Commit Graph

6581 Commits

Author SHA1 Message Date
John Ferlan
5c09486c1e qemu: Introduce qemuDomainPrepareDiskSource
Introduce a function to setup any TLS needs for a disk source.

If there's a configuration or other error setting up the disk source
for TLS, then cause the domain startup to fail.

For VxHS, follow the chardevTLS model where if the src->haveTLS hasn't
been configured, then take the system/global cfg->haveTLS setting for
the storage source *and* mark that we've done so via the tlsFromConfig
setting in storage source.

Next, if we are using TLS, then generate an alias into a virStorageSource
'tlsAlias' field that will be used to create the TLS object and added to
the disk object in order to link the two together for QEMU.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2017-09-28 09:45:14 -04:00
Ashish Mittal
bd6fdcd806 conf: Introduce TLS options for VxHS block device clients
Add a new TLS X.509 certificate type - "vxhs". This will handle the
creation of a TLS certificate capability for properly configured
VxHS network block device clients.

The following describes the behavior of TLS for VxHS block device:

  (1) Two new options have been added in /etc/libvirt/qemu.conf
      to control TLS behavior with VxHS block devices
      "vxhs_tls" and "vxhs_tls_x509_cert_dir".
  (2) Setting "vxhs_tls=1" in /etc/libvirt/qemu.conf will enable
      TLS for VxHS block devices.
  (3) "vxhs_tls_x509_cert_dir" can be set to the full path where the
      TLS CA certificate and the client certificate and keys are saved.
      If this value is missing, the "default_tls_x509_cert_dir" will be
      used instead. If the environment is not configured properly the
      authentication to the VxHS server will fail.

Signed-off-by: Ashish Mittal <Ashish.Mittal@veritas.com>
Signed-off-by: John Ferlan <jferlan@redhat.com>
2017-09-28 09:45:14 -04:00
Peter Krempa
3685e2dd64 qemu: domain: Extract common clearing of VM private data
VM private data is cleared when the VM is turned off and also when the
VM object is being freed. Some of the clearing code was duplicated.
Extract it to a separate function.

This also removes the now unnecessary function
qemuDomainClearPrivatePaths.
2017-09-27 17:02:02 +02:00
Ján Tomko
955caf171c qemu: fix hotplug of udp device with no connect host
Use an empty string to let qemu fill out the default.
This matches what's done in qemuBuildChrChardevStr.

https://bugzilla.redhat.com/show_bug.cgi?id=1454671

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2017-09-27 12:38:27 +02:00
Peter Krempa
4b480d1076 qemu: process: Refresh data from qemu monitor after migration
Some values we read from the qemu monitor may be changed with the actual
state by the incoming migration. This means that we should refresh
certain things only after the migration has finished.

This is mostly visible in the cdrom tray state, which is by default
closed but may be opened by the guest OS. This would be refreshed before
qemu transferred the actual state and thus libvirt would think that the
tray is closed.

Note that this patch moves only a few obvious query commands. Others may
be moved later after individual assessment.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1463168
2017-09-27 09:09:14 +02:00
Peter Krempa
cf30a8cabd qemu: hotplug: Ignore cgroup errors when hot-unplugging vcpus
When the vcpu is successfully removed libvirt would remove the cgroup.
In cases when removal of the cgroup fails libvirt would report an error.

This does not make much sense, since the vcpu was removed and we can't
really do anything with the cgroup. This patch silences the errors from
cgroup removal.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1462092
2017-09-27 08:51:45 +02:00
Ján Tomko
01f86fb301 qemu: adjust indentation of qemuDomainObjPrivateXMLFormatAutomaticPlacement
Commit 6801da94 fixed the typo in the function name, but forgot
to adjust the indentation level of the next line.
2017-09-26 17:10:51 +02:00
Peter Krempa
6801da940e qemu: domain: Fix typo in qemuDomainObjPtrivateXMLFormatAutomaticPlacement 2017-09-26 16:38:04 +02:00
Peter Krempa
93575f3451 qemu: block: Use correct alias when extracting disk node names
The alias recorded in disk->info.alias is the alias for the frontend
device but we are interested in the backend drive. This messed up the
disk node name extraction code as qemu reports the drive alias in the
block query commands. This was broken in the node name detector
refactoring done in commit 0175dc6ea0

