Commit Graph

27002 Commits

Author SHA1 Message Date
Ján Tomko
ec646c1665 conf: virnwfilterbindingdef: include virxml.h
The ParseNode function takes arguments with types
from libxml.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-25 17:46:45 +01:00
Julio Faracco
5b82f7f3af lxc: Replacing default strings definitions by g_autofree statement
There are a lots of strings being handled inside some LXC functions.
They can be moved to g_autofree to avoid declaring a return value to get
proper code cleanups. This commit is changing functions from
lxc_{controller,cgroup,fuse} only.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
2020-02-25 12:31:41 +00:00
Ján Tomko
a97e17c4e2 tests: libxl: do not run the emulator
Ever since commit c5a00350 the libxl parser invokes the emulator
to probe which device model to use.

Commit b90c4b5 introduced a workaround that used a stable path
which was very likely to result in the answer matching the default.
However the test is still affected by the host state and the binary
gets invoked if present.

Mock the libxlDomainGetEmulatorType function to stop wasting CPU
cycles every time a 'make check' is run on a system with xen installed.

For example xlconfigtest gets faster by 90 %

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: b90c4b5f50
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2020-02-25 12:05:01 +01:00
Ján Tomko
54a401af47 libxl: split out DriverConfigInit out of DriverConfigNew
Take the parts affected by the host state out of DriverConfigNew
and put them into a separate function.

Adjust all the callers to call both functions.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2020-02-25 12:05:00 +01:00
Ján Tomko
fffb1226aa libxl: StateInitialize: use g_autofree
Use g_autofree to free the driver config file path.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2020-02-25 12:05:00 +01:00
Ján Tomko
af0d94468c libxl: conf: move default keepalive settings to libxlDriverConfigNew
These hardcoded defaults do not need to be read from
the file. Move them out of libxlDriverConfigLoadFile.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2020-02-25 12:05:00 +01:00
Michal Privoznik
f16663d58f security: Don't fail if locking a file on NFS mount fails
The way that our file locking works is that we open() the file we
want to lock and then use fcntl(fd, F_SETLKW, ...) to lock it.
The problem is, we are doing all of these as root which doesn't
work if the file lives on root squashed NFS, because if it does
then the open() fails. The way to resolve this is to make this a
non fatal error and leave callers deal with this (i.e. disable
remembering) - implemented in the previous commit.

https://bugzilla.redhat.com/show_bug.cgi?id=1804672

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-25 11:09:18 +01:00
Michal Privoznik
5fddf61351 security: Don't remember seclabel for paths we haven't locked successfully
There are some cases where we want to remember the original owner
of a file but we fail to lock it for XATTR change (e.g. root
squashed NFS). If that is the case we error out and refuse to
start a domain. Well, we can do better if we disable remembering
for paths we haven't locked successfully.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-25 11:09:18 +01:00
Michal Privoznik
256e01e59e virSecurityManagerMetadataLock: Store locked paths
So far, in the lock state we are storing only the file
descriptors of the files we've locked. Therefore, when unlocking
them and something does wrong the only thing we can report is FD
number, which is not user friendly at all. But if we store paths
among with FDs we can do better error reporting.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-25 11:09:18 +01:00
Daniel P. Berrangé
6a38acb3c0 src: add virutil.h to more source files for geteuid() compat
The virutil.h header defines a geteuid() macro for Windows platforms.
This fixes a few missed cases from:

  commit b11e8cccdd
  Author: Ján Tomko <jtomko@redhat.com>
  Date:   Sun Feb 16 23:09:15 2020 +0100

    Remove virutil.h from all header files

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-25 10:02:15 +00:00
Ján Tomko
6a6cd16ca2 node_device: hal: include virutil.h
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: b11e8cccdd
2020-02-25 01:32:19 +01:00
Jim Fehlig
9191380db9 virt-aa-helper: Fix build by including virutil.h
Commit fb01e1a44d missed including virutil.h, causing the following
compilation error

../../src/security/virt-aa-helper.c:1055:43: error: implicit declaration of
function 'virHostGetDRMRenderNode' [-Werror=implicit-function-declaration]
1055 |                 char *defaultRenderNode = virHostGetDRMRenderNode();

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2020-02-24 16:24:14 -07:00
Ján Tomko
b11e8cccdd Remove virutil.h from all header files
After the split of enum functions into virenum.h,
this function does not contain anything worth including
in another header file.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-24 23:15:50 +01:00
Ján Tomko
7e0d11be5b virsh: include virutil.h where used
Include virutil.h in all files that use it,
instead of relying on it being pulled in somehow.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-24 23:15:50 +01:00
Ján Tomko
abd68b2bdb Include unistd.h where used
Include unistd.h in all files that use it, instead
of relying on it being pulled in via virutil.h

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-24 23:15:50 +01:00
Ján Tomko
b6e0207884 util: virportallocator: add includes
Include both virutil.h and unistd.h.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-24 23:15:49 +01:00
Ján Tomko
33f6260352 util: vircgroup: include unistd.h rather than virutil.h
There is nothing in the vircgroup.h header file
requiring virutil.h.

Remove it and include unistd.h in the C files.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-24 23:15:49 +01:00
Ján Tomko
f331a9ef64 Remove virutil.h where possible
Historically, this file was a dump for most of our helper
functions and needed almost everywhere.
With the introduction of virfile.h and virstring.h,
and more importantly, virenum.h and the introduction
of GLib, that is no longer true.

Remove its include from C files that don't even use it.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-24 23:15:49 +01:00
Ján Tomko
32b3fd9b26 util: remove virHexToBin
Now that it is no longer used.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2020-02-24 20:25:49 +01:00
Ján Tomko
2e53bfa1bb Remove all use of virHexToBin
Replace it by g_ascii_xdigit_value.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2020-02-24 20:25:48 +01:00
Ján Tomko
6ac33f22fd util: uuid: remove use of virHexToBin
Prefer g_ascii_xdigit_value to virHexToBin.

Check the return value of the function and
remove the g_ascii_isxdigit calls, since
they're done anyway internally.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2020-02-24 20:25:48 +01:00
Ján Tomko
49f4d54951 bhyve: utils: use relative path for virclosecallbacks.h
When moving virclosecallbacks to src/hypervisor, I did not
adjust all the possible includes in Makefiles.

Use a path relative to src to fix the build.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: 25c29ac2f5
2020-02-24 20:16:24 +01:00
Ryan Moeller
c0f6bb0168 bhyve: parse_command: slot, bus, func -> bus, slot, func
This *is* a no-op, but there was a period of sickening dread while
auditing to be sure that no actual confusion between bus and slot had
occurred. I hope to avoid that by following the conventional order.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:25:34 +00:00
Ryan Moeller
d0bd82754b bhyve: command: refactor virBhyveProcessBuildBhyveCmd
Reduce the complexity by isolating loop bodies in separate functions.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:25:14 +00:00
Ryan Moeller
f2357ba028 bhyve: add reboot support
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:25:11 +00:00
Ryan Moeller
51451662f6 bhyve: add hooks
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:25:07 +00:00
Ryan Moeller
67fc00aa4e bhyve: monitor: refactor register/unregister
Pull the code for registering and unregistering a bhyve monitor object
into separate functions to improve code clarity.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:25:03 +00:00
Ryan Moeller
30ab31a902 bhyve: monitor: Make bhyveMonitor a virClass
This makes lifecycle management a bit easier thanks to ref counting, and
it is closer to what the qemu driver does.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:24:58 +00:00
Ryan Moeller
fd54da1ef2 bhyve: process: don't bother seeking to end of log
The file is opened O_APPEND.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:24:53 +00:00
Ryan Moeller
679fcfe969 conf: fix use after free
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:24:49 +00:00
Ryan Moeller
f38c7bb6ea bhyve: process: remove unneeded header
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
2020-02-24 17:24:43 +00:00
Ján Tomko
25c29ac2f5 virclosecallbacks: move to src/hypervisor
Just like virhostdev, this depends on domain_conf and
it's shared by multiple hypervisor drivers.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-24 16:47:21 +01:00
Ján Tomko
a504a3c377 virhostdev: move to src/hypervisor
This module depends on domain_conf and is used directly by various
hypervisor drivers.

