Commit Graph

10819 Commits

Author SHA1 Message Date
Michal Privoznik
76f3b2988b qemu_shim: Always pre-create root dir
This problem is reproducible only with secret driver. When
starting a domain via virt-qemu-run and both secret and
(nonexistent) root directory specified this is what happens:

1) virt-qemu-run opens "secret:///embed?root=$rootdir"
   connection, which results in the secret driver initialization
   (done in secretStateInitialize()). During this process, the
   driver creates its own configDir (derived from $rootdir)
   including those parents which don't exists yet. This is all
   done with the mode S_IRWXU and thus results in the $rootdir
   being created with very restrictive mode (specifically, +x is
   missing for group and others).

2) now, virt-qemu-run opens "qemu:///embed?root=$rootdir" and
   calls virDomainCreateXML(). This results in the master-key.aes
   being written somewhere under the $rootdir and telling qemu
   where to find it.

But because the secret driver created $rootdir with too
restrictive mode, qemu can't access the file (even though it
knows the full path) and fails to start.

It looks like the best solution is to pre-create the root
directory before opening any connection (letting any driver
initialize itself) and set its mode to something less
restrictive.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1859873
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2021-03-12 15:40:13 +01:00
Peter Krempa
55d175c073 qemuBackupJobTerminate: Fix job termination for inactive VMs
Commit cb29e4e801 didn't take into account that the VM can be inactive
when it's destroyed. This means that the job would remain active also
when the VM became inactive.

To fix this properly:

1) Remove the bogus VM liveness check and early return
    (reverts the aforementioned commit)

2) Conditionalize the stats assignment only when the stats object is
   present
    (properly fix the crash when VM dies when reconnecting)

3) end the asyncjob only when it was already set
   (prevent corruption of priv->jobs_queued)

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1937598
Fixes: cb29e4e801
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-12 10:59:05 +01:00
Peter Krempa
aa372e5a01 backup: Store 'apiFlags' in private section of virDomainBackupDef
'qemuBackupJobTerminate' needs the API flags to see whether
VIR_DOMAIN_BACKUP_BEGIN_REUSE_EXTERNAL. Unfortunately when called via
qemuProcessReconnect()->qemuProcessStop() early (e.g. if the qemu
process died while we were reconnecting) the job is cleared temporarily
so that other APIs can be called. This would mean that we couldn't clean
up the files in some cases.

Save the 'apiFlags' inside the backup object and set it from the
'qemuDomainJobObj' 'apiFlags' member when reconnecting to a VM.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-12 10:59:05 +01:00
Yi Li
7dfa87aed3 virQEMUCapsInitQMPArch: Refactor cleanup
Switch to using the 'g_auto*' helpers.

Signed-off-by: Yi Li <yili@winhong.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-03-10 19:57:49 +01:00
Daniel P. Berrangé
16634feb1d qemu: wire up support for backend specific audio settings
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-09 22:58:53 +00:00
Daniel P. Berrangé
c99e72d18d qemu: wire up support for common audio backend settings
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-09 22:58:45 +00:00
Daniel P. Berrangé
d96fb5cb31 qemu: add support for generating -audiodev arguments
The -audiodev argument is replacing the QEMU_AUDIO_DRV env variable (and
its relations).

Sadly we still have to use the SDL_AUDIODRIVER env variable because that
wasn't mapped into QAPI schema.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-09 22:58:36 +00:00
Daniel P. Berrangé
e07994aade qemu: probe for -vnc audiodev property
The -audiodev arg is a new way to configure audio devices in QEMU to
replace the QEMU_AUDIO_DRV env variable. This arg is not visible in
the "query-command-line-options" output since it is entirely QAPI
driven, not QemuOpts. It also isn't in "query-qmp-schema" though
since there's no QMP command that uses the Audiodev type yet.

So probe for the existance of this feature by looking for the
-vnc "audiodev" property. This won't let us determine which
precise audio backends QEMU has been built with, but for now
that's no worse than with env variables today.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-09 22:58:33 +00:00
Daniel P. Berrangé
e88367095f qemu: populate <audio> element with default config
Currently the QEMU driver secretly sets the QEMU_AUDIO_DRV env variable

 - VNC - set to "none", unless passthrough of host env variable is set
 - SPICE - always set to "spice"
 - SDL - always passthrough host env
 - No graphics - set to "none", unless passthrough of host env variable is set

The setting of the QEMU_AUDIO_DRV env variable is done in the code which
configures graphics.

If no <audio> element is present, we now auto-populate <audio> elements
to reflect this historical default config. This avoids need to set audio
env when processing graphics.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-09 22:58:30 +00:00
Daniel P. Berrangé
6be99c99c5 qemu: support use of <audio> elements
Currently the QEMU driver secretly sets the QEMU_AUDIO_DRV env variable
depending on how <graphics> are configured.

This introduces support for configuring audio backends from the <audio>
elements in the XML config.

The existing default behaviour is now only used if no <audio> element is
present.

All except the 'jack' audio driver are supported via QEMU's old env
variable config.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-09 22:58:26 +00:00
Daniel P. Berrangé
657999b04f conf: add helper to test for sound device codec support
The check for ICH6 || ICH9 is repeated in many places in the code. The
new virDomainSoundModelSupportsCodecs() method provides a helper to
standardize this check.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-09 22:58:04 +00:00
Aleksei Zakharov
4719ec15e9 qemu: add per-vcpu delay stats
This patch adds delay time (steal time inside guest) to libvirt
domain per-vcpu stats. Delay time is an important performance metric.
It is a consequence of the overloaded CPU. Knowledge of the delay
time of a virtual machine helps to understand if it is affected and
estimate the impact.

