Commit Graph

27347 Commits

Author SHA1 Message Date
Michal Privoznik
6c0af6be64 virNetDevOpenvswitchConstructVlans: return void
This function returns nothing else than zero. Make it void.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-13 13:14:29 +02:00
Michal Privoznik
27761b17fc virNetDevOpenvswitchConstructVlans: Bring @i into the block where it's used
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-13 13:14:29 +02:00
Michal Privoznik
6752a3ec7a virNetDevOpenvswitchConstructVlans: Use g_auto() for virBuffer
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-13 13:14:29 +02:00
Ján Tomko
9c58b6eb00 qemu: reject readonly attribute for virtiofs
This is not yet supported by virtiofsd.

Fixes #23 a.k.a. https://gitlab.com/libvirt/libvirt/-/issues/23

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-05-13 12:35:03 +02:00
Yan Wang
132d6eb9ba util: virnetdevopenvswitch: Delete unused code
It was never used since commit 57b5e27d3d introduced it.

Signed-off-by: Yan Wang <wangyan122@huawei.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-05-13 11:32:37 +02:00
Chris Jester-Young
363c9865ae qemu: pvscsi: Add support for vmpvscsi controller model
Availability of the vmpvscsi controller model is gated by the pvscsi
capability.

Signed-off-by: Chris Jester-Young <cky@cky.nz>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-05-13 09:30:20 +02:00
Chris Jester-Young
1ca9b8ff9d qemu: pvscsi: Add capability
This capability flags support for `-device pvscsi`, which provides the
VMware paravirtual SCSI controller.

Signed-off-by: Chris Jester-Young <cky@cky.nz>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-05-13 09:30:20 +02:00
Peter Krempa
65a12c467c qemu: blockcopy: Allow copy of read-only disks with -blockdev
'blockdev-mirror' requires the write permission internally to do the
copy. This means that we have to force the image to be read-write for
the duration of the copy and can fix it after the copy is done.

https://bugzilla.redhat.com/show_bug.cgi?id=1832204

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-05-12 06:56:09 +02:00
Peter Krempa
fe574ea1f5 qemu: snapshot: Allow snapshots of read-only disks when we can create them
With -blockdev or when reusing externally created images and thus
without the need for formatting the image we actually can support
snapshots of read-only disks. Arguably it's not very useful so they are
not done by default but users of libvirt such as oVirt are actually
using this.

https://bugzilla.redhat.com/show_bug.cgi?id=1832204

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-05-12 06:56:09 +02:00
Peter Krempa
10d6278279 qemuBlockStorageSourceCreateFormat: Force write access when formatting images
We need qemu to be able to write the newly created images so that it can
format them to the specified storage format.

Force write access by relabelling the images when formatting.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-05-12 06:56:09 +02:00
Peter Krempa
20939b037c storage_file: create: Create new images with write permission bit
The 'Create' API of the two storage file backends is used only on
code-paths where we need to format the image after creating an empty
file. Since the DAC security driver only modifies the owner of the file
and not the mode we need to create all files which are going to be
formatted with the write bit set for the user.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-05-12 06:56:09 +02:00
Peter Krempa
fe12fb4132 conf: Store 'diskElementAuth' and 'diskElementEnc' properties in status XML
Remember the preferred placement of <auth> and <encryption> for a disk
source across libvirtd restarts.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
6bde2a1e20 conf: Sanitize handling of <auth> and <encryption> placement for disks
Modern way to store <auth> and <encryption> of a <disk> is under
<source>. This was added to mirror how <backingStore> handles these and
in fact they are relevant to the source rather than to any other part of
the disk. Historically we allowed them to be directly under <disk> and
we need to keep compatibility.

This wasn't a problem until introduction of -blockdev in qemu using of
<auth> or <encryption> plainly wouldn't work with backing chains.

Now that it works in backing chains and can be moved back and forth
using snapshots/block-commit we need to ensure that the original
placement is properly kept even if the source changes.

To achieve the above semantics we need to store the preferred placement
with the disk definition rather than the storage source definitions and
also ensure that the modern way is chosen when the VM started with
<source/encryption> only in the backing store.

https://bugzilla.redhat.com/show_bug.cgi?id=1822878

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
5d72c3ce28 qemu: domain: Forbid slice/encryption/copy_on_read with disk type='lun'
Any non-raw block layer feature will not work with raw SCSI command
passthrough via 'scsi-block'. Explicitly refuse use of luks encryption,
storage slices and copy on read.

https://bugzilla.redhat.com/show_bug.cgi?id=1820040

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
b40ec75296 qemu: Forbid non-raw images for disk type='lun' with vitio-blk frontend
Historically the virtio-blk frontend by default enabled SCSI emulation
and tried to do SCSI command passthrough. As this was enabled by default
there's a fallback mechanism in place in cases when the backend doesn't
support SCSI for any reason.