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1494327
2017-09-25 14:38:15 +02:00
Peter Krempa
8b2fd3b148 qemu: block: Don't lookup node names if they are already known
Move the check that skips node name detection if they are already
present earlier so that the hash table lookup is skipped.
2017-09-25 14:38:15 +02:00
Daniel P. Berrange
32d6c7386d Print hex values with '0x' prefix and octal with '0' in debug messages
Seeing a log message saying 'flags=93' is ambiguous & confusing unless
you happen to know that libvirt always prints flags as hex.  Change our
debug messages so that they always add a '0x' prefix when printing flags,
and '0' prefix when printing mode. A few other misc places gain a '0x'
prefix in error messages too.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-09-25 13:34:53 +01:00
Peter Krempa
a5852db182 qemu: capabilities: Remove support for downstream-only QMP monitor backport
Some distros (see diff) chose to backport QMP support rather than rebase
to newer version of qemu. As a hack they added the string 'libvirt' to
the qemu -help output. Remove this as downstream-only hacks should be
carried by downstream and not litter upstream.

This effectively reverts commit ff88cd5905
2017-09-22 14:28:26 +02:00
Jiri Denemark
369199d1a9 qemu: Use qemuDomainDefFormatXML in qemuDomainDefCopy
Because qemuDomainDefCopy needs a string representation of a domain
definition, there's no reason for calling the lower level
qemuDomainDefFormatBuf API.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-22 14:02:59 +02:00
Jiri Denemark
5c4fc07d1a qemu: Fix error checking in qemuDomainDefFormatXMLInternal
virDomainDefFormatInternal (called by qemuDomainDefFormatXMLInternal)
already checks for buffer errors and properly resets the buffer on
failure.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-22 14:02:59 +02:00
John Ferlan
2dd024754e util: Move virSecretUsageType to virsecret.h
Move the virSecretUsageType into the util.
2017-09-21 15:46:48 -04:00
Ashish Mittal
a74a16320b qemu: Avoid a possible NULL pointer deref in qemuDomainGetTLSObjects
Passing a NULL value for the argument secAlias to the function
qemuDomainGetTLSObjects would cause a segmentation fault in
libvirtd.

Changed code to check before dereferencing a NULL secAlias.

Signed-off-by: Ashish Mittal <ashmit602@gmail.com>
2017-09-21 15:42:47 -04:00
Michal Privoznik
92524d3e6e qemu: Introduce a wrapper over virFileWrapperFdClose
https://bugzilla.redhat.com/show_bug.cgi?id=1448268

When migrating to a file (e.g. when doing 'virsh save file'),
couple of things are happening in the thread that is executing
the API:

1) the domain obj is locked
2) iohelper is spawned as a separate process to handle all I/O
3) the thread waits for iohelper to finish
4) the domain obj is unlocked

Now, the problem is that while the thread waits in step 3 for
iohelper to finish this may take ages because iohelper calls
fdatasync(). And unfortunately, we are waiting the whole time
with the domain locked. So if another thread wants to jump in and
say copy the domain name ('virsh list' for instance), they are
stuck.

The solution is to unlock the domain whenever waiting for I/O and
lock it back again when it finished.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2017-09-21 17:21:39 +02:00
John Ferlan
ed2a741e48 qemu: Be more selective when determining cdrom for taint messaging
https://bugzilla.redhat.com/show_bug.cgi?id=1471225

Commit id '99a2d6af2' was a bit too aggressive with determining whether
the provided path was a "physical" cd-rom in order to generate a taint
message due to the possibility of some guest and host trying to control
the tray. For cd-rom guest devices backed to some VIR_STORAGE_TYPE_FILE
storage, this wouldn't be a problem and as such it shouldn't be a problem
for guest devices using some sort of block device on the host such as
iSCSI, LVM, or a Disk pool would present.

So before issuing a taint message, let's check if the provided path of
the VIR_STORAGE_TYPE_BLOCK backed device is a "known" physical cdrom name
by comparing the beginning of the path w/ "/dev/cdrom" and "/dev/sr".
Also since it's possible the provided path could resolve to some /dev/srN
device, let's get that path as well and perform the same check.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2017-09-21 10:22:34 -04:00
Michal Privoznik
57d8afcf75 qemuBuildHostNetStr: Don't leak @addr
The virSocketAddrFormat() allocates the string and it's caller
responsibility to free it afterwards.