Move it to src/hypervisor.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-24 16:47:21 +01:00
Ján Tomko
4ccc69707e conf: move virHostdevIs functions
Currently they live in util/virhostdev.
However the virhostdev module is wrongly placed
in util, which is below conf/ in our hierarchy.

Move the functions that are actually used in conf/
to conf/ and remove the include of virhostdev.h
from domain_conf.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-24 16:47:21 +01:00
Peter Krempa
c95656c995 virStorageFileGetMetadataFromFD: Remove unused 'backingFormat' argument
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 15:12:32 +01:00
Peter Krempa
57df35aead virStorageFileGetMetadataFromBuf: Remove 'backingFormat' argument
None of the callers actually use it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 15:12:32 +01:00
Peter Krempa
fee56942e2 virStorageBackendGlusterRefreshVol: Refactor handling of backing store
Take the format of the backing store from the 'meta' object directly and
use g_steal_pointer to steal the path.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 15:12:32 +01:00
Peter Krempa
264b79c63a virStorageSourceNewFromBacking: Also transfer the format
When we create the new virStorageSource from the definitions stored in
the parent we should also use the 'backingStoreRawFormat' field to
populate the format.

Callers which use virStorageSourceNewFromBacking are also fixed to stop
setting the format manually.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 15:12:32 +01:00
Peter Krempa
62539c5f7d util: storage: Store backing store format in virStorageSource
We store the backing file string in the structure so we should also
store the format so that callers can be simplified.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 15:12:32 +01:00
Peter Krempa
35d1f5bd14 virStorageSourceUpdateCapacity: Drop 'probe' argument
Both callers pass false. Since we frown upon format probing, remove the
unused possibility to do the probing.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 15:12:32 +01:00
Christian Ehrhardt
8dd9875787
apparmor: allow to call vhost-user-gpu
Configuring vhost-user-gpu like:
    <video>
      <driver name='vhostuser'/>
      <model type='virtio' heads='1'/>
    </video>
Triggers an apparmor denial like:
    apparmor="DENIED" operation="exec" profile="libvirtd"
    name="/usr/lib/qemu/vhost-user-gpu" pid=888257 comm="libvirtd"
    requested_mask="x" denied_mask="x" fsuid=0 ouid=0

This helper is provided by qemu for vhost-user-gpu and thereby being
in the same path as qemu_bridge_helper. Due to that adding a rule allowing
to call uses the same path list.

Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2020-02-24 14:53:18 +01:00
Ján Tomko
8400b6c198 qemu: use correct backendType when checking memfd capability
The backend name is memory-backend-memfd but we've been checking
for memory-backend-memory.

Reported by GCC on rawhide:
../../../src/internal.h:75:22: error: 'strcmp' of a string of length 21 and
an array of size 21 evaluates to nonzero [-Werror=string-compare]
../../../src/qemu/qemu_command.c:3525:20: note: in expansion of macro 'STREQ'
 3525 |         } else if (STREQ(backendType, "memory-backend-memory") &&
      |                    ^~~~~

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: 24b74d187c
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-24 13:46:51 +01:00
Rikard Falkeborn
2ab1a55349 vz: Fix return value in error path
If PrlVmDev_GetType(), PrlVmDev_GetIndex() or PrlVmCfg_GetBootDevCount()
fails, return false to indicate error. Returning -1 would be interpreted
as true when used in an if-statement.

Fixes: 8c9252aa6d
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 10:45:35 +01:00
Rikard Falkeborn
d9254cb0f0 esx: Same order of arguments in definition and declaration
The order of arguments were not the same in the definition and
declaration. All callers use the same order as the definition, so there
is no bug, but change the function declaration to match the
implementation to avoid confusion.

Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 10:45:35 +01:00
Ján Tomko
58f549d4fa util: vireventglibwatch: watch for G_IO_HUP and G_IO_ERR
To more closely match the previous usage in virEventPollDispatchHandles,
where called the handle callback for any revents returned by poll.

This should fix the virtlogd error on subsequent domain startup:
  error: can't connect to virtlogd: Cannot open log file:
  '/var/log/libvirt/qemu/f28live.log': Device or resource busy
as well as virtlogd spinning caused by virLogHandlerDomainLogFileEvent
never being called on hangup.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: f8ab47cb44
Fixes: 946a25274c
Tested-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-24 03:19:25 +01:00
Ryan Moeller
f9fa2fe19f bhyve: driver: factor out conn
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 01:52:22 +01:00
Ryan Moeller
501db47d9d bhyve: monitor: eliminate rc variable
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 01:52:22 +01:00
Ryan Moeller
a11a6b7cd4 bhyve: fix indentation
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 01:52:22 +01:00
Ryan Moeller
dc9fdd23f9 bhyve: remove redundant parameter to virBhyveProcessStart()
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 01:52:22 +01:00
Ryan Moeller
b4a076ea78 bhyve: simplify driver caps helpers
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-24 01:52:22 +01:00
Ján Tomko
6801ad1624 bhyve: command: remove unused includes
These were needed for virBhyveTapGetRealDeviceName
but were not deleted after the function was moved
to src/util.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: a1bd8d2546
2020-02-23 14:33:30 +01:00
Ján Tomko
9e792e6a3c syms: fix comment for domain_driver.h
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: 8595948bc8
2020-02-23 14:32:32 +01:00
Daniel Henrique Barboza
0d8a377f79 vircgroup: add virCgroupGetCpuPeriodQuota()
Another vircgroup helper to avoid code repetition between
the LXC and QEMU driver.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:24 +01:00
Daniel Henrique Barboza
8c83c5e136 domain_cgroup.c: add virDomainCgroupSetMemoryLimitParameters()
lxcDomainSetMemoryParameters() and qemuDomainSetMemoryParameters()
has duplicated chunks of code that can be put in a new
helper.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:24 +01:00
Daniel Henrique Barboza
309a8305b7 domain_driver.c: add virDomainDriverSetupPersistentDefBlkioParams()
This new helper avoids more code repetition inside
lxcDomainSetBlkioParameters() and qemuDomainSetBlkioParameters().

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:24 +01:00
Daniel Henrique Barboza
ac87d3520a domain_cgroup.c: add virDomainCgroupSetupDomainBlkioParameters()
After the introduction of virDomainDriverMergeBlkioDevice() in a
previous patch, it is now clear that lxcDomainSetBlkioParameters() and
qemuDomainSetBlkioParameters() uses the same loop to set cgroup
blkio parameter of a domain.

Avoid the repetition by adding a new helper called
virDomainCgroupSetupDomainBlkioParameters().

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:24 +01:00
Daniel Henrique Barboza
2450a04119 domain_driver.c: add virDomainDriverParseBlkioDeviceStr()
lxcDomainParseBlkioDeviceStr() and qemuDomainParseBlkioDeviceStr()
are the same function. Avoid code repetition by putting the code
in a new helper.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
8595948bc8 src/hypervisor: introduce domain_driver.c
lxcDomainMergeBlkioDevice() and qemuDomainMergeBlkioDevice()
are the same functions. This duplicated code can't be put in
the existing domain_cgroup.c since it's not cgroup related.

This patch introduces a new src/hypervisor/domain_driver.c to
host this more generic code that can be shared between virt
drivers. This new file is then used to create a new helper
called virDomainDeivceMergeBlkioDevice() to eliminate the code
repetition mentioned above. Callers in LXC and QEMU files
were updated.

This change is a preliminary step for more code reduction of
cgroup related code inside lxcDomainSetBlkioParameters() and
qemuDomainSetBlkioParameters().

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
e039341cf2 vircgroup.c: add virCgroupSetupCpuPeriodQuota()
qemuSetupCgroupVcpuBW() and lxcSetVcpuBWLive() shares the
same code to set CPU CFS period and quota. This code can be
moved to a new virCgroupSetupCpuPeriodQuota() helper to
avoid code repetition.

A similar code is also executed in virLXCCgroupSetupCpuTune(),
but without the rollback on error. Use the new helper in this
function as well since the 'period' rollback, if not a
straight improvement for virLXCCgroupSetupCpuTune(), is
benign. And we end up cutting more code repetition.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
d8e5b97500 vircgroup.c: add virCgroupSetupCpuShares()
The code that calls virCgroupSetCpuShares() and virCgroupGetCpuShares()
is repeated in 4 different places. Let's put it in a new
virCgroupSetupCpuShares() to avoid code repetition.

