Commit Graph

23044 Commits

Author SHA1 Message Date
Joao Martins
293668cd70 xenconfig: xm: check for driver on disk format
When reviewing libxl vif typename series[0] I found a bug
on xen-xm formatter where "virsh domxml-to-native xen-xm file.xml"
can lead to a NULL dereference if the disk driver isn't specified.
Fix this by checking for driver before writing/testing it down.

[0] https://www.redhat.com/archives/libvir-list/2016-April/msg01434.html

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
2016-05-24 19:19:50 -06:00
Laine Stump
002b7704ff lxc: support <interface type='ethernet'>
This is identical to type='bridge', but without the "connect to a
bridge" part, so it can be handled by using the same functions (and
often even the same cases in switch statements), after renaming
virLXCProcessSetupInterfaceBridged() to virLXCProcessInterfaceTap()
and enhancing it to skip bridge-related items when brname == NULL.

To be truly useful, we need to support setting the ip address on the
host side veth as well as guest side veth (already supported for
type='bridge'), as well as setting the peer address for both.

The <script> element (supported by type='ethernet' in qemu) isn't
supported in this patch. An error is logged at domain start time if it
is encountered. This may be changed in a later patch.
2016-05-24 15:21:05 -04:00
Katerina Koukiou
306b3a8504 lxc: completely rework reference counting
This patch follows the pattern used in qemu driver regarding
reference counting.
It changes lxcDomObjFromDomain() to ref the domain (using
virDomainObjListFindByUUIDRef()) and adds virDomainObjEndAPI() which
should be the only function in which the return value of
virObjectUnref() is checked.  This makes all reference counting
deterministic and makes the code a bit clearer.

Signed-off-by: Katerina Koukiou <k.koukiou@gmail.com>
2016-05-24 16:54:01 +02:00
Katerina Koukiou
6ce89dcae0 lxc: use job functions in lxcDomainLxcOpenNamespace & lxcDomainSendProcessSignal
Use the recently added job functions in lxcDomainLxcOpenNamespace,
lxcDomainSendProcessSignal.

Signed-off-by: Katerina Koukiou <k.koukiou@gmail.com>
2016-05-24 16:35:02 +02:00
Pavel Hrdina
750b83137b qemucapstest: update caps for qemu-2.6.0
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:03 +02:00
Pavel Hrdina
733b2a9174 qemucapstest: update caps for qemu-2.5.0
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:03 +02:00
Pavel Hrdina
b728ede9f2 qemucapstest: update caps for qemu-2.4.0
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:03 +02:00
Pavel Hrdina
e1d09e88a0 qemucapstest: update caps for qemu-2.1.1 2016-05-24 15:46:03 +02:00
Pavel Hrdina
233851b4c7 qemucapstest: update caps for qemu-1.6.0
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:03 +02:00
Pavel Hrdina
f91284045c qemucapstest: update caps for qemu-1.5.3
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:02 +02:00
Pavel Hrdina
5063c49375 qemucapstest: update caps for qemu-1.4.2
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:02 +02:00
Pavel Hrdina
6815c9e0eb qemucapstest: update caps for qemu-1.3.1
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:02 +02:00
Pavel Hrdina
98e638d655 qemucapstest: update caps for qemu-1.2.2
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 15:46:02 +02:00
Maxim Nestratov
2f5e24ba00 nwfilter: fix lock order deadlock
Below is backtraces of two deadlocked threads:

thread #1:
 virDomainConfVMNWFilterTeardown
   virNWFilterTeardownFilter
       lock updateMutex <------------
       _virNWFilterTeardownFilter
            try to lock interface <----------

thread #2:
 learnIPAddressThread
    lock interface <-------
    virNWFilterInstantiateFilterLate
        try to lock updateMutex <----------

The problem is fixed by unlocking interface before calling
virNWFilterInstantiateFilterLate to avoid updateMutex and interface ordering
deadlocks. Otherwise we are going to instantiate the filter while holding
interface lock, which will try to lock updateMutex, and if some other thread
instantiating a filter in parallel is holding updateMutex and is trying to
lock interface, both will deadlock.
Also it is safe to unlock interface before virNWFilterInstantiateFilterLate
because learnIPAddressThread stopped capturing packets and applied necessary
rules on the interface, while instantiating a new filter doesn't require a
locked interface.

