Commit Graph

39259 Commits

Author SHA1 Message Date
Han Han
51f7fdade2 kbase: Add knowledge base for libvirt systemtap
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Han Han <hhan@redhat.com>
2020-08-21 11:34:23 +01:00
Han Han
809a2877ec locking: Replace virMutex with GMutex
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Han Han <hhan@redhat.com>
2020-08-21 11:34:23 +01:00
Han Han
925e34c71a logging: Replace virMutex with GMutex
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Han Han <hhan@redhat.com>
2020-08-21 11:34:23 +01:00
Christian Ehrhardt
ab5b5f22b9
tools: fix libvirt-guests.sh text assignments
In libvirt 6.6 stopping guests with libvirt-guests.sh is broken.
As soon as there is more than one guest one can see
`systemctl stop libvirt-guests` failing and in the log we see:
  libvirt-guests.sh[2455]: Running guests on default URI:
  libvirt-guests.sh[2457]: /usr/lib/libvirt/libvirt-guests.sh: 120:
      local: 2a49cb0f-1ff8-44b5-a61d-806b9e52dae2: bad variable name
  libvirt-guests.sh[2462]: no running guests.

That is due do mutliple guests becoming a list of UUIDs. Without
recognizing this as one single string the assignment breaks when using 'local'
(which was recently added in 6.3.0). This is because local is defined as
  local [option] [name[=value] ... | - ]
which makes the shell trying handle the further part of the string as
variable names. In the error above that string isn't a valid variable
name triggering the issue that is seen.

This depends on the shell being used. POSIX shells don't have 'local'
specified yet and for the common shells it depends. It worked in bash and
bash-in-POSIX-mode, but for example dash in POSIX mode triggers the issue.

To resolve that 'textify' all assignments that are strings or potentially
can become such lists (even if they are not using the local qualifier).

Fixes: 08071ec0 "tools: variables clean-up in libvirt-guests script"

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2020-08-21 08:31:18 +02:00
Michal Privoznik
f34642d17c virfdstream: Drop some needless labels
After previous cleanups, some labels in some functions have
nothing but 'return' statement in them. Drop the labels and
replace 'goto'-s with respective return statements.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-08-20 14:03:41 +02:00
Michal Privoznik
2d3ac83670 virfdstream: Use VIR_AUTOCLOSE()
Again, instead of closing FDs explicitly, we can automatically
close them when they go out of their respective scopes.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-08-20 14:02:33 +02:00
Michal Privoznik
4bbe816d9f virfdstream: Use g_new0() instead of VIR_ALLOC()
This switch allow us to save a few lines of code.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-08-20 13:53:34 +02:00
Michal Privoznik
fb27b7b9be virfdstream: Use autoptr for virFDStreamMsg
A cleanup function can be declared for virFDStreamMsg type so
that the structure doesn't have to be freed explicitly.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-08-20 13:51:43 +02:00
Michal Privoznik
211ea0d20c virFDStreamMsgQueuePush: Clear pointer to passed message
All callers of virFDStreamMsgQueuePush() have the same pattern:
they explicitly set @msg passed to NULL to avoid freeing it later
on. Well, the function can take address of the pointer and clear
it for them.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-08-20 13:51:02 +02:00
Michal Privoznik
8d5cae317e virfdstream: Use g_autofree in virFDStreamThreadDoRead()
The buffer that allocated in the virFDStreamThreadDoRead() can be
automatically freed, or if saved into the message structure it
can be stolen.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-08-20 13:48:45 +02:00
Michal Privoznik
53d9af1e79 virdevmapper: Ignore all errors when opening /dev/mapper/control
So far, only ENOENT is ignored (to deal with kernels without
devmapper). However, as reported on the list, under certain
scenarios a different error can occur. For instance, when libvirt
is running inside a container which doesn't have permissions to
talk to the devmapper. If this is the case, then open() returns
-1 and sets errno=EPERM.

Assuming that multipath devices are fairly narrow use case and
using them in a restricted container is even more narrow the best
fix seems to be to ignore all open errors BUT produce a warning
on failure. To avoid flooding logs with warnings on kernels
without devmapper the level is reduced to a plain debug message.