This is not the case when disk type=lun is used with 'scsi-block' via
'virtio-scsi'.

We did not restrict configurations when the user picks 'qcow2' or any
other format as format of the disk, in which case the emulation is
disabled as such configuration doesn't make sense.

This patch unifies the approach so that 'raw' is required both when used
via 'virtio-blk' and 'virtio-scsi' so that the user is presented with
the expected configuration. Note that use of <disk type='lun'> is
already very restrictive as it requires a block device or iSCSI storage.

Additionally the scsi emulation is now deprecated by qemu with
virtio-blk as it conflicts with virtio-1 and the alternative is to use
'virtio-scsi' which performs better and is along for a very long time.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
ec69f0190b qemu: command: Stop formatting of 'scsi=off' for virtio-blk-pci
The property was deprecated. Don't format it based on the new capability
if the user didn't explicitly request it.

https://bugzilla.redhat.com/show_bug.cgi?id=1829550

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
3b7ca6d419 qemu: capabilities: Introduce QEMU_CAPS_VIRTIO_BLK_SCSI_DEFAULT_DISABLED
Historically the 'scsi' passthrough feature of virtio-blk-pci
was enabled by default. Libvirt was disabling it due to security
implications outlined in libvirt commit v0.9.9-4-g177db08775 if it was
not explicitly requested. In qemu commit v2.4.0-1566-ged65fd1a27 the
default value was changed to disabled in preparation for virtio-1.
Starting from QEMU-5.0 the 'scsi' property was also deprecated. There
replacement for the functionality is to use 'virtio-scsi' for the
purpose. This isn't a direct replacement though.

Add capability named QEMU_CAPS_VIRTIO_BLK_SCSI_DEFAULT_DISABLED which
allows us to stop formatting the 'scsi=' property if it's disabled by
default and not requested so that we don't use deprecated features.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
4b8ad7fc01 virQEMUCapsProbeQMPDeviceProperties: Add per-property callbacks
QEMU-5.0 added 'default-value' field for any applicable property
returned by 'device-list-properties'. Add an optional callback for any
device property definition which will allow detection of features and
default values based on this new data.

This unfortunately means that the description of properties had to move
from the slightly-too-generic 'struct virQEMUCapsStringFlags' to a new
type (virQEMUCapsDevicePropsFlags) which also has the callback property
and the corresponding change in the initializers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
6de5cac7f0 qemuMonitorGetDeviceProps: Return data in a hash table
Create a hash table of device property names which also stores the
corresponding JSON object so that the detection code can look at the
recently added 'default-value' field and possibly others.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
0b52b023fc qemuMonitorJSONGetDeviceProps: Refactor to modern standards
Use automatic cleanup of variables and current style of header.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
d3035e133e virQEMUCapsProbeQMPObjectTypes: Fold in virQEMUCapsProbeQMPGenericProps
virQEMUCapsProbeQMPGenericProps is used only in one place now. Move the
code directly to virQEMUCapsProbeQMPObjectTypes.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
be9771a1d2 virQEMUCapsProbeQMPDeviceProperties: Switch to local implementation
Reimplement device property detection directly rather than using
virQEMUCapsProbeQMPGenericProps in preparation for changes to the
detection code.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
568200eb94 virQEMUCapsProbeQMPDevices: Split up into logical chunks
The function was parsing 'qom-list-types' and then also calling function
which parses 'device-list-properties' and also 'qom-list-properties'.
Split it up into individual functions.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
3bcbdc51da qemu: process: Don't clear QEMU_CAPS_BLOCKDEV when SD card is present
Help QEMU in deprecation of -drive if=none without the need to refactor
all old boards. Stop masking out -blockdev support when -drive if=sd
needs to be used. We achieve this by forbidding blockjobs and
special-casing all other code paths. Blockjobs are sacrificed in this
case as SD cards are a corner case for some ARM boards and are thus not
used commonly.

https://bugzilla.redhat.com/show_bug.cgi?id=1821692

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
e664abb62e qemu: Prepare for 'sd' card use together with blockdev
SD cards need to be instantiated via -drive if=sd. This means that all
cases where we use the blockdev path need to be special-cased for SD
cards.

