Commit Graph

47775 Commits

Author SHA1 Message Date
Peter Krempa
2811fdaf3e virStorageBackendISCSIDirectSetAuth: Refactor cleanup
Use automatic pointer for 'conn' and remove the 'cleanup' label and
'ret' variable.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-02-01 09:16:17 +01:00
Peter Krempa
edd644e7a8 virStorageBackendISCSISetAuth: Use g_strndup to '\0' terminate data
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-02-01 09:16:17 +01:00
Peter Krempa
fbb323fe61 virStorageBackendISCSISetAuth: Refactor cleanup
Automatically free 'conn' and remove the 'cleanup' section and 'ret'
variable. 'datatypes.h' contains the declaration of the autoptr cleanup
function for virConnect.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-02-01 09:16:17 +01:00
Peter Krempa
880cd081de virCryptoEncryptDataAESgnutls: Restructure control flow
Prepare the buffer for encryption only after initializing the cipher, so
that there's just one failure point. This allows to remove the 'error'
label.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-02-01 09:16:17 +01:00
Michal Privoznik
dd8a2cffd6 virDomainNetDefFormat: Modernize <mac/> formatting
The <source/> child element of <mac/> is formatted the old way.
Switch to virXMLFormatElement().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-02-01 08:36:33 +01:00
Michal Privoznik
8a652c72b3 virDomainNetDefFormat: Simplify @sourceAttrBuf handling for some types of VIR_DOMAIN_NET
For VIR_DOMAIN_NET_TYPE_{SERVER,CLIENT,MCAST,UDP} we need to put
(optionally) 'address' attribute and 'port' attributes of
<source/> element. But the way we currently do that is
particularly verbose. It can be shortened using
virBufferEscapeString().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-02-01 08:36:31 +01:00
Michal Privoznik
95c5ff9890 virDomainNetDefFormat: Modernize <source/> formatting
The <source/> child element of <interface/> is formatted the old
way. Switch to virXMLFormatElement().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-02-01 08:36:28 +01:00
Michal Privoznik
3a7c6e0c4c virDomainNetDefFormat: Modernize <guest/> formatting
The <guest/> child element of <interface/> is formatted the old
way. Switch to virXMLFormatElement(). Since this element is used
in LXC driver, this part of the function is tested by
lxcxml2xmltest (specifically lxc-ethernet* test cases).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-02-01 08:36:26 +01:00
Michal Privoznik
86d10e6259 virDomainNetDefFormat: Modernize <tune/> formatting
The <tune/> child element of <interface/> is formatted the old
way. Switch to virXMLFormatElement().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-02-01 08:36:24 +01:00
Michal Privoznik
58e0bd73e0 virDomainNetDefFormat: Rename @attrBuf to @targetAttrBuf
The @attrBuf variable in virDomainNetDefFormat() is named too
broadly. It holds attribute buffer to the <target/> element.
Rename it to @targetAttrBuf then.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-02-01 08:36:22 +01:00
Michal Privoznik
97e4b5e1e7 qemuxml2xmloutdata: Turn net-mtu.xml into a symlink
There's nothing specific about net-mtu test. In fact, if device
addresses are filled in (and some elements reordered), we get the
same XML. Make those changes to the input XML and turn the output
XML to be a symlink.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-02-01 08:36:14 +01:00
Jiri Denemark
648391f170 remote: Fix memory leak in remoteDomainMigrateFinish3*
Theoretically, when remoteDomainMigrateFinish3* is called without a
pointer for storing migration cookie or its length (i.e., either
cookieout == NULL or cookieoutlen == NULL), we would leak the freshly
created virDomain object referenced by rv.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2023-01-30 16:02:41 +01:00
Michal Privoznik
6f3f6c0f76 virsh: Make domif-setlink work more than once
In virsh, we have this convenient domif-setlink command, which is
just a wrapper over virDomainUpdateDeviceFlags() and which allows
setting link state of given guest NIC. It does so by fetching
corresponding <interface/> XML snippet and either putting <link
state=''/> into it, OR if the element already exists setting the
attribute to desired value. The XML is then fed into the update
API.