Signed-off-by: Maxim Nestratov <mnestratov@virtuozzo.com>
2016-05-24 15:24:37 +03:00
Pavel Hrdina
a94efa50e2 maint: fix syntax-check sc_prohibit_int_ijk exclude rule
Fix the regex for excluding files for this syntax-rule.  The rule "include/"
will not work, because we are matching the whole line like this
"^(...|include/|...)$ so we need to use "include/libvirt/libvirt.+".  The second
issue is that we are using only one '$' but there should be two of those at the
end.  The last small adjustment is to escape dots '.' so it match only dot.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 13:36:11 +02:00
Pavel Hrdina
9db7308502 makefile: fix build on systems where gnutls is not in /usr/include
We need to append GNUTLS_CFLAGS while building utils because virtcrypto
is using it.  This fixes build on freebsd where gnutuls is in
/usr/local/include.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 13:30:01 +02:00
Pavel Hrdina
9753dd7470 qemuxml2argvtest: skip test that depends on gnutls_cipher_encrypt()
Test disk-drive-network-rbd-auth-AES depends on existence of
gnutls_cipher_encrypt() function which was introduced in gnutls 2.10.0.
On systems without this function we should skip this test.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 01:01:07 +02:00
Jovanka Gulicoska
580dbf06a4 storage: Replace VIR_ERROR with standard vir*Error in state driver init
Replace VIR_ERROR with virReportError and virReportSystemError
2016-05-23 15:42:46 -04:00
Jovanka Gulicoska
1433c803c9 nwfilter: Replace VIR_ERROR with standard vir*Error in state driver init
Replace VIR_ERROR with virReportError
2016-05-23 15:42:46 -04:00
Jovanka Gulicoska
1223f7b23e libxl: Replace VIR_ERROR with standard vir*Error in state driver init
Replace VIR_ERROR with virReportError
2016-05-23 15:42:46 -04:00
Jovanka Gulicoska
86d1ae0479 bhyve: Replace VIR_ERROR with standard vir*Error in state driver init
Replace VIR_ERROR with virReportError
2016-05-23 15:42:46 -04:00
Laine Stump
9cdac8afc9 qemu: simplify addition of USB controller in qemuParseCommandLine
virDomainDefAddUSBController() does everything that the multiple lines
of code were doing.
2016-05-23 15:26:57 -04:00
Mikhail Feoktistov
4aeb1d5158 vz: add error code for case if vm is already stopped
If try to stop VM or container which is already stopped than
Virtuozzo 7 returns code PRL_ERR_INVALID_ACTION_REQUESTED.
Error code PRL_ERR_DISP_VM_IS_NOT_STARTED is used in Virtuozzo 6
2016-05-23 20:06:17 +03:00
Ján Tomko
d033d4762f Revert "qemu_cgroup: allow access to /dev/dri for virtio-vga"
This reverts commit 3943bdd60c.
2016-05-23 10:48:27 +02:00
Ján Tomko
21fdb4fe70 storage: do not clear vols before volume upload
Commit 5e54361c added virStoragePoolObjClearVols before refreshPool
to prevent duplicate volume entries.

However it is not needed here because we're not refreshing the pool yet,
just checking for the existence of the refresh callback.

The actual refresh is done via virStorageVolFDStreamCloseCb
in virStorageVolPoolRefreshThread, which already calls
virStoragePoolObjClearVols.
2016-05-23 10:47:32 +02:00
Ján Tomko
71cfa668eb Deprecate QEMU_CAPS_PCIDEVICE
Before removal of QEMU_CAPS_DEVICE, its only usage was
or'd with QEMU_CAPS_DEVICE.

