Commit Graph

29905 Commits

Author SHA1 Message Date
Roland Schulz
74e7c79066 Add NUMA support to virshAllocpagesPagesizeCompleter.
Signed-off-by: Roland Schulz <schullzroll@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-05-22 15:32:10 +02:00
Daniel P. Berrangé
9267342206 cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
Some AMD processors only support a non-architectural means of
enabling Speculative Store Bypass Disable. To allow simplified
handling in virtual environments, hypervisors will expose an
architectural definition through CPUID bit 0x80000008_EBX[25].
This needs to be exposed to guest OS running on AMD x86 hosts to
allow them to protect against CVE-2018-3639.

Note that since this CPUID bit won't be present in the host CPUID
results on physical hosts, it will not be enabled automatically
in guests configured with "host-model" CPU unless using QEMU
version >= 2.9.0. Thus for older versions of QEMU, this feature
must be manually enabled using policy=force. Guests using the
"host-passthrough" CPU mode do not need special handling.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2018-05-22 13:13:27 +02:00
Daniel P. Berrangé
1dbca2ecca cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2018-05-22 13:13:26 +02:00
Martin Kletzander
08e190fdda tools: Tiny clean-ups for two functions in virsh-completer.c
These two functions were duplicating some cleanup paths, so let's just merge
both cleanup and error paths together.  To distinguish whether we need to
clean-up the return value let's keep it in @tmp until the function is successful
in which case we set @ret to the value of @tmp and set @tmp to NULL.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-05-21 15:18:40 +02:00
Martin Kletzander
9e1a808e91 travis: Print test log file from distcheck as well
Since we started using `make distcheck` in travis, the part that's printing the
tests/test-suite.log file is rather pointless.  Let's check for both known
locations (keeping the previous one there on purpose) so that the output is
usable again.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-21 15:17:14 +02:00
Roland Schulz
3b90c3c463 Add virshAllocpagesPagesizeCompleter
Returns list of host page sizes from capabilities XML.

Signed-off-by: Roland Schulz <schullzroll@gmail.com>
2018-05-21 14:56:19 +02:00
Daniel P. Berrangé
47a1ca6e2c qemu: clarify message about block peek format restriction
Include the actual disk format in the error message to help the user see
what is wrong.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-21 11:30:52 +01:00
Daniel P. Berrangé
bb57a6a6bc qemu: include kernel version in QEMU log file
We currently print the libvirt and qemu version strings into the
per-guest logfile. It would be useful to know what kernel is running
too, so add that.

Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Tested-by: Kashyap Chamarthy <kchamart@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-21 10:32:52 +01:00
Jiri Denemark
b6dddb5408 spec: Fix build without QEMU
libvirt_qemu_probes.stp is only generated when QEMU driver is enabled.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2018-05-21 10:33:39 +02:00
Ján Tomko
e565b9cd0c Remove type_sep parameter from qemuBuildHostNetStr
The last caller not passing a comma was removed by:
commit ad8a7c4f85
Author:     Ján Tomko <jtomko@redhat.com>
CommitDate: 2018-04-12 17:17:16 +0200

    qemu: deprecate QEMU_CAPS_NETDEV

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-05-21 09:35:32 +02:00
Peter Krempa
d3f4fc8684 qemu: command: Remove qemuBuildHasMasterKey
The thin wrapper is not necessary.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-05-18 09:00:05 +02:00
Peter Krempa
50192e990f qemu: command: Fix formatting of TLS backend properties
The JSON property generator should not escape commas as we do on the
command line. The JSON->commandline generator already does that.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-05-18 09:00:01 +02:00
Peter Krempa
82ca8ad6c1 tests: qemuxml2argv: Test TLS certificate path containing a comma
We have to escape commas when formatting them on the command line. Add a
test case of a TLS path containing a comma.

Note that the output is wrong, this test case is to prove there's a bug.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-05-18 08:59:57 +02:00
Peter Krempa
8f50120693 qemu: command: Optimize formatting of 'passwordid' in qemuBuildTLSx509BackendProps
Use the 'S' modifier for create the field optionally rather than calling
another JSON formatter function.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2018-05-18 08:59:45 +02:00
Michal Privoznik
9a33776715 qemu: Implement multiple screen support for virDomainScreenshot
According to virDomainScreenshot() documentation, screens are
numbered sequentially.  e.g. having two graphics cards, both with
four heads, screen ID 5 addresses the second head on the second
card.