There's a reason of why we execute a Get in the same value we
just executed Set, explained in detail by commit 97814d8ab3.
Let's add a gist of the reasoning behind it as a comment in
this new function as well.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
867c554e52 vircgroup.c: add virCgroupSetupCpusetCpus()
The code from qemuSetupCgroupCpusetCpus() and virLXCCgroupSetupCpusetTune()
can be centralized in a new helper called virCgroupSetupCpusetCpus().

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
ca4238ba73 domain_cgroup.c: add virDomainCgroupSetupMemtune()
virLXCCgroupSetupMemTune() and qemuSetupMemoryCgroup() shares
duplicated code that can be put in a new helper to avoid
code repetition.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
f1704e61c3 src: introduce hypervisor/domain_cgroup.c
There is duplicated code between virt drivers that needs to
be moved to avoid code repetition. In the case of duplicated
code between lxc_cgroup.c and qemu_cgroup.c a common place
would be utils/vircgroup.c. The problem is that this would
introduce /conf related definitions that shouldn't be imported
to vircgroup.c, which is supposed to be a place for utilitary
cgroups functions only. And syntax-check would forbid it anyway
due to cross-directory includes being used.

An alternative would be to overload domain_conf.c, which already
contains all the definitions required. But that file is already
crowded with XML handling code and we wouldn't do any favors to
it by putting more utilitary, non-XML parsing/formatting code
there.

In [1], Cole suggested a 'domain_cgroup' file to host common code
between lxc_cgroup and qemu_cgroup, and Daniel suggested a
'src/hypervisor' dir to host these type of files. This patch
introduces src/hypervisor/domain_cgroup.c and, to get started,
introduces a new virDomainCgroupSetupBlkio() function to host shared
code between virLXCCgroupSetupBlkioTune() and qemuSetupBlkioCgroup().

[1] https://www.redhat.com/archives/libvir-list/2019-December/msg00817.html

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
adfd20f043 vircgroup.c: turn virCgroup{Get/Set}BlkioDevice* into static
Previous patch moved all duplicated code that were setting
and getting BlkioDevice parameters to vircgroup.c. We can
turn them into static and spare a few symbols in
libvirt_private.syms.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:23 +01:00
Daniel Henrique Barboza
17e8af6b45 lxc,qemu: use virCgroupSetupBlkioDevice* helpers
There are code repetition of set() and get() blkio device
parameters across lxc and qemu files. Use the new vircgroup
helpers to trim the repetition a bit.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:22 +01:00
Daniel Henrique Barboza
3118b4ee95 vircgroup.c: add virCgroupSetupBlkioDevice* helpers
The current use of the functions that set and get
BlkioDevice attributes is doing a set(), followed by
a get() of the same parameter right after. This is done
because there is no guarantee that the kernel will accept
the desired value given by the set() call, thus we need to
execute a get() right after to get the actual value.

This patch adds helpers inside vircgroup.c to execute these
operations. Next patch will use these helpers to reduce
code repetition in LXC and QEMU files.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-23 14:02:22 +01:00
Ján Tomko
66de1d921e fix paths to openrc.init.in files
The inc.am Makfiles are included by src/Makefile.am.
Adjust the paths added to OPENRC_INIT_FILES_IN
accordingly.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: f4b1c020a2
2020-02-23 12:21:02 +01:00
Ryan Moeller
f4b1c020a2 Add virtlockd and virtlogd init scripts
These are missing files for OpenRC.

Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-22 17:11:54 +01:00
Michal Privoznik
2ab278ec75 virDomainNetDefClear: Free @persistent name
The persistent alias name @persistent is allocated in
virDomainNetDefParseXML() but never freed.

==119642== 22 bytes in 2 blocks are definitely lost in loss record 178 of 671
==119642==    at 0x483579F: malloc (vg_replace_malloc.c:309)
==119642==    by 0x58F89F1: xmlStrndup (in /usr/lib64/libxml2.so.2.9.9)
==119642==    by 0x4BA3B74: virXMLPropString (virxml.c:520)
==119642==    by 0x4BDB0C5: virDomainNetDefParseXML (domain_conf.c:11876)
==119642==    by 0x4BF9EF4: virDomainDefParseXML (domain_conf.c:21196)
==119642==    by 0x4BFCD5B: virDomainDefParseNode (domain_conf.c:21943)
==119642==    by 0x4BFCC36: virDomainDefParse (domain_conf.c:21901)
==119642==    by 0x4BFCCCB: virDomainDefParseFile (domain_conf.c:21924)
==119642==    by 0x114A9D: testCompareXMLToArgv (qemuxml2argvtest.c:452)
==119642==    by 0x13894F: virTestRun (testutils.c:143)
==119642==    by 0x11F46E: mymain (qemuxml2argvtest.c:1316)
==119642==    by 0x13A60E: virTestMain (testutils.c:839

Fixes: fb0509d06a
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-21 11:13:20 +01:00
Michal Privoznik
d8b4f70e1e virDomainFSDefFree: Unref private data
The privateData object is allocated in virDomainFSDefNew() but
never unref'd.

==119642== 480 bytes in 20 blocks are definitely lost in loss record 656 of 671
==119642==    at 0x4837B86: calloc (vg_replace_malloc.c:762)
==119642==    by 0x57806A0: g_malloc0 (in /usr/lib64/libglib-2.0.so.0.6000.7)
==119642==    by 0x4AE7392: virAllocVar (viralloc.c:331)
==119642==    by 0x4B64395: virObjectNew (virobject.c:241)
==119642==    by 0x48F1464: qemuDomainFSPrivateNew (qemu_domain.c:1427)
==119642==    by 0x4BBF004: virDomainFSDefNew (domain_conf.c:2307)
==119642==    by 0x4BD859A: virDomainFSDefParseXML (domain_conf.c:11217)
==119642==    by 0x4BF9DD1: virDomainDefParseXML (domain_conf.c:21179)
==119642==    by 0x4BFCD5B: virDomainDefParseNode (domain_conf.c:21943)
==119642==    by 0x4BFCC36: virDomainDefParse (domain_conf.c:21901)
==119642==    by 0x4BFCCCB: virDomainDefParseFile (domain_conf.c:21924)
==119642==    by 0x114A9D: testCompareXMLToArgv (qemuxml2argvtest.c:452)

Fixes: 5120577ed7
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-21 11:13:05 +01:00
Laine Stump
ef8de28cb0 conf: extra validation for <port isolated='yes'/>
During the hypervisor-agnostic validation of network devices, verify
that the interface type is either "network" or "bridge", and that if
there is any <virtualport>, that it doesn't have any type associated
with it.

This needs to be done both for the parse-time validation and for
runtime validation (after a port has been acquired from any associated
network), because an interface with type='network' could have an
actual type at runtime of "hostdev" or "direct", neither of which
support isolated='true' (yet). Likewise, if an interface is
type='network', then at runtime a <virtualport> with a type that
doesn't support isolated='yes' (e.g. "openvswitch", "802.1Qbh" -
currently *none* of the available virtualport types support it)

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 23:16:44 -05:00
Laine Stump
db7f262884 qemu: support updating <port isolated='yes|no'/> during device update
This setting can be updating very easily on an already active
interface by just changing it in sysfs. If the bridge used for
connection is also changed, there is no need to separately update it,
because the new setting isf done as a part of connecting to the bridge
anyway.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 23:15:56 -05:00
Laine Stump
2b8fd7334d qemu/lxc: plumb isolatedPort from config down through bridge attachment
This patch pushes the isolatedPort setting from the <interface> down
all the way to the callers of virNetDevBridgeAddPort(), and sets
BR_ISOLATED on the port (using virNetDevBridgePortSetIsolated()) after
the port has been successfully added to the bridge.