Now it's unused.
2016-05-23 10:40:22 +02:00
Ján Tomko
5572cd7f0e Deprecate QEMU_CAPS_DEVICE
We support qemu version 0.12.0+, which has it.
2016-05-23 10:38:45 +02:00
Ján Tomko
e9488fcd20 Deprecate QEMU_CAPS_DRIVE_READONLY
We have been assuming its support if qemu supports -device,
which all the supported versions do.
2016-05-23 10:37:09 +02:00
Ján Tomko
00c9877e77 qemu: always assume QEMU_CAPS_DRIVE_READONLY
We have been always setting the capability on if qemu has
QEMU_CAPS_DEVICE.
2016-05-23 10:35:44 +02:00
Ján Tomko
ec9d19952a tests: always assume QEMU_CAPS_DRIVE_READONLY 2016-05-23 10:34:16 +02:00
Ján Tomko
b88f5f1af9 tests: remove <readonly/> from IDE disks
Read-only IDE disks are not supported, but the error
is raised only when QEMU_CAPS_DRIVE_READONLY is set.
2016-05-23 09:39:40 +02:00
Ján Tomko
1e463880c9 tests: remove disk-drive-fat test
This test requests a read-only virtual FAT drive on the IDE bus.
Read-only IDE drives are unsupported, but libvirt only displays
the error if it has the QEMU_CAPS_DRIVE_READONLY capability.
Read-write FAT drives are also unsupported.
2016-05-23 09:39:40 +02:00
Ján Tomko
5c4b6e8f5f qemu: assume QEMU_CAPS_DEVICE almost everywhere
Remove more checks that are no longer necessary.
2016-05-23 09:39:40 +02:00
Ján Tomko
34ab070c0d qemu_command: assume QEMU_CAPS_DEVICE
Drop some checks that are no longer necessary as well as
-usbdevice -pcidevice and -soundhw support.
2016-05-23 09:39:40 +02:00
Mikhail Feoktistov
33705aeec0 util: fix build without GNUTLS 2016-05-22 08:53:58 +03:00
Cole Robinson
f3d5e255cb tests: qemu: test <address type='pci'/> with aarch64
This is an interesting test case since PCI isn't the default for
aarch64.
2016-05-20 13:54:26 -04:00
Laine Stump
c026f8f1c2 qemu: auto-assign addresses when <address type='pci'/> is specified
Rather than only assigning a PCI address when no address is given at
all, also do it when the config says that the address type is 'pci',
but it gives no address (virDeviceInfoPCIAddressWanted()).

There are also several places after parsing but prior to address
assignment where code previously expected that any info with address
type='pci' would have a *valid* PCI address, which isn't always the
case - now we check not only for type='pci', but also for a valid
address (virDeviceInfoPCIAddressPresent()).

The test case added in this patch was directly copied from Cole's patch titled:

    qemu: Wire up address type=pci auto_allocate
2016-05-20 13:54:26 -04:00
Laine Stump
d05da3fc72 bhyve: auto-assign addresses when <address type='pci'/> is specified
Rather than only assigning a PCI address when no address is given at
all, also do it when the config says that the address type is 'pci',
but it gives no address.
2016-05-20 13:54:26 -04:00
Laine Stump
8f578716c7 conf: allow type='pci' addresses with no address attributes specified
Prior to this, <address type='pci'/> wasn't allowed when parsing
(domain+bus+slot+function needed to be a "valid" PCI address, meaning
that at least one of domain/bus/slot had to be non-0), the RNG
required bus to be specified, and if type was set to PCI when
formatting, domain+bus+slot+function would always be output.

This makes all the address attributes optional during parse and RNG
validation, and suppresses domain+bus+slot+function if domain+bus+slot
are all 0 (NB: if d+b+s are all 0, any value for function is
nonsensical as that will never happen in the real world, and after
the next patch we will always assign a real working address to any
empty PCI address before it is ever output to anywhere).

Note that explicitly setting all attributes to 0 is equivalent to
setting none of them, which is okay, since 0000:00:00 is reserved in
any PCI bus setup, and can't be used anyway.
2016-05-20 13:54:25 -04:00
Laine Stump
9a81a36353 conf: new functions to check if PCI address is wanted/present
In order to allow <address type='pci'/> with no other attributes to
mean "I want a PCI address, but any PCI address will do" (just as
having no <address> at all usually indicates), we will need to change
several places in the code from a simple "info->type == (or !=)
VIR_DOMAIN_DEVICE_ADDRESS_TYPE_(PCI|NONE)" into something slightly
more complex, this patch adds to new functions that take a
virDomainDeviceInfoPtr and return true/false depending on 1) whether
the current state of the info indicates that we "want" a PCI address
for this device (virDeviceInfoPCIAddressWanted()) and 2) whether this
device already has a valid PCI address
(virDeviceInfoPCIAddressPresent()).