As a result, it is possible to react exactly when needed and
rebalance the load between hosts. This is used by cloud providers
to provide quality of service, especially when the CPU is
oversubscribed.

It's more convenient to work with this metric in a context of a
libvirt domain. Any monitoring software may use this information.

Signed-off-by: Aleksei Zakharov <zaharov@selectel.ru>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-09 13:35:05 +01:00
Peter Krempa
568d7358ab qemuMigrationSrcRun: Don't jump to 'exit_monitor' from outside of the monitor
Failure of 'qemuMigrationSetDBusVMState' would jump to 'exit_monitor'
but the function isn't called inside of the monitor context.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-03-09 13:27:43 +01:00
Andrea Bolognani
b431f3c7fd conf: Rename original_memlock -> originalMemlock
That's more consistent with our usual naming convention.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-08 22:41:40 +01:00
Andrea Bolognani
c2180c2fd6 qemu: Set limits only when explicitly asked to do so
The current code is written under the assumption that, for all
limits except the core size, asking for the limit to be set to
zero is a no-op, and so the operation is performed
unconditionally.

While this is the behavior we want for the QEMU driver, the
virCommand and virProcess facilities are generic, and should not
implement this kind of policy: asking for a limit to be set to
zero should result in that limit being set to zero every single
time.

Add some checks in the QEMU driver, effectively moving the
policy where it belongs.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-08 22:41:40 +01:00
Andrea Bolognani
bd33680f02 qemu: Set all limits at the same time
qemuProcessLaunch() is the correct place to set process limits,
and in fact is where we were dealing with almost all of them,
but the memory locking limit was handled in
qemuBuildCommandLine() instead for some reason.

The code is rewritten so that the desired limit is calculated
and applied in separated steps, which will help with further
changes, but this doesn't alter the behavior.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-08 22:41:40 +01:00
Andrea Bolognani
9bf5c00f9b qemu: Make some minor tweaks
Doing this now will make the next changes nicer.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-08 22:41:40 +01:00
Daniel P. Berrangé
fe82fdfb52 qemu: wire up support for VNC power control options
This allows the VNC client user to perform a shutdown, reboot and reset
of the VM from the host side.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-08 21:04:06 +00:00
Daniel P. Berrangé
bad5280a53 qemu: probe for -vnc power-control option support
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-08 21:04:06 +00:00
Peter Krempa
ef4c325f25 virCommandSetSendBuffer: Provide saner semantics
The function is used to automatically feed a buffer into a pipe which
can be used by the command to read contents of the buffer.

Rather than passing in a pipe, let's create the pipe inside
virCommandSetSendBuffer and directly associate the reader end with the
command. This way the ownership of both ends of the pipe will end up
with the virCommand right away reducing the need of cleanup in callers.

The returned value then can be used just to format the appropriate
arguments without worrying about cleanup or failure.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-05 15:33:34 +01:00
Peter Krempa
3c546f7eb4 qemuProcessReportLogError: Don't mark "%s: %s" as translatable
The function is constructing an error message from a prefix and the
contents of the qemu log file. Marking just two string modifiers as
translatable is pointless and will certainly confuse translators.

Remove the marking and add a comment which bypasses the
sc_libvirt_unmarked_diagnostics check.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-05 15:01:29 +01:00
Peter Krempa
c8ff56c7ad qemuProcessReportLogError: Remove unnecessary math for max error message
Now that error message formatting doesn't use fixed size buffers we can
drop the math for calculating the maximum chunk of log to report in the
error message and use a round number. This also makes it obvious that
the chosen number is arbitrary.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-05 15:01:29 +01:00
Martin Kletzander
2a490ce5a0 glib: Use safe glib event workaround in other event loops
Similarly to the crash workaround:

  commit 0db4743645
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Tue Jul 28 16:52:47 2020 +0100

    util: avoid crash due to race in glib event loop code

we need to do this in the other event loop as crash in that one was also
reported:

  https://bugzilla.redhat.com/show_bug.cgi?id=1931331

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-03-05 10:17:26 +01:00
Michal Privoznik
7f482a67e4 lib: Replace virFileMakePath() with g_mkdir_with_parents()
Generated using the following spatch:

  @@
  expression path;
  @@
  - virFileMakePath(path)
  + g_mkdir_with_parents(path, 0777)

However, 14 occurrences were not replaced, e.g. in
virHostdevManagerNew(). I don't really understand why.
Fixed by hand afterwards.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-04 20:52:23 +01:00
Michal Privoznik
b1e3728dec lib: Replace virFileMakePathWithMode() with g_mkdir_with_parents()
These functions are identical. Made using this spatch:

  @@
  expression path, mode;
  @@
  - virFileMakePathWithMode(path, mode)
  + g_mkdir_with_parents(path, mode)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-04 20:52:23 +01:00
Kristina Hanicova
2870a164b9 Use g_autoptr instead of virNetDevBandwidthFree where possible
Signed-off-by: Kristina Hanicova <khanicov@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-03-04 17:30:08 +01:00
Kristina Hanicova
e4dd2a2c2e Use g_steal_pointer where possible
Signed-off-by: Kristina Hanicova <khanicov@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-03-04 17:30:08 +01:00
Pavel Hrdina
e95489d813 cgroup: use virCgroupSetCpuShares instead of virCgroupSetupCpuShares
Now that we enforce the cpu.shares range kernel will no longer silently
change the value that libvirt configures so there is no need to read
the value back to get the actual configuration.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-04 11:13:28 +01:00
Michal Privoznik
25ebb45a81 qemu_tpm: Generate log file path among with storage path
When starting a guest with TPM of type='emulator' an external
process is started with it (swtpm) to emulate TPM. This external
process is passed path to a log file via --logfile. The path to
the log file is generated in qemuTPMEmulatorPrepareHost() which
works, until the daemon is restarted. The problem is that the
path is not stored in private data or anywhere inside live XML
and thus later, when qemuExtTPMStop() is called (when shutting
off the guest) the stored logpath is NULL and thus its seclabel
is not cleaned up (see virSecuritySELinuxRestoreTPMLabels()).