Signed-off-by: Laine Stump <laine@redhat.com>

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 23:13:15 -05:00
Laine Stump
de7c347d9b network: propagate <port isolated='yes'/> between network and domain
Similar to the way that the <vlan>, <bandwidth>, and <virtualport>
elements and the trustGuestRxFilters attribute in a <network> (or in
the appropriate <portgroup> element of a <network> can be applied to a
port when it is allocated for a domain's network interface, this patch
checks for a configured value of <port isolated="yes|no"/> in
either the domain <interface> or in the network, setting isolatedPort
in the <networkport> to the first one it finds (the setting from the
domain's <interface> is preferred). This, in turn, is passed back to
the domain when a port is allocated, so that the domain will use that
setting.

(One difference from <vlan>, <bandwidth>, <virtualport>, and
trustGuestRxFilters, is that all of those can be set in a <portgroup>
so that they can be applied only to a subset of interfaces connected
to the network. This didn't really make sense for the isolated setting
due to the way that it's implemented in Linux - the BR_ISOLATED flag
will prevent traffic from passing between two ports that both have
BR_ISOLATED set, but traffic can still go between those ports and
other ports that *don't* have BR_ISOLATED. (It would be nice if all
traffic from a BR_ISOLATED port could be blocked except traffic going
to/from a designated egress port or ports, but instead the entire
feature is implemented as a single flag. Because of this, it's really
only useful if all the ports on a network are isolated, so setting it
for a subset has no practical utility.)

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 23:11:29 -05:00
Laine Stump
31d95b182e conf: parse/format <port isolated='yes|no'/>
This is a very simple thing to parse and format, but needs to be done
in 4 places, so two trivial utility functions have been made that can
be called from all the higher level parser/formatters:

  <domain><interface>
  <domain><interface><actual> (only in domain status)
  <network>
  <networkport>

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 23:09:27 -05:00
Laine Stump
a378d8fa55 util: query/set BR_ISOLATED flag on netdevs attached to bridge
When this flag is set for an interface attached to a bridge, traffic
to/from the specified interface can only enter/exit the bridge via
another attached interface that *doesn't* have the BR_ISOLATED flag
set. This can be used to permit guests to communicate with the rest of
the network, but not with each other.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 23:07:53 -05:00
Laine Stump
3f8b57a61f qemu: save/restore original error when recovering from failed bridge attach
Not only was the original error code destroyed in the case of
encountering an error during recovery from a failed attach to the
bridge (and then *that* error was destroyed by logging a *second*
error about the failure to recover - virNetDevBridgeAddPort() already
logs an error, so the one about failing to recover was redundant), but
if the recovery was successful, the function would then return success
to the caller even though it had failed.

Fixes: 2711ac8716
(overwritten errors were introduced along with this functionality)
Fixes: 6bde0a1a37
(the wrong return value was introduced by a refactor)

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 23:05:24 -05:00
Michal Privoznik
739bb1f26f qemu_migration: Rearrange some checks in qemuMigrationSrcIsAllowed()
Firstly, the check for disk I/O error can be moved into 'if
(!offline)' section a few lines below.
Secondly, checks for vmstate and slirp should be moved under the
same section because they reflect live state of a domain. For
offline migration no QEMU is involved and thus these restrictions
are not valid.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 12:57:24 +01:00
Michal Privoznik
74ec3f4d7d qemu: Don't explicitly remove pidfile after virPidFileForceCleanupPath()
In two places where virPidFileForceCleanupPath() is called, we
try to unlink() the pidfile again. This is needless because
virPidFileForceCleanupPath() has done just that.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 12:57:19 +01:00
Michal Privoznik
ac21e39faa virpidfile: Set correct retval in virPidFileReadPath()
The virPidFileReadPath() function is supposed to return 0 on
success or a negative value on failure. But the negative value
has a special meaning - it's negated errno. Therefore, when
converting string to int we shouldn't return -1 which translates
to EPERM. Returning EINVAL looks closer to the truth.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-20 12:57:06 +01:00
Peter Krempa
a570dc6767 virStorageFileGetMetadataRecurse: Remove 'cleanup' label
There's nothing to clean up. Make it obvious what is returned.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-02-20 07:57:09 +01:00
Peter Krempa
01adad0932 virStorageFileGetMetadataRecurse: Extract storage access
Extract the code that directly deals with storage. This allows further
simplification and clarification of virStorageFileGetMetadataRecurse.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-02-20 07:57:09 +01:00
Peter Krempa
e3960f4b6d virStorageFileGetMetadataRecurse: Use virHashHasEntry instead of fake pointers
Replacing virHashLookup by virHashHasEntry allows us to use NULL as the
payload of the hash table rather than putting a fake '1' pointer into
the table.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-02-20 07:57:09 +01:00
Peter Krempa
157b8722cb virStorageFileGetMetadataRecurse: Expect NULL src->path
The path can be NULL e.g. for NBD disks. Use NULLSTR to prevent use of
NULL in %s.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-02-20 07:57:08 +01:00
Peter Krempa
b347e5c7dd virStorageFileGetMetadataRecurse: Shuffle around assignment of backing chain depth
Move the assignment to a place where we know that the backing store is
present rather than having to check in the cleanup section.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-02-20 07:57:08 +01:00
Peter Krempa
84df98f29e virStorageFileGetMetadataRecurse: Remove impossible error report
We call virStorageFileSupportsBackingChainTraversal which already checks
that the 'storageFileRead' callback is non-NULL, which in turn means
that virStorageFileRead will not return -2.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-02-20 07:57:08 +01:00
Peter Krempa
181fccc2ed util: storagefile: Drop image format probing by file suffix
Probing by file suffix was meant to be a last resort if probing by
contents fails or is not supported. For most formats we never specified
any suffix. There's a few formats implementing both magic bytes and
suffix and finally DMG which had only suffix probing. Since suffix
probing is nowhere reliable and only one format depends on in which has a
comment that qemu doesn't do the probing either drop the whole
infrastructure.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-02-20 07:57:08 +01:00
Jiri Denemark
0905f222f1 cpu_conf: Format vendor_id for host-model CPUs
In commit v5.9.0-400-gaf8e39921a I removed printing model's fallback and
vendor_id attributes when no model is specified. However, vendor_id
makes sense even without a specific CPU model (for host-model CPUs).

https://bugzilla.redhat.com/show_bug.cgi?id=1804549

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-19 15:11:40 +01:00
Peter Krempa
9bf9e0ae6a qemuDomainGetStatsIOThread: Don't leak array with 0 iothreads
qemuMonitorGetIOThreads returns a NULL-terminated list even when 0
iothreads are present. The caller didn't perform cleanup if there were 0
iothreads leaking the array.

https://bugzilla.redhat.com/show_bug.cgi?id=1804548

Fixes: d1eac92784
Reported-by: Jing Yan <jiyan@redhat.com>
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-19 10:24:31 +01:00
Pavel Mores
e32934062d qemu: call networkPlugBandwidth() for all types of network
To fix the actual bug, it was necessary to make networkPlugBandwidth() be
called also for 'bridge'-type networks implemented using macvtap's 'bridge'
mode (previously it was only called for those implemented on top of an
existing bridge).

However, it seems beneficial to call it for other network types as well, at
least because it removes an inconsistency in types of bandwidth configuration
changes permissible in inactive and active domain configs.  It should also be
safe as the function pretty much amounts to NOP if no QoS is requested and the
new behaviour should not be any worse than before if it is.

Signed-off-by: Pavel Mores <pmores@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-17 17:26:38 +01:00
Pavel Mores
aa985af212 qemu: check if 'floor' is supported for given interface and network
Even if an interface of type 'network', setting 'floor' is only supported
if the network's forward type is nat, route, open or none.

Signed-off-by: Pavel Mores <pmores@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-17 17:26:31 +01:00
Pavel Mores
92a71456ac qemu: fail on attempt to set 'floor' if interface type is not 'network'
QoS 'floor' setting is documented to be only supported for interfaces of
type 'network'.  Fail with an error message on attempt to set 'floor' on
an interface of any other type.

Signed-off-by: Pavel Mores <pmores@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-17 17:25:59 +01:00
Pavel Mores
17f430eb5c qemu: test if bandwidth has 'floor' factored out to separate function
This compound condition will be useful in several places so it
makes sense to give it a name for better readability.