But apart from that, there's nothing special happening here.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-05-17 17:13:11 +02:00
Michal Privoznik
04dcc6e0e0 qemu: Introduce QEMU_CAPS_SCREENDUMP_DEVICE
As of v2.12.0-rc0~32^2 QEMU is capable specifying which display
device and head should the screendump be taken from. Track this
capability so that we can use it later in our virDomainScreenshot
API.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-05-17 17:06:31 +02:00
Lin Ma
27e97d5c17 virsh: Add target name completion for block device options
Signed-off-by: Lin Ma <lma@suse.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-05-17 17:06:11 +02:00
Lin Ma
14dd3b63e9 virsh: Introduce virshDomainDiskTargetCompleter
Signed-off-by: Lin Ma <lma@suse.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-05-17 17:06:11 +02:00
Lin Ma
78809398df virsh-network: Add network name completion to 'net-uuid' command
Signed-off-by: Lin Ma <lma@suse.com>
2018-05-17 17:06:11 +02:00
Lin Ma
c5a9e6a9ac virsh-network: Add macro VIRSH_COMMON_OPT_NETWORK_FULL
Signed-off-by: Lin Ma <lma@suse.com>
2018-05-17 17:06:11 +02:00
Lin Ma
27631eac7a virsh-network: Add network name completion to 'net-event' command
Signed-off-by: Lin Ma <lma@suse.com>
2018-05-17 17:06:11 +02:00
Lin Ma
de97d5600c virsh-network: Create macros for VSH_OT_STRING "network" option
Signed-off-by: Lin Ma <lma@suse.com>
2018-05-17 17:06:11 +02:00
Lin Ma
a4bbd30400 virsh: Only return active domain names for block* command
Signed-off-by: Lin Ma <lma@suse.com>
2018-05-17 17:06:11 +02:00
Lin Ma
84d660607d virsh: Only return active domain names for 'reset' command
Signed-off-by: Lin Ma <lma@suse.com>
2018-05-17 17:06:11 +02:00
Lin Ma
7c07067c1d virsh: Remove 'id' text from help message for 'domrename' command
The inactive domains don't have any ID identifier, So adjust the help
message.

Signed-off-by: Lin Ma <lma@suse.com>
2018-05-17 17:06:11 +02:00
Martin Kletzander
96e947fd65 docs: Fix copy-paste error in formatdomaincaps
Reported-instead-of-fixing-immediately-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2018-05-17 15:27:38 +02:00
Nikolay Shirokovskiy
a62bb9bee2 qemu: erase synchronous block job cancel mentions in comments
Commit [1] dropped support for synchronous block job cancel.
This patch erases remnants from comments.

[1] commit 2350d101 "qemu: Remove support for legacy block jobs"

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-05-17 14:04:33 +03:00
Shalini Chellathurai Saroja
c6e605dc0e tests: Update caps for QEMU 2.12.0 on s390x
Let us update the existing xml and replies files for QEMU 2.12.0 on
s390x.

Used a z14 using a QEMU 2.12 GA build and the following sequence:

  tests/qemucapsprobe /usr/bin/qemu-system-s390x > \
         tests/qemucapabilitiesdata/caps_2.12.0.s390x.replies

  VIR_TEST_REGENERATE_OUTPUT=1 tests/qemucapabilitiestest
  VIR_TEST_REGENERATE_OUTPUT=1 tests/domaincapstest

Signed-off-by: Shalini Chellathurai Saroja <shalini@linux.vnet.ibm.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
2018-05-16 14:19:57 -04:00
Daniel P. Berrangé
8fe30b2167 log: actually do substring matches with fnmatch
Historically we matched log filters with strstr(), and when switching to
fnmatch in cbb0fd3cfd, it was stated that
we would continue to match substrings, with "foo" being equivalent to
"*foo*". Unfortuntely I forget to provide the code to actually make that
happen. This fixes it to prepend and append "*". We don't bother to
check if the pattern already has a leading/trailing '*', because
"**foo**" will match the same as "*foo*".

Reviewed-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-05-16 17:48:17 +01:00
Ján Tomko
fe8a06798d Remove check for gnutls/crypto.h
Assume its presence for gnutls >= 3.2.

Check introduced by <commit 7d21d6b>.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
504b4f2669 Fix indentation in virCryptoHaveCipher
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
fbb07a757b Remove explicit check for gnutls_cipher_encrypt
Introduced in gnutls 2.10, and we assume >= 3.2.

Commit 1ce9c08a added this check.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
ac9ad77303 Remove explicit check for gnutls_rnd
Introduced in gnutls 2.12, but we require gnutls >= 3.2
Check added by commit <2d23d14>.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
279a27d4aa Deprecate GNUTLS_GCRYPT
Now that we assume GnuTLS >= 3.0, we can ditch gcrypt support.
Introduced by <commit 6094b1f>.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
eee8c852e0 Require GnuTLS >= 3.2.0
Ubuntu 14.04 which is not targetted as a supported platform [0]
already has 3.2.11

[0] https://libvirt.org/platforms.html

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
698af20af2 Skip vircryptotest and virfilecachetest without gnutls
Fix make check without gnutls.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
c25fbbec68 virCryptoHashBuf: return the length of the hash in bytes
virCryptoHashString also needs to know the size of the returned hash.
Return it if the hash conversion succeeded so the caller does not need
to access the hashinfo array.