Fortunately, qemuExtDevicesStop() (which calls qemuExtTPMStop()
eventually) does call qemuExtDevicesInitPaths() where the log
path can be generated again.

Basically, tpm->data.emulator.storagepath is generated in
qemuExtTPMInitPaths() and its seclabels are restored properly,
and this commit move logfile onto the same level.

This means, that the log path doesn't have to be generated in
qemuExtDevicesStart() because it was already done in
qemuExtDevicesPrepareHost().

This change also renders @vmname argument of
qemuTPMEmulatorPrepareHost() unused and thus is removed.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1769196
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-02 09:45:49 +01:00
Michal Privoznik
f9cd29a2e4 qemu_tpm: Move logfile path generation into a separate function
Strictly not needed, but the rest of paths is generated in
separate functions. Helps with code readability.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-03-02 09:44:03 +01:00
Daniel Henrique Barboza
67357e5094 qemu_cgroup.c: skip absent PCI devices in qemuTeardownHostdevCgroup()
There is no need to bother with cgroup tearing down for absent
PCI devices, given that their entries in the sysfs are already
gone.

Reviewed-by: Laine Stump <laine@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2021-03-01 12:25:33 -03:00
Kristina Hanicova
155151a3d0 Use g_steal_pointer where possible
Via coccinelle (not the handbag!)
spatches used:
@ rule1 @
identifier a, b;
symbol NULL;
@@

- b = a;
  ... when != a
- a = NULL;
+ b = g_steal_pointer(&a);

@@

- *b = a;
  ... when != a
- a = NULL;
+ *b = g_steal_pointer(&a);

Signed-off-by: Kristina Hanicova <khanicov@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-03-01 15:54:42 +01:00
Peter Krempa
cb29e4e801 qemuBackupJobTerminate: Don't calculate backup job stats if VM isn't active
If the VM isn't active calculating the job stats doesn't make sense.
Additionally this prevents a crash of libvirtd if qemu terminates while
libvirt wasn't running:

Thread 28 "init-backup-tes" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffb9310640 (LWP 3201116)]
qemuDomainJobInfoUpdateTime (jobInfo=0x0) at ../../../libvirt/src/qemu/qemu_domainjob.c:275
275	    if (!jobInfo->started)
(gdb) bt
 #0  qemuDomainJobInfoUpdateTime (jobInfo=0x0) at ../../../libvirt/src/qemu/qemu_domainjob.c:275
 #1  0x00007fffcba1a12d in qemuBackupJobTerminate (vm=0x7fff9c1bc840, jobstatus=QEMU_DOMAIN_JOB_STATUS_CANCELED) at ../../../libvirt/src/qemu/qemu_backup.c:563
 #2  0x00007fffcbaefcae in qemuProcessStop
    (driver=0x7fff9c144ff0, vm=0x7fff9c1bc840, reason=VIR_DOMAIN_SHUTOFF_DAEMON, asyncJob=QEMU_ASYNC_JOB_NONE, flags=<optimized out>)
    at ../../../libvirt/src/qemu/qemu_process.c:7812
 #3  0x00007fffcbaf2a10 in qemuProcessReconnect (opaque=<optimized out>) at ../../../libvirt/src/qemu/qemu_process.c:8578
 #4  0x00007ffff7c46bb5 in virThreadHelper (data=<optimized out>) at ../../../libvirt/src/util/virthread.c:233
 #5  0x00007ffff6e453f9 in start_thread () at /lib64/libpthread.so.0
 #6  0x00007ffff766fb53 in clone () at /lib64/libc.so.6

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-01 15:44:47 +01:00
Peter Krempa
5627f62ec4 qemuBackupJobTerminate: Move cleanup of temp files earlier
Upcoming patch will remove unnecessary actions if the VM crashed. The
cleanup needs to be performed always, thus needs to be moved earlier.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-03-01 15:44:47 +01:00
Michal Privoznik
6458b9d94a qemu_monitor: Document qemuMonitorUnregister()
The most important bit is that the caller is expected to pass
locked monitor.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2021-02-25 10:22:10 +01:00
Jiri Denemark
c8f3b83c72 qemu_domainjob: Make copy of owner API
Using the job owner API name directly works fine as long as it is a
static string or the owner's thread is still running. However, this is
not always the case. For example, when the owner API name is filled in a
job when we're reconnecting to existing domains after daemon restart,
the dynamically allocated owner name will disappear with the
reconnecting thread. Any follow up usage of the pointer will read random
memory.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-02-25 09:55:31 +01:00
Laine Stump
98e67d4d8c qemu: allow migration of generic <hostdev> with <teaming>
Commit 010ed0856b and commit db64acfbda introduced the ability to use
the <teaming> element in a generic <hostdev> (previously it could only
be used with <interface type='hostdev'>). However, the patch omitted
one crucial detail - along with parsing the <teaming> element in
<hostdev>, and adding the necessary info to the qemu commandline, we
also need to modify qemuMigrationSrcIsAllowedHostdev() to allow
migration when the generic <hostdev> has a <teaming> element.