Reported-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-08-19 17:54:04 +02:00
Michal Privoznik
e41ac71fca numa_conf: Properly check for caches in virDomainNumaDefValidate()
When adding support for HMAT, in f0611fe883 I've introduced a
check which aims to validate /domain/cpu/numa/interconnects. As a
part of that, there is a loop which checks whether all <latency/>
with @cache attribute refer to an existing cache level. For
instance:

  <cpu mode='host-model' check='partial'>
    <numa>
      <cell id='0' cpus='0-5' memory='512000' unit='KiB' discard='yes'>
        <cache level='1' associativity='direct' policy='writeback'>
          <size value='8' unit='KiB'/>
          <line value='5' unit='B'/>
        </cache>
      </cell>
      <interconnects>
        <latency initiator='0' target='0' cache='1' type='access' value='5'/>
        <bandwidth initiator='0' target='0' type='access' value='204800' unit='KiB'/>
      </interconnects>
    </numa>
  </cpu>

This XML defines that accessing L1 cache of node #0 from node #0
has latency of 5ns.

However, the loop was not written properly. Well, the check in
it, as it was always checking for the first cache in the target
node and not the rest. Therefore, the following example errors
out:

  <cpu mode='host-model' check='partial'>
    <numa>
      <cell id='0' cpus='0-5' memory='512000' unit='KiB' discard='yes'>
        <cache level='3' associativity='direct' policy='writeback'>
          <size value='10' unit='KiB'/>
          <line value='8' unit='B'/>
        </cache>
        <cache level='1' associativity='direct' policy='writeback'>
          <size value='8' unit='KiB'/>
          <line value='5' unit='B'/>
        </cache>
      </cell>
      <interconnects>
        <latency initiator='0' target='0' cache='1' type='access' value='5'/>
        <bandwidth initiator='0' target='0' type='access' value='204800' unit='KiB'/>
      </interconnects>
    </numa>
  </cpu>

This errors out even though it is a valid configuration. The L1
cache under node #0 is still present.

Fixes: f0611fe883
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2020-08-19 10:21:59 +02:00
Prathamesh Chavan
b3204e820f qemu_domainjob: remove dependency on qemuDomainDiskPrivatePtr
Both parsing and formatting of NBD migration jobs is QEMU specific and
since we're trying to create a hypervisor-agnostic module out of
qemu_domainjob.c, move the NBD XML handling bits to the qemu_domain
module instead. Additionally, move the respective NBD XML calls to
the 'parseJob'/'formatJob' callbacks of the
qemuDomainObjPrivateJobCallbacks structure.

Signed-off-by: Prathamesh Chavan <pc44800@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-19 09:31:27 +02:00
Prathamesh Chavan
1ca15137da qemu_domain: Move a couple of function declarations to the correct file
Functions `qemuDomainRemoveInactiveJob` and
`qemuDomainRemoveInactiveJobLocked` had their declaration misplaced in
`qemu_domainjob` and were moved to `qemu_domain` where their definitions
reside.

Signed-off-by: Prathamesh Chavan <pc44800@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-19 09:22:42 +02:00
Andrea Bolognani
53b2b0ae15 meson: Don't use spaces after parentheses
We don't do that anywhere else.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2020-08-19 00:10:02 +02:00
Andrea Bolognani
a0e743debe meson: Fix indentation
We use two spaces everywhere else.

This commit is best viewed with 'git show -w'.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2020-08-19 00:09:57 +02:00
Andrea Bolognani
2843f14145 meson: Fix typo supprt -> support
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2020-08-18 23:20:19 +02:00
Andrea Bolognani
0a47d72103 meson: Fix typo backand -> backend
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2020-08-18 21:01:45 +02:00
Pavel Hrdina
e72a4a7f01 src/meson: add missing augeas tests
Most of our augeas files are generated during meson setup into build
directory and we were running augeas tests only for these files.

However, we have some other augeas and config files that are not
modified during meson setup and they are only in source directories.
In order to run tests for these files we need to provide different path
to both source and build directories.

Reported-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-08-18 16:35:56 +02:00
Pavel Hrdina
055cac9c5f src/meson: introduce srcdir and builddir into augeas_test_data dictionary
This will be used later to specify different include directories for
augparse binary to run augeas tests.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-08-18 16:35:47 +02:00
Peter Krempa
bb11ca5199 docs: build: Fix links to 'edit this page' for kbase/manpages/internals
Commit 862cf2ace4 modified the generator
to base edit links in the root of the repository but forgot to add the
'docs/' prefix to the code generating kbase articles, manpages and the
internals documentation.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2020-08-18 15:38:49 +02:00
Hao Wang
3d07176ffa qemu: doCoreDump: Fix return value not expect as result
In case qemuDumpToFd() returns zero followed by a VIR_CLOSE(fd) fail,
we'd jump to the "cleanup" label with "ret=0", potentially resulting in
an unexpected success return value.