Signed-off-by: Pavel Mores <pmores@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-17 17:25:52 +01:00
Peter Krempa
e8a819e87f virStorageSourceParseBackingJSONRaw: Parse 'offset' and 'size' attributes
If the parsed 'raw' format JSON string has 'offset' or 'size' attributes
parse them as the format slice.

https://bugzilla.redhat.com/show_bug.cgi?id=1791788

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
0e644e6e47 qemu: Add support for slices of type 'storage'
Implement support for the slice of type 'storage' which allows to set
the offset and size which modifies where qemu should look for the start
of the format container inside the image.

Since slicing is done using the 'raw' driver we need to add another
layer into the blockdev tree if there's any non-raw image format driver
used to access the data.

This patch adds the blockdev integration and setup of the image data so
that we can use the slices for any backing image.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
73ca201467 qemu: block: Properly format storage slice into backing store strings
When creating overlay images e.g. for snapshots or when merging
snapshots we often specify the backing store string to use. Make the
formatter aware of backing chain entries which have a <slice>
configured so that we record it properly. Otherwise such images
would not work without the XML (when detecting the backing chain).

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
f36d751fa6 qemu: domain: Store nodenames of slice in status XML
The storage slice will require a specific node name in cases when the
image format is not raw. Store and format them in the status XML.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
bbf5d05cfd conf: Implement support for <slices> of disk source
Implement parsing and formatting of the 'storage' slice.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
8c43037688 qemu: block: forbid creation of storage sources with <slice>
Specifically creating such images via libvirt during blockjobs would
be much more hassle than it's worth. Just forbid them for now.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
a6eeda986e qemuDomainValidateStorageSource: Reject unsupported slices
We support explicit storage slices only when using blockdev. Storage
slices expressed via the backing store string are left to qemu to
open correctly.

Reject storage slices configured via the XML for non-blockdev usage.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
c481881283 qemuBlockStorageSourceGetFormatRawProps: format 'offset' and 'size' for slice
If we have a 'format' type slice for a raw driver we can directly format
the values.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
6efa046165 util: virstoragefile: Add data structure for storing storage source slices
Introduce virStorageSourceSlice which will store the 'offset' and 'size'
of a virStorageSource and declare it as 'sliceStorage' and 'sliceFormat'
attributes of a virStorageSource.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Peter Krempa
9fb7ccb3cf qemu: domain: Refactor formatting of node names into status XML
Use virXMLFormatElement to simplify the logic.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:32:21 +01:00
Michal Privoznik
b18328256b qemu_domain: Modify access to a NVMe disk iff needed
If a domain has a NVMe disk it already has the access configured.
Trying to configure it again on a commit or some other operation
is wrong and condemned to failure.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 16:08:23 +01:00
Andrea Bolognani
7c4bc108a9 qemu: Format the armvtimer timer on the command line
Its behavior is controlled by a KVM-specific CPU feature.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 12:09:15 +01:00
Andrea Bolognani
aeddab230c qemu: Validate configuration for the armvtimer timer
Its use is limited to certain guest types, and it only supports
a subset of all possible tick policies.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 12:09:11 +01:00
Andrea Bolognani
3809e88a87 conf: Introduce VIR_DOMAIN_TIMER_NAME_ARMVTIMER
This new timer model will be used to control the behavior of the
virtual timer for KVM ARM/virt guests.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 12:09:07 +01:00
Andrea Bolognani
204e2306e5 qemu: Add the QEMU_CAPS_CPU_KVM_NO_ADJVTIME capability
We will use this capability to detect whether the QEMU binary
supports the kvm-no-adjvtime CPU feature.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 12:09:02 +01:00
Andrea Bolognani
f8e923c1ba qemu: Use switch statement in qemuBuildCpuCommandLine()
Make sure we are taking all possible virDomainTimerNameType values
into account. This will make upcoming changes easier.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-14 12:08:57 +01:00
Daniel P. Berrangé
9b82e2c4b0 qemu: drop support for monitor connections on PTYs
Libvirt switched to using a UNIX socket for monitors in
2009 for version 0.7.0. It seems unlikely that there is
a running QEMU process that hasn't been restarted for
11 years while also taking a libvirt upgrade. Therefore
we can drop support for opening a PTY for the QEMU
monitor.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-13 12:52:07 +00:00
Your Name
59afd9764d src: use closefrom() for mass closing of FDs
On FreeBSD 12 the default ulimit settings allow for 100,000
open file descriptors. As a result spawning processes in
libvirt is abominably slow. Fortunately FreeBSD has long
since provided a good solution in the form of closefrom(),
which closes all FDs equal to or larger than the specified
parameter.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-12 11:12:03 +00:00
Arnaud Patard
800aed4644
virt-aa-helper: Add support for smartcard host-certificates
When emulating smartcard with host certificates, qemu needs to
be able to read the certificates files. Add necessary code to
add the smartcard certificates file path to the apparmor profile.

Passthrough support has been tested with spicevmc and remote-viewer.

v2:
- Fix CodingStyle
- Add support for 'host' case.
- Add a comment to mention that the passthrough case doesn't need
  some configuration
- Use one rule with '{,*}' instead of two rules.

Signed-off-by: Arnaud Patard <apatard@hupstream.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2020-02-12 10:35:04 +01:00
Peter Krempa
fd70f1b4d3 virStorageSourceParseBackingJSON: Prevent arbitrary nesting with format drivers
Since we parse attributes for 'raw' which is a format driver and thus
has nested 'file' structure we must prevent that this isn't nested
arbitrarily.

Add a flag for the function which allows parsing of 'format' type
drivers only on the first pass.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
f8e097570e virStorageSourceParseBackingJSON: Allow 'json:' pseudo URIs without 'file' wrapper
There are two possibilities:
1) json:{"file":{"driver":...}}
2) json:{"driver":...}

Our code didn't work properly with the second one as it was expecting
the 'file' wrapper. Conditionalize the removal to only the situation
when the top level doesn't have "driver".

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
7e13ff8dc0 virStorageSourceJSONDriverParser: annotate 'format' drivers
The parser was originally designed only for protocol parsers. Since
we already have 'raw' format driver in the list we'll need to be able
to parse it too. In later patches this will be used to prevent parsing
nested format drivers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
aadb34be34 virStorageSourceParseBackingJSON: Move deflattening of json: URIs out of recursion
Originally virStorageSourceParseBackingJSON didn't recurse, but when
the 'raw' driver support was added we need to parse it's information
which contains nested 'file' object.

Since the deflattening helper recurses already there's no need to call
it again. Move it one level up to the entry point.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
4a6bc568cd virStorageSourceParseBackingJSON: Pass around original backing file string
There are a few error messages which might want to report the original
backing store string. Pass it around rather than trying to re-generate
it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
b71cf8726c qemu: hotplug: Fix handling of the 'copy-on-read' layer with blockdev
My original implementation was completely broken because it attempted to
use object-add/del instead of blockdev-add/del.

https://bugzilla.redhat.com/show_bug.cgi?id=1798366

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
db57e9daf5 qemuMonitorBlockdevAdd: Take double pointer argument
Modify qemuMonitorBlockdevAdd so that it takes a double pointer for the
@props argument so that it's cleared inside the call. This allows
writing cleaner callers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
a592d589aa qemuMonitorJSONBlockdevDel: Refactor cleanup
Use automatic variable freeing and get rid of the cleanup section.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
643294110c qemuMonitorJSONBlockdevAdd: Refactor cleanup
Use automatic variable freeing and get rid of the cleanup section.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
37f01262ee virDomainDiskTranslateSourcePool: Translate 'volume' disks in whole backing chain
Now that we accept full backing chains on input nothing should prevent
users from also using disk type 'VOLUME' for specifying the backing
images.