https://bugzilla.redhat.com/1927984

Fixes: 010ed0856b
Reported-by: Yalan Zhang <yalzhang@redhat.com>
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-02-24 12:31:51 -05:00
Peng Liang
1ac703a7d0 qemu: Add missing lock in qemuProcessHandleMonitorEOF
qemuMonitorUnregister will be called in multiple threads (e.g. threads
in rpc worker pool and the vm event thread).  In some cases, it isn't
protected by the monitor lock, which may lead to call g_source_unref
more than one time and a use-after-free problem eventually.

Add the missing lock in qemuProcessHandleMonitorEOF (which is the only
position missing lock of monitor I found).

Suggested-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Peng Liang <liangpeng10@huawei.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-24 15:00:51 +01:00
Peter Krempa
ad3f3bd048 qemuAgentSetVCPUsCommand: Refactor cleanup
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-20 13:26:37 +01:00
Peter Krempa
0b236a9260 qemuMonitorJSONTransactionAdd: Refactor cleanup
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-20 13:26:37 +01:00
Peter Krempa
6431b20c3e virJSONValueArrayAppend: Clear pointer when taking ownership of passed value
The parent array takes ownership of the inserted value once all checks
pass. Don't make the callers second-guess when that happens and modify
the function to take a double pointer so that it can be cleared once the
ownership is taken.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-20 13:26:37 +01:00
Peter Krempa
83a50fe2a5 qemuAgentMakeStringsArray: Refactor cleanup
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-20 13:26:37 +01:00
Peter Krempa
5fc3892891 virJSONValueObjectAppend: Clear pointer when taking ownership of passed value
The parent object takes ownership of the inserted value once all checks
pass. Don't make the callers second-guess when that happens and modify
the function to take a double pointer so that it can be cleared once the
ownership is taken.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-20 13:26:37 +01:00
Peter Krempa
a3f237cb00 qemuAgentMakeCommand: Refactor memory cleanup
Switch to using the 'g_auto*' helpers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-20 13:26:36 +01:00
Peter Krempa
013e7564ff qemu: capabilities: Enable QEMU_CAPS_INCREMENTAL_BACKUP
For incremental backup we need QEMU_CAPS_BLOCKDEV,
QEMU_CAPS_BLOCKDEV_REOPEN, QEMU_CAPS_MIGRATION_PARAM_BLOCK_BITMAP_MAPPING.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
9f61d14a9e qemu: migration: Migrate block dirty bitmaps corresponding to checkpoints
Preserve block dirty bitmaps after migration with
QEMU_MONITOR_MIGRATE_NON_SHARED_(DISK|INC).

This patch implements functions which offer the bitmaps to the
destination, check for eligibility on destination and then configure
source for the migration.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
1475baed36 qemu: migration: Clean up temporary bitmaps when cancelling a migration
In case when the block migration job required temporary bitmaps for
merging the appropriate checkpoints we need to clean them up when
cancelling the job. On success we don't need to do that though as the
bitmaps are just temporary thus are not written to disk.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
516906d681 qemu: domain: Store list of temporary bitmaps for migration in status XML
Add status XML infrastructure for storing a list of block dirty bitmaps
which are temporarily used when migrating a VM with
VIR_MIGRATE_NON_SHARED_DISK for cleanup after a libvirtd restart during
migration.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
49957f5f69 qemu: migration_cookie: Add helpers for transforming the cookie into migration params
'qemuMigrationCookieBlockDirtyBitmapsMatchDisks' maps the bitmaps from
the migration cookie to actual disk objects definition pointers.

'qemuMigrationCookieBlockDirtyBitmapsToParams' converts the bitmap
definitions from the migration cookie into parameters for the
'block-bitmap-mapping' migration parameter.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
f5cd60d478 qemu: migration_cookie: Add XML handling for setting up bitmap migration
In cases where we are copying the storage we need to ensure that also
bitmaps are copied properly. This patch adds migration cookie XML
infrastructure which will allow the migration sides reach consensus on
which bitmaps to migrate.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
b0104664c6 qemu: migration_params: Add infrastructure for 'dirty-bitmaps' migration feature
Add the migration capability flag and the propagation of the
corresponding mapping configuration. The mapping will be produced from
the bitmaps on disk depending on both sides of the migration and the
necessity to perform merges.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
b44e3ca306 qemu: blockjob: Use qemuMonitorBitmapRemove for single bitmap removal
There's no need in the cleanup steps to invoke a transaction to delete a
single bitmap.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
7a8d7d75df qemu: monitor: Introduce qemuMonitorBitmapRemove
The non-transaction wrapper is useful for code paths which want to
delete individual bitmaps or for cleanup after a failed job where we
want to attempt to delete every bitmap individually to prevent a failure
from cleaning up the rest.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:21 +01:00
Peter Krempa
8da9c7456d qemu: migration: Create qcow2 v3 images for VIR_MIGRATE_NON_SHARED_DISK
Use the new format when pre-creating the image for the user. Users
wishing to use the legacy format can always provide their own images or
use shared storage.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:21:15 +01:00
Peter Krempa
253bce93d3 qemu: Probe whether an image is 'qcow2 v2' from query-named-block-nodes
Such images don't support stuff like dirty bitmaps. Note that the
synthetic test for detecting bitmaps is used as an example to prevent
adding additional test cases.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:20:32 +01:00
Peter Krempa
9e855e7589 qemu: capabilities: Introduce QEMU_CAPS_MIGRATION_PARAM_BLOCK_BITMAP_MAPPING
The capability represents qemu's ability to setup mappings for migrating
block dirty bitmaps and is based on presence of the 'transform' property
of the 'block-bitmap-mapping' property of 'migrate-set-parameters' QMP
command.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-20 13:20:32 +01:00
Stefan Berger
f30aa2ec74 qemu: Fix libvirt hang due to early TPM device stop
This patch partially reverts commit 5cde9dee where the qemuExtDevicesStop()
was moved to a location before the QEMU process is stopped. It may be
alright to tear down some devices before QEMU is stopped, but it doesn't work
for the external TPM (swtpm) which assumes that QEMU sends it a signal to stop
it before libvirt may try to clean it up. So this patch moves the
virFileDeleteTree() calls after the call to qemuExtDevicesStop() so that the
pid file of virtiofsd is not deleted before that call.