Note that at this point QEMU_CAPS_BLOCKDEV is still cleared if the VM
config has a SD card.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
d876a93f05 qemu: Handle cases when 'qomName' isn't present
Use the drive alias for all cases when we can't generate qomName. This
is meant to handle disks on 'sd' bus which are instantiated via -drive
if=sd as there isn't any specific QOM name for them.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
b50a8354f6 qemu: Refuse blockjobs on disk bus='sd' with -blockdev
We still have to use -drive to instantiate sd disks. Combining that with
the new logic for blockjobs would be very complicated and not worth it
given that 'sd' cards work only on few rarely used machine types of
non-common architectures and libvirt didn't implement support for 'sd'
bus controllers. This will allow us to use -blockdev for other kinds on
such machines while sacrificing block jobs.

Note: this is currently no-op as we mask-out the QEMU_CAPS_BLOCKDEV
capability if any of the disks has bus='sd'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
59a3adbcf2 qemu: Forbid 'cdrom' on 'sd' bus
We can't set the type of the device on the 'sd' bus and realistically a
cdrom doesn't even make sense there. Forbid it.

Note that the output of in disk-cdrom-bus-other.x86_64-latest.args
switched to blockdev as it's no longer locked out due to use of a disk
on 'sd' bus.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
961ba2b969 qemuDomainValidateStorageSource: Allow masking out blockdev support
In case of 'sd' cards we'll use pre-blockdev code also if qemu supports
blockdev. In that specific case we'll need to mask out blockdev support
for 'sd' disks. Plumb in a boolean to allow it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
6cd8234f08 qemuDomainValidateStorageSource: Extract check for BLOCKDEV capability
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
9fdf6aeb7a qemuDomainSetBlockThreshold: Call qemuBlockNodeNamesDetect only without blockdev
Make sure that we don't try to reload node names with -blockdev. If
something doesn't have a node name the update will not make the
situation better.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:55:00 +02:00
Peter Krempa
5ac95d8084 qemu: command: Remove 'virDomainDiskQEMUBus' enum converters
There are no users for the qemu-specific enum values. Remove it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
ffcd822578 qemuBuildDiskDeviceStr: Use XML disk bus type names in error message
There's no point using the qemu-specific disk bus names in the error
message.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
7824bb8548 qemuBuildDriveStr: Refactor formatting of command line for 'sd' cards
Remove all the universal code since the 'else' part formats commandline
only for the SD card based disk. Note that we can use virDiskNameToIndex
without the check as we already validate that 'disk->dst' contains a
properly formatted string in the validation code.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
10f5ad9b58 qemuBuildDiskCommandLine: Clarify logic around building -device for disks
For 'SD' disks and floppies in the pre-blockdev era we don't format
-device. Extract the logic so that it's more clear and add comments.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
cc4a277db2 qemu: Rename qemuDiskBusNeedsDriveArg to qemuDiskBusIsSD
The function effectively boils down to whether the disk is 'SD'. Since
we'll need to make more decisions based on the fact whether the disk is
on the SD bus, rename the function.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
514822dbbd qemuCheckDiskConfig: Remove and untangle callers
Remove the function and passing of 'def' through the callers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
8b5cf013ef qemu: Move disk config validation to qemuValidateDomainDeviceDefDiskFrontend
Previously we've validated it in qemuCheckDiskConfig which was directly
called from the command line generator. Move the checks to the validator
where they belong.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
ca03369c99 qemu: validate: Validate blkdeviotune settings in the validator
Move the code from qemuCheckDiskConfigBlkdeviotune in
src/qemu/qemu_commandline.c to
qemuValidateDomainDeviceDefDiskBlkdeviotune.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Peter Krempa
0b786e75b6 qemuValidateDomainDeviceDefDisk: Separate disk frontend config validation
Agregate validation of frontend properties in a new function called
qemuValidateDomainDeviceDefDiskFrontend.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-12 06:54:59 +02:00
Laine Stump
f5418b427e network: force re-creation of iptables private chains on firewalld restart
When firewalld is stopped, it removes *all* iptables rules and chains,
including those added by libvirt. Since restarting firewalld means
stopping and then starting it, any time it is restarted, libvirt needs
to recreate all the private iptables chains it uses, along with all
the rules it adds.