==28857== 11 bytes in 1 blocks are definitely lost in loss record 37 of 168
==28857==    at 0x4C2BEDF: malloc (vg_replace_malloc.c:299)
==28857==    by 0x9A81D79: strdup (in /lib64/libc-2.23.so)
==28857==    by 0x5DA3BF0: virStrdup (virstring.c:902)
==28857==    by 0x5D96182: virSocketAddrFormatFull (virsocketaddr.c:427)
==28857==    by 0x5D95E13: virSocketAddrFormat (virsocketaddr.c:352)
==28857==    by 0x5706890: qemuBuildHostNetStr (qemu_command.c:3891)
==28857==    by 0x57138D3: qemuBuildInterfaceCommandLine (qemu_command.c:8597)
==28857==    by 0x5713D6A: qemuBuildNetCommandLine (qemu_command.c:8699)
==28857==    by 0x57176F6: qemuBuildCommandLine (qemu_command.c:10027)
==28857==    by 0x5769D61: qemuProcessCreatePretendCmd (qemu_process.c:6004)
==28857==    by 0x4056EC: testCompareXMLToArgv (qemuxml2argvtest.c:502)
==28857==    by 0x41DF40: virTestRun (testutils.c:180)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2017-09-21 16:07:09 +02:00
Jiri Denemark
06f75ff2cb qemu: Don't update CPU when formatting live def
Since commit v2.2.0-199-g7ce711a30e libvirt stores an updated guest CPU
in domain's live definition and there's no need to update it every time
we want to format the definition. The commit itself tried to address
this in qemuDomainFormatXML, but forgot to fix qemuDomainDefFormatLive.
Not to mention that masking a previously set flag is only acceptable if
the flag was set by a public API user. Internally, libvirt should have
never set the flag in the first place.

https://bugzilla.redhat.com/show_bug.cgi?id=1485022

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-21 15:27:39 +02:00
Jiri Denemark
7e874326a3 qemu: Use correct host model for updating guest cpu
When a user requested a domain XML description with
VIR_DOMAIN_XML_UPDATE_CPU flag, libvirt would use the host CPU
definition from host capabilities rather than the one which will
actually be used once the domain is started.

https://bugzilla.redhat.com/show_bug.cgi?id=1481309

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-21 15:27:39 +02:00
Jiri Denemark
4fd179f518 cpu_conf: Drop updateCPU from virCPUDefFormat
In the past we updated host-model CPUs with host CPU data by adding a
model and features, but keeping the host-model mode. And since the CPU
model is not normally formatted for host-model CPU defs, we had to pass
the updateCPU flag to the formatting code to be able to properly output
updated host-model CPUs. Libvirt doesn't do this anymore, host-model
CPUs are turned into custom mode CPUs once updated with host CPU data
and thus there's no reason for keeping the hacks inside CPU XML
formatters.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-21 15:23:39 +02:00
Pino Toscano
cf4acafe8b qemu: reject parallel ports for pseries machines
They are simply not supported on that machine type.

Partially-resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1487499

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
2017-09-21 13:05:14 +02:00
Pino Toscano
02b1908de6 qemu: reject parallel ports for s390 archs
They are simply not supported on those architectures.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1487499

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
2017-09-21 13:05:14 +02:00
Pino Toscano
2c79a2b26c qemu: pass the virDomainDef to qemuDomainChrDefValidate
This will be used to improve the validation for this type of devices.

The former @def parameter is renamed to @dev, leaving @def for the
virDomainDef (following the style used elsewhere).

Signed-off-by: Pino Toscano <ptoscano@redhat.com>
2017-09-21 13:05:14 +02:00
ZhiPeng Lu
0dde16be73 qemu: handle reconnect on chardev hotplug
The patch passes the reconnect timeout to QEMU by monitor on
chardev hotplug.

Signed-off-by: ZhiPeng Lu <lu.zhipeng@zte.com.cn>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-09-20 11:09:00 +02:00
Ashish Mittal
dbd98380b9 qemu: Add qemu command line generation for a VxHS block device
The VxHS block device will only use the newer formatting options and
avoid the legacy URI syntax.