Afftected libvirt versions are 6.10 and 7.0.

Fixes: 5cde9dee8c
Cc: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-19 17:31:37 +01:00
Tim Wiederhake
c0ac0144a3 qemu_validate: Allow kvm hint-dedicated on non-passthrough VMs
A VM defined similar to:
  ...
  <features><kvm><hint-dedicated state='on'/></kvm></features>
  <cpu mode="host-model"/>
  ...
is currently invalid, as hint-dedicated is only allowed if cpu mode
is host-passthrough or maximum. This restriction is unnecessary, see
https://bugzilla.redhat.com/show_bug.cgi?id=1857671

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-02-19 11:11:12 +01:00
Ján Tomko
35ce344bfe qemu: monitor: clear cpu props properly in CPUInfoClear
Stay true to the name of the function and clear the pointer
after freeing it.

This also silences a bogus Coverity report about a double
free in qemuMonitorGetCPUInfo where qemuMonitorCPUInfoClear
is called right after allocating a new qemuMonitorCPUInfo
to fill out the non-zero defaults.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2021-02-18 17:14:47 +01:00
Ján Tomko
a8ed27e70a qemu: saveimage: only steal domXML on success
The comment and the caller assume virQEMUSaveDataNew only steals
domXML on success, but it is copied even on failure.

Also remove the misleading g_steal_pointer call on a local variable.

Reported by coverity.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2021-02-18 17:14:47 +01:00
Daniel Henrique Barboza
d9977cc0f1 qemu_driver.c: Coverity fix in qemuNodeDeviceDetachFlags()
Commit 76f4788932 made qemuNodeDeviceDetachFlags() unusable due to an
'if then else if' chain that will always results in a 'return -1',
regardless of 'driverName' input.

Found by Coverity.

Fixes: 76f4788932
Reported-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2021-02-18 10:06:30 -03:00
Yi Li
21d83d37ff qemuBlockDiskDetectNodes: just return when alias is null
Just return when alias is null and Remove the 'ret' variable.

Signed-off-by: Yi Li <yili@winhong.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-02-18 08:35:08 +01:00
Daniel Henrique Barboza
887dd0d331 qemu, libxl, hypervisor: use virDomainDriverNodeDeviceDetachFlags() helper
libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags() are mostly
equal, aside from how the virHostdevmanager pointer is retrieved and
the PCI stub driver used.

Now that the PCI stub driver verification is done early in both functions,
we can use the virDomainDriverNodeDeviceDetachFlags() helper to reduce
code duplication between them. 'driverName' is checked inside the helper
to set the appropriate stub driver.

The helper is named with the 'Flags' suffix, even when the helper itself
isn't receiving the flags from the callers, to be compliant with the
ACL function virNodeDeviceDetachFlagsEnsureACL() that is being called
inside it and was called from the original functions. Renaming the helper
would implicate in renaming REMOTE_PROC_NODE_DEVICE_DETACH_FLAGS, and all the
related structs inside remote_protocol.x, to be compliant with the ACL
rules.

This is not being checked at this moment, but we'll fix check-aclrules.py to
verify all the helpers that calls ACL functions in domain_driver.c shortly.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2021-02-17 15:56:27 -03:00
Daniel Henrique Barboza
76f4788932 qemu_driver.c: validate 'driverName' earlier in qemuNodeDeviceDetachFlags()
The validation of 'driverName' does not depend on any other state and can be
done right on the start of the function. We can fail earlier while avoiding
a cleanup jump.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2021-02-17 15:53:00 -03:00
Daniel Henrique Barboza
23cdab6a3d qemu, libxl, hypervisor: use virDomainDriverNodeDeviceReAttach() helper
libxlNodeDeviceReAttach() and qemuNodeDeviceReAttach() are mostly equal,
differing only how the virHostdevManager pointer is retrieved.

Put the common code into virDomainDriverNodeDeviceReAttach() to reduce
code duplication.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2021-02-17 15:52:50 -03:00
Daniel Henrique Barboza
42923b1356 qemu, libxl, hypervisor: use virDomainDriverNodeDeviceReset() helper
libxlNodeDeviceReset() and qemuNodeDeviceReset() are mostly equal,
differing only how the virHostdevManager pointer is retrieved.