Signed-off-by: Hao Wang <wanghao232@huawei.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-18 14:32:14 +02:00
Michal Privoznik
683bcc015c NEWS: Document recent virdevmapper fix
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-08-18 13:23:12 +02:00
Michal Privoznik
feb8564a3c virdevmapper: Handle kernel without device-mapper support
In one of my latest patch (v6.6.0~30) I was trying to remove
libdevmapper use in favor of our own implementation. However, the
code did not take into account that device mapper can be not
compiled into the kernel (e.g. be a separate module that's not
loaded) in which case /proc/devices won't have the device-mapper
major number and thus virDevMapperGetTargets() and/or
virIsDevMapperDevice() fails.

However, such failure is safe to ignore, because if device mapper
is missing then there can't be any multipath devices and thus we
don't need to allow the deps in CGroups, nor create them in the
domain private namespace, etc.

Fixes: 2249455654
Reported-by: Andrea Bolognani <abologna@redhat.com>
Reported-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Tested-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2020-08-18 12:58:27 +02:00
Michal Privoznik
82bb167f0d virdevmapper: Don't cache device-mapper major
The device mapper major is needed in virIsDevMapperDevice() which
determines whether given device is managed by device-mapper. This
number is obtained by parsing /proc/devices and then stored in a
global variable so that the file doesn't have to be parsed again.
However, as it turns out this logic is flawed - the major number
is not static and can change as it can be specified as a
parameter when loading the dm-mod module.

Unfortunately, I was not able to come up with a good solution and
thus the /proc/devices file is being parsed every time we need
the device mapper major.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Tested-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2020-08-18 12:57:32 +02:00
Pino Toscano
cbce7a12b7 docs: improve auth service listing
Slightly improve the list of known authentication service types:
- reword 'ssh' to mention it is used for the ssh driver (for remote
  QEMU), and stop mentioning the removed Phyp driver
- add 'hyperv', used by the HyperV driver
- alphabetically sort the list
- use a bulletted list instead of a numbered one

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-08-17 11:34:10 +02:00
Erik Skultety
e4dc0c4c16 build-aux: Get rid of 'make syntax-check' reference
Change the 'make syntax-check' reference after the switch to
meson/ninja.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:49:59 +02:00
Daniel Henrique Barboza
f31f3e4346 vbox_XPCOMCGlue.c: get rid of 'make check' reference
Change the 'make check' reference after the switch to meson/ninja.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:42:47 +02:00
Daniel Henrique Barboza
83a39d3276 tests: get rid of 'make check' references
Update the remaining 'make check' references after the
switch to meson/ninja.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:42:47 +02:00
Daniel Henrique Barboza
3252742bab ci/Makefile: get rid of 'make check' references
Update the remaining 'make check' references after the
switch to meson/ninja.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:42:47 +02:00
Daniel Henrique Barboza
53f62118c3 docs: get rid of 'make check' references
Update the remaining 'make check' references after the
switch to meson/ninja.

The reference in testsuites.html.in was kept with a note that it is
the process for Libvirt 6.6.0 and older.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:42:47 +02:00
Boris Fiuczynski
ae8a83c353 storage: avoid maybe-uninitialized warning by GCC 10
GCC 10 complains about variables may be used uninitialized.
Even though it might be false positives, we can easily avoid them.

Avoiding
 ../src/storage/storage_backend_iscsi_direct.c:634:11: error: ‘nb_block’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
   634 |     while (lba < nb_block) {
       |           ^
 ../src/storage/storage_backend_iscsi_direct.c:619:14: note: ‘nb_block’ was declared here
   619 |     uint64_t nb_block;
       |              ^~~~~~~~
 ../src/storage/storage_backend_iscsi_direct.c:637:16: error: ‘block_size’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
   637 |         task = iscsi_write16_sync(iscsi, lun, lba, data,
       |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   638 |                                   block_size * to_write,
       |                                   ~~~~~~~~~~~~~~~~~~~~~~
   639 |                                   block_size, 0, 0, 0, 0, 0);
       |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~~
 ../src/storage/storage_backend_iscsi_direct.c:618:14: note: ‘block_size’ was declared here
   618 |     uint32_t block_size;
       |              ^~~~~~~~~~
 ../src/storage/storage_backend_iscsi_direct.c: In function ‘virStorageBackendISCSIDirectRefreshPool’:
 ../src/storage/storage_backend_iscsi_direct.c:320:39: error: ‘nb_block’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
   320 |     vol->target.capacity = block_size * nb_block;
       |                            ~~~~~~~~~~~^~~~~~~~~~
 ../src/storage/storage_backend_iscsi_direct.c:306:14: note: ‘nb_block’ was declared here
   306 |     uint64_t nb_block;
       |              ^~~~~~~~
 ../src/storage/storage_backend_iscsi_direct.c:320:39: error: ‘block_size’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
   320 |     vol->target.capacity = block_size * nb_block;
       |                            ~~~~~~~~~~~^~~~~~~~~~
 ../src/storage/storage_backend_iscsi_direct.c:305:14: note: ‘block_size’ was declared here
   305 |     uint32_t block_size;
       |              ^~~~~~~~~~

Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:25:28 +02:00
Boris Fiuczynski
e2bd2af6e4 tools: avoid potential null pointer dereference by GCC 10
GCC 10 complains about "arg" possibly being a NULL dereference.
Even though it might be a false positive, we can easily avoid it.

Avoiding
 ../tools/vsh.c: In function ‘vshCommandOptStringReq’:
 ../tools/vsh.c:1034:19: error: potential null pointer dereference [-Werror=null-dereference]
  1034 |     else if (!*arg->data && !(arg->def->flags & VSH_OFLAG_EMPTY_OK))
       |                ~~~^~~~~~

Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:25:28 +02:00
Boris Fiuczynski
d96d359a03 qemu: avoid maybe-uninitialized warning by GCC 10
GCC 10 complains about "well_formed_uri" may be used uninitialzed.
Even though it is a false positive, we can easily avoid it.

Avoiding
  ../src/qemu/qemu_migration.c: In function ‘qemuMigrationDstPrepareDirect’:
  ../src/qemu/qemu_migration.c:2920:16: error: ‘well_formed_uri’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
    2920 |             if (well_formed_uri) {
         |                ^

Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-17 08:25:28 +02:00
Christian Ehrhardt
a132ba9035
apparmor: fix code style error in reduced if statement
sc_spacing-check  FAIL reporting a case of "Curly brackets around
single-line body:" in a recent commit.

Fixes: d9c21f4b "apparmor: allow adding permanent per guest rules"

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2020-08-13 15:39:26 +02:00
Christian Ehrhardt
d61d8206f3
apparmor: allow unmounting .dev entries
With qemu 5.0 and libvirt 6.6 there are new apparmor denials:
  apparmor="DENIED" operation="umount" profile="libvirtd"
  name="/run/libvirt/qemu/1-kvmguest-groovy-norm.dev/" comm="rpc-worker"

These are related to new issues around devmapper handling [1] and the
error path triggered by these issues now causes this new denial.

There are already related rules for mounting and it seems right to
allow also the related umount.

[1]: https://www.redhat.com/archives/libvir-list/2020-August/msg00236.html

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-08-13 12:52:45 +02:00
Christian Ehrhardt
d9c21f4bfc
apparmor: allow adding permanent per guest rules
The design of apparmor in libvirt always had a way to define custom
per-guest rules as described in docs/drvqemu.html and [1].

A fix meant to clean the profiles after guest shutdown was a bit
overzealous and accidentially removed this important admin feature as
well.

Therefore reduce the --delete option of virt-aa-helper to only delete
the .files that would be re-generated in any case.

Users/Admins are always free to clean the profiles themselve if they
prefer a clean directory - they will be regenerated as needed. But
libvirt should never remove the base profile meant to allow per-guest
overrides and thereby break a documented feature.

[1]: https://gitlab.com/apparmor/apparmor/-/wikis/Libvirt#advanced-usage

Fixes: eba2225b "apparmor: delete profile on VM shutdown"

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-08-13 12:52:41 +02:00
Pavel Hrdina
a6886aafac qemu: fix crash in qemuDomainSetBlkioParameters without cgroups
If we don't have cgroups available and user tries to update blkio
parameters for running VM it will crash.

It should have been protected by the virCgroupHasController() check but
it was never called if the API was executed without any flags.

We call virDomainObjGetDefs() which sets `def` and `persistentDef` based
on the flags and these two variables should be used to figure out if we
need to update LIVE, CONFIG or both states.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1808293

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-08-12 14:43:01 +02:00
Erik Skultety
61e56729ff kbase: sev: Provide more details on virtio-net configuration
With virtio-net we also need to disable the iPXE option ROM otherwise
a SEV-enabled guest would not boot. While at it, fix the full machine
XML examples accordingly.

Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
2020-08-12 09:10:36 +02:00
Ján Tomko
551d1aa1fd docs: formatdomain: fix superscripts
There needs to be a space before the :sup: directive.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2020-08-12 00:18:23 +02:00
Ján Tomko
05c1b9e8e8 bhyve: fix NULL pointer check position
src/bhyve/bhyve_parse_command.c:437:9: warning: Either the condition
'!config' is redundant or there is possible null pointer dereference:
config. [nullPointerRedundantCheck]

src/bhyve/bhyve_parse_command.c:280:23: warning: Either the condition
'!separator' is redundant or there is pointer arithmetic
with NULL pointer. [nullPointerArithmeticRedundantCheck]

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
2020-08-11 21:49:54 +02:00
Pavel Hrdina
7e574d1a07 vircgroupv2devices: fix counting entries in BPF map
BPF syscall BPF_MAP_GET_NEXT_KEY returns -1 if something fails but it
will also return -1 if trying to get next key using the last key in the
map with errno set to ENOENT.

If there are VMs running and libvirtd is restarted and user tries to
call some cgroup devices operation on a VM we need to get the count of
entries in BPF map and it fails which will result in error when trying
to attach/detech devices.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1833321

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-08-11 15:11:15 +02:00
Roman Bogorodskiy
4ae4e991e0 meson: define IFCONFIG_PATH for virnetdevip
When checking for ifconfig(8), set not only IFCONFIG value,
but also IFCONFIG_PATH as it's used in util/virnetdevip.c.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2020-08-10 18:40:32 +04:00
Roman Bogorodskiy
154ecac509 meson: fix BSD bridge management routines check
Add missing prerequisite headers for checking BRDGSFD, BRDGADD,
BRDGDEL in net/if_bridgevar.h.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2020-08-10 18:40:32 +04:00
Roman Bogorodskiy
f7ccff027e meson: fix link_addr(3) check
Add missing prerequisite headers for checking link_addr(3)
in net/if_dl.h.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2020-08-10 18:40:19 +04:00
Christian Ehrhardt
3ef2af8ed3
apparmor: let qemu load old shared objects after upgrades
Since [1] qemu can after upgrade fall back to pre-upgrade modules
to still be able to dynamically load qemu-module based features.

The paths for these modules are pre-defined by the code and should
be allowed to be mapped and loaded from which will allow packagers
avoiding the inability of late feature load [2] after package upgrades.

[1]: https://github.com/qemu/qemu/commit/bd83c861
[2]: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1847361

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Acked-by: Jamie Strandboge <jamie@canonical.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange redhat com>
2020-08-10 07:32:07 +02:00
Stefan Bader
7c5ef98c00
apparmor: qemu access to @{PROC}/*/auxv for hw_cap
On some architectures (ppc, s390x, sparc, arm) qemu will read auxv
to detect hardware capabilities via qemu_getauxval.

Allow that access read-only for the entry owned by the current
qemu process.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Acked-by: Jamie Strandboge <jamie@canonical.com>
2020-08-10 07:32:06 +02:00
Jamie Strandboge
e16967fd6e
apparmor: read only access to overcommit_memory
Allow qemu to read @{PROC}/sys/vm/overcommit_memory.
This is read on guest start-up and (as read-only) not a
critical secret that has to stay hidden.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Jamie Strandboge <jamie@ubuntu.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-08-10 07:32:06 +02:00
Stefan Bader
8b6ee1afdb
apparmor: allow libvirtd to call pygrub
When using xen through libxl in Debian/Ubuntu it needs to be able to
call pygrub.

This is placed in a versioned path like /usr/lib/xen-4.11/bin.
In theory the rule could be more strict by rendering the libexec_dir
setting pkg-config can derive from libbxen-dev. But that would make
particular libvirt/xen packages version-depend on each other. It seems
more reasonable to avoid these versioned dependencies and use a wildcard
rule instead as it is already in place for libxl-save-helper.

Note: This change was in Debian [1] and Ubuntu [2] for quite some time
already.

[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931768
[2]: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1326003

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Acked-by: Jamie Strandboge <jamie@canonical.com>
2020-08-10 07:32:06 +02:00
Sam Hartman
155d4fe3fa
apparmor: allow default pki path
/etc/pki/qemu is a pki path recommended by qemu tls docs [1]
and one that can cause issues with spice connections when missing.

Add the path to the allowed list of pki paths to fix the issue.

Note: this is active in Debian/Ubuntu [1] for quite a while already.

[1]: https://www.qemu.org/docs/master/system/tls.html
[2]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930100

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Acked-by: Jamie Strandboge <jamie@canonical.com>
2020-08-10 07:32:05 +02:00