in preparation for the addition of DomainRestoreParams,
add it to the list of methods requiring a conn first argument.
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
add new API in order to be able to extend parameters to the domain
restore operation. We will use it to fit the existing arguments of
VirDomainRestoreFlags for now.
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
create an alternative to virDomainSaveFlags that is more
extendible via parameters.
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
where it can be reused by other helpers.
No changes other than the move.
Note that this makes iohelper now dependent on -lutil and -lacl.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Claudio Fontana <cfontana@suse.de>
this is in preparation for a minor refactoring of the copy
function itself out of runIO().
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
macOS libraries don't support symbol versioning, so the only
result that we achieve by passing additional flags to the linker
is a bunch of messages like
ld: warning: ignoring file .../libvirt/build/src/libvirt.syms,
building for macOS-x86_64 but attempting to link with file built
for unknown-unsupported file format ( 0x23 0x20 0x57 0x41 ... )
being produced during the build.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This ensures variable names and the overall structure of the
code setting and using them is consistent. It will also make
upcoming changes less disruptive.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
In the past, we did set VLAN tag on <interface type='direct'/>.
However, during rewrite (v8.1.0-rc1~191) virNetDevSetVfConfig()
was changed and a condition that was responsible for calling
a function that sets VLAN tag was changed accidentally resulting
in VLAN tag not being set anymore.
However, because of other changes in the same patchset, it may
happen that @adminMac is NULL (this is to work around yet another
broken SRIOV driver), and thus we must refrain from setting MAC
and have to set VLAN tag only.
Fixes: 73961771a1
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075383
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
If virNetDevSetVfMac() is called with either @macaddr or
@allowRetry arguments NULL an error is reported, because this is
considered invalid use. However, the error message is not
informative as it could be.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
It allows libvirt to provide the value of cpu0-id retuned by the Qemu QMP
command query-sev-capabilities as implemented by the Qemu Patch [1] which
is merged to Qemu master branch and should be available with Qemu 7.1.
This is used to get the signed Chip Endorsement Key (CEK) of the CPU of AMD
system from AMD's Key Distribution Service (KDS).
Similar to cbitpos, reducedPhysBits, maxGuests & maxESGuests;
the value of cpu0-id is also provided using 'virsh domcapability'.
[1] https://lore.kernel.org/all/20220228093014.882288-1-dovmurik@linux.ibm.com/
Signed-off-by: Niteesh Dubey <niteesh@linux.ibm.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
We do not need VIR_DOMAIN_VIRT_QEMU to get qemu default
version. With the 'os_type' and 'arch'in capabilities,
we could identify 'emulator' which is enough to get the version.
Actually VIR_DOMAIN_VIRT_QEMU is not the only domain virt type for
qemu driver, there are VIR_DOMAIN_VIRT_KVM and VIR_DOMAIN_VIRT_HVF.
If TCG is disabled in qemu, it will cause the error that could not
find suitable emulater when access version.
Signed-off-by: Liang Yan <lyan@digtalocean.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
These two pointers can never be NULL since they are initialised to a reference
of a struct. This became apparent when commit 210a195394 added a VIR_DEBUG
which used both pointers because due to the concise condition the compiler saw
that if the "and" part of the condition did short-circuit (and it assumed that
can happen) the second variable would not be initialised, but it is used in the
debugging message, so the build failed with:
In file included from ../src/cpu/cpu_x86.c:27:
../src/cpu/cpu_x86.c: In function ‘virCPUx86DataIsIdentical’:
../src/util/virlog.h:79:5: error: ‘bdata’ may be used uninitialized in this
function [-Werror=maybe-uninitialized]
Fix this by just assigning the helper pointers and remove the condition
altogether.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given function was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given function was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
AMD cpus report Core (compute unit) identifiers of the cpu running the
instruction under leaf 0x8000001e. This data is not needed for libvirt
and actually breaks caching of the qemu capabilities where we check that
all of the CPU flags to be identical.
Mask out all of leaf 0x8000001e.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Raise the lower bound to '64' as that seems to currently be the first
size that can fit the CPU data for a modern cpu.
Lower the upper bound to an arbitrary 65536. So many cpu features ougth
to be enough for everyone.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
In case when the 'KVM_GET_SUPPORTED_CPUID' ioctl on /dev/kvm would
fail for other reason than the documented E2BIG, our code would continue
looping and calling it while always increasing the memory buffer even
when that will not help.
Rewrite the function to allow another iteration only with the correct
errno.
Additionally rename the 'i' variable to 'alloc_size' as it's not a pure
iterator.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Move the filtering code into virHostCPUGetCPUIDFilterVolatile.
This also removes a safe but very questionable reuse of 'i' iterator in
the both the top level and nested loop. It's safe for now as the to
level loop will not iterate any more in the current state.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The commit adding the code fetching host CPU flags via the
KVM_GET_SUPPORTED_CPUID didn't describe at all why such an alghorithm is
needed.