Put the common code into virDomainDriverNodeDeviceReset() to reduce
code duplication.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2021-02-17 15:47:40 -03:00
Daniel P. Berrangé
cff6236105 qemu: use on|off for -vnc boolean option values
The preferred syntax for boolean options is to set the value "on" or
"off". QEMU 7.1.0 will deprecate the short format we currently use.

The long format has been supported with -vnc since the change to use
QemuOpts in 2.2.0, so we check based on the new capability flag.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-16 14:03:11 +00:00
Daniel P. Berrangé
a4f57fa37d qemu: probe for -vnc supporting use of QemuOpts syntax
This was introduced in QEMU 2.2.0, and is visible by -vnc appearing in
the "query-command-line-options" data.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-16 14:02:59 +00:00
Michal Privoznik
2642cc0f66 qemu: Don't lie about @ndevAlias when translating FSInfo
When virDomainGetFSInfo() is called over a QEMU/KVM domain it
results into calling of 'guest-get-fsinfo' guest agent command to
which it replies with info on guest (mounted) filesystems. When
filling return structure we also try to do basic lookup and
translate guest agent provided disk address into disk target (as
seen in domain XML). This can of course fail - guest can have
variety of disks not recorded in domain XML (iSCSI, scsi_debug,
NFS to name a few). If that's the case, a debug message is logged
and no disk target is added into the return structure.

However, due to the way our code is written the caller is led to
believe that the target was added into the structure. This may
lead to a situation where the array of disk targets (strings)
contains NULL. But our RPC structure says the array contains only
non-NULL strings. This results in somewhat 'cryptic' (at least to
users) error message:

  error: Unable to get filesystem information
  error: Unable to encode message payload

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1919783
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-02-16 14:06:31 +01:00
Michal Privoznik
9ad1e1d897 qemu: Bring if() outside from loop in virDomainFSInfoFormat()
After previous commit, the freeing of @info_ret inside of
virDomainFSInfoFormat() looks like this:

  for () {
    if (info_ret)
      virDomainFSInfoFree(info_ret[i]);
  }

It is needless to compare @info_ret against NULL in each
iteration. We can switch the order and do the comparison first
followed by the loop.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-02-16 14:06:31 +01:00
Michal Privoznik
59c80e9fd0 qemu: Move qemuAgentFSInfo array free into qemuDomainGetFSInfo()
When qemuDomainGetFSInfo() is called it calls
qemuDomainGetFSInfoAgent() which executes 'guest-get-fsinfo'
guest agent command, parses returned JSON and returns an array of
qemuAgentFSInfo structures (well, pointers to those structs).
Then it grabs a domain job and tries to do some matching of guest
returned info against domain definition. This matching is done in
virDomainFSInfoFormat() which also frees the array of
qemuAgentFSInfo structures allocated earlier.

But this is not just. If acquiring the domain job fails (or
domain activeness check executed right after that fails) then
virDomainFSInfoFormat() is not called, leaking the array of
structs.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-02-16 14:06:31 +01:00
Michal Privoznik
5922b2b104 qemu: Drop needless check in virDomainFSInfoFormat()
As the very first thing, this function checks whether the number
of items inside @agentinfo array is not negative. This is
redundant as the only caller - qemuDomainGetFSInfo() already
checked for that and would not even call this function if that
was the case.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-02-16 14:06:31 +01:00
Daniel P. Berrangé
67f8ccb4e2 qemu: use long on|off syntax for -spice boolean option values
The preferred syntax for boolean options is to set the value "on" or
"off". QEMU 7.1.0 will deprecate the short format we currently use.

The long format has been supported with -spice since at least 1.5.3,
so we don't need to check for it.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-16 12:38:30 +00:00
Daniel P. Berrangé
43c9c0859f qemu: use long on|off syntax for -chardev boolean option values
The preferred syntax for boolean options is to set the value "on" or
"off". QEMU 7.1.0 will deprecate the short format we currently use.

The long format has been supported with -chardev since at least 1.5.3,
so we don't need to check for it.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-16 12:38:20 +00:00
Peter Krempa
ce8670ef46 qemuSnapshotFSFreeze: Don't return -2
The -2 value is misleading because if 'qemuAgentFSFreeze' fails it
doesn't necessarily mean that the command was sent to the agent.

Since callers don't care about the -2 value specifically, remove it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2021-02-16 12:25:30 +01:00
Peter Krempa
ee91c82533 qemuSnapshotCreateActiveExternal: Don't thaw filesystems when freeze fails
If we didn't freeze any filesystems we should not even attempt thawing
them. Additionally 'guest-fsfreeze-freeze' fails if the filesystems are
already frozen, where thawing them may break users data integrity if
they used VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE accidentally after an
explicit virDomainFSFreeze and the next snapshot without that flag would
be taken with already thawed filesystems.

This effectively reverts 7c736bab06 .
Libvirt nowadays checks whether the guest agent is connected and pings
it before issuing an command so it's very unlikely that we'd end up in a
situation where qemuSnapshotCreateActiveExternal froze filesystems and
didn't thaw them.

Additionally we now discourage the use of
VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE since users have better control if
they freeze the FS themselves.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2021-02-16 12:25:30 +01:00
Peter Krempa
b805ff66d4 qemuMigrationSrcPerformPeer2Peer3: Don't leak 'dom_xml' on cleanup
Use g_autofree for 'dom_xml' to free it on some of the (unlikely) code
paths jumping to cleanup prior to the deallocation which is done right
after it's not needed any more since it's a big string.