There's, however, a small bug in detecting the pre-existence of
the element and its attribute. The code looks at "link"
attribute, while in fact, the attribute is called "state".

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/426
Fixes: e575bf082e
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-30 12:06:41 +01:00
Jiri Denemark
9f8fba7501 remote: Fix version annotation for remoteDomainFDAssociate
The API was added in libvirt 9.0.0.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2023-01-27 11:51:16 +01:00
Michal Privoznik
a0fbf1e25c rpc: Use struct zero initializer for args
In a recent commit of v9.0.0-104-g0211e430a8 I've turned all args
vars in src/remote/remote_driver.c to be initialized wit {0}.
What I've missed was the generated code.

Do what we've done in v9.0.0-13-g1c656836e3 and init also args,
not just ret.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-01-27 08:07:13 +01:00
Martin Kletzander
2dde3840b1 qemuxml2argvdata: Fix missing device in crypto-builtin XML
Another forgotten fix after a post-review rebase.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-26 17:00:04 +01:00
Martin Kletzander
f3c9cbc36c qemuxml2argvdata: Fix watchdog parameters in crypto-builtin
Forgotten fix after a post-review rebase.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-26 16:57:20 +01:00
Martin Kletzander
a2c5c5dad2 news: Add information about iTCO watchdog changes
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:42:12 +01:00
Martin Kletzander
2fa92efe9b Document change to multiple watchdogs
With the reasoning behind it.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:40:30 +01:00
Martin Kletzander
926594dcc8 qemu: Add implicit watchdog for q35 machine types
The iTCO watchdog is part of the q35 machine type since its inception,
we just did not add it implicitly.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2137346

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:40:30 +01:00
Martin Kletzander
d81a27b981 qemu: Enable iTCO watchdog by disabling its noreboot pin strap
In order for the iTCO watchdog to be operational we must disable the
noreboot pin strap in qemu.  This is the default starting from 8.0
machine types, but desirable for older ones as well.  And we can safely
do that since that is not guest-visible.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:40:30 +01:00
Martin Kletzander
5b80e93e42 Add iTCO watchdog support
Supported only with q35 machine types.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:40:30 +01:00
Martin Kletzander
1c61bd718a Support multiple watchdog devices
This is already possible with qemu, and actually already happening with
q35 machines and a specified watchdog since q35 already includes a
watchdog we do not include in the XML.  In order to express such
posibility multiple watchdogs need to be supported.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:40:30 +01:00
Martin Kletzander
c5340d5420 qemuDomainAttachWatchdog: Avoid unnecessary nesting
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:40:30 +01:00
Jiri Denemark
1cf7e6ec05 remote: Drop useless cleanup in remoteDispatchNodeGet{CPU,Memory}Stats
The function cannot fail once it starts populating
ret->params.params_val[i].field.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:11:09 +01:00
Jiri Denemark
d0f339170f remote: Avoid leaking uri_out
In case the API returned success and a NULL pointer in uri_out, we would
leak the preallocated buffer used for storing the uri_out pointer.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:11:09 +01:00
Jiri Denemark
4849eb2220 remote: Propagate error from virDomainGetSecurityLabelList via RPC
The daemon side of this API has been broken ever since the API was
introduced in 2012. Instead of sending the error from
virDomainGetSecurityLabelList via RPC so that the client can see it, the
dispatcher would just send a successful reply with return value set to
-1 (and an empty array of labels). The client side would propagate this
return value so the client can see the API failed, but the original
error would be lost.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-26 16:10:33 +01:00
Michal Privoznik
0211e430a8 remote: Initialize args variable
Recently, in v9.0.0-7-gb2034bb04c we've dropped initialization of
@args variable. The reasoning was that eventually, all members of
the variable will be set. Well, this is not correct. For
instance, in remoteConnectGetAllDomainStats() the
args.doms.doms_val pointer is set iff @ndoms != 0. However,
regardless of that, the pointer is then passed to VIR_FREE().

Worse, the whole args is passed to
xdr_remote_connect_get_all_domain_stats_args() which then calls
xdr_array, which tests the (uninitialized) pointer against NULL.