An excerpt for a sample QEMU command line is:

  -drive file.driver=vxhs,file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,\
   file.server.type=tcp,file.server.host=192.168.0.1,\
   file.server.port=9999,format=raw,if=none,id=drive-virtio-disk0,cache=none \
  -device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
   id=virtio-disk0

Update qemuxml2argvtest with a simple test.

Signed-off-by: Ashish Mittal <Ashish.Mittal@veritas.com>
Signed-off-by: John Ferlan <jferlan@redhat.com>
2017-09-19 21:10:21 -04:00
Ashish Mittal
8b5e76e913 qemu: Refactor qemuBlockStorageSourceBuildHostsJSONSocketAddress
Extract out the "guts" of building a server entry into it's own
separately callable/usable function in order to allow building
a server entry for a consumer with src->nhosts == 1.
2017-09-19 21:10:21 -04:00
Ashish Mittal
029c36c981 storage: Introduce VIR_STORAGE_NET_PROTOCOL_VXHS
Add a new virStorageNetProtocol for Veritas HyperScale (VxHS) disks

Signed-off-by: Ashish Mittal <Ashish.Mittal@veritas.com>
Signed-off-by: John Ferlan <jferlan@redhat.com>
2017-09-19 21:10:21 -04:00
John Ferlan
fa6159dd15 qemu: Detect support for vxhs
Using the query-qmp-schema introspection - look for the 'vxhs'
blockdevOptions type.

NB: This is a "best effort" type situation as there is not a
    mechanism to determine whether the running QEMU has been
    built with '--enable-vxhs'. All we can do is check if the
    option to use vxhs for a blockdev-add exists in the command
    infrastructure which does not take that into account when
    building its table of commands and options.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2017-09-19 21:10:21 -04:00
Peter Krempa
8de85386db qemu: blockPeek: Enforce buffer filling
Documentation states:

"'offset' and 'size' represent an area which must lie entirely within
the device or file." Enforce the that the buffer lies within fully.
2017-09-19 17:26:48 +02:00
Peter Krempa
f767d53dbe qemu: blockPeek: Fix filling of the return buffer
Commit 3956af495e broke the blockPeek API since virStorageFileRead
allocates a return buffer and fills it with the data, while the API
fills a user-provided buffer. This did not get caught by the compiler
since the API prototype uses a 'void *'.

Fix it by transferring the data from the allocated buffer to the user
provided buffer.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1491217
2017-09-19 17:26:48 +02:00
Michal Privoznik
8406769642 qemu: Mark graphics ports used on reconnect
I don't want to mask the real problem, but one can advocate
that we should be marking graphics ports as already in use on
qemuProcessReconnect anyway, because we already know that they
are taken.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-09-19 15:40:54 +02:00
Michal Privoznik
8703813aae qemu: Implement usernet address
https://bugzilla.redhat.com/show_bug.cgi?id=1075520

Apart from generic checks, we need to constrain netmask/prefix
length a bit. Thing is, with current implementation QEMU needs to
be able to 'assign' some IP addresses to the virtual network. For
instance, the default gateway is at x.x.x.2, dns is at x.x.x.3,
the default DHCP range is x.x.x.15-x.x.x.30. Since we don't
expose these settings yet, it's safer to require shorter prefix
to have room for the defaults.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: laine@laine.org
2017-09-18 13:54:27 +02:00
Michal Privoznik
d1dbb30782 conf: Allow usernet to have an address
https://bugzilla.redhat.com/show_bug.cgi?id=1075520

Currently, all that users can specify for an interface type of
'user' is the common attributes: PCI address, NIC model (and
that's basically it). However, some need to configure other
address range than the default one.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: laine@laine.org
2017-09-18 13:54:27 +02:00
Jiri Denemark
3f0193f7e5 qemu: Validate guest CPU features before starting a domain
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-18 10:40:12 +02:00
Jiri Denemark
2ba32a86dd qemu: Filter CPU features returned by qemuConnectBaselineCPU
The host CPU definitions reported in the capabilities XML may contain
CPU features unknown to QEMU, but the result of virConnectBaselineCPU is
supposed to be directly usable as a guest CPU definition and thus it
should only contain features QEMU knows about.