Noticed when running under valgrind:

==2204780== 8,192 bytes in 1 blocks are definitely lost in loss record 2,539 of 2,551
==2204780==    at 0x483BCE8: realloc (vg_replace_malloc.c:834)
==2204780==    by 0x4D890DF: g_realloc (in /usr/lib64/libglib-2.0.so.0.6600.4)
==2204780==    by 0x4DA3AF0: g_string_append_vprintf (in /usr/lib64/libglib-2.0.so.0.6600.4)
==2204780==    by 0x4917293: virBufferAsprintf (virbuffer.c:307)
==2204780==    by 0x49B0B75: virDomainChrDefFormat (domain_conf.c:26109)
==2204780==    by 0x49E25EF: virDomainDefFormatInternalSetRootName (domain_conf.c:28956)
==2204780==    by 0x15F81D24: qemuDomainDefFormatBufInternal (qemu_domain.c:6204)
==2204780==    by 0x15F8270D: qemuDomainDefFormatXMLInternal (qemu_domain.c:6229)
==2204780==    by 0x15F8270D: qemuDomainDefFormatLive (qemu_domain.c:6279)
==2204780==    by 0x15FD8100: qemuMigrationSrcBeginPhase (qemu_migration.c:2395)
==2204780==    by 0x15FE0F0D: qemuMigrationSrcPerformPeer2Peer3 (qemu_migration.c:4640)
==2204780==    by 0x15FE0F0D: qemuMigrationSrcPerformPeer2Peer (qemu_migration.c:5093)
==2204780==    by 0x15FE0F0D: qemuMigrationSrcPerformJob (qemu_migration.c:5168)
==2204780==    by 0x15FE280E: qemuMigrationSrcPerform (qemu_migration.c:5372)
==2204780==    by 0x15F9BA3D: qemuDomainMigratePerform3Params (qemu_driver.c:11841)

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-02-16 12:25:30 +01:00
Michal Privoznik
a1229335f6 qemu_hotplug: Don't dereference NULL pointer @newb in qemuDomainChangeNet()
In one of my previous commits I've made an attempt to restore the
noqueue qdisc on a TAP corresponding to domain's <interface/> if
QoS is cleared out. The commit consisted of two almost identical
hunks. In both the pointer is dereferenced. But in one of them,
the pointer to new bandwidth can't be NULL while in the other it
can leading to a crash.

Fixes: d53b092353
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1919619
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2021-02-16 09:05:33 +01:00
Laine Stump
4abf2d5d74 qemu: convert VIR_FREE to g_free in other functions that free their arg
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-12 12:10:38 -05:00
Michal Privoznik
859f7e2072 qemu_shim: URI escape root directory
The root directory can be provided by user (or a temporary one is
generated) and is always formatted into connection URI for both
secret driver and QEMU driver, like this:

  qemu:///embed?root=$root

But if it so happens that there is an URI unfriendly character in
root directory or path to it (say a space) then invalid URI is
formatted which results in unexpected results. We can trust
g_dir_make_tmp() to generate valid URI but we can't trust user.
Escape user provided root directory. Always.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1920400
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-12 17:59:42 +01:00
Daniel P. Berrangé
970a59d746 qemu: implement virDomainGetMessages API
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-12 09:19:13 +00:00
Daniel P. Berrangé
17f001c451 qemu: record deprecation messages against the domain
These messages are only valid while the domain is running.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-12 09:19:12 +00:00
Laine Stump
010ed0856b qemu: plug <teaming> config from <hostdev> into qemu commandline
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:21:59 -05:00
Laine Stump
13be68094d conf: use virDomainNetTeamingInfoPtr instead of virDomainNetTeamingInfo
To make it easier to split out the parsing/formatting of the <teaming>
element into separate functions (so we can more easily add the
<teaming> element to <hostdev>, change its virDomainNetDef so that it
points to a virDomainNetTeamingInfo rather than containing one.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 16:31:51 -05:00
Jim Fehlig
afb823fc50 qemu: Validate TPM TIS device
TPM devices with model='tpm-tis' are only valid with x86 and aarch64
virt machines. Add a check to qemuValidateDomainDeviceDefTPM() to
ensure VIR_DOMAIN_TPM_MODEL_TIS is only used with these architectures.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2021-02-11 10:08:52 -07:00
Jim Fehlig
7cf60006ce qemu: Fix swtpm device with aarch64
Starting a VM with swtpm device fails with qemu-system-aarch64.
E.g. with TPM device config

     <tpm model='tpm-tis'>
       <backend type='emulator' version='2.0'/>
      </tpm>

QEMU reports the following error

error: internal error: process exited while connecting to monitor:
2021-02-07T05:15:35.378927Z qemu-system-aarch64: -device
tpm-tis,tpmdev=tpm-tpm0,id=tpm0: 'tpm-tis' is not a valid device model name

Indeed the TPM device name is 'tpm-tis-device' [1][2] for aarch64,
versus the shorter 'tpm-tis' for x86. The devices are the same from
a functional POV, i.e. they both emulate a TPM device conforming to
the TIS specification. Account for the unfortunate name difference
when building the TPM device option in qemuBuildTPMDevStr(). Also
include a test case for 'tpm-tis-device'.