Do the translation for the whole backing chain.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
63469116cc virDomainDiskTranslateSourcePool: split code to setup one storage source
Extract all the code setting up one storage source from the rest which
sets up the whole disk. This will allow us to prepare the whole backing
chain.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:27 +01:00
Peter Krempa
bc42d88ffd virDomainDiskTranslateISCSIDirect: Take virStorageSourcePtr instead of virDomainDiskDefPtr
Only 'def->src' was ever used in this function. Use the source directly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Peter Krempa
4fca8299c5 virDomainDiskTranslateSourcePoolAuth: Take virStorageSourcePtr instead of virDomainDiskDefPtr
Only 'def->src' was ever used in this function. Use the source directly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Peter Krempa
47cad72553 virDomainDiskAddISCSIPoolSourceHost: Take virStorageSourcePtr instead of virDomainDiskDefPtr
Only 'def->src' was ever used in this function. Use the source directly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Peter Krempa
e20c5b1703 virDomainDiskAddISCSIPoolSourceHost: Remove ternary operator
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Peter Krempa
4d5093ef75 virDomainDiskAddISCSIPoolSourceHost: Remove 'cleanup' label
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Peter Krempa
5eda34f2e1 virDomainDiskAddISCSIPoolSourceHost: use g_new0 instead of VIR_ALLOC_N
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Peter Krempa
c5b1c14379 virDomainDiskAddISCSIPoolSourceHost: Sanitize handling of string list
Use virStringSplitCount instead of virStringSplit so that we can drop
the call to virStringListLength and use VIR_AUTOSTRINGLIST to declare
it and allow removal of the cleanup section.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Peter Krempa
4e3e69fed4 qemuBlockStorageSourceGetBackendProps: Report errors on all switch cases
Few switch cases returned failure but didn't report an error. For a
situation when the backingStore type='volume' was not translated the
following error would occur:

 $ virsh start VM
 error: Failed to start domain VM
 error: An error occurred, but the cause is unknown

After this patch:

 $ virsh start VM
 error: Failed to start domain VM
 error: internal error: storage source pool 'tmp' volume 'pull3.qcow2' is not translated

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-10 17:26:26 +01:00
Ján Tomko
457b0e7488 qemu: preserve error on bandwidth rollback
We call APIs that reset the error in the rollback code.
Preserve the error from the original call that failed.

This turns the boringly cryptic:
  error: Unable to set interface parameters
  error: An error occurred, but the cause is unknown
to the unexpectedly anarchist:
  error: internal error: Child process (/usr/sbin/tc filter add
  dev vnet1 parent ffff: protocol all u32 match u32 0 0 police
  rate 4294968kbps burst 4294968kb mtu 64kb drop flowid :1)
  unexpected exit status 1: Illegal "rate"
  Illegal "police"

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: f02e21cb33
https://bugzilla.redhat.com/show_bug.cgi?id=1800505
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-10 16:41:52 +01:00
Ján Tomko
bd622e2a21 qemu: do not revert to NULL bandwidth
Otherwise an attempt to set an invalid value:
  virsh domiftune rhel8.2 vnet0 --outbound 4294968
on an interface with no bandwidth set crashes.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: f02e21cb33
https://bugzilla.redhat.com/show_bug.cgi?id=1800505
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-02-10 16:41:51 +01:00
Daniel P. Berrangé
2621d48f00 gnulib: delete all gnulib integration
This deletes all trace of gnulib from libvirt. We still
have the keycodemapdb submodule to deal with. The simple
solution taken was to update it when running autogen.sh.

Previously gnulib could auto-trigger refresh when running
'make' too. We could figure out a solution for this, but
with the pending meson rewrite it isn't worth worrying
about, given how infrequently keycodemapdb changes.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-07 15:03:54 +00:00
Daniel P. Berrangé
55fe8110af util: delete the poll() based event loop impl
It is no longer require since switching to the GLib based
event loop impl.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-07 15:03:54 +00:00
Daniel P. Berrangé
946a25274c util: switch to use the GLib event loop impl
This sets the GLib event loop as the impl when calling
virEventRegisterDefaultImpl(). This remains a private
impl detail of libvirt, so applications must *NOT*
assume that a call to virEventRegisterDefaultImpl()
results in a GLib based event loop.

They should continue to use the libvirt-glib API
gvir_event_register() if they explicitly want to guarantee
a GLib event loop.

This follows the general principal that the libvirt public
API should not expose the fact that GLib is being used
internally.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-07 15:03:53 +00:00
Daniel P. Berrangé
f8ab47cb44 util: import an event loop impl based on GMainContext
The libvirt-glib project has provided a GMainContext based
event loop impl for applications. This imports it and sets
it up for use by libvirt as the primary event loop. This
remains a private impl detail of libvirt.

IOW, applications must *NOT* assume that a call to
"virEventRegisterDefaultImpl" results in a GLib based
event loop. They should continue to use the libvirt-glib
API gvir_event_register() if they explicitly want to
guarantee a GLib event loop.

This follows the general principle that the libvirt public
API should not expose the fact that GLib is being used
internally.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-07 15:03:53 +00:00
Daniel P. Berrangé
7d4350bcac rpc: convert RPC client to use GMainLoop instead of poll
To eliminate the dependancy on GNULIB's poll impl, we need
to change the RPC client code to use GMainLoop. We don't
really want to use GIOChannel, but it provides the most
convenient way to do socket event watches with Windows
portability. The other alternative would be to use GSocket
but that is a much more complex change affecting libvirt
more broadly.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-07 15:03:53 +00:00
Daniel P. Berrangé
5de317b8e7 src: introduce helper API for creating GSource for socket
We need to be able to create event loop watches using the
GSource API for sockets. GIOChannel is able todo this, but
we don't want to use the GIOChannel APIs for reading/writing,
and testing shows just using its GSource APIs is unreliable
on Windows.

This patch thus creates a standalone helper API for creating
a GSource for a socket file descriptor. This impl is derived
from code in QEMU's io/channel-watch.c file that was written
by myself & Paolo Bonzini & thus under Red Hat copyright.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-07 15:03:53 +00:00
zhenwei pi
26badd13e8 qemu: support Panic Crashloaded event handling
Pvpanic device supports bit 1 as crashloaded event, it means that
guest actually panicked and run kexec to handle error by guest side.

Handle crashloaded as a lifecyle event in libvirt.

Test case:
Guest side:
before testing, we need make sure kdump is enabled,
1, build new pvpanic driver (with commit from upstream
   e0b9a42735f2672ca2764cfbea6e55a81098d5ba
   191941692a3d1b6a9614502b279be062926b70f5)
2, insmod new kmod
3, enable crash_kexec_post_notifiers,
  # echo 1 > /sys/module/kernel/parameters/crash_kexec_post_notifiers
4, trigger kernel panic
  # echo 1 > /proc/sys/kernel/sysrq
  # echo c > /proc/sysrq-trigger

Host side:
1, build new qemu with pvpanic patches (with commit from upstream
   600d7b47e8f5085919fd1d1157f25950ea8dbc11
   7dc58deea79a343ac3adc5cadb97215086054c86)
2, build libvirt with this patch
3, handle lifecycle event and trigger guest side panic
  # virsh event stretch --event lifecycle
  event 'lifecycle' for domain stretch: Crashed Crashloaded
  events received: 1

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
2020-02-07 14:05:25 +00:00
Jiri Denemark
c6ff3d1535 qemu_capabilities: Disable CPU models on old s390 machine types
Starting a KVM domain on s390 with old machine type (such as
s390-ccw-virtio-2.5) and without any guest CPU model configured fails
with

    CPU models are not available: KVM doesn't support CPU models

QEMU error. This is cause by libvirt using host-model CPU as the default
CPU based on QEMU reporting "host" CPU model as being the default one
(see commit v5.9.0-402-g24d8202294: qemu: Use host-model CPU on s390 by
default). However, even though both QEMU and KVM support CPU models on
s390 and QEMU can give us the host-model CPU, we can't use it with old
machine types which only support -cpu host.

https://bugzilla.redhat.com/show_bug.cgi?id=1795651

Reported-by: Christian Ehrhardt <paelzer@gmail.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-07 09:19:02 +01:00
Jiri Denemark
80791859ac qemu: Pass machine type to virQEMUCapsIsCPUModeSupported
The usability of a specific CPU mode may depend on machine type, let's
prepare for this by passing it to virQEMUCapsIsCPUModeSupported.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-07 09:19:02 +01:00
Julio Faracco
23be4887af lxc: Fix wrong addresses statements for IPv{4, 6} in native network definitions
After LXC version 3, some settings were changed to new names. Same as
network. LXC introduced network indexes and changed IPv{4,6} addresses
fields. Before, users should only pass `lxc.network.ipv4` to define an
IPv4 address. Now, on version 3, users need to pass
`lxc.net.X.ipv4.address` to specify the same thing. Same for IPv6.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-06 15:00:57 +01:00
Julio Faracco
991c56105d lxc: Fix segfault when lxc.network does not start with 'type'
To configure network settings using config file, legacy LXC settings
require starting them with 'lxc.network.type' entry. If someone
accidentally starts with 'lxc.network.name', libvirt will crash with
segfault. This patch checks if this case is happening.