We already have code in place to call networkReloadFirewallRules() any
time we're notified of a firewalld start, and
networkReloadFirewallRules() will call
networkPreReloadFirewallRules(), which calls
networkSetupPrivateChains(); unfortunately that last call is called
using virOnce(), meaning that it will only be called the first time
through networkPreReloadFirewallRules() after libvirtd starts - so of
course when firewalld is later restarted, the call to
networkSetupPrivateChains() is skipped.

The neat and tidy way to fix this would be if there was a standard way
to reset a pthread_once_t object so that the next time virOnce was
called, it would think the function hadn't been called, and call it
again. Unfortunately, there isn't any official way of doing that (we
*could* just fill it with 0 and hope for the best, but that doesn't
seem very safe.

So instead, this patch just adds a static variable called
chainInitDone, which is set to true after networkSetupPrivateChains()
is called for the first time, and then during calls to
networkPreReloadFirewallRules(), if chainInitDone is set, we call
networkSetupPrivateChains() directly instead of via virOnce().

It may seem unsafe to directly call a function that is meant to be
called only once, but I think in this case we're safe - there's
nothing in the function that is inherently "once only" - it doesn't
initialize anything that can't safely be re-initialized (as long as
two threads don't try to do it at the same time), and it only happens
when responding to a dbus message that firewalld has been started (and
I don't think it's possible for us to be processing two of those at
once), and even then only if the initial call to the function has
already been completed (so we're safe if we receive a firewalld
restart call at a time when we haven't yet called it, or even if
another thread is already in the process of executing it. The only
problematic bit I can think of is if another thread is in the process
of adding an iptable rule at the time we're executing this function,
but 1) none of those threads will be trying to add chains, and 2) if
there was a concurrency problem with other threads adding iptables
rules while firewalld was being restarted, it would still be a problem
even without this change.

This is yet another patch that fixes an occurrence of this error:

COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --insert LIBVIRT_INP --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT' failed: iptables: No chain/target/match by that name.

In particular, this resolves: https://bugzilla.redhat.com/1813830

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-05-11 22:54:52 -04:00
Laine Stump
de110f110f network: make it safe to call networkSetupPrivateChains() multiple times
networkSetupPrivateChains() is currently called only once per run of
libvirtd, so it can assume that errInitV4 and errInitV6 are empty/null
when it is called. In preparation for potentially calling this
function multiple times during one run, this patch moves the reset of
errInitV[46] to the top of the function, to assure no memory is
leaked.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-05-11 22:53:36 -04:00
Michal Privoznik
01626c668e virDevMapperGetTargetsImpl: quit early if device is not a devmapper target
As suggested in the linked bug, libvirt should firstly check
whether the major number of the device is device mapper major.
Because if it isn't subsequent DM_DEVICE_DEPS task may not only
fail, but also yield different results. In the bugzilla this is
demonstrated by creating a devmapper target named 'loop0' and
then creating loop target /dev/loop0. When the latter is then
passed to a domain, our virDevMapperGetTargetsImpl() function
blindly asks devmapper to provide target dependencies for
/dev/loop0 and because of the way devmapper APIs work, it will
'sanitize' the input by using the last component only which is
'loop0' and thus return different results than expected.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1823976

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-05-11 15:37:27 +02:00
Michal Privoznik
06fc99b6ce qemuDomainCleanupRun: Actually run cleanup callbacks in reverse order
We have a framework to register cleanup callbacks that are run
when a domain is shut down. The idea is to run callbacks in
reverse order than they were registered. However, looking at the
code this is not the case. Fortunately, this framework is used to
register a single callback and a single callback only -
qemuMigrationDstPrepareCleanup() - therefore there was no problem
just yet.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-05-11 13:20:19 +02:00
Artur Puzio
a13b2905f7 libxl: vga.kind none when no device specified
When no video device is specified in config we should set both
hvm.nographic to 1 and hvm.vga.kind to NONE.

Without hvm.vga.kind=LIBXL_VGA_INTERFACE_TYPE_NONE both -nographic and
-device 'cirrus-vga' are on qemu cmdline.

Signed-off-by: Artur Puzio <contact@puzio.waw.pl>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2020-05-07 15:42:39 -06:00
Daniel P. Berrangé
e26bfd9620 keycodemapdb: update submodule for win32 keycode fix
Fix win32 keycode for VK_OEM_102

Reviewed-by: Laine Stump <laine@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-05-07 12:18:29 +01:00
Andrea Bolognani
eea5d63a22 tests: Introduce virhostdevmock
We need this for all tests that use virHostdevManager, because
during creation of this object for unprivileged connections
like those used in the test suite we would end up writing inside
the user's home directory.