https://bugzilla.redhat.com/show_bug.cgi?id=1450317

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-18 10:40:12 +02:00
Jiri Denemark
399f91694f qemu: Publish virQEMUCapsCPUFilterFeatures
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-18 10:40:12 +02:00
Jiri Denemark
b0b5c9c620 qemu: Pass virArch * to virQEMUCapsCPUFilterFeatures
The filter only needs to know the CPU architecture. Passing
virQEMUCapsPtr as opaque is a bit overkill.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-18 10:40:12 +02:00
Jiri Denemark
abec725ab1 cpu: Drop cpuBaselineXML
The implementation of virConnectBaselineCPU may be different for each
hypervisor. Thus it shouldn't really be implmented in the cpu code.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2017-09-18 10:40:12 +02:00
John Ferlan
1f8528c2b8 qemu: Fix return check on virHashAddEntry call
Luckily it only returns 0 or -1
2017-09-15 08:34:57 -04:00
Peter Krempa
a823d0a62e qemu: Restore errors when rolling back disk image state
Some operations done to rollback disk image labelling and locking might
overwrite (or clear) the actual error. Remember the original error when
tearing down disk access so that it's not obscured.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1461301
2017-09-15 05:28:21 +02:00
Peter Krempa
6f18150f7b qemu: hotplug: Use new helpers for storing libvirt errors
The helpers allow to simplify restoring original errors in most cases.
2017-09-15 05:28:21 +02:00
Peter Krempa
1666d10793 qemu: caps: Deprecate QEMU_CAPS_BLOCKJOB_SYNC
Interestingly, none of the qemus we have caps for supported it ...

Reviewed-by: Eric Blake <eblake@redhat.com>
2017-09-14 10:03:47 +02:00
Peter Krempa
771a38609d qemu: monitor: Remove support for "legacy" block jobs
Drop all the monitor code necessary to do the downstream block jobs.

Reviewed-by: Eric Blake <eblake@redhat.com>
2017-09-14 10:03:38 +02:00
Peter Krempa
2350d10149 qemu: Remove support for legacy block jobs
Block job QMP commands with underscores rather than dashes were never
released in upstream qemu, (they were added, but modified in the same
release [1]), but a certain distro managed to backport the version in the
middle.

The change also slightly modified semantics for the abort command, which
made us have a lot of code which was only ever present in certain
downstream distros.

Clean the upstream code from the legacy cruft and support only the
upstream implementations.

[1] See qemu commit v1.0-2176-gdb58f9c060

Reviewed-by: Eric Blake <eblake@redhat.com>
2017-09-14 10:03:25 +02:00
John Ferlan
23706c1708 qemu: Clean up qemuDomainSecretPrepare
No need to pass a @driver parameter since all that's done is deref
the @cfg especially since the only caller can just pass an already
referenced @cfg.

Also, looks like commit id '0298531b' at one time had a different
name for the API, so I took the liberty of fixing the comments too
since I would already be updating them for the @cfg variable.
2017-09-13 06:22:52 -04:00
Cole Robinson
321031e482 security: add MANAGER_MOUNT_NAMESPACE flag
The VIR_SECURITY_MANAGER_MOUNT_NAMESPACE flag informs the DAC driver
if mount namespaces are in use for the VM. Will be used for future
changes.

Wire it up in the qemu driver
2017-09-12 12:27:42 -04:00
Peter Krempa
4fc3051258 qemu: blockcopy: Probe image format only with VIR_DOMAIN_BLOCK_COPY_REUSE_EXT
Commit 703abf1d7 changed the logic so that we don't attempt to re-create
the image if it's a block device. This was done by modifying the
'reuse' variable. Unfortunately after modifying it one of the uses was
to infer whether we should probe the disk format. After changes in the
commit mentioned above we would attempt the probe if the target of the
copy is a block device and the format was not provided explicitly rather
than using the format of the disk.

Fix it by explicitly checking whether the user requested a reuse of the
disk rather than the modified boolean flag.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1490826
2017-09-12 16:03:56 +02:00
Michal Privoznik
607a00d170 qemu: cold-unplug of watchdog
https://bugzilla.redhat.com/show_bug.cgi?id=1447169

Again, no special here.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2017-09-12 15:59:38 +02:00