Both of these functions required the simpler check for whether a pci
address is "empty" (i.e. all of its attributes are 0, which can never
happen in a real PCI address, since slot 0 of bus 0 of domain 0 is
always reserved), so that function is also added.
2016-05-20 13:54:25 -04:00
Laine Stump
ff89e9b932 conf: move virDomainDeviceInfo definition from domain_conf.h to device_conf.h
Also moves all the subordinate structs. This is necessary due to a new
inline function that will be defined in device_conf.h, and also makes
sense, because it is the *device* info that's in the struct. (Actually
a lot more stuff from domain_conf.h could move to this newer file, but
I didn't want to disturb any more than necessary).
2016-05-20 13:54:25 -04:00
Michal Privoznik
997be5c27a tests: Link virtestmock with probes
I've encountered this error while trying out this feature on some
systems:

  $ VIR_TEST_FILE_ACCESS=1 ./virhashtest \
 libvirt.git/tests/.libs/lt-virhashtest: \
symbol lookup error: libvirt.git/tests/.libs/virtestmock.so: \
undefined symbol: libvirt_event_poll_purge_timeout_semaphore

Problem is, linking just libvirt_utils to virmock.la is not
enough. We might need to link libvirt_probes.lo too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-20 17:16:21 +02:00
Michal Privoznik
49c1a078c2 virtestmock: Mock stat() properly
There is a lot to explain, but I try to make it as short as
possible. I'd start by pasting some parts of sys/stat.h:

extern int stat (const char *__restrict __file,
		 struct stat *__restrict __buf) __THROW __nonnull ((1, 2));

extern int __REDIRECT_NTH (stat, (const char *__restrict __file,
				  struct stat *__restrict __buf), stat64)
     __nonnull ((1, 2));

__extern_inline int
__NTH (stat (const char *__path, struct stat *__statbuf))
{
  return __xstat (_STAT_VER, __path, __statbuf);
}

Only one of these is effective at once, due to some usage of
the mess we are dealing with in here. So, basically, while
compiling or linking stat() in our code can be transformed into
some other func. Or a dragon.
Now, if you read stat(2) manpage, esp. "C library/kernel
differences" section, you'll learn that glibc uses some tricks
for older applications to work. I haven't gotten around actual
code that does this, but based on my observations, if 'stat'
symbol is found, glibc assumes it's dealing with ancient
application. Unfortunately, it can be just ours stat coming from
our mock. Therefore, calling stat() from a test will end up in
our mock. But since glibc is not exposing the symbol anymore, our
call of real_stat() will SIGSEGV immediately as the pointer to
function is NULL. Therefore, we should expose only those symbols
we know glibc has.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-20 17:16:21 +02:00
Michal Privoznik
436397902e tests: Drop VIR_MOCK_CALL_STAT
It wasn't as great idea as I thought. Thing around stat() are
more complicated than that. Therefore we need to revert
86d1705a8a plus drop use of the macro as introduced in
later patches.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-20 17:16:21 +02:00
John Ferlan
a1344f70a1 qemu: Utilize qemu secret objects for RBD auth/secret
https://bugzilla.redhat.com/show_bug.cgi?id=1182074

If they're available and we need to pass secrets to qemu, then use the
qemu domain secret object in order to pass the secrets for RBD volumes
instead of passing the base64 encoded secret on the command line.

The goal is to make AES secrets the default and have no user interaction
required in order to allow using the AES mechanism. If the mechanism
is not available, then fall back to the current plain mechanism using
a base64 encoded secret.