Sample invalid settings:
lxc.network.link = eth0
lxc.network.type = phys
lxc.network.name = eth1
lxc.network.ipv4 = 192.168.122.2/24
lxc.network.ipv4.gateway = 192.168.122.1

Now, libvirt only see error without segmentation fault.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-06 14:57:17 +01:00
Stefan Berger
12fcdede80 qemu: Extend QEMU with tpm-spapr support
Extend QEMU with tpm-spapr support. Assign a device address to the
vTPM device model.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2020-02-05 19:57:10 +01:00
Stefan Berger
20d9340268 qemu: Extend QEMU capabilities with 'tpm-spapr'
Extend the QEMU capabilties with tpm-spapr support.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2020-02-05 19:57:10 +01:00
Stefan Berger
914cb83218 conf: Add support for tpm-spapr to domain XML
This patch adds support for the tpm-spapr device model for ppc64. The XML for
this type of TPM looks as follows:

 <tpm model='tpm-spapr'>
   <backend type='emulator'/>
 </tpm>

Extend the documentation.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2020-02-05 19:57:10 +01:00
Stefan Berger
21b6f41d95 conf: Introduce VIR_DOMAIN_TPM_MODEL_DEFAULT as default model
Introduce VIR_DOMAIN_TPM_MODEL_DEFAULT as a default model which we use
in case the user does not provide a model in the device XML. It has
the TIS's previous value of '0'. In the post parsing function
we change this default value to 'TIS' to have the same model as before.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2020-02-05 19:57:10 +01:00
Ján Tomko
945648d36a rpc: gendispatch: trim Flags from the return struct name
This lets it generate the remote dispatch for StorageVolGetInfoFlags.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-05 17:12:59 +01:00
Ján Tomko
4166856c23 conf: use correct free function for virDomainVsockDef
Technically, there is no memleak here, since the only
allocations are filled by virDomainDeviceInfoParseXML,
which cleans up after itself.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-05 10:52:23 +01:00
Ján Tomko
3f40a487a9 conf: use correct free function for virDomainDeviceDef
Simple g_autofree is not enough if we put allocated
data into the device structure.

Define the AUTOPTR_CLEANUP function and use it here.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Xu Yandong <xuyandong2@huawei.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-05 09:56:57 +01:00
Daniel P. Berrangé
4ab2120f3b src: remove virFilePrintf in favour of g_fprintf
The virFilePrintf function was a wrapper for fprintf() to provide
Windows portability, since gnulib's fprintf() replacement was
license restricted. This is no longer needed now we have the
g_fprintf function available.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:45 +00:00
Daniel P. Berrangé
11a79283b8 src: ensure use of g_printf / g_fprintf functions
The printf/fprintf function impls provided on Windows do
not follow the normal syntax for format specifiers as
the UNIX hosts. Currently we use GNULIB to provide a
portability fix for this. GLib has also imported the
GNULIB impl for this same reason, and thus we can rely
on the g_printf / g_fprintf functions.

This identified a couple of places not explicitly
linking to glib.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:45 +00:00
Daniel P. Berrangé
b9103e62e4 src: optionally include xlocale.h header
On macOS some definitions are in xlocale.h, instead of in
locale.h. GNULIB hides this difference by making the latter
include the former.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:45 +00:00
Daniel P. Berrangé
262551f774 src: add define of ENOMSG for MinGW
MinGW lacks ENOMSG until version 6.0.0 (Fedora 31).

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:45 +00:00
Daniel P. Berrangé
03c532cf97 src: assume sys/sysmacros.h always exists on Linux
All our supported Linux distros now have this header.
It has never existed on FreeBSD / macOS / Mingw.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:45 +00:00
Daniel P. Berrangé
f691ec63b4 m4: add check for pthread library
When we get rid of GNULIB, we need to check for -lpthread
support.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:45 +00:00
Daniel P. Berrangé
cc46e137eb src: convert code to use virPipe APIs
This addreses portability to Windows and standardizes
error reporting. This fixes a number of places which
failed to set O_CLOEXEC or failed to report errors.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:44 +00:00
Daniel P. Berrangé
ab36f72947 src: introduce a wrapper for the pipe2() system call
This hides the differences between Windows and UNIX,
and adds standard error reporting.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:44 +00:00
Daniel P. Berrangé
bfeb56b3ad src: remove sys/wait.h from many files
Most code now uses the virProcess / virCommand APIs, so
the need for sys/wait.h is quite limited. Removing this
include removes the dependency on GNULIB providing a
dummy sys/wait.h for Windows.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:44 +00:00
Daniel P. Berrangé
aa52947fc6 util: conditionalize FD stream to exclude WIN32
Almost none of the virFDStream code will actually work
on WIN32 builds, nor is it used except for in the
virtualbox driver for screenshots. It is simpler to
wrap it all in a '#ifndef WIN32'.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:44 +00:00
Daniel P. Berrangé
7aef7cdbb5 src: conditionalize / remove use of poll.h
Remove imports of poll.h which are redundant, and
conditionalize remaining usage that needs to compile
on Windows platforms.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 14:00:44 +00:00
Peter Krempa
54030892f5 qemuDomainBlockPivot: Copy bitmaps backing checkpoints for virDomainBlockCopy
Use qemuBlockBitmapsHandleBlockcopy to calculate bitmaps to copy over
for a block-copy job.

We copy them when pivoting to the new image as at that point we are
certain that we don't dirty any bitmap unnecessarily.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:34 +01:00
Peter Krempa
26f07f6870 qemu: block: Introduce function to calculate bitmap handling for block-copy
Add a function calculating which bitmaps to copy to the mirror during
a block-copy operation.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:33 +01:00
Peter Krempa
41c7e5c2a6 qemu: block: Add validator for bitmap chains accross backing chains
Add a validator which checks that a bitmap spanning multiple backing
chain members doesn't look broken. The current rules are that no
intermediate birmaps are missing (unfortunately it's hard to know
whether the topmost or bottommost bitmap is missing) and none of the
components is inconsistent.

We can obviously improve it over time.

The validator is also tested against the existing bitmap data we have
for the backup merging test as well as some of the existing broken
bitmap synthetic test cases.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:33 +01:00
Peter Krempa
ccd4228aff qemu: blockjob: Store 'flags' for all the block job types
The flags may control important aspects of the block job which may
influence also the termination of the job. Store the 'flags' for all
the block job types.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:33 +01:00
Peter Krempa
9ba804a1d1 qemu: blockjob: Store 'jobflags' with block job data
Add a variable which will store the contents of the 'flags' variable as
passed in by the individual block jobs. Since the flags may influence
behaviour of the jobs it's important to preserve them to the
finalization steps.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:33 +01:00
Peter Krempa
509ddcfde2 virHashAddOrUpdateEntry: Simplify allocation of new entry
Use g_new0 and skip checking of the return value of keyCopy callback
as both are bound to return a valid pointer.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:33 +01:00
Peter Krempa
6cf3ec4428 virhash: Fix the expectations of virHashKeyEqual implementations
Tweak the return value expectation comment so that it doesn't
necessarily require to allocate memory and refactor the implementations.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:33 +01:00
Peter Krempa
d69470a18a virJSONValueNewArray: Use g_new0 to allocate and remove NULL checks from callers
Use the glib allocation function that never returns NULL and remove the
now dead-code checks from all callers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:33 +01:00
Peter Krempa
3b60a0c027 util: json: Introduce virJSONValueArrayConcat
Add a helper that concatenates the second array into the first.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:32 +01:00
Peter Krempa
5ddfac1169 qemu: block: Extract calls of qemuBlockGetNamedNodeData into a helper function
Create a wrapper for qemuBlockGetNamedNodeData named
qemuBlockGetNamedNodeData. The purpose of the wrapper is to integrate
the monitor handling functionality and in the future possible
qemuCaps-based flags.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:32 +01:00
Peter Krempa
8e94e29010 qemu: checkpoint: Track and relabel images for bitmap merging
Allow qemu access to modify backing files in case when we want to delete
a checkpoint.