That's bad manners in general, but when running the test suite
inside a purposefully constrained environment such as the one
exposed by pbuilder, it turns into an outright test failure:

  Could not initialize HostdevManager - operation failed: Failed
  to create state dir '/nonexistent/.cache/libvirt/hostdevmgr'

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-06 16:24:31 +02:00
Jiri Denemark
3af4c75d59 qemu: Don't use CPU from host capabilities as host-model on ARM
We never supported host-model CPUs on ARM and we don't want to support
them even once patches for direct detection of host CPU are merged. And
since using host CPU definition for host-model CPUs exists only for
backward compatibility, we should not use it for any host-model support
added in the future. Such enhancement should exclusively use the result
of query-cpu-model-expansion. Until proper host-model support is
implemented for ARM (if ever), we need to make sure the detected host
CPU is not accidentally used for host-model CPUs.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-05-06 12:12:24 +02:00
Laine Stump
0756415f14 systemd: start libvirtd after firewalld/iptables services
When a system has enabled the iptables/ip6tables services rather than
firewalld, there is no explicit ordering of the start of those
services vs. libvirtd. This creates a problem when libvirtd.service is
started before ip[6]tables, as the latter, when it finally is started,
will remove all of the iptables rules that had previously been added
by libvirt, including the custom chains where libvirt's rules are
kept. This results in an error message similar to the following when a
user subsequently tries to start a new libvirt network:

 "Error while activating network: Call to virNetworkCreate failed:
 internal error: Failed to apply firewall rules
 /usr/sbin/ip6tables -w --table filter --insert LIBVIRT_FWO \
   --in-interface virbr2 --jump REJECT:
 ip6tables: No chain/target/match by that name."

(Prior to logging this error, it also would have caused failure to
forward (or block) traffic in some cases, e.g. for guests on a NATed
network, since libvirt's rules to forward/block had all been deleted
and libvirt didn't know about it, so it couldn't fix the problem)

When this happens, the problem can be remedied by simply restarting
libvirtd.service (which has the side-effect of reloading all
libvirt-generated firewall rules)

Instead, we can just explicitly stating in the libvirtd.service file
that libvirtd.service should start after ip6tables.service and
ip6tables.service, eliminating the race condition that leads to the
error.

There is also nothing (that I can see) in the systemd .service files
to guarantee that firewalld.service will be started (if enabled) prior
to libvirtd.service. The same error scenario given above would occur
if libvirtd.service started before firewalld.service.  Even before
that, though libvirtd would have detected that firewalld.service was
disabled, and then turn off all firewalld support. So, for example,
firewalld's libvirt zone wouldn't be used, and most likely traffic
from guests would therefore be blocked (all with no external
indication of the source of the problem other than a debug-level log
when libvirtd was started saying that firewalld wasn't in use); also
libvirtd wouldn't notice when firewalld reloaded its rules (which also
simultaneously deletes all of libvirt's rules).

I'm not aware of any reports that have been traced back to
libvirtd.service starting before firewalld.service, but have seen that
error reported multiple times, and also don't see an existing
dependency that would guarantee firewalld.service starts before
libvirtd.service, so it's possible it's been happening and we just
haven't gotten to the bottom of it.

This patch adds an After= line to the libvirtd.service file for each
of iptables.service, ip6tables.service, and firewalld.servicee, which
should guarantee that libvirtd.service isn't started until systemd has
started whichever of the others is enabled.

This race was diagnosed, and patch proposed, by Jason Montleon in
https://bugzilla.redhat.com/1723698 . At the time (April 2019) danpb
agreed with him that this change to libvirtd.service was a reasonable
thing to do, but I guess everyone thought someone else was going to
post a patch, so in the end nobody did.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-05-05 20:16:02 -04:00
Jim Fehlig
836ea91d4e libxl: Clarify that 'xenlight' should only be used internally
The libxl driver has suffered an identity crisis since its introduction.
It took on the name 'libxl' since at the time libvirt already contained
a 'xen' driver for the old Xen toolstack implementation. 'libxl' is short
for libxenlight, which is often called xenlight. Unfortunately all forms
of the name are used in the libxl driver.

The only remaining use of the 'xenlight' form is when interacting with
the host device manager, which is difficult to change since it would
cause problems when upgrading the driver.

Rename the #define to make it clear the 'xenlight' form is internal and
add a comment describing why the name exists and that its use should be
discouraged.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-05-05 14:53:37 -06:00