Add a comment from the documentation outlining how the userspace
function is expected to allocate memory here.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The function returns 'virCPUData' but doesn't do two important steps
which other code takes:
1) leaves with all-zero data is stripped from the XML output
2) the data is expected to be sorted in the array
Now the 'virHostCPUGetCPUID' helper returns both all 0 leaves and
doesn't order them as we expect.
If this is then used in conjunction with 'virCPUx86DataIsIdentical'
together with data which made a roundtrip to XML and back the result
will be always false even if the data itself is identical.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Without this it's impossible to debug scenarios when this function
returns a mismatch but the formatted data looks identical.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The code already handles this so we just need to allow it in the schema.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Separate it so that further addition can target 'ftp' only.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The iSCSI hostdev code doesn't require the check for the empty drive
and the check for the protocol because those are already guaranteed at
that point.
In qemuDomainSecretStorageSourcePrepare we don't need to check the
network disk type either as it's now guaranteed by the definition
validator.
Thus both callers can simply check whether src->auth is present and the
helper can be removed.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Since we are already checking that the encryption format can be only
_LUKS and _LUKS2 this wrapper function doesn't make much sense any more.
The only one caller can do this internally.
The move of virStorageSourceIsEmpty is correct as there are no secrets
to setup if the disk is empty anyways.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The validation should be the only point to decide whether authentication
is supported for a disk backing protocol. The rest of the code can then
simply always enable it.
This also fixes a crash when authentication is requested e.g. for a HTTP
backed disk as the blockdev props formatter expects that it was already
set up.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Only certain disk protocols support authentication. Add validation for
this field.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Remove the impossible error message about the 'qcow2' encryption format
not being supported. We validated before that it can't happen.
Additionally the code can be simplified by removing error handling from
impossible code paths as the last resort is virJSONValueCreate not
allowing NULL argument with the 's:' modifier.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reject encryption requests for unsupported image format types.
Add negative test for the rejected cases as well as modify
'disk-network-rbd-encryption' case to validate that with librbd
encryption the format doesn't matter.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Move the two ad-hoc checks below into the block which already tests
whether encryption is requested.
If we first disallow the old-style qcow2 encryption we can remove a
whole block of validation later on.
Also the capability check for qcow2+luks can be simplified by moving it
into the same block.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Similarly to previous commits but with the targeting libvirt-common
in a batch.
Either create or append to existing docstring, the version (git tag)
that a given typedef, enum value, macro or function was introduced
in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given function was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given function was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
virConnectAuthPtrDefault is the only variable that we export and
with the documentation being at the C file, it makes harder to find
it.
With this patch, the documentation of this variable can be found by
those who look at the header file for guidance plus, it will also be
included in the XML API, as the followup patch will fix apibuild.py
to store what is documented in the header file for this variable.
Note that the apibuild, does not do the same with .c files. It'd
require adding it for (parsing) recursion, similar to what is done
for functions. Considering the pros/cons, seems more reasonable to
move the docstring to the header file instead.
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This is a quite an old (created at 2016) patch fixing an issue for at
that time contemporary Fedora 23. virsh reboot returns success (yet
after hanging for a while), VM is rebooted sucessfully too but then
shutdown from inside guest causes reboot and not shutdown.
VM has agent installed. So virsh reboot first tries to reboot VM thru
the agent. The agent calls 'shutdown -r' command. Typically it returns
instantly but on this distro for some reason it takes time. I did not
investigate the cause but the command waits in dbus client code,
probably waits for reply. The libvirt waits 60s for agent command to
execute and then errors out. Next reboot API falls back to ACPI shutdown
which returns successfully thus the reboot command return success too.
Yet shutdown command in guest eventually successfull and guest is truly
rebooted. So libvirt does not receive SHUTDOWN event and fake reboot
flag which is armed on fallback path stays armed. Thus next shutdown
from guest leads to reboot.
The issue has 100% repro on Fedora 23. On modern distros I can't
reproduce it at all. Shutdown command is asynchronous and returns
immediately even if I start some service that ignores TERM signal and
thus shutdown procedure waits for 90s (if I not mistaken) before sending
KILL.
Yet I guess it is nice to have this patch to be more robust.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Nikolay Shirokovskiy <nikolay.shirokovskiy@openvz.org>
When <qemu:override> is the only usage of the qemu namespace the entire
section is mistakenly removed. Add check for use count.
Signed-off-by: Justin Gatzen <justin.gatzen@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The point of qemu_processpriv.h file is to allow a small subset
of functions to be called from test suite but not elsewhere. This
is implemented by requiring everybody that includes the file to
define a macro. If not done so, an error is printed at compile
time. However, this error message contains a typo because it
mentions qemu_process_priv.h while the file is called
qemu_processpriv.h.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
While parts of QEMU's CGroup code were moved under hypervisor
agnostic location (src/hypervisor/) a typo sneaked in. The
inspiration for virDomainCgroupConnectCgroup() comes from
qemuConnectCgroup(). The former is called upon reconnecting to a
running domain (after daemon restart). While the latter returned
early if the daemon was running unprivileged, the former returns
early if the daemon runs privileged. This is obviously wrong,
because root can set up CGroups.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075765
Fixes: 788e2b58cb
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