This patch adds tracking of which images need to be relabelled when
calculating the transaction, the code to relabel them and rollback.

To verify that stuff works we also output the list of images to relabel
into the test case output files in qemublocktest.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:32 +01:00
Peter Krempa
30bc426071 qemu: checkpoint: Introduce support for deleting checkpoints accross snapshots
Allow deleting of checkpoints when snapshots were created along. The
code tracks and modifies the checkpoint list so that backups can still
be taken with such a backing chain. This unfortunately requires to
rename few bitmaps (by copying and deleting them) in some cases.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-04 13:45:32 +01:00
Michal Privoznik
5c8bd31c88 apparmor: Reflect paths from configure in profiles
The configure script allows users to specify different paths for
/etc/, /usr/sbin/, /var/run/ and /usr/libexec/. Instead of
assuming user will pass expected value, generate the apparmor
profiles using the actual values.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-02-04 09:08:51 +01:00
Ján Tomko
2df925459c qemu: tpm: remove unused labels
Remove all the labels that are now redundant.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-03 19:44:39 +01:00
Ján Tomko
9226a627eb qemu: tpm: use g_autoptr where applicable
This requires stealing one cmd pointer before returning it.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-03 19:44:39 +01:00
Ján Tomko
3f897afda6 qemu: tpm: use g_autofree
Mark eligible declarations as g_autofree and remove
the corresponding VIR_FREE calls.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-03 19:44:39 +01:00
Ján Tomko
9994bee5f2 qemu: tpm: remove unused pidfile variable
qemuExtTPMSetupCgroup declares pidfile but never uses it.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-03 19:44:39 +01:00
Ján Tomko
0a125c7144 virBufferTrim: do not accept len
Always trim the full specified suffix.

All of the callers outside of tests were passing either
strlen or the actual length of the string.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-03 19:44:38 +01:00
Ján Tomko
4838e8b3fc Use virBufferTrimLen when applicable
Replace all the cases that only supply the length
and do not care about matching a suffix, as well
as that one test case that does.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-03 19:44:38 +01:00
Ján Tomko
080405540a util: introduce virBufferTrimLen
Just like the existing virBufferTrim, but only
does one thing at a time.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-02-03 19:44:38 +01:00
Jim Fehlig
e092daacee lib: Prohibit parallel connections with tunneled migration
As discussed on the developer list, parallel migration connections
are not compatible with tunneled migration

https://www.redhat.com/archives/libvir-list/2020-January/msg00463.html

Prohibit the concurrent use of parallel and tunneled migration options.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-03 11:10:59 -07:00
Julio Faracco
6cf9577498 lxc: remove domain definition from lxc network struct
Domain definition is useless now inside network structure. This pointer
was required because new network definition was being added each time
that a new network type appeared. So, this should be processed into
old function `lxcNetworkParseDataType()`. Now, as it was moved to an
array, it can be handle together each interface pointer.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-03 16:08:20 +01:00
Julio Faracco
0da46e30a0 lxc: add LXC version 3 network parser
LXC version 3 or higher introduced indexes for network interfaces.
Libvirt should be able to parse entries like `lxc.net.2.KEY`. This
commit adds functions to parse this type of field. That's why array
structures are so important this time.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-03 16:07:56 +01:00
Julio Faracco
007925214e lxc: refactor lxcNetworkParseData pointers to use new structures
Struct lxcNetworkParseData is being used as a single pointer which
iterates through LXC config lines. It means that it will be applied as a
network each time that a new type appears. After, the same struct is
used to populate a new network interface. This commit changes this logic
to multiple lxcNetworkParseData to move this strcuture to an array. It
makes more sense if we are using indexes to fill interface settings.
This is better to improve code clarity.

This commit still introduces *Legacy() functions to keep support of
network old style definitions.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-02-03 16:07:41 +01:00
Michal Privoznik
a37a8c569d Drop virAtomic module
Now, that every use of virAtomic was replaced with its g_atomic
equivalent, let's remove the module.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-02 16:36:58 +01:00
Michal Privoznik
7390ff3caa src: Drop virAtomicIntDecAndTest() with g_atomic_int_dec_and_test()
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-02 16:36:56 +01:00
Michal Privoznik
574678a27f src: Replace virAtomicIntInc() with g_atomic_int_add()
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-02 16:36:54 +01:00
Michal Privoznik
f127acfa34 src: Replace virAtomicIntSet() with g_atomic_int_set()
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-02 16:36:50 +01:00
Michal Privoznik
8567ff1f5c src: Replace virAtomicIntGet() with g_atomic_int_get()
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-02 16:36:49 +01:00
Michal Privoznik
7c541207bb test_driver: Replace virAtomicIntAdd() with g_atomic_int_add()
Instead of calling virAtomicIntAdd(&var, 1); we can call
g_atomic_int_add() directly.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-02-02 16:35:20 +01:00
Ján Tomko
62d75cdcc6 qemu: drop unused variable
The g_auto conversion made clang realize the variable is unused:
../../src/qemu/qemu_domain.c:10349:36: error: unused variable
    'cfg' [-Werror,-Wunused-variable]
    g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: 20fa2bc6e5
2020-01-31 17:02:26 +01:00
Ján Tomko
e8d5eb0cde qemu: Fix domain ID allocation
The rewrite to use GLib's atomic ops functions changed the behavior
of virAtomicIntInc - before it returned the pre-increment value.

Most of the callers using its value were adjusted, but the one
in qemuDriverAllocateID was not. If libvirtd would reconnect to
a running domain during startup, the next started domain would get
the same ID:

$ virsh list
 Id   Name       State
--------------------------
 1    f28live    running
 1    f28live1   running

Use the g_atomic_add function directly (as recommended in viratomic.h)
and add 1 to the result.

This also restores the usual numbering from 1 instead of 0.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: 7b9645a7d1
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-01-31 16:11:50 +01:00
Daniel Henrique Barboza
4427903722 qemu_domain_address.c: turn qemuDomainFillDeviceIsolationGroup to void
Starting on commit 1f43393283, qemuDomainFillDeviceIsolationGroup()
returns 0 in all circunstances. Let's turn it to 'void' make it
clearer that the function will not fail. This also spares a
check for < 0 return in qemu_hotplug.c. The
qemuDomainFillDeviceIsolationGroupIter() callback now returns
0 at all times - which is already happening anyway.

Refer to 1f43393283 commit message for more details on why
the function was changed to never return an error.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-31 15:25:33 +01:00
Daniel Henrique Barboza
02ad5d2359 qemu_domain.c: turn qemuDomainChrDefDropDefaultPath to void
qemuDomainChrDefDropDefaultPath() returns an int, but it's
always returning 0. Callers are checking for result < 0 to
run their cleanup code needlessly.

Turn the function to 'void' and adjust the callers.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-31 15:25:33 +01:00
Daniel Henrique Barboza
db780004a9 qemu_domain.c: removing unneeded cleanup labels
Previous patches deprecated some 'cleanup' labels. Let's remove
them.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-31 15:25:33 +01:00
Daniel Henrique Barboza
20fa2bc6e5 qemu_domain.c: use g_autoptr when possible
Avoid some of the virObjectUnref() calls by using g_autoptr.
Aside from the 'cleanup' label in qemuDomainSetFakeReboot(),
all other now deprecated cleanup labels will be removed in
the next patch.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-31 15:25:33 +01:00
Daniel Henrique Barboza
ae9f630e50 qemu_domain.c: use g_autofree when possible
Use g_autofree to remove VIR_FREE() calls used for cleanups.
Labels that became deprecated will be removed in a later
patch.

In qemuDomainSetupDisk(), the 'dst' variable is not used at
all and could be removed.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-31 15:25:33 +01:00
Daniel Henrique Barboza
749ec34a56 qemu_domain.c: remove redundant virObjectUnref()
The 'caps' variable in qemuDomainObjPrivateXMLParseAutomaticPlacement()
is set to auto clean via g_autoptr(), but a 'virObjectUnref(caps)' is
being executed in the 'cleanup' label.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-31 15:25:33 +01:00