[1] https://qemu.readthedocs.io/en/latest/specs/tpm.html
[2] c294ac327c

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2021-02-11 10:08:52 -07:00
Peter Krempa
480fecaa21 Replace virStringListJoin by g_strjoinv
Our implementation was inspired by glib anyways. The difference is only
the order of arguments.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:34 +01:00
Peter Krempa
10157731f4 Replace virStringSplit with g_strsplit
Our implementation was heavily inspired by the glib version so it's a
drop-in replacement.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:34 +01:00
Peter Krempa
dcd547aec1 Replace virStringListLength by g_strv_length
The glib implementation doesn't tolerate NULL but in most cases we check
before anyways. The rest of the callers adds a NULL check.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:34 +01:00
Peter Krempa
2f9b2c0cdd Replace virStringListLength where actual lenght is not needed
Some callers don't need to know the actual lenght of the list but only
care whether the required element is present or the list is non-empty.
Don't calculate the list length in those cases.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:34 +01:00
Peter Krempa
56cedfcf38 Replace virStringListHasString by g_strv_contains
The glib variant doesn't accept NULL list, but there's just one caller
where it wasn't checked explicitly, thus there's no need for our own
wrapper.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:33 +01:00
Peter Krempa
d9f7e87673 qemuProcessUpdateDevices: Refactor cleanup and memory handling
Use automatic memory freeing and remove the 'cleanup' label. Also make
it a bit more obvious that nothing happens if the 'old' list wasn't
present.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:33 +01:00
Peter Krempa
4ebc278657 qemu: Convert 'priv->dbusVMStateIds' to a GSList
The conversion removes the use of virStringListAdd/virStringListRemove
which try to add dynamic properties to a string list which is really
inefficient.

Storing the dbus VMState ids in a GSList is pretty straightforward and
the slightly increased complexity of the code will be paid back by
removing the string list helpers later.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:32 +01:00
Peter Krempa
f060d62c75 qemuInteropFetchConfigs: Don't use 'virStringListAdd' to construct list
'virHashGetItems' already returns the number of entries which will be
considered for addition to the list so we can allocate it to the upper
bound upfront rather than growing it in a loop. This avoids the
quadratic complexity of 'virStringListAdd'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:32 +01:00
Peter Krempa
9afed29b45 qemu: namespace: Don't use 'virStringListAdd' inside loops
'virStringListAdd' calculates the string list length on every invocation
so constructing a string list using it results in O(n^2) complexity.

Use a GSList which has cheap insertion and iteration and doesn't need
failure handling.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:32 +01:00
Peter Krempa
b020663381 qemuNamespaceUnlinkPaths: Fix inconsistent cleanup handling
Some code paths return -1 directly while others jump to 'cleanup' which
cleans the list of mounts. Since qemuDomainGetPreservedMounts now
returns a NULL-terminated list, convert devMountsPath to g_auto(GStrv)
and remove the cleanup altoghether.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:32 +01:00
Peter Krempa
e310900e50 qemuNamespaceUnlinkPaths: Fix wrong use of iterator variable
'i' is used in both outer and inner loop. Since 'devMountsPath' is now a
NULL-terminated list, we can use a GStrv to iterate it;

Additionally rewrite the conditional of adding to the 'unlinkPaths'
array so that it's more clear what's happening.

Fixes: 5c86fbb72d
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:32 +01:00
Peter Krempa
5ab8342e64 qemuDomainGetPreservedMounts: Refactor to return NULL-terminated string lists
Refactor the handling of internals so that NULL-terminated lists are
always returned.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-02-11 17:05:32 +01:00
Michal Privoznik
677c90cc1d qemu: Do not Use canonical path for system memory
In commit 88957116c9 I've adapted
libvirt to QEMU's deprecation of -mem-path and -mem-prealloc and
switched to memory-backend-* even for system memory. My claim was
that that's what QEMU does under the hood anyway. And indeed it
was: see QEMU commit 900c0ba373aada4c13d47d95330aa72ec4067ba5 and
look at function create_default_memdev().

However, then commit d96c4d5f193e0e45beec80a6277728b32875bddb was
merged into QEMU. While it was fixing a bug, it also changed the
create_default_memdev() function in which it started turning off
use of canonical path (by setting
"x-use-canonical-path-for-ramblock-id" attribute to false). This
wasn't documented until QEMU commit
8db0b20415c129cf5e577a593a4a0372d90b7cc9. The path affects
migration - the same path has to be used on the source and on the
destination. Therefore, if there is old guest started with '-m X'
it has "pc.ram" block which doesn't use canonical path and thus
when migrating to newer QEMU which uses memory-backend-* we have
to turn off the canonical path explicitly. Otherwise,
"/objects/pc.ram" path would be expected by QEMU which doesn't
match the source.

Ideally, we would need to set it only for some machine types
(4.0 and older) because newer machine types already do what we
are doing. However, we treat machine types as opaque strings and
therefore we don't want to parse nor inspect their versions. But
then again, newer machine types already do what we are doing in
this commit, so when old machine types are deprecated and removed
we can remove our hack and forget it ever happened.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1912201
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-02-11 08:43:14 +01:00
Michal Privoznik
204dfbe15d qemu_capabilities: Introduce QEMU_CAPS_X_USE_CANONICAL_PATH_FOR_RAMBLOCK_ID
This capability tracks whether memory-backend-file has
"x-use-canonical-path-for-ramblock-id" attribute. Introduced into
QEMU by commit fa0cb34d2210cc749b9a70db99bb41c56ad20831. As of
QEMU commit 8db0b20415c129cf5e577a593a4a0372d90b7cc9 the property
is considered stable by qemu despite the 'x-' prefix to preserve
compatibility with released qemu versions.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-02-11 08:42:06 +01:00