This effectively reverts b2034bb04c.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-26 15:05:50 +01:00
Michal Privoznik
c3afde9211 qemu_domain: Don't unref NULL hash table in qemuDomainRefreshStatsSchema()
The g_hash_table_unref() function does not accept NULL. Passing
NULL results in a glib warning being triggered. Check whether the
hash table is not NULL and unref it only then.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-26 13:48:16 +01:00
zhenwei pi
95a278a845 NEWS: Document 'crypto' device
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-25 16:05:31 +01:00
zhenwei pi
ff1941c935 qemu: command: support crypto device
Support virtio-crypto device, also support cryptodev types:
- builtin
- lkcf

Finally, we can launch a VM(QEMU) with one or more crypto devices by
libvirt.

Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-25 16:00:54 +01:00
zhenwei pi
0eb358e799 qemu: alias: support crypto device
Support 'cryptoX' alias for a crypto device.

Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-25 16:00:51 +01:00
zhenwei pi
71fa94302a capabilities: introduce crypto device
Changes in this commit:
- docs: formatdomaincaps.rst
- conf: crypto related domain caps
- qemu: crypto related
- tests: crypto related test

Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-25 16:00:47 +01:00
zhenwei pi
7ba22d21a1 conf: introduce crypto device
Introduce crypto device like:

  <crypto model='virtio' type='qemu'>
    <backend model='builtin' queues='1'/>
    <address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/>
  </crypto>

  <crypto model='virtio' type='qemu'>
    <backend model='lkcf'/>
    <address type='pci' domain='0x0000' bus='0x00' slot='0x0b' function='0x0'/>
  </crypto>

Currently, crypto model supports virtio only, type supports qemu only
(vhost-user in the plan). For the qemu type, backend supports modle
builtin/lkcf, and the queues is optional.

Changes in this commit:
- docs: formatdomain.rst
- schemas: domaincommon.rng
- conf: crypto related domain conf
- qemu: crypto related
- tests: crypto related test

Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2023-01-25 16:00:42 +01:00
Daniel Henrique Barboza
d5ecc2aa77 tests: add QEMU RISC-V "virt" machine in domaincapstest
'domaincapstest' is currently skipping RISC-V tests. Let's enable it.

The decision of enabling the "virt" machine is based on the idea that
this is the most used QEMU RISC-V machine in the community and it's the
most likely to be widely supported in the long run.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
2023-01-24 13:24:41 -03:00
Daniel Henrique Barboza
552ac58574 tests: update RISC-V QEMU caps for QEMU 8.0.0
Update RISC-V capabilities for the QEMU 8.0.0 cycle. Changes made are
based on the JSONification of device parameters.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
2023-01-24 13:24:41 -03:00
Daniel Henrique Barboza
fd70335876 src/cpu: add a basic RiscV64 cpu driver
There are tests in qemuxml2argvtest that will fail if we enable RISC-V
testing, with an error like the following:

"cpuGetSubDriver:64 : this function is not supported by the connection
driver: 'riscv64' architecture is not supp orted by CPU driver"

This happens because we don't have a RISC-V driver yet.

Add a barebone RISC-V driver to allow tests to be executed. The only 2
callbacks implemented here are 'compare' and 'validateFeatures', both
acting as a no-op. More callbacks and features will be added in the
future.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
2023-01-24 13:24:20 -03:00
Martin Kletzander
1e2605c934 rpc: Fix error message in virNetServerSetClientLimits
Commit f007940cb2 tried to change the error message so that it is unified
later in 35afa1d2d6, but various rewrites missed this particular error message
which does not make sense.  Fix it so that it is the same as the other two
messages checking the same thing in this file.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2033879

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-24 14:13:06 +01:00
Peter Krempa
5764930463 qemu: Remove 'memAliasOrderMismatch' field from VM private data
The field is no longer used so we can remove it and the code filling it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-24 13:14:12 +01:00
Peter Krempa
6d3f0b11b2 qemu: alias: Remove 'oldAlias' argument of qemuAssignDeviceMemoryAlias
All callers pass 'false' so we no longer need it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-24 13:14:12 +01:00
Peter Krempa
50ce3463d5 qemu: hotplug: Remove legacy quirk for 'dimm' address generation
Commit b7798a07f9 (in fall of 2016) changed the way we generate aliases
for 'dimm' memory devices as the alias itself is part of the migration
stream section naming and thus must be treated as ABI.