This should make virCryptoHashString build without gnutls.
Also fixes the missing return value for the virCryptoHashBuf stub.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Suggested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2018-05-16 10:40:40 +02:00
Michal Privoznik
ed11d1662d virDomainMemoryDefParseXML: Don't leak discard
==1589== 7 bytes in 2 blocks are definitely lost in loss record 34 of 261
==1589==    at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
==1589==    by 0x8A82794: xmlStrndup (in /usr/lib64/libxml2.so.2.9.8)
==1589==    by 0x5DD8392: virXMLPropString (virxml.c:510)
==1589==    by 0x5E12427: virDomainMemoryDefParseXML (domain_conf.c:15704)
==1589==    by 0x5E207DE: virDomainDefParseXML (domain_conf.c:20351)
==1589==    by 0x5E2184F: virDomainDefParseNode (domain_conf.c:20636)
==1589==    by 0x5E216A1: virDomainDefParse (domain_conf.c:20580)
==1589==    by 0x5E21747: virDomainDefParseFile (domain_conf.c:20606)
==1589==    by 0x112F5F: testCompareXMLToArgv (qemuxml2argvtest.c:493)
==1589==    by 0x138780: virTestRun (testutils.c:180)
==1589==    by 0x117129: mymain (qemuxml2argvtest.c:937)
==1589==    by 0x13A83C: virTestMain (testutils.c:1120)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
2018-05-16 07:50:51 +02:00
Peter Krempa
9b3cbd33a7 qemu: hotplug: Replace qemuDomainDiskNeedRemovePR
The function can be replaced by much simpler logic.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:29 +02:00
Peter Krempa
8bebb2b735 util: storage: Store PR manager alias in the definition
Rather than always re-generating the alias store it in the definition
and in the status XML.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:29 +02:00
Peter Krempa
26c72a76dc conf: domain: Add helper to check whether a domain def requires use of PR
Extract the lookup code so that it can be reused later.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:29 +02:00
Peter Krempa
b4f113ee44 qemu: command: Move check whether PR manager object props need to be built
Move it out of the format function and let the caller decide this.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:29 +02:00
Peter Krempa
8f7c25ae39 qemu: process: Change semantics of functions starting PR daemon
Libvirt only manages one PR daemon. This means that we don't need to
pass the 'disk' object and also rename the functions dealing with this
so that it's obvious we only deal with the managed PR daemon.

Signed-off-by: Peter Krempa <pkrempa@redhat st.com>
2018-05-16 06:32:29 +02:00
Peter Krempa
b571e7bad0 qemu: Assign managed PR path when preparing storage source
Rather than always checking which path to use pre-assign it when
preparing storage source.

This reduces the need to pass 'vm' around too much. For later use the
path can be retrieved from the status XML.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:28 +02:00
Peter Krempa
e31f490458 util: storage: Allow passing <source> also for managed PR case
To allow storing status information in the XML move the validation that
the 'path' is not valid for managed PR daemon case into
qemuDomainValidateStorageSource and allow parsing of the data even in
case when managed='yes'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:28 +02:00
Peter Krempa
900fc66121 util: storage: Drop virStoragePRDefIsEnabled
The function now does not do anything useful. Replace it by the pointer
check.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:28 +02:00
Peter Krempa
e72b3f0bbe util: storage: Drop pointless 'enabled' form PR definition
Everything can be disabled by not using the parent element. There's no
need to store this explicitly. Additionally it does not add any value
since any configuration is dropped if enabled='no' is configured.

Drop the attribute and adjust the code accordingly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:28 +02:00
Peter Krempa
1efda36765 qemu: Move validation of PR manager support
Disk source definition should be validated in
qemuDomainValidateStorageSource rather than in individual generators of
command line arguments.

Change to the XML2XML test is required since now the definition is
actually validated at define time.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:28 +02:00
Peter Krempa
64e3ae0d51 qemu: command: Fix comment for qemuBuildPRManagerInfoProps
The comment did not accurately describe the arguments.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:28 +02:00
Peter Krempa
b5aec60cc4 qemu: alias: Allow passing alias of parent when generating PR manager alias
For use with blockdev the PR manager will be bound to a virStorageSource
rather than a virDomainDiskDef, so we will need to use the correct
alias.

Allow passing a string rather than the whole disk.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2018-05-16 06:32:28 +02:00