New APIs:

qemu_domain.c:
  qemuDomainGetSecretAESAlias:
    Generate/return the secret object alias for an AES Secret Info type.
    This will be called from qemuDomainSecretAESSetup.

  qemuDomainSecretAESSetup: (private)
    This API handles the details of the generation of the AES secret
    and saves the pieces that need to be passed to qemu in order for
    the secret to be decrypted. The encrypted secret based upon the
    domain master key, an initialization vector (16 byte random value),
    and the stored secret. Finally, the requirement from qemu is the IV
    and encrypted secret are to be base64 encoded.

qemu_command.c:
  qemuBuildSecretInfoProps: (private)
    Generate/return a JSON properties object for the AES secret to
    be used by both the command building and eventually the hotplug
    code in order to add the secret object. Code was designed so that
    in the future perhaps hotplug could use it if it made sense.

  qemuBuildObjectSecretCommandLine (private)
    Generate and add to the command line the -object secret for the
    secret. This will be required for the subsequent RBD reference
    to the object.

  qemuBuildDiskSecinfoCommandLine (private)
    Handle adding the AES secret object.

Adjustments:

qemu_domain.c:
  The qemuDomainSecretSetup was altered to call either the AES or Plain
  Setup functions based upon whether AES secrets are possible (we have
  the encryption API) or not, we have secrets, and of course if the
  protocol source is RBD.

qemu_command.c:
  Adjust the qemuBuildRBDSecinfoURI API's in order to generate the
  specific command options for an AES secret, such as:

    -object secret,id=$alias,keyid=$masterKey,data=$base64encodedencrypted,
            format=base64
    -drive file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\
           mon_host=mon1.example.org\:6321,password-secret=$alias,...

  where the 'id=' value is the secret object alias generated by
  concatenating the disk alias and "-aesKey0". The 'keyid= $masterKey'
  is the master key shared with qemu, and the -drive syntax will
  reference that alias as the 'password-secret'. For the -drive
  syntax, the 'id=myname' is kept to define the username, while the
  'key=$base64 encoded secret' is removed.

  While according to the syntax described for qemu commit '60390a21'
  or as seen in the email archive:

    https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg04083.html

  it is possible to pass a plaintext password via a file, the qemu
  commit 'ac1d8878' describes the more feature rich 'keyid=' option
  based upon the shared masterKey.

Add tests for checking/comparing output.

NB: For hotplug, since the hotplug code doesn't add command line
    arguments, passing the encoded secret directly to the monitor
    will suffice.
2016-05-20 11:09:05 -04:00
Peter Krempa
f0469c61e3 tests: Allow multiple mock libraries
Make virtTestMain take variable number of libraries to mock.
2016-05-20 11:09:05 -04:00
John Ferlan
97868a2b85 qemu: Introduce qemuDomainSecretSetup
Currently just a shim to call qemuDomainSecretPlainSetup, but soon to be more
2016-05-20 11:09:05 -04:00
John Ferlan
238032505f util: Introduce virCryptoGenerateRandom
Move the logic from qemuDomainGenerateRandomKey into this new
function, altering the comments, variable names, and error messages
to keep things more generic.

NB: Although perhaps more reasonable to add soemthing to virrandom.c.
    The virrandom.c was included in the setuid_rpc_client, so I chose
    placement in vircrypto.
2016-05-20 11:09:05 -04:00
John Ferlan
1ce9c08ab3 util: Introduce encryption APIs
Introduce virCryptoHaveCipher and virCryptoEncryptData to handle
performing encryption.

 virCryptoHaveCipher:
   Boolean function to determine whether the requested cipher algorithm
   is available. It's expected this API will be called prior to
   virCryptoEncryptdata. It will return true/false.

 virCryptoEncryptData:
   Based on the requested cipher type, call the specific encryption
   API to encrypt the data.

Currently the only algorithm support is the AES 256 CBC encryption.

Adjust tests for the API's
2016-05-20 11:09:01 -04:00
John Ferlan
6a3f4121a5 tests: Add mock for virRandomBytes
Create a mock for virRandomBytes to generate a not so random value.
This should be usable by other tests that need a not so random number
to be generated by including the virrandommock at preload.

The "random number" generated is based upon the size of the expected
stream of bytes being returned where each byte in the result gets
the index of the array - hence a 4 byte array returns 0x00010203.
2016-05-20 09:36:28 -04:00