The code added compatibility layer for VMs with memory hotplug started
with the old scheme to prevent from generating wrong aliases. The
compatibility layer broke though later when 'nvdimm' and 'pmem' devices
were introduced as it wrongly detected them as old configuration.

Now rather than attempting to fix the legacy compat layer to treat other
devices properly we'll be better off simply removing it as it's
extremely unlikely that somebody has a VM started in 2016 running with
today's libvirt and attempts to hotplug more memory.

This fixes a corner case when a user hot-adds a 'dimm' into a VM with a
'dimm' and a 'nvdimm' after restart of libvirtd and then attempts to
migrate the VM.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2158701
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-24 13:14:12 +01:00
Peter Krempa
8a7531e66a virnetlibsshsession: Don't check return value of 'virNetLibsshSessionAuthMethodNew'
The function can't return NULL to the callers so it doesn't make sense
to check it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-24 13:10:31 +01:00
Peter Krempa
76e005d1a5 virNetLibsshSessionAuthAddPasswordAuth: Don't access unlocked 'sess'
'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.

Fixes: 6917467c2b
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-24 13:10:31 +01:00
Peter Krempa
c68a07eeb3 virnetsshsession: Don't check return value of 'virNetSSHSessionAuthMethodNew'
The function can't return NULL to the callers so it doesn't make sense
to check it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-24 13:10:31 +01:00
Peter Krempa
6aed6becec virNetSSHSessionAuthAddPasswordAuth: Don't access unlocked 'sess'
'sess->authPath' is modified before locking the 'sess' object.
Additionally on failure of 'virAuthGetConfigFilePathURI' 'sess' would be
unlocked even when it was not yet locked.

Fixes: 273745b431
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-24 13:10:31 +01:00
Peter Krempa
c97b632283 util: authconfig: Don't check return value of 'g_key_file_new()'
The function can't fail so it's pointless to check its return value.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2023-01-24 13:10:31 +01:00
Michal Privoznik
b76b6a6169 vbox: Stop reporting RC in error messages
As shown in the commit that introduced vboxReportError(), we are
appending the retval of a failed VirtualBox API onto our error
messages. Well, this is no longer needed because
vboxReportError() already appends the VirtualBox error in plain
text.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-24 10:45:48 +01:00
Michal Privoznik
bde1890b63 vbox: Move error messages onto a single line
Our coding style suggests error messages to be on a single line
for easier git grep. Since I'm touching them anyways, let's make
them follow our own suggestion.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-24 10:45:44 +01:00
Michal Privoznik
3d8bd1fbe3 vbox: Replace virReportError() with vboxReportError()
Now that we have vboxReportError() which reports VirtualBox
errors too, we can switch the code to use the former. And since
the vboxReportError() is designed to behave exactly like
virReportError() we can do that almost everywhere, regardless of
the source of the error.

There are a few exceptions though, for instance, when
initializing VirtualBox SDK (we don't have all the objects needed
for querying exceptions yet), or when invalid combination of
arguments was passed to an API of ours, or when a function from
other module (e.g. src/conf/) failed.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-24 10:45:41 +01:00
Michal Privoznik
70983f4f53 vbox: Introduce vboxReportError()
When a VirtualBox API fails it produced an exception. Until now,
we did not have correct APIs wired up to get the exception and
its error message. Thus, we were left with plain:

  virReportError("virtualbox API failed, rc=%08x", rc);

This is not very user friendly because those rc values are hard
to parse (e.g. some values are defined as a sum of a base value
and some other value) and also it expects users to know where to
look.

But now that we have all machinery needed for querying
exceptions, vboxReportError() can be introduced. The aim is to
query VirtualBox exceptions and append them after the error
message we intent to report. If the exception can't be queried
successfully, this behaves exactly like virReportError().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2023-01-24 10:45:38 +01:00