +00:00
|
|
|
int qemuAssignDeviceAliases(virDomainDefPtr def, virQEMUCapsPtr qemuCaps);
|
2010-12-16 15:07:07 +00:00
|
|
|
int qemuDomainNetVLAN(virDomainNetDefPtr def);
|
|
|
|
int qemuAssignDeviceNetAlias(virDomainDefPtr def, virDomainNetDefPtr net, int idx);
|
qemu: Build command line for the new address format
For any disk controller model which is not "lsilogic", the command
line will be like:
-drive file=/dev/sda,if=none,id=drive-scsi0-0-3-0,format=raw \
-device scsi-disk,bus=scsi0.0,channel=0,scsi-id=3,lun=0,i\
drive=drive-scsi0-0-3-0,id=scsi0-0-3-0
The relationship between the libvirt address attrs and the qdev
properties are (controller model is not "lsilogic"; strings
inside <> represent libvirt adress attrs):
bus=scsi<controller>.0
channel=<bus>
scsi-id=<target>
lun=<unit>
* src/qemu/qemu_command.h: (New param "virDomainDefPtr def"
for function qemuBuildDriveDevStr; new param "virDomainDefPtr
vmdef" for function qemuAssignDeviceDiskAlias. Both for
virDomainDiskFindControllerModel's use).
* src/qemu/qemu_command.c:
- New param "virDomainDefPtr def" for qemuAssignDeviceDiskAliasCustom.
For virDomainDiskFindControllerModel's use, if the disk bus is "scsi"
and the controller model is not "lsilogic", "target" is one part of
the alias name.
- According change on qemuAssignDeviceDiskAlias and qemuBuildDriveDevStr
* src/qemu/qemu_hotplug.c:
- Changes to be consistent with declarations of qemuAssignDeviceDiskAlias
qemuBuildDriveDevStr, and qemuBuildControllerDevStr.
* tests/qemuxml2argvdata/qemuxml2argv-pseries-vio-user-assigned.args,
tests/qemuxml2argvdata/qemuxml2argv-pseries-vio.args: Update the
generated command line.
2012-02-28 11:39:43 +08:00
|
|
|
int qemuAssignDeviceDiskAlias(virDomainDefPtr vmdef,
|
|
|
|
virDomainDiskDefPtr def,
|
2013-02-01 13:48:58 +00:00
|
|
|
virQEMUCapsPtr qemuCaps);
|
2011-09-02 23:09:14 +08:00
|
|
|
int qemuAssignDeviceHostdevAlias(virDomainDefPtr def, virDomainHostdevDefPtr hostdev, int idx);
|
2015-05-11 20:51:52 -04:00
|
|
|
int
|
|
|
|
qemuAssignDeviceControllerAlias(virDomainDefPtr domainDef,
|
|
|
|
virQEMUCapsPtr qemuCaps,
|
|
|
|
virDomainControllerDefPtr controller);
|
2011-09-02 23:09:14 +08:00
|
|
|
int qemuAssignDeviceRedirdevAlias(virDomainDefPtr def, virDomainRedirdevDefPtr redirdev, int idx);
|
2013-03-13 09:41:33 +01:00
|
|
|
int qemuAssignDeviceChrAlias(virDomainDefPtr def,
|
|
|
|
virDomainChrDefPtr chr,
|
|
|
|
ssize_t idx);
|
2015-01-17 13:09:30 +08:00
|
|
|
int qemuAssignDeviceRNGAlias(virDomainRNGDefPtr rng, size_t idx);
|
2010-12-16 15:07:07 +00:00
|
|
|
|
|
|
|
int
|
|
|
|
qemuParseKeywords(const char *str,
|
|
|
|
char ***retkeywords,
|
|
|
|
char ***retvalues,
|
2013-09-23 14:16:09 +01:00
|
|
|
int *retnkeywords,
|
2010-12-16 15:07:07 +00:00
|
|
|
int allowEmptyValue);
|
|
|
|
|
2014-04-08 17:50:50 +02:00
|
|
|
int qemuGetDriveSourceString(virStorageSourcePtr src,
|
|
|
|
virConnectPtr conn,
|
|
|
|
char **source);
|
2014-07-29 09:21:05 -04:00
|
|
|
|
|
|
|
int qemuCheckDiskConfig(virDomainDiskDefPtr disk);
|
2014-09-18 17:38:32 +02:00
|
|
|
|
|
|
|
bool
|
|
|
|
qemuCheckFips(void);
|
2010-12-16 15:07:07 +00:00
|
|
|
#endif /* __QEMU_COMMAND_